Results 1  10
of
44
Information Flow Security in Dynamic Contexts
, 2002
"... We study a security property for processes in dynamic contexts, i.e., contexts that can be reconfigured at runtime. The security property that we propose in this paper, named Persistent BNDC, is such that a process is "secure" when every state reachable from it satisfies a basic NonInterf ..."
Abstract

Cited by 59 (20 self)
 Add to MetaCart
We study a security property for processes in dynamic contexts, i.e., contexts that can be reconfigured at runtime. The security property that we propose in this paper, named Persistent BNDC, is such that a process is "secure" when every state reachable from it satisfies a basic NonInterference property. We define a suitable bisimulation based equivalence relation among processes, that allows us to express the new property as a single equivalence check, thus avoiding the universal quantifications over all the reachable states (required by Persistent BNDC) and over all the possible hostile environments (implicit in the basic NonInterference property we adopt). We show that the novel security property is compositional and we discuss how it can be efficiently checked.
The Seal Calculus
, 2005
"... The Seal Calculus is a process language for describing mobile computation. Threads and resources are tree structured; the nodes thereof correspond to agents, the units of mobility. The Calculus extends a �calculus core with synchronous, objective mobility of agents over channels. This paper syste ..."
Abstract

Cited by 30 (0 self)
 Add to MetaCart
The Seal Calculus is a process language for describing mobile computation. Threads and resources are tree structured; the nodes thereof correspond to agents, the units of mobility. The Calculus extends a �calculus core with synchronous, objective mobility of agents over channels. This paper systematically compares all previous variants of Seal Calculus. We study their operational behaviour with labelled transition systems and bisimulations; by comparing the resulting algebraic theories we highlight the differences between these apparently similar approaches. This leads us to identify the dialect of Seal that is most amenable to operational reasoning and can form the basis of a distributed programming language. We propose type systems for characterising the communications in which an agent can engage. The type systems thus enforce a discipline of agent mobility, since the latter is coded in terms of higherorder communication.
Deriving bisimulation congruences: 2categories vs. precategories
 In FOSSACS ’03, volume 2620 of LNCS
, 2003
"... Grelative pushouts (GRPOs) have recently been proposed by the authors as a new foundation for Leifer and Milner’s approach to deriving labelled bisimulation congruences from reduction systems. This paper develops the theory of GRPOs further, arguing that they provide a simple and powerful basis tow ..."
Abstract

Cited by 24 (7 self)
 Add to MetaCart
(Show Context)
Grelative pushouts (GRPOs) have recently been proposed by the authors as a new foundation for Leifer and Milner’s approach to deriving labelled bisimulation congruences from reduction systems. This paper develops the theory of GRPOs further, arguing that they provide a simple and powerful basis towards a comprehensive solution. As an example, we construct GRPOs in a category of ‘bunches and wirings. ’ We then examine the approach based on Milner’s precategories and Leifer’s functorial reactive systems, and show that it can be recast in a much simpler way into the 2categorical theory of GRPOs.
The Kell calculus: operational semantics and type system
 FMOODS, Lecture Notes in Computer Science 2884 (2003
, 2003
"... This paper presents the Kell calculus, a new distributed process calculus that retains the original insights of the Seal calculus (local actions, process replication) and of the Mcalculus (higherorder processes and programmable membranes), although in a much simpler setting than the latter. The c ..."
Abstract

Cited by 23 (1 self)
 Add to MetaCart
This paper presents the Kell calculus, a new distributed process calculus that retains the original insights of the Seal calculus (local actions, process replication) and of the Mcalculus (higherorder processes and programmable membranes), although in a much simpler setting than the latter. The calculus is equipped with a type system that enforces a unicity property for location names that is crucial for the efficient implementation of the calculus. 1
Deriving structural labelled transitions for mobile ambients
, 2008
"... Abstract. We present a new labelled transition system (lts) for the ambient calculus on which ordinary bisimilarity coincides with contextual equivalence. The key feature of this lts is that it is the fruit of ongoing work on developing a systematic procedure for deriving ltss in the structural styl ..."
Abstract

Cited by 20 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We present a new labelled transition system (lts) for the ambient calculus on which ordinary bisimilarity coincides with contextual equivalence. The key feature of this lts is that it is the fruit of ongoing work on developing a systematic procedure for deriving ltss in the structural style from the underlying reduction semantics and observability. Notably, even though we have derived our lts for ambients systematically it compares very favourably with existing transition systems for the same calculus.
Basic Observables for a Calculus for Global Computing
, 2004
"... We develop the semantic theory of a foundational language for modelling applications over global computers whose interconnection structure can be explicitly manipulated. Together with process distribution, process mobility and remote asynchronous communication through distributed data repositories, ..."
Abstract

