Results 1  10
of
11
A bisimulation for dynamic sealing
 In Proceedings 31st Annual ACM Symposium on Principles of Programming Languages
, 2004
"... We define λseal, an untyped callbyvalue λcalculus with primitives for protecting abstract data by sealing, and develop a bisimulation proof method that is sound and complete with respect to contextual equivalence. This provides a formal basis for reasoning about data abstraction in open, dynamic ..."
Abstract

Cited by 57 (9 self)
 Add to MetaCart
We define λseal, an untyped callbyvalue λcalculus with primitives for protecting abstract data by sealing, and develop a bisimulation proof method that is sound and complete with respect to contextual equivalence. This provides a formal basis for reasoning about data abstraction in open, dynamic settings where static techniques such as type abstraction and logical relations are not applicable.
Syntactic Type Abstraction
 ACM TOPLAS
, 2000
"... data types; F.3.2 [Logics and Meanings of Programs]: Semantics of Programming LanguagesOperational Semantics; F.3.3 [Logics and Meanings of Programs]: Studies of Program ConstructsType Structure General Terms: Languages, Security, Theory, Verification Additional Key Words and Phrases: Opera ..."
Abstract

Cited by 54 (1 self)
 Add to MetaCart
data types; F.3.2 [Logics and Meanings of Programs]: Semantics of Programming LanguagesOperational Semantics; F.3.3 [Logics and Meanings of Programs]: Studies of Program ConstructsType Structure General Terms: Languages, Security, Theory, Verification Additional Key Words and Phrases: Operational semantics, parametricity, proof techniques, syntactic proofs, type abstraction 1.
A bisimulation for type abstraction and recursion
 SYMPOSIUM ON PRINCIPLES OF PROGRAMMING LANGUAGES
, 2005
"... We present a bisimulation method for proving the contextual equivalence of packages in λcalculus with full existential and recursive types. Unlike traditional logical relations (either semantic or syntactic), our development is “elementary, ” using only sets and relations and avoiding advanced mach ..."
Abstract

Cited by 51 (6 self)
 Add to MetaCart
We present a bisimulation method for proving the contextual equivalence of packages in λcalculus with full existential and recursive types. Unlike traditional logical relations (either semantic or syntactic), our development is “elementary, ” using only sets and relations and avoiding advanced machinery such as domain theory, admissibility, and ⊤⊤closure. Unlike other bisimulations, ours is complete even for existential types. The key idea is to consider sets of relations—instead of just relations—as bisimulations.
Logical Relations for Encryption
, 2002
"... The theory of relational parametricity and its logical relations proof technique are powerful tools for reasoning about information hiding in the polymorphic calculus. We investigate the application of these tools in the security domain by defining a cryptographic calculusan extension of the ..."
Abstract

Cited by 43 (2 self)
 Add to MetaCart
The theory of relational parametricity and its logical relations proof technique are powerful tools for reasoning about information hiding in the polymorphic calculus. We investigate the application of these tools in the security domain by defining a cryptographic calculusan extension of the standard simply typed calculus with primitives for encryption, decryption, and key generation and introducing syntactic logical relations (in the style of Pitts and BirkedalHarper) for this calculus that can be used to prove behavioral equivalences between programs that use encryption. We illustrate
TTClosed Relations and Admissibility
"... This paper reformulates and studies Pitts's operational concept of ..."
Abstract

Cited by 22 (0 self)
 Add to MetaCart
This paper reformulates and studies Pitts's operational concept of
Reasoning about Selective Strictness  Operational Equivalence, Heaps and CallbyNeed Evaluation, New Inductive Principles
, 2009
"... Many predominantly lazy languages now incorporate strictness enforcing primitives, for example a strict let or sequential composition seq. Reasons for doing this include gains in time or space efficiencies, or control of parallel evaluation. This thesis studies how to prove equivalences between pro ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Many predominantly lazy languages now incorporate strictness enforcing primitives, for example a strict let or sequential composition seq. Reasons for doing this include gains in time or space efficiencies, or control of parallel evaluation. This thesis studies how to prove equivalences between programs in languages with selective strictness, specifically, we use a restricted core lazy functional language with a selective strictness operator seq whose operational semantics is a variant of one considered by van Eckelen and de Mol, which itself was derived from Launchbury’s natural semantics for lazy evaluation. The main research contributions are as follows: We establish some of the first ever equivalences between programs with selective strictness. We do this by manipulating operational semantics derivations, in
Theories of Information Hiding in LambdaCalculus: Logical Relations and Bisimulations for Encryption and Type Abstraction
"... Two methods are studied for proving equivalence of programs involving two forms of information hiding. The proof methods are logical relations and bisimulations; the forms of information hiding are type abstraction and perfect encryption (also known as dynamic sealing). Our thesis is that these theo ..."
Abstract
 Add to MetaCart
Two methods are studied for proving equivalence of programs involving two forms of information hiding. The proof methods are logical relations and bisimulations; the forms of information hiding are type abstraction and perfect encryption (also known as dynamic sealing). Our thesis is that these theories are useful for reasoning about programs involving information hiding. We prove it through soundness and completeness theorems as well as examples including abstract data structures and cryptographic protocols. Type abstraction is the most foundational form of information hiding in programming languages. Logical relations are the primary method for reasoning about type abstraction, which is often called relational parametricity or representation independence. Encryption is another foundational form of information hiding that is predominant in communication systems. In fact, an encryptionlike primitive is useful for abstraction in programming languages as well, where it is called dynamic sealing. Given this intuitive connection between two forms of information hiding in computer software, it is natural to wonder whether we can establish more formal connections between them and transfer reasoning techniques from one to the other. We give affirmative answers
Theory, Languages
"... We present a sound, complete, and elementary proof method, based on bisimulation, for contextual equivalence in a λcalculus with full universal, existential, and recursive types. Unlike logical relations (either semantic or syntactic), our development is elementary, using only sets and relations and ..."
Abstract
 Add to MetaCart
We present a sound, complete, and elementary proof method, based on bisimulation, for contextual equivalence in a λcalculus with full universal, existential, and recursive types. Unlike logical relations (either semantic or syntactic), our development is elementary, using only sets and relations and avoiding advanced machinery such as domain theory, admissibility, and ⊤⊤closure. Unlike other bisimulations, ours is complete even for existential types. The key idea is to consider sets of relations—instead of just relations—as bisimulations. Categories and Subject Descriptors