Results 1  10
of
428
ProofCarrying Code
, 1997
"... This paper describes proofcarrying code (PCC), a mechanism by which a host system can determine with certainty that it is safe to execute a program supplied (possibly in binary form) by an untrusted source. For this to be possible, the untrusted code producer must supply with the code a safety proo ..."
Abstract

Cited by 1240 (27 self)
 Add to MetaCart
(Show Context)
This paper describes proofcarrying code (PCC), a mechanism by which a host system can determine with certainty that it is safe to execute a program supplied (possibly in binary form) by an untrusted source. For this to be possible, the untrusted code producer must supply with the code a safety proof that attests to the code's adherence to a previously defined safety policy. The host can then easily and quickly validate the proof without using cryptography and without consulting any external agents. In order to gain preliminary experience with PCC, we have performed several case studies. We show in this paper how proofcarrying code might be used to develop safe assemblylanguage extensions of ML programs. In the context of this case study, we present and prove the adequacy of concrete representations for the safety policy, the safety proofs, and the proof validation. Finally, we briefly discuss how we use proofcarrying code to develop network packet filters that are faster than similar filters developed using other techniques and are formally guaranteed to be safe with respect to a given operating system safety policy.
Logic Programming in a Fragment of Intuitionistic Linear Logic
, 1994
"... When logic programming is based on the proof theory of intuitionistic logic, it is natural to allow implications in goals and in the bodies of clauses. Attempting to prove a goal of the form D ⊃ G from the context (set of formulas) Γ leads to an attempt to prove the goal G in the extended context Γ ..."
Abstract

Cited by 340 (44 self)
 Add to MetaCart
(Show Context)
When logic programming is based on the proof theory of intuitionistic logic, it is natural to allow implications in goals and in the bodies of clauses. Attempting to prove a goal of the form D ⊃ G from the context (set of formulas) Γ leads to an attempt to prove the goal G in the extended context Γ ∪{D}. Thus during the bottomup search for a cutfree proof contexts, represented as the lefthand side of intuitionistic sequents, grow as stacks. While such an intuitionistic notion of context provides for elegant specifications of many computations, contexts can be made more expressive and flexible if they are based on linear logic. After presenting two equivalent formulations of a fragment of linear logic, we show that the fragment has a goaldirected interpretation, thereby partially justifying calling it a logic programming language. Logic programs based on the intuitionistic theory of hereditary Harrop formulas can be modularly embedded into this linear logic setting. Programming examples taken from theorem proving, natural language parsing, and data base programming are presented: each example requires a linear, rather than intuitionistic, notion of context to be modeled adequately. An interpreter for this logic programming language must address the problem of splitting contexts; that is, when attempting to prove a multiplicative conjunction (tensor), say G1 ⊗ G2, fromthe context ∆, the latter must be split into disjoint contexts ∆1 and ∆2 for which G1 follows from ∆1 and G2 follows from ∆2. Since there is an exponential number of such splits, it is important to delay the choice of a split as much as possible. A mechanism for the lazy splitting of contexts is presented based on viewing proof search as a process that takes a context, consumes part of it, and returns the rest (to be consumed elsewhere). In addition, we use collections of Kripke interpretations indexed by a commutative monoid to provide models for this logic programming language and show that logic programs admit a canonical model.
The Logic of Bunched Implications
 BULLETIN OF SYMBOLIC LOGIC
, 1999
"... We introduce a logic BI in which a multiplicative (or linear) and an additive (or intuitionistic) implication live sidebyside. The propositional version of BI arises from an analysis of the prooftheoretic relationship between conjunction and implication; it can be viewed as a merging of intuition ..."
Abstract

Cited by 224 (42 self)
 Add to MetaCart
We introduce a logic BI in which a multiplicative (or linear) and an additive (or intuitionistic) implication live sidebyside. The propositional version of BI arises from an analysis of the prooftheoretic relationship between conjunction and implication; it can be viewed as a merging of intuitionistic logic and multiplicative intuitionistic linear logic. The naturality of BI can be seen categorically: models of propositional BI's proofs are given by bicartesian doubly closed categories, i.e., categories which freely combine the semantics of propositional intuitionistic logic and propositional multiplicative intuitionistic linear logic. The predicate version of BI includes, in addition to standard additive quantifiers, multiplicative (or intensional) quantifiers # new and # new which arise from observing restrictions on structural rules on the level of terms as well as propositions. We discuss computational interpretations, based on sharing, at both the propositional and predic...
Linear Objects: logical processes with builtin inheritance
, 1990
"... We present a new framework for amalgamating two successful programming paradigms: logic programming and objectoriented programming. From the former, we keep the declarative reading of programs. From the latter, we select two crucial notions: (i) the ability for objects to dynamically change their ..."
Abstract

Cited by 206 (6 self)
 Add to MetaCart
(Show Context)
We present a new framework for amalgamating two successful programming paradigms: logic programming and objectoriented programming. From the former, we keep the declarative reading of programs. From the latter, we select two crucial notions: (i) the ability for objects to dynamically change their internal state during the computation; (ii) the structured representation of knowledge, generally obtained via inheritance graphs among classes of objects. We start with the approach, introduced in concurrent logic programming languages, which identifies objects with proof processes and object states with arguments occurring in the goals of a given process. This provides a clean, sideeffect free account of the dynamic behavior of objects in terms of the search tree  the only dynamic entity in logic programming languages. We integrate this view of objects with an extension of logic programming, which we call Linear Objects, based on the possibility of having multiple literals in the head of a program clause. This contains within itself the basis for a flexible form of inheritance, and maintains the constructive property of Prolog of returning definite answer substitutions as output of the proof of nonground goals. The theoretical background for Linear Objects is Linear Logic, a logic recently introduced to provide a theoretical basis for the study of concurrency. We also show that Linear Objects can be considered a constructive restriction of full Classical Logic. We illustrate the expressive power of Linear Objects compared to Prolog by several examples from the objectoriented domain, but we also show that it can be used to provide elegant solutions for problems arising in the standard style of logic programming.
Logic Programming in the LF Logical Framework
, 1991
"... this paper we describe Elf, a metalanguage intended for environments dealing with deductive systems represented in LF. While this paper is intended to include a full description of the Elf core language, we only state, but do not prove here the most important theorems regarding the basic building b ..."
Abstract

Cited by 188 (53 self)
 Add to MetaCart
(Show Context)
this paper we describe Elf, a metalanguage intended for environments dealing with deductive systems represented in LF. While this paper is intended to include a full description of the Elf core language, we only state, but do not prove here the most important theorems regarding the basic building blocks of Elf. These proofs are left to a future paper. A preliminary account of Elf can be found in [26]. The range of applications of Elf includes theorem proving and proof transformation in various logics, definition and execution of structured operational and natural semantics for programming languages, type checking and type inference, etc. The basic idea behind Elf is to unify logic definition (in the style of LF) with logic programming (in the style of Prolog, see [22, 24]). It achieves this unification by giving types an operational interpretation, much the same way that Prolog gives certain formulas (Hornclauses) an operational interpretation. An alternative approach to logic programming in LF has been developed independently by Pym [28]. Here are some of the salient characteristics of our unified approach to logic definition and metaprogramming. First of all, the Elf search process automatically constructs terms that can represent objectlogic proofs, and thus a program need not construct them explicitly. This is in contrast to logic programming languages where executing a logic program corresponds to theorem proving in a metalogic, but a metaproof is never constructed or used and it is solely the programmer's responsibility to construct objectlogic proofs where they are needed. Secondly, the partial correctness of many metaprograms with respect to a given logic can be expressed and proved by Elf itself (see the example in Section 5). This creates the possibilit...
Higherorder logic programming
 HANDBOOK OF LOGIC IN AI AND LOGIC PROGRAMMING, VOLUME 5: LOGIC PROGRAMMING. OXFORD (1998
"... ..."
An Overview of λProlog
 In Fifth International Logic Programming Conference
, 1988
"... Abstract: λProlog is a logic programming language that extends Prolog by incorporating notions of higherorder functions, λterms, higherorder unification, polymorphic types, and mechanisms for building modules and secure abstract data types. These new features are provided in a principled fashion ..."
Abstract

Cited by 117 (38 self)
 Add to MetaCart
(Show Context)
Abstract: λProlog is a logic programming language that extends Prolog by incorporating notions of higherorder functions, λterms, higherorder unification, polymorphic types, and mechanisms for building modules and secure abstract data types. These new features are provided in a principled fashion by extending the classical firstorder theory of Horn clauses to the intuitionistic higherorder theory of hereditary Harrop formulas. The justification for considering this extension a satisfactory logic programming language is provided through the prooftheoretic notion of a uniform proof. The correspondence between each extension to Prolog and the new features in the stronger logical theory is discussed. Also discussed are various aspects of an experimental implementation of λProlog. Appears in the Fifth International Conference Symposium on Logic Programming, 15 – 19 August 1988, Seattle, Washington. This is a slightly corrected version of
The πcalculus as a theory in linear logic: Preliminary results
 3rd Workshop on Extensions to Logic Programming, LNCS 660
, 1993
"... The agent expressions of the πcalculus can be translated into a theory of linear logic in such a way that the reflective and transitive closure of πcalculus (unlabeled) reduction is identified with “entailedby”. Under this translation, parallel composition is mapped to the multiplicative disjunct ..."
Abstract

Cited by 113 (18 self)
 Add to MetaCart
The agent expressions of the πcalculus can be translated into a theory of linear logic in such a way that the reflective and transitive closure of πcalculus (unlabeled) reduction is identified with “entailedby”. Under this translation, parallel composition is mapped to the multiplicative disjunct (“par”) and restriction is mapped to universal quantification. Prefixing, nondeterministic choice (+), replication (!), and the match guard are all represented using nonlogical constants, which are specified using a simple form of axiom, called here a process clause. These process clauses resemble Horn clauses except that they may have multiple conclusions; that is, their heads may be the par of atomic formulas. Such multiple conclusion clauses are used to axiomatize communications among agents. Given this translation, it is nature to ask to what extent proof theory can be used to understand the metatheory of the πcalculus. We present some preliminary results along this line for π0, the “propositional ” fragment of the πcalculus, which lacks restriction and value passing (π0 is a subset of CCS). Using ideas from prooftheory, we introduce coagents and show that they can specify some testing equivalences for π0. If negationasfailuretoprove is permitted as a coagent combinator, then testing equivalence based on coagents yields observational equivalence for π0. This latter result follows from observing that coagents directly represent formulas in the HennessyMilner modal logic. 1
Forum: A multipleconclusion specification logic
 Theoretical Computer Science
, 1996
"... The theory of cutfree sequent proofs has been used to motivate and justify the design of a number of logic programming languages. Two such languages, λProlog and its linear logic refinement, Lolli [15], provide for various forms of abstraction (modules, abstract data types, and higherorder program ..."
Abstract

Cited by 96 (12 self)
 Add to MetaCart
(Show Context)
The theory of cutfree sequent proofs has been used to motivate and justify the design of a number of logic programming languages. Two such languages, λProlog and its linear logic refinement, Lolli [15], provide for various forms of abstraction (modules, abstract data types, and higherorder programming) but lack primitives for concurrency. The logic programming language, LO (Linear Objects) [2] provides some primitives for concurrency but lacks abstraction mechanisms. In this paper we present Forum, a logic programming presentation of all of linear logic that modularly extends λProlog, Lolli, and LO. Forum, therefore, allows specifications to incorporate both abstractions and concurrency. To illustrate the new expressive strengths of Forum, we specify in it a sequent calculus proof system and the operational semantics of a programming language that incorporates references and concurrency. We also show that the meta theory of linear logic can be used to prove properties of the objectlanguages specified in Forum.
A MultipleConclusion MetaLogic
 In Proceedings of 9th Annual IEEE Symposium On Logic In Computer Science
, 1994
"... The theory of cutfree sequent proofs has been used to motivate and justify the design of a number of logic programming languages. Two such languages, λProlog and its linear logic refinement, Lolli [12], provide data types, higherorder programming) but lack primitives for concurrency. The logic pro ..."
Abstract

Cited by 87 (7 self)
 Add to MetaCart
(Show Context)
The theory of cutfree sequent proofs has been used to motivate and justify the design of a number of logic programming languages. Two such languages, λProlog and its linear logic refinement, Lolli [12], provide data types, higherorder programming) but lack primitives for concurrency. The logic programming language, LO (Linear Objects) [2] provides for concurrency but lacks abstraction mechanisms. In this paper we present Forum, a logic programming presentation of all of linear logic that modularly extends the languages λProlog, Lolli, and LO. Forum, therefore, allows specifications to incorporate both abstractions and concurrency. As a metalanguage, Forum greatly extends the expressiveness of these other logic programming languages. To illustrate its expressive strength, we specify in Forum a sequent calculus proof system and the operational semantics of a functional programming language that incorporates such nonfunctional features as counters and references. 1