. The Seal calculus is a distributed process calculus with localities and mobility of computational entities called seals. Seal is also a framework for writing secure distributed applications over large scale open networks such as the Internet. This paper motivates our design choices, presents the syntax and reduction semantics of the calculus, and demonstrates its expressiveness by examples focused on security and management distributed systems. 1 Introduction Advances in computer communications and computer hardware are changing the landscape of computing. Networking is now cheap and pervasive. The Internet has become a platform for large scale distributed programming. What is needed now is programming languages that support the development of Internet applications. In the last couple of years a number of process calculi have been designed to model programming large scale distributed systems over open networks. Several of these calculi [12, 19, 34, 21] advocate programming m...

We study two encodings of the asynchronous #-calculus with input-guarded choice into its choice-free fragment. One encoding is divergence-free, but refines the atomic commitment of choice into gradual commitment. The other preserves atomicity, but introduces divergence. The divergent encoding is fully abstract with respect to weak bisimulation, but the more natural divergence-free encoding is not. Instead, we show that it is fully abstract with respect to coupled simulation, a slightly coarser---but still coinductively defined---equivalence that does not enforce bisimilarity of internal branching decisions. The correctness proofs for the two choice encodings introduce a novel proof technique exploiting the properties of explicit decodings from translations to source terms.

The π-calculus is a process algebra which originates from CCS and permits a natural modelling of mobility (i.e., dynamic reconfigurations of the process linkage) using communication of names. Previous research has shown that the π-calculus has much greater expressiveness than CCS, but also a much more complex mathematical theory. The primary goal of this work is to understand the reasons of this gap. Another goal is to compare the expressiveness of name-passing calculi, i.e., calculi like π-calculus where mobility is achieved via exchange of names, and that of agent-passing calculi, i.e., calculi where mobility is achieved via exchange of agents. We separate the mobility mechanisms of the π-calculus into two, respectively called internal mobility and external mobility. The study of the subcalculus which only uses internal mobility, called I, suggests that internal mobility is responsible for much of the expressiveness of the π-calculus, whereas external mobility is responsible for many of...

A higher-order process calculus is a calculus for communicating systems which contains higher-order constructs like communication of terms. We analyse the notion of bisimulation in these calculi. We argue that both the standard definition of bisimulation (i.e., the one for CCS and related calculi), as well as higher-order bisimulation [E. Astesiano,

The seal-calculus is a distributed process calculus in which locations and movement of computational entities are explicit. The calculus is targeted at secure distributed applications over large scale open networks such as the Internet. Security is addressed by the addition of a finegrain access control mechanism. This paper motivates our design choices, presents the syntax and reduction semantics of the calculus, and demonstrates its expressiveness by examples focused on security and management of large distributed systems.

In first approximation Core Facile is a simply typed -calculus enriched with parallel composition, dynamic channel generation, and input-output synchronous communication primitives. In this paper we explore the (dynamic) semantics of core Facile programs. This should be taken as a basis for the definition of abstract machines, the transformation of programs, and the development of modal specification languages. We claim two main contributions. We introduce a new semantics based on the notion of barbed bisimulation. We argue that the derived equivalence provides a more satisfying treatment of restriction, in particular by proving the adequacy of a natural translation of Facile into ß-calculus we suggest that our approach is in good harmony with previous research on the semantics of sub-calculi of Core Facile such as Chocs and ß-calculus. We illustrate at an abstract level various aspects of Facile compilation. In particular we introduce an `asynchronous' version of the Facile language...

We address the specification and verification problem for process calculi such as Chocs, CML and Facile where processes or functions are transmissible values. Our work takes place in the context of a static treatment of restriction and of a bisimulation-based semantics. As a paradigmatic and simple case we concentrate on (Plain) Chocs. We show that Chocs bisimulation can be characterized by an extension of Hennessy-Milner logic including a constructive implication, or function space constructor. This result is a non-trivial extension of the classical characterization result for labelled transition systems. In the second part of the paper we address the problem of developing a proof system for the verification of process specifications. Building on previous work for CCS we present an infinitary sound and complete proof system for the fragment of the calculus not handling restriction. Keywords: Higher-order process calculi; Bisimulation; Modal logics; Program specification; Program verif...

Congruence proofs for bisimulation on higher-order process calculi tend to be significantly more complex than their counterparts in first-order process algebra frameworks. Moreover, a standard technique that allows us to cover strong forms of bisimulation on higher-order calculi seems to fail for the corresponding weak forms. Similar problems are posed by applicative simulation on -calculi and our starting point is a general and elegant technique for solving them that has been invented by Howe. We adapt and extend this technique to prove two new congruence results for !-order process calculi. In the first case, where we use a static scoping discipline for action names, we treat a delay variant of late weak context bisimulation; in the second case, where we use a dynamic scoping discipline, we treat an early weak higher-order bisimulation. The present paper supersedes parts of our technical report [BF95], where we have considered second-order processes.

The ß-calculus is a relatively simple framework in which the semantics of the dynamic creation and transmission of channels can be studied. We consider in particular the issue of defining and verifying the equivalence of ß-terms in the context of bisimulation based semantics. We distinguish three main contributions: (1) A characterization of `early' bisimulation in terms of a notion of `contextual' bisimulation. (2) The definition of a ß-calculus with explicit substitutions and the description of an abstract machine based on this notation which incrementally computes the synchronization tree of a ß-process. (3) The introduction of a refinement of the `late' bisimulation which we call `uniform'. Roughly the latter corresponds to the idea of treating the formal parameter of an input prefix as a `logical' variable. It is argued that this might lead to more efficient verification tools. Finally, as an example of the expressive power of the ß-calculus, we show how this calculus can be used ...