N. Yoshida and M. Hennessy. Assigning types to processes. In 15th Annual IEEE Symposium on Logic in Computer Science (LICS), 2000.  Home/Search   Document Details and Download   Summary   Related Articles   Check

.... 29] More recently, several formal models for distributed and mobile computing have been proposed, including, for example, the Join calculus [12] the # 1l calculus [2] the Ambient calculus 5 [9] the Safe Ambient calculus [23] the Seal calculus [32] the D# calculus [20] the D## calculus [33], DiTyCO [24] Nomadic Pict [27] KLAIM [26] Oz [28] see [10] for a survey of process calculi with localities) Also, various extensions of the Actor model, such as [14] have recently been proposed which aim to adapt the actor model of computation to large scale distributed and mobile ....

N. Yoshida and M. Hennessy. Assigning types to processes. In 15th Annual IEEE Symposium on Logic in Computer Science (LICS), 2000. 10

.... [6, 7, 26, 18, 12] that for controlling resource access via policies for mandatory access control [4] that for checking that all processes that intend to perform inputs at a given channel are co located [36] that for controlling the e#ect of transmitted process abstractions over local channels [37], and that for restricting the mobility of values processes only to some part of a distributed system [25] The research line closest to ours is that on the D# calculus [24] a distributed version of the # calculus equipped with a type system to control access rights of mobile processes over ....

....with primitives for process distribution and remote process creation. Apart from the higher order and channel based communication, the main di#erence with Klaim is that D## localities are anonymous (i.e. not explicitly referrable by processes) and simply used to express process distribution. In [37], a fine grained type system for D## is defined that permits controlling the e#ect of transmitted process abstractions (parameterized with respect to channel names) over local channels. Processes are assigned fine grained types that, like interfaces, record the channels to which processes have ....

N. Yoshida and M. Hennessy. Assigning types to processes. In Proceedings of LICS'00, pages 334--348. IEEE, Computer Society Press, June 2000.

.... [6, 7, 27, 18, 12] that for controlling resource access via policies for mandatory access control [4] that for checking that all processes that intend to perform inputs at a given channel are co located [37] that for controlling the e#ect of transmitted process abstractions over local channels [38], and that for restricting the mobility of values processes only to some part of a distributed system [26] We also applied the latter approach to Klaim, defining a type system that enforces security policies by confining mobility of processes values; we left its presentation and the comparisons ....

....with primitives for process distribution and remote process creation. Apart from the higher order and channel based communication, the main di#erence with Klaim is that D## localities are anonymous (i.e. not explicitly referrable by processes) and simply used to express process distribution. In [38], a fine grained type system for D## is defined that permits controlling the e#ect of transmitted process abstractions (parameterized with respect to channel names) over local channels. Processes are assigned fine grained types that, like interfaces, record the channels to which processes have ....

N. Yoshida and M. Hennessy. Assigning types to processes. In Proceedings of LICS'00, pages 334--348. IEEE, Computer Society Press, June 2000.

....# calculus, together with primitives for process distribution and remote process creation. Apart from the higher order and channel based communication, the main di#erence with Klaim is that D## localities are not explicitly referrable by processes and just used to express process distribution. In [24], a fine grained type system for D## is defined that permits controlling the e#ect over local channels of transmitted processes parameterized w.r.t. channel names. Processes are assigned fine grained types that, like interfaces, record the channels to which processes have access together with the ....

N. Yoshida and M. Hennessy. Assigning types to processes. In Proceedings of LICS'00, pages 334--348. IEEE, 2000.

....as separate Java virtual machines [8] on different computers, where resources are transmitted from one domain to another; accordingly, a non trivial amount of effort needs to be spent on ensuring that vital resources are protected from unauthorized access. Although several foundational calculi [3, 7, 10, 22] have been proposed for the purpose of studying distributed computation, few of them have notions of access rights and can guarantee properties about resource access such as this high level integer is read only by high level processes and none of them are flexible enough to allow various ....

....m r l lfn(U) F T T Fq U:T P:Th[I] lT (TH IN) r c (V: T ) P: 6 Related Work We have already made reference to Riely and Hennessy s work [10, 11] Besides it, several other foundational calculi have been proposed for access control in distributed computation. Yoshida and Hennessy [22] proposed a type system for access control in the higher order r calculus. Their type system can be used for controlling access to resources in higher order code transmitted from one domain to another. Introducing our notion of domains into their calculus might enable finergrained access control ....

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS'00. IEEE, 2000.

....referrable by processes) and simply used to express process distribution. D## comes equipped with a type system that controls how processes use resources (i.e. channels) by guaranteeing that in well typed systems processes that intend to perform inputs at a given channel are co located. In [42], a fine grained type system for D## is defined that permits controlling the e#ect of transmitted process abstractions (parameterized with respect to channel names) over local channels. Processes are assigned fine grained types that, like interfaces, record the channels to which processes have ....

N. Yoshida and M. Hennessy. Assigning types to processes. Technical Report CS 02/99, University of Sussex, 1999.

.... decision: We steer clear of a higher order AC , where processes can exchange other processes (in addition to programs) something that will certainly reproduce many of the challenges already encountered in higher order versions of the # calculus (as in the work of Hennessy and his collaborators [YH99, YH00] for example) Our simpler (first order) version of AC raises many non trivial problems already and gives us much to investigate; moreover, with an eye to an implementation later, there is something to be said in favor of keeping our conceptual framework as simple as possible. 3 We thank ....

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS

.... decision: We steer clear of a higher order AC , where processes can exchange other processes (in addition to programs) something that will certainly reproduce many of the challenges already encountered in higher order versions of the # calculus (as in the work of Hennessy and his collaborators [YH99, YH00] for example) Our simpler (first order) version of AC raises many non trivial problems already and gives us much to investigate; moreover, with an eye to an implementation later, there is something to be said in favor of keeping our conceptual framework as simple as possible. In summary, our ....

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS

....channel may cross the boundary of an higher level area. In the box calculus [19] localities also form a xed hierarchy, and communication may cross only one locality boundary at a time. This calculus aims at controlling the ow of information between localities. The higher order calculus of [21] also deals with access control, by explicitly specifying for each input which resources may be accessed by the input process, distinguishing between read and write accesses. This calculus is objective and does not guarantee the availability of resources. Similarly, access control for Klaim [17] ....

N. Yoshida and M. Hennessy. Assigning types to processes (extended abstract). In Fifteenth Annual IEEE Symposium on Logic in Computer Science, pages 334-348. IEEE Computer Society, 2000. A Formal sets of names Denition A.1 The set of free names fn is dened as:

....a minimal type system. A summary and directions for future work conclude the article. Related Work Many works extend the basic type systems for # calculus as described in [12, 15] giving more informative types to processes. We comment those closest to our work. Yoshida and Hennessy propose in [20] a type system for a higher order # calculus that can be used to control the effects of migrating code on local environments. The type of a process takes the form of an interface limiting the resources to which it has access, and the type at which they may be used. In their type system both input ....

.... calculi, where interaction is a consequence of parallel composition (which admits arbitrary rearrangements of sub terms) all the tries are somewhat unsatisfactory: they are usually restricted to a subset of the calculus, allowing dependent types only in particular, well determined constructions [20]. Following a suggestion of Davide Sangiorgi, we decide to disallow input action on names bound by an input action. In this way interfaces cannot change during reduction: for example the process P above is not well typed, since y is first bound by an input on x and then used to perform an input ....

[Article contains additional citation context not shown here]

N. Yoshida and M. Hennessy. Assigning types to processes. In Proceedings, Fifteenth Annual IEEE Symposium on Logic in Computer Science, pages 334--348, 2000.

.... We steer clear of a higherorder ## CAC, where processes can exchange other processes (in addition to expressions) something that will certainly reproduce many of the challenges already encountered in higher order versions of the # calculus, e.g. in the work of Hennessy and his collaborators [YH99, YH00]. Since our interest is the implementation of a language based on ## CAC, there is something to be said in favor of keeping our conceptual framework as simple as possible. 143 144 ....

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS

....may cross the boundary of an higher level area. In the box calculus [16] localities also form a xed hierarchy, and communication may cross only one locality boundary at a time. The goal of this work is to control the ow of information between the localities. The higher order calculus of [17] also deals with access control, by explicitely specifying for each input which resources may be accessed by the input process, distinguishing between read and write accesses. As before, this calculus does not guarantee the availability of the resource. The work on secrecy and groups [5] also ....

N. Yoshida and M. Hennessy. Assigning types to processes (extended abstract). In Fifteenth Annual IEEE Symposium on Logic in Computer Science, pages 334-348. IEEE Computer Society, 2000. 21 A Formal sets of names Denition A.1 The set of free names fn is dened as:

....(l 2: item, data) l 2: execute(l 2,safe 2,allow 2) the wanted information is supposed to be at l 2, and each locality has its own guardian, obtained by instantiating execute with appropriate parameters. 7 Related Work The programming paradigms that are closer to ours are those in [23,24,15]. In [23,24] a process language, named D , is considered that results from the integration of the call by value calculus and the calculus, together with primitives for process distribution and remote process creation. Di erently from HotKlaim, communication is channel based and processes ....

....(item, data) l 2: execute(l 2,safe 2,allow 2) the wanted information is supposed to be at l 2, and each locality has its own guardian, obtained by instantiating execute with appropriate parameters. 7 Related Work The programming paradigms that are closer to ours are those in [23,24,15] In [23,24] a process language, named D , is considered that results from the integration of the call by value calculus and the calculus, together with primitives for process distribution and remote process creation. Di erently from HotKlaim, communication is channel based and processes cannot ....

[Article contains additional citation context not shown here]

N. Yoshida, M. Hennessy. Assigning types to processes. CS Technical Report 02/99, University of Sussex, 1999. Available at: http://www.mcs.le.ac.uk/~nyoshida, 14

.... We steer clear of a higher order AC , where processes can exchange other processes (in addition to programs) something that will certainly reproduce many of the challenges already encountered in higher order versions of the calculus (as in the work of Hennessy and his collaborators [YH99, YH00] for example) Our simpler (first order) version of AC raises many non trivial problems already and gives us much to investigate; moreover, with an eye to an implementation later, there is something to be said in favor of keeping our conceptual framework as simple as possible. 3 We thank ....

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS 2000, pp. 334--345, 2000.

.... We steer clear of a higher order AC , where processes can exchange other processes (in addition to programs) something that will certainly reproduce many of the challenges already encountered in higher order versions of the calculus (as in the work of Hennessy and his collaborators [YH99, YH00] for example) Our simpler (first order) version of AC raises many non trivial problems already and gives us much to investigate; moreover, with an eye to an implementation later, there is something to be said in favor of keeping our conceptual framework as simple as possible. In summary, our ....

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS 2000, pp. 334--345, 2000.

.... We steer clear of a higher order AC , where processes can exchange other processes (in addition to programs) something that will certainly reproduce many of the challenges already encountered in higher order versions of the calculus (as in the work of Hennessy and his collaborators [YH99, YH00] for example) Our simpler (first order) version of AC raises many non trivial problems already and gives us much to investigate; moreover, with an eye to an implementation later, there is something to be said in favor of keeping our conceptual framework as simple as possible. In summary, our ....

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS 2000, pp. 334--345, 2000.

....and discuss the duality of effects vs. services. A summary and directions for future work conclude the article. Related Work Many works extend the basic type system for calculus giving more informative types to processes. We comment those closest to our work. Yoshida and Hennessy propose in [15] a type system for a higher order calculus that can be used to control the effect of migrating code on local environments. The type of a process takes the form of an interface limiting the resources to which it has access, and the type at which they may be used. In their type system both input ....

.... calculi, where interaction is a consequence of parallel composition (which admits arbitrary rearrangements of sub terms) all the tries are somewhat unsatisfactory: they are usually restricted to a subset of the calculus, allowing dependent types only in particular, well determined constructions [15]. Following a suggestion of Davide Sangiorgi, we decide to disallow input action on names bound by an input action. In this way interfaces cannot change during reduction: for example the process P above is not well typed, since y is first bound by an input on x and then used to perform an input ....

[Article contains additional citation context not shown here]

Y. Yoshida and M. Hennessy. Assigning types to processes. In Proceedings, Fifteenth Annual IEEE Symposium on Logic in Computer Science, pages 334--348, 2000.

No context found.

Yoshida, N. and Hennessy, M., Assigning Types to Processes, Info.&.Comp, 174(2), pp. 143-179, Academic Press, 2002.

....may be declared with a type which allows both read and write access; this channel could be passed to one process, say a server, at a subtype which only allows read, or input access, and passed to a client at a di erent subtype, allowing write, or output access only. Indeed in papers such as [22,26] types are viewed as sets of capabilities, such as read access and write access, and sending a name to a process at a subtype amounts to sending it with a subset of the declared capabilities. Another important feature common to many distributed systems is the ability to test the identity of agent ....

....of the calculus into the calculus; the use of types enables stronger results to be demonstrated. In [25] complier optimisations are justi ed using a typed equivalence, for a language similar to ours. We also intend to develop typed equivalences for the higher order process language in [26,23], where types are used to protect resources and computing hosts from malicious agents; in such scenarios demonstrating that a particular policy does indeed o er host protection would amount to proving typed equivalences. We have based our notion of contextual equivalence on the approach of [11,8] ....

N. Yoshida and M. Hennessy. Assigning types to processes (extended abstract). In Proceedings, Fifteenth Annual IEEE Symposium on Logic in Computer Science, pages 334-348, Santa Barbara, US, 19-23 June 2000. IEEE Computer Society Press. 18

....of that process. Finally we show in this paper that a typing system based on these ideas can be developed for lp v and moreover it can typecheck many sophisticated instances of programs involving code abstraction and mobility. Outline of the Paper. This paper is a revised and extended version of [51, 52]; it includes detailed definitions and proofs, as well as more examples omitted from [52] Section 2 introduces the types and syntax of lp v , together with a reduction semantics for the language; it also contains two example descriptions of systems which illustrate the tractability of ....

....code mobility, such as those found in [34] Distributed Higher Order p Calculus. The Type Safety Theorem means that our typing system can be used to ensure various kinds of host security; that is, protecting hosts from untrusted imported code. In the Technical Report associated with this paper, [51], we discuss this issue more explicitly, by extending our typing system to the distributed version of lp v , given in Section 6 in [50] Once more the expressiveness of our fine grained types means that, for example, channel locality, 50] can easily be enforced; specifically there is no ....

Yoshida, N. and Hennessy, M., Assigning Types to Processes, CS Technical Report 02/99, University of Sussex, Available at: http://www.cogs.susx.ac.uk, 1999.

....of that process. Finally we show in this paper that a typing system based on these ideas can be developed for lp v and moreover it can typecheck many sophisticated instances of programs involving code abstraction and mobility. Outline of the Paper This paper is a revised and extended version of [51, 52]; it includes detailed definitions and proofs, as well as more examples omitted from [52] Section 2 introduces the types and syntax of lp v , together with a reduction semantics for the language; it also contains two example descriptions of systems which illustrate the tractability of ....

....code mobility, such as those found in [34] Distributed Higher Order p Calculus The Type Safety Theorem means that our typing system can be used to ensure various kinds of host security; that is, protecting hosts from untrusted imported code. In the Technical Report associated with this paper, [51], we discuss this issue more explicitly, by extending our typing system to the distributed version of lp v , given in Section 6 in [50] Once more the expressiveness of our finegrained types means that, for example, channel locality, 50] can easily be enforced; specifically there is no ....

Yoshida, N. and Hennessy, M., Assigning Types to Processes, CS Technical Report 02/99, University of Sussex, Available at: http://www.cogs.susx.ac.uk, 1999.

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In 15th Annual IEEE Symposium on Logic in Computer Science (LICS), 2000.

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In Proc. LICS 2000, IEEE Press, 2000.

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS'00, pages 334--345, 2000. 15 Ambient names n, m,...#N Variables x, y,...#X Names a, b,...#N#X Values V, U ::= a name

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS'00, pages 334--345, 2000.

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS'00, pages 334--345, 2000.

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In 15th Annual IEEE Symposium on Logic in Computer Science (LICS), 2000.

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS 2000, pp. 334--345, 2000.

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In 15th Annual IEEE Symposium on Logic in Computer Science (LICS), 2000. 16

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In Proceedings of LICS'00, pages 334--348. IEEE, Computer Society Press, June 2000.

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In Proc. LICS 2000, IEEE Press, 2000.

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS'00, pages 334--345, 2000.

No context found.

Yoshida, N. and Hennessy, M., Assigning Types to Processes, Info. &. Comp., Volume 174, Issue 2, 143-179, Academic Press, 2002. Extended abstract appeared in LICS'00.

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes (extended abstract). In Fifteenth Annual IEEE Symposium on Logic in Computer Science, 2000. A Formal sets of names De nition A.1 The set of free names fn is de

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In LICS

No context found.

N. Yoshida and M. Hennessy. Assigning types to processes. In 15th Annual IEEE Symposium on Logic in Computer Science (LICS), 2000.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC