Results 1  10
of
17
SecurityTyped Programming within DependentlyTyped Programming
"... Abstract. Several recent securitytyped programming languages allow programmers to express and enforce authorization policies governing access to controlled resources. Policies are expressed as propositions in an authorization logic, and enforced by a type system that requires each access to a sensi ..."
Abstract

Cited by 25 (2 self)
 Add to MetaCart
(Show Context)
Abstract. Several recent securitytyped programming languages allow programmers to express and enforce authorization policies governing access to controlled resources. Policies are expressed as propositions in an authorization logic, and enforced by a type system that requires each access to a sensitive resource to be accompanied by a proof. The securitytyped languages described in the literature, such as Aura and PCML5, have been presented as new, standalone language designs. In this paper, we instead show how to embed a securitytyped programming language within an existing dependently typed programming language, Agda. This languagedesign strategy allows us to inherit both the metatheoretic results, such as type safety, and the implementation of the host language. Our embedding consists of the following ingredients: First, we represent the syntax and proofs of an authorization logic, Garg and Pfenning’s BL0, using dependent types. Second, we implement a proof search procedure, based on a focused sequent calculus, to ease the burden of constructing proofs. Third, we define an indexed monad of computations on behalf of a principal, with proofcarrying primitive operations. Our work shows that a dependently typed language can be used to prototype a securitytyped language, and contributes to the growing body of literature on using dependently typed languages to construct domainspecific type systems. 1
Reasoning about the consequences of authorization policies in a linear epistemic logic
, 2009
"... Authorization policies are not standalone objects: they are used to selectively permit actions that change the state of a system. Thus, it is desirable to have a framework for reasoning about the semantic consequences of policies. To this end, we extend a rewriting interpretation of linear logic w ..."
Abstract

Cited by 21 (7 self)
 Add to MetaCart
(Show Context)
Authorization policies are not standalone objects: they are used to selectively permit actions that change the state of a system. Thus, it is desirable to have a framework for reasoning about the semantic consequences of policies. To this end, we extend a rewriting interpretation of linear logic with connectives for modeling affirmation, knowledge, and possession. To cleanly confine semantic effects to the rewrite sequence, we introduce a monad. The result is a richly expressive logic that elegantly integrates policies and their effects. After presenting this logic and its metatheory, we demonstrate its utility by proving properties that relate a simple file system’s policies to their semantic consequences.
Proof search in an authorization logic
, 2009
"... We consider the problem of proof search in an expressive authorization logic that contains a “says ” modality and an ordering on principals. After a description of the proof system for the logic, we identify two fragments that admit complete goaldirected and saturating proof search strategies. A sm ..."
Abstract

Cited by 12 (7 self)
 Add to MetaCart
(Show Context)
We consider the problem of proof search in an expressive authorization logic that contains a “says ” modality and an ordering on principals. After a description of the proof system for the logic, we identify two fragments that admit complete goaldirected and saturating proof search strategies. A smaller fragment is then presented, which supports both goaldirected and saturating search, and has a sound and complete translation to firstorder logic. We conclude with a brief description of our implementation of goaldirected search. This work was supported partially by the iCAST project sponsored by the National Science Council,
HigherOrder Processes, Functions, and Sessions: A Monadic Integration
"... Abstract. In prior research we have developed a CurryHoward interpretation of linear sequent calculus as sessiontyped processes. In this paper we uniformly integrate this computational interpretation in a functional language via a linear contextual monad that isolates sessionbased concurrency. Mo ..."
Abstract

Cited by 12 (5 self)
 Add to MetaCart
(Show Context)
Abstract. In prior research we have developed a CurryHoward interpretation of linear sequent calculus as sessiontyped processes. In this paper we uniformly integrate this computational interpretation in a functional language via a linear contextual monad that isolates sessionbased concurrency. Monadic values are open process expressions and are first class objects in the language, thus providing a logical foundation for higherorder session typed processes. We illustrate how the combined use of the monad and recursive types allows us to cleanly write a rich variety of concurrent programs, including higherorder programs that communicate processes. We show the standard metatheoretic result of type preservation, as well as a global progress theorem, which to the best of our knowledge, is new in the higherorder session typed setting. 1
Focuspreserving Embeddings of Substructural Logics in Intuitionistic Logic
"... We present a method of embedding substructural logics into ordinary firstorder intuitionistic logic. This embedding is faithful in a very strong sense: not only does it preserve provability of sequents under translation, but it also preserves sets of proofs — and the focusing structure of those pro ..."
Abstract

Cited by 4 (3 self)
 Add to MetaCart
We present a method of embedding substructural logics into ordinary firstorder intuitionistic logic. This embedding is faithful in a very strong sense: not only does it preserve provability of sequents under translation, but it also preserves sets of proofs — and the focusing structure of those proofs — up to isomorphism. Examples are given for the cases of intuitionistic linear logic and ordered logic, and indeed we can use our method to derive a correct focusing system for ordered logic. Potential applications lie in logic programming, theorem proving, and logical frameworks for substructural logics where focusing is crucial for the underlying proof theory. 1
A constructive approach to the resource semantics of substructural logics
, 2009
"... We propose a constructive approach to the resource semantics of substructural logics via proofpreserving translations into a fragment of focused firstorder intuitionistic logic with a preorder. Using these translations, we can obtain uniform proofs of cut admissibility, identity expansion, and the ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
We propose a constructive approach to the resource semantics of substructural logics via proofpreserving translations into a fragment of focused firstorder intuitionistic logic with a preorder. Using these translations, we can obtain uniform proofs of cut admissibility, identity expansion, and the completeness of focusing for a variety of logics. We illustrate our approach on linear, ordered, and bunched logics.
Structural focalization
, 2011
"... Focusing, introduced by JeanMarc Andreoli in the context of classical linear logic, defines a normal form for sequent calculus derivations that cuts down on the number of possible derivations by eagerly applying invertible rules and grouping sequences of noninvertible rules. A focused sequent calc ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
Focusing, introduced by JeanMarc Andreoli in the context of classical linear logic, defines a normal form for sequent calculus derivations that cuts down on the number of possible derivations by eagerly applying invertible rules and grouping sequences of noninvertible rules. A focused sequent calculus is defined relative to some nonfocused sequent calculus; focalization is the property that every nonfocused derivation can be transformed into a focused derivation. In this paper, we present a focused sequent calculus for polarized propositional intuitionistic logic and prove the focalization property relative to a standard presentation of propositional intuitionistic logic. Compared to existing approaches, the proof is quite concise, depending only on the internal soundness and completeness of the focused logic. In turn, both of these properties can be established (and mechanically verified) by structural induction in the style of Pfenning’s structural cut elimination without the need for any tedious and repetitious invertibility lemmas. The proof of cut admissibility for the focused system, which establishes internal soundness, is not particularly novel. The proof of identity expansion, which establishes internal completeness, is the principal contribution of this work. 1
Lecture Notes on Intuitionistic Kripke Semantics 15816: Modal Logic
, 2010
"... In this lecture we present an intuitionistic approach to describing a multipleworld semantics for modal logic in the style of Kripke. This is done by providing judgments and inference rules that reason about truths in multiple worlds. A thorough analysis of intuitionistic modal logic in this style ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
In this lecture we present an intuitionistic approach to describing a multipleworld semantics for modal logic in the style of Kripke. This is done by providing judgments and inference rules that reason about truths in multiple worlds. A thorough analysis of intuitionistic modal logic in this style
Compiler Generation for Substructural Operational Semantics
, 2012
"... Semantic specifications of programming languages can be used to assist or automate compiler generation. Semanticsdriven compiler generation has already been studied for specification techniques such as denotational semantics, natural semantics, structural operational semantics and action semantics. ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Semantic specifications of programming languages can be used to assist or automate compiler generation. Semanticsdriven compiler generation has already been studied for specification techniques such as denotational semantics, natural semantics, structural operational semantics and action semantics. Compilers generated from such specifications bring some of the performance benefits of traditional compilers to prototype specifications of programming languages while reducing or eliminating the logistical overhead of implementing a separate piece of software and proving its correctness. This dissertation describes techniques that can be used to synthesize a compiler and virtual machine from a Substructural Operational Semantics (SSOS). Whereas prior work relied on techniques such as partial evaluation and staged computation to derive compilers from interpreters, we use linear logical approximations for synthesis. Our methodology is illustrated using language features from C0, a safe subset of C used to teach imperative programming at Carnegie Mellon University. ivAcknowledgments I owe the successful completion of this dissertation to my advisor, Frank Pfenning.
Logical approximation for program analysis
, 2010
"... The abstract interpretation of programs relates the exact semantics of a programming language to an approximate semantics that can be effectively computed. We show that, by specifying operational semantics in a specification framework based on bottomup logic programming in ordered logic – a techniq ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
The abstract interpretation of programs relates the exact semantics of a programming language to an approximate semantics that can be effectively computed. We show that, by specifying operational semantics in a specification framework based on bottomup logic programming in ordered logic – a technique we call substructural operational semantics (SSOS) – manifestly sound program approximations can be derived by simple and intuitive transformations and approximations of the logic program. As examples, we describe how to derive control flow and alias analyses from the substructural operational semantics of the relevant languages.