Cited by 15 (8 self)
 Add to MetaCart
We develop the semantic theory of a foundational language for modelling applications over global computers whose interconnection structure can be explicitly manipulated. Together with process distribution, process mobility and remote asynchronous communication through distributed data repositories, the language provides constructs for explicitly modelling internode connections and for dynamically activating and deactivating them. For the proposed language, we define natural notions of extensional observations and study their closure under operational reductions and/or language contexts to obtain barbed congruence and may testing equivalence. For such equivalences, we provide alternative characterizations in terms of a labelled bisimulation and a trace equivalence that can be used for actual proofs. We discuss how the language and its theory can be extended to include more sophisticated features that enable a finer control on the activation of connections. To asses practical usability of the semantic theory, we model a scenario for communications between mobile devices and use the introduced proof techniques to analyze it and verify some relevant properties.
PolyA: True type polymorphism for Mobile Ambients
, 2004
"... Previous type systems for mobility calculi (the original Mobile Ambients, its variants and descendants, e.g., Boxed Ambients and Safe Ambients, and other related systems) offer little support for generic mobile agents. Previous systems either do not handle communication at all or globally assign fix ..."
Abstract

Cited by 13 (4 self)
 Add to MetaCart
(Show Context)
Previous type systems for mobility calculi (the original Mobile Ambients, its variants and descendants, e.g., Boxed Ambients and Safe Ambients, and other related systems) offer little support for generic mobile agents. Previous systems either do not handle communication at all or globally assign fixed communication types to ambient names that do not change as an ambient moves around or interacts with other ambients. This makes it hard to type examples such as a messenger ambient that uses communication primitives to collect a message of nonpredetermined type and deliver it to a nonpredetermined destination. In contrast, we present our new type system PolyA. Instead of assigning communication types to ambient names, PolyA assigns a type to each process P that gives upper bounds on (1) the possible ambient nesting shapes of any process P ′ to which P can evolve, (2) the values that may be communicated at each location, and (3) the capabilities that can be used at each location. Because PolyA can type generic mobile agents, we believe PolyA is the first type system for a mobility calculus that provides type polymorphism comparable in power to polymorphic type systems for the λcalculus. PolyA is easily extended to ambient calculus variants. A restriction of PolyA has principal typings. 1
Behavioural Theory for Mobile Ambients
 In: Proceedings of the 3rd International Conference on Theoretical Computer Science (IFIP TCS
, 2004
"... We study a behavioural theory of Mobile Ambients, a process calculus for modelling mobile agents in widearea networks, focussing on reduction barbed congruence. Our contribution is threefold. (1) We prove a context lemma which shows that only parallel and nesting contexts need be examined to recove ..."
Abstract

Cited by 12 (1 self)
 Add to MetaCart
We study a behavioural theory of Mobile Ambients, a process calculus for modelling mobile agents in widearea networks, focussing on reduction barbed congruence. Our contribution is threefold. (1) We prove a context lemma which shows that only parallel and nesting contexts need be examined to recover this congruence. (2) We characterise this congruence using a labelled bisimilarity: this requires novel techniques to deal with asynchronous movements of agents and with the invisibility of migrations of secret locations. (3) We develop refined proof methods involving upto proof techniques, which allow us to verify a set of algebraic laws and the correctness of more complex examples.
Locating Reaction with 2categories
, 2004
"... Groupoidal relative pushouts (GRPOs) have recently been proposed by the authors as a new foundation for Leifer and Milner's approach to deriving labelled bisimulation congruences from reduction systems. In this paper, we develop the theory of GRPOs further, proving that wellknown equivalences, ..."
Abstract

Cited by 11 (1 self)
 Add to MetaCart
Groupoidal relative pushouts (GRPOs) have recently been proposed by the authors as a new foundation for Leifer and Milner's approach to deriving labelled bisimulation congruences from reduction systems. In this paper, we develop the theory of GRPOs further, proving that wellknown equivalences, other than bisimulation, are congruences. To demonstrate the type of category theoretic arguments which are inherent in the 2categorical approach, we construct GRPOs in a category of `bunches and wirings.' Finally, we prove that the 2categorical theory of GRPOs is a generalisation of the approaches based on Milner's precategories and Leifer's functorial reactive systems.