A question of access: decentralized control and communication strategies for security policies

The Chinese wall policy (CWP) is a security policy that governs the information that a group of agents may access. Information about competing companies is divided up into conflict sets. Agents adhering to CWP may only acquire information about one company per conflict set. Recently, a decentralized version of CWP was introduced, but its success was hampered by a limitation in the solution that had the potential to allow a clever agent to simultaneously access information about companies in the same conflict set, a clear violation of CWP. Using supervisory control theory, we investigate the synthesis of a decentralized CWP, where agents are not able to perform so-called "double dipping". In a control-theoretic approach, the behavior of the system and the specification are modeled as finite-state machines. A decentralized controller for CWP either allows or forbids access to information at each state of the system. These control decisions are based on (1) the specification; (2) local knowledge of an agent\´s previous requests to a given controller; and (3) knowledge communicated from other controllers regarding their own relevant local knowledge of that agent\´s previous requests