9,669 research outputs found
Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures (Full version)
A widespread design approach in distributed applications based on the
service-oriented paradigm, such as web-services, consists of clearly separating
the enforcement of authorization policies and the workflow of the applications,
so that the interplay between the policy level and the workflow level is
abstracted away. While such an approach is attractive because it is quite
simple and permits one to reason about crucial properties of the policies under
consideration, it does not provide the right level of abstraction to specify
and reason about the way the workflow may interfere with the policies, and vice
versa. For example, the creation of a certificate as a side effect of a
workflow operation may enable a policy rule to fire and grant access to a
certain resource; without executing the operation, the policy rule should
remain inactive. Similarly, policy queries may be used as guards for workflow
transitions.
In this paper, we present a two-level formal verification framework to
overcome these problems and formally reason about the interplay of
authorization policies and workflow in service-oriented architectures. This
allows us to define and investigate some verification problems for SO
applications and give sufficient conditions for their decidability.Comment: 16 pages, 4 figures, full version of paper at Symposium on Secure
Computing (SecureCom09
Logical, mechanical and historical time in economics
Within the economic theory different notions of time imply alternative analytical structures. This article discusses and rejects the methodological dichotomy between âtemporalâ and âa-temporalâ models (equilibrium and disequilibrium models) in economics. Different notions of time are identified âlogical, mechanical and historical time- which enable to specify corresponding sequential methods and to address different questions within the economic theory. Some analytical implications are examined. In the light of the proposed methodological distinction different theories of the rate of interest are evaluated and new light is thrown on the important debate on finance which arose in the â30s among Keynes, Robertson and representatives of the Swedish School (Ohlin).Time and causality in economics; Keynes,Robertson and the Swedish School on finance
Metatheory of actions: beyond consistency
Consistency check has been the only criterion for theory evaluation in
logic-based approaches to reasoning about actions. This work goes beyond that
and contributes to the metatheory of actions by investigating what other
properties a good domain description in reasoning about actions should have. We
state some metatheoretical postulates concerning this sore spot. When all
postulates are satisfied together we have a modular action theory. Besides
being easier to understand and more elaboration tolerant in McCarthy's sense,
modular theories have interesting properties. We point out the problems that
arise when the postulates about modularity are violated and propose algorithmic
checks that can help the designer of an action theory to overcome them
Applied Type System: An Approach to Practical Programming with Theorem-Proving
The framework Pure Type System (PTS) offers a simple and general approach to
designing and formalizing type systems. However, in the presence of dependent
types, there often exist certain acute problems that make it difficult for PTS
to directly accommodate many common realistic programming features such as
general recursion, recursive types, effects (e.g., exceptions, references,
input/output), etc. In this paper, Applied Type System (ATS) is presented as a
framework for designing and formalizing type systems in support of practical
programming with advanced types (including dependent types). In particