Results 1  10
of
61
Privacy and contextual integrity: Framework and applications
 In IEEE Symposium on Security and Privacy
, 2006
"... Contextual integrity is a conceptual framework for understanding privacy expectations and their implications developed in the literature on law, public policy, and political philosophy. We formalize some aspects of contextual integrity in a logical framework for expressing and reasoning about norms ..."
Abstract

Cited by 83 (14 self)
 Add to MetaCart
(Show Context)
Contextual integrity is a conceptual framework for understanding privacy expectations and their implications developed in the literature on law, public policy, and political philosophy. We formalize some aspects of contextual integrity in a logical framework for expressing and reasoning about norms of transmission of personal information. In comparison with access control and privacy policy frameworks such as RBAC, EPAL, and P3P, these norms focus on who personal information is about, how it is transmitted, and past and future actions by both the subject and the users of the information. Norms can be positive or negative depending on whether they refer to actions that are allowed or disallowed. Our model is expressive enough to capture naturally many notions of privacy found in legislation, including those found in HIPAA, COPPA, and GLBA. A number of important problems regarding compliance with privacy norms, future requirements associated with specific actions, and relations between policies and legal standards reduce to standard decision procedures for temporal logic. 1
The Complexity of Temporal Logic Model Checking
, 2002
"... Temporal logic. Logical formalisms for reasoning about time and the timing of events appear in several fields: physics, philosophy, linguistics, etc. Not surprisingly, they also appear in computer science, a field where logic is ubiquitous. Here temporal logics are used in automated reasoning, in pl ..."
Abstract

Cited by 46 (0 self)
 Add to MetaCart
Temporal logic. Logical formalisms for reasoning about time and the timing of events appear in several fields: physics, philosophy, linguistics, etc. Not surprisingly, they also appear in computer science, a field where logic is ubiquitous. Here temporal logics are used in automated reasoning, in planning, in semantics of programming languages, in artificial intelligence, etc. There is one area of computer science where temporal logic has been unusually successful: the specification and verification of programs and systems, an area we shall just call programming for simplicity. In today's curricula, thousands of programmers first learn about temporal logic in a course on model checking!
Deterministic Generators and Games for LTL Fragments
 ACM Trans. Comput. Log
, 2001
"... Deciding infinite twoplayer games on finite graphs with the winning condition specified by a linear temporal logic (Ltl) formula, is known to be 2Exptimecomplete. In this paper, we identify Ltl fragments of lower complexity. Solving Ltl games typically involves a doublyexponential translation from ..."
Abstract

Cited by 42 (2 self)
 Add to MetaCart
Deciding infinite twoplayer games on finite graphs with the winning condition specified by a linear temporal logic (Ltl) formula, is known to be 2Exptimecomplete. In this paper, we identify Ltl fragments of lower complexity. Solving Ltl games typically involves a doublyexponential translation from Ltl formulas to deterministic !automata. First, we show that the longest distance (length of the longest simple path) of the generator is also an important parameter, by giving an O(d log n)space procedure to solve a Buchi game on a graph with n vertices and longest distance d. Then, for the Ltl fragment with only eventualities and conjunctions, we provide a translation to deterministic generators of exponential size and linear longest distance, show both of these bounds to be optimal, and prove the corresponding games to be Pspacecomplete. Introducing next modalities in this fragment, we provide a translation to deterministic generators still of exponential size but also with exponential longest distance, show both of these bounds to be optimal, and prove the corresponding games to be Exptimecomplete. For the fragment resulting by further adding disjunctions, we provide a translation to deterministic generators of doublyexponential size and exponential longest distance, show both of these bounds to be optimal, and prove the corresponding games to be Expspace. Finally, we show tightness of the doubleexponential bound on the size as well as the longest distance for deterministic generators for Ltl even in the absence of next and until modalities. This research was partially supported by NSF Career award CCR9734115, NSF award CCR9970925, SRC award 99TJ688, and Alfred P. Sloan Faculty Fellowship. y Partially supported by the M.U.R.S.T. in the framework of project TO...
Temporal Logic with Forgettable Past
 In LICS’02
, 2002
"... We investigate NLTL, a lineartime temporal logic with forgettable past. NLTL can be exponentially more succinct than LTL + Past (which in turn can be more succinct than LTL). We study satisfiability and model checking for NLTL and provide optimal automatatheoretic algorithms for these EXPSPACEcom ..."
Abstract

Cited by 41 (4 self)
 Add to MetaCart
We investigate NLTL, a lineartime temporal logic with forgettable past. NLTL can be exponentially more succinct than LTL + Past (which in turn can be more succinct than LTL). We study satisfiability and model checking for NLTL and provide optimal automatatheoretic algorithms for these EXPSPACEcomplete problems. 1.
An AutomataTheoretic Approach to Constraint LTL
, 2003
"... We consider an extension of lineartime temporal logic (LTL) with constraints interpreted over a concrete domain. We use a new automatatheoretic technique to show pspace decidability of the logic for the constraint systems (Z, <, =) and (N, <, =). Along the way, we give an automatatheoretic ..."
Abstract

Cited by 31 (7 self)
 Add to MetaCart
We consider an extension of lineartime temporal logic (LTL) with constraints interpreted over a concrete domain. We use a new automatatheoretic technique to show pspace decidability of the logic for the constraint systems (Z, <, =) and (N, <, =). Along the way, we give an automatatheoretic proof of a result of [BC02] when the constraint system D satisfies the completion property. Our decision procedures extend easily to handle extensions of the logic with past operators and constants, as well as an extension of the temporal language itself to monadic second order logic. Finally, we show that the logic...
Temporal Logic with Past is Exponentially More Succinct
, 2003
"... We positively answer the old question whether temporal logic with past is more succinct than purefuture temporal logic. Surprisingly, the proof is quite simple and elementary, although the question has been open for twenty years. ..."
Abstract

Cited by 24 (0 self)
 Add to MetaCart
We positively answer the old question whether temporal logic with past is more succinct than purefuture temporal logic. Surprisingly, the proof is quite simple and elementary, although the question has been open for twenty years.
Model Checking a Path (Preliminary Report
 In 14th Int. Conf. Concurrency Theory, Lecture Notes in Computer Science 2761
, 2003
"... Abstract. We consider the problem of checking whether a finite (or ultimately periodic) run satisfies a temporal logic formula. This problem is at the heart of “runtime verification ” but it also appears in many other situations. By considering several extended temporal logics, we show that the prob ..."
Abstract

Cited by 24 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We consider the problem of checking whether a finite (or ultimately periodic) run satisfies a temporal logic formula. This problem is at the heart of “runtime verification ” but it also appears in many other situations. By considering several extended temporal logics, we show that the problem of model checking a path can usually be solved efficiently, and profit from specialized algorithms. We further show it is possible to efficiently check paths given in compressed form. 1
Model Checking Vs. Generalized Model Checking: Semantic Minimizations for Temporal Logics
 In Proceedings of the Twentieth Annual IEEE Symposium on Logic in Computer Science
, 2005
"... Threevalued models, in which properties of a system are either true, false or unknown, have recently been advocated as a better representation for reactive program abstractions generated by automatic techniques such as predicate abstraction. Indeed, for the same cost, model checking threevalued ab ..."
Abstract

Cited by 21 (10 self)
 Add to MetaCart
(Show Context)
Threevalued models, in which properties of a system are either true, false or unknown, have recently been advocated as a better representation for reactive program abstractions generated by automatic techniques such as predicate abstraction. Indeed, for the same cost, model checking threevalued abstractions can be used to both prove and disprove any temporallogic property, whereas traditional conservative abstractions can only prove universal properties. Also, verification results can be more precise with generalized model checking, which checks whether there exists a concretization of an abstraction satisfying a temporallogic formula. Since generalized model checking includes satisfiability as a special case (when everything in the model is unknown), it is in general more expensive than traditional model checking. In this paper, we study how to reduce generalized model checking to model checking by a temporallogic formula transformation, which generalizes a transformation for propositional logic known as semantic minimization in the literature. We show that many temporallogic formulas of practical interest are selfminimizing, i.e., are their own semantic minimizations, and hence that model checking for these formulas has the same precision as generalized model checking. 1
Past is for free: on the complexity of verifying linear temporal properties with past
 In Proceedings of the International Workshop on Expressiveness in Concurrency (EXPRESS’2002), volume 68.2 of Electronic Notes in Theoretical Computer Science. Elsevier Science
, 2002
"... We study the complexity of satisfiability and modelchecking of the lineartime temporal logic with past (pltl). More precisely, we consider several fragments of pltl, depending on the allowed set of temporal modalities, the use of negations or the nesting of future formulae into past formulae. Our ..."
Abstract

Cited by 19 (1 self)
 Add to MetaCart
(Show Context)
We study the complexity of satisfiability and modelchecking of the lineartime temporal logic with past (pltl). More precisely, we consider several fragments of pltl, depending on the allowed set of temporal modalities, the use of negations or the nesting of future formulae into past formulae. Our results show that &quot;past is for free&quot;, that is it does not bring additional theoretical complexity, even for small fragments, and even when nesting future formulae into past formulae. We also remark that existential and universal modelchecking can have different complexity for certain fragments.
The Complexity of Generalized Satisfiability for Linear Temporal Logic
"... In a seminal paper from 1985, Sistla and Clarke showed that satisfiability for Linear Temporal Logic (LTL) is either NPcomplete or PSPACEcomplete, depending on the set of temporal operators used. If, in contrast, the set of propositional operators is restricted, the complexity may decrease. This ..."
Abstract

Cited by 19 (10 self)
 Add to MetaCart
(Show Context)
In a seminal paper from 1985, Sistla and Clarke showed that satisfiability for Linear Temporal Logic (LTL) is either NPcomplete or PSPACEcomplete, depending on the set of temporal operators used. If, in contrast, the set of propositional operators is restricted, the complexity may decrease. This paper undertakes a systematic study of satisfiability for LTL formulae over restricted sets of propositional and temporal operators. Since every propositional operator corresponds to a Boolean function, there exist infinitely many propositional operators. In order to systematically cover all possible sets of them, we use Post’s lattice. With its help, we determine the computational complexity of LTL satisfiability for all combinations of temporal operators and all but two classes of propositional functions. Each of these infinitely many problems is shown to be either PSPACEcomplete, NPcomplete, or in P.