670 research outputs found
Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures (Full version)
A widespread design approach in distributed applications based on the
service-oriented paradigm, such as web-services, consists of clearly separating
the enforcement of authorization policies and the workflow of the applications,
so that the interplay between the policy level and the workflow level is
abstracted away. While such an approach is attractive because it is quite
simple and permits one to reason about crucial properties of the policies under
consideration, it does not provide the right level of abstraction to specify
and reason about the way the workflow may interfere with the policies, and vice
versa. For example, the creation of a certificate as a side effect of a
workflow operation may enable a policy rule to fire and grant access to a
certain resource; without executing the operation, the policy rule should
remain inactive. Similarly, policy queries may be used as guards for workflow
transitions.
In this paper, we present a two-level formal verification framework to
overcome these problems and formally reason about the interplay of
authorization policies and workflow in service-oriented architectures. This
allows us to define and investigate some verification problems for SO
applications and give sufficient conditions for their decidability.Comment: 16 pages, 4 figures, full version of paper at Symposium on Secure
Computing (SecureCom09
Backward Reachability of Array-based Systems by SMT solving: Termination and Invariant Synthesis
The safety of infinite state systems can be checked by a backward
reachability procedure. For certain classes of systems, it is possible to prove
the termination of the procedure and hence conclude the decidability of the
safety problem. Although backward reachability is property-directed, it can
unnecessarily explore (large) portions of the state space of a system which are
not required to verify the safety property under consideration. To avoid this,
invariants can be used to dramatically prune the search space. Indeed, the
problem is to guess such appropriate invariants. In this paper, we present a
fully declarative and symbolic approach to the mechanization of backward
reachability of infinite state systems manipulating arrays by Satisfiability
Modulo Theories solving. Theories are used to specify the topology and the data
manipulated by the system. We identify sufficient conditions on the theories to
ensure the termination of backward reachability and we show the completeness of
a method for invariant synthesis (obtained as the dual of backward
reachability), again, under suitable hypotheses on the theories. We also
present a pragmatic approach to interleave invariant synthesis and backward
reachability so that a fix-point for the set of backward reachable states is
more easily obtained. Finally, we discuss heuristics that allow us to derive an
implementation of the techniques in the model checker MCMT, showing remarkable
speed-ups on a significant set of safety problems extracted from a variety of
sources.Comment: Accepted for publication in Logical Methods in Computer Scienc
Flow Logic
Flow networks have attracted a lot of research in computer science. Indeed,
many questions in numerous application areas can be reduced to questions about
flow networks. Many of these applications would benefit from a framework in
which one can formally reason about properties of flow networks that go beyond
their maximal flow. We introduce Flow Logics: modal logics that treat flow
functions as explicit first-order objects and enable the specification of rich
properties of flow networks. The syntax of our logic BFL* (Branching Flow
Logic) is similar to the syntax of the temporal logic CTL*, except that atomic
assertions may be flow propositions, like or , for
, which refer to the value of the flow in a vertex, and
that first-order quantification can be applied both to paths and to flow
functions. We present an exhaustive study of the theoretical and practical
aspects of BFL*, as well as extensions and fragments of it. Our extensions
include flow quantifications that range over non-integral flow functions or
over maximal flow functions, path quantification that ranges over paths along
which non-zero flow travels, past operators, and first-order quantification of
flow values. We focus on the model-checking problem and show that it is
PSPACE-complete, as it is for CTL*. Handling of flow quantifiers, however,
increases the complexity in terms of the network to , even
for the LFL and BFL fragments, which are the flow-counterparts of LTL and CTL.
We are still able to point to a useful fragment of BFL* for which the
model-checking problem can be solved in polynomial time. Finally, we introduce
and study the query-checking problem for BFL*, where under-specified BFL*
formulas are used for network exploration
Deciding First-Order Satisfiability when Universal and Existential Variables are Separated
We introduce a new decidable fragment of first-order logic with equality,
which strictly generalizes two already well-known ones -- the
Bernays-Sch\"onfinkel-Ramsey (BSR) Fragment and the Monadic Fragment. The
defining principle is the syntactic separation of universally quantified
variables from existentially quantified ones at the level of atoms. Thus, our
classification neither rests on restrictions on quantifier prefixes (as in the
BSR case) nor on restrictions on the arity of predicate symbols (as in the
monadic case). We demonstrate that the new fragment exhibits the finite model
property and derive a non-elementary upper bound on the computing time required
for deciding satisfiability in the new fragment. For the subfragment of prenex
sentences with the quantifier prefix the
satisfiability problem is shown to be complete for NEXPTIME. Finally, we
discuss how automated reasoning procedures can take advantage of our results.Comment: Extended version of our LICS 2016 conference paper, 23 page
Computer Aided Verification
The open access two-volume set LNCS 11561 and 11562 constitutes the refereed proceedings of the 31st International Conference on Computer Aided Verification, CAV 2019, held in New York City, USA, in July 2019. The 52 full papers presented together with 13 tool papers and 2 case studies, were carefully reviewed and selected from 258 submissions. The papers were organized in the following topical sections: Part I: automata and timed systems; security and hyperproperties; synthesis; model checking; cyber-physical systems and machine learning; probabilistic systems, runtime techniques; dynamical, hybrid, and reactive systems; Part II: logics, decision procedures; and solvers; numerical programs; verification; distributed systems and networks; verification and invariants; and concurrency
Monotonic Abstraction Techniques: from Parametric to Software Model Checking
Monotonic abstraction is a technique introduced in model checking
parameterized distributed systems in order to cope with transitions containing
global conditions within guards. The technique has been re-interpreted in a
declarative setting in previous papers of ours and applied to the verification
of fault tolerant systems under the so-called "stopping failures" model. The
declarative reinterpretation consists in logical techniques (quantifier
relativizations and, especially, quantifier instantiations) making sense in a
broader context. In fact, we recently showed that such techniques can
over-approximate array accelerations, so that they can be employed as a
meaningful (and practically effective) component of CEGAR loops in software
model checking too.Comment: In Proceedings MOD* 2014, arXiv:1411.345
Foundations of Software Science and Computation Structures
This open access book constitutes the proceedings of the 25th International Conference on Foundations of Software Science and Computational Structures, FOSSACS 2022, which was held during April 4-6, 2022, in Munich, Germany, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022. The 23 regular papers presented in this volume were carefully reviewed and selected from 77 submissions. They deal with research on theories and methods to support the analysis, integration, synthesis, transformation, and verification of programs and software systems
An Algebraic Model For Quorum Systems
Quorum systems are a key mathematical abstraction in distributed
fault-tolerant computing for capturing trust assumptions. A quorum system is a
collection of subsets of all processes, called quorums, with the property that
each pair of quorums have a non-empty intersection. They can be found at the
core of many reliable distributed systems, such as cloud computing platforms,
distributed storage systems and blockchains. In this paper we give a new
interpretation of quorum systems, starting with classical majority-based quorum
systems and extending this to Byzantine quorum systems. We propose an algebraic
representation of the theory underlying quorum systems making use of
multivariate polynomial ideals, incorporating properties of these systems, and
studying their algebraic varieties. To achieve this goal we will exploit
properties of Boolean Groebner bases. The nice nature of Boolean Groebner bases
allows us to avoid part of the combinatorial computations required to check
consistency and availability of quorum systems. Our results provide a novel
approach to test quorum systems properties from both algebraic and algorithmic
perspectives.Comment: 15 pages, 3 algorithm
- …