The SLam calculus is a typed λ-calculus that maintains security information as well as type information. The type system propagates security information for each object in four forms: the object’s creators and readers, and the object’s indirect creators and readers (i.e., those agents who, through flow-of-control or the actions of other agents, can influence or be influenced by the content of the object). We prove that the type system prevents security violations and give some examples of its power. 1

this paper but which have some intriguing connections to some of our results and techniques, are [32] and [20]. We believe that the concept of prelogical relation would have a beneficial impact on the presentation and understanding of their results

. We introduce a notion of Grothendieck logical relation and use it to characterise the definability of morphisms in stable bicartesian closed categories by terms of the simply-typed lambda calculus with finite products and finite sums. Our techniques are based on concepts from topos theory, however our exposition is elementary. Introduction The use of logical relations as a tool for characterising the -definable elements in a model of the simply-typed -calculus originated in the work of Plotkin [10], who obtained such a characterisation of the definable elements in the full type hierarchy using a notion of Kripke logical relation. Subsequently, the more general notion of a Kripke logical relation of varying arity was developed by Jung and Tiuryn, and shown to characterise the definable elements in any Henkin model [4]. Although not emphasised in [4], relations of varying arity are powerful enough to characterise relative definability with respect to any given set of elements con...

Abstract not found

This paper presents two basic results on game-based semantics of FPC, a metalanguage with sums, products, exponentials and recursive types. First we give an axiomatic account of the category of games G introduced in [15], offering a fundamental structural analysis of the category as well as a transparent way to prove computational adequacy. As a consequence we obtain an intensional fullabstraction result through a standard definability argument. Next we extend the category G by introducing a category of games G i with optimised strategies; we show that the denotational semantics in G i gives a compilation of FPC terms into core Pict codes (the asynchronous polyadic -calculus without summation). The process representation follows a pioneering idea of Hyland and Ong [18]. However, we advance their representation by introducing semantically well-founded optimisation techniques; we also exte...

Much work has been done on the semantics of programs with local state. Most of this work involves complex storage modeling with pointers and memory cells, complicated categorical constructions, and reasoning in the presence of context. We show how a relatively simple relational semantics can be used to avoid these complications. We provide a natural relational semantics for a programming language with higherorder functions. We define a purely compositional semantics based on binary and ternary relations such that all contextual considerations are completely encapsulated in the state. We show several equivalence proofs using this semantics based on examples of Meyer and Sieber (1988).

Abstract. Most previous work on the semantics of higher-order programs with local state involves complex storage modeling with pointers and memory cells, complicated categorical constructions, or reasoning in the presence of context. In this paper we show how a relatively simple relational semantics can be used to avoid these complications. We provide a natural relational semantics for a programming language with higher-order functions. The semantics is purely compositional, with all contextual considerations completely encapsulated in the state. We show several equivalence proofs using this semantics based on examples of Meyer and Sieber (1988). 1

ped strategy (in the sense of the AJM model of Abramsky et. al.) for d. Accordingly, the realisability model over A eff wb , the effective well--bracketed strategies, is even universal in the sense that all elements of the model appear as denotations of PCF terms. In a future version of [9] there will also be included the discussion of other pca's of game--theoretic nature giving rise to fully abstract and universal models which originate from S. Abramsky's work on game semantics for classical linear logic. Independently, fully abstract realisability models for PCF have been constructed by Marz, Rohr and Streicher in [14] using as underlying pca's term models for untyped --calculus with arithmetic. In this case the proof is not via the AJM game model but instead makes use of the category SD of sequential domains as described in [13] originating from a reformulation and generalisation of [18]. As describ

Most previous work on the equivalence of programs in the presence of local state has involved intricate memory modeling and the notion of contextual (observable) equivalence. We show how relational semantics can be used to avoid these complications. We define a notion of local variable scoping, along with a purely compositional semantics based on binary relations, such that all contextual considerations are completely encapsulated in the semantics. We then give an axiom system for program equivalence in the presence of local state that avoids all mention of memory or context and that does not use semantic arguments. The system is complete relative to the underlying flat equational theory. We also indicate briefly how the semantics can be extended to include higher-order functions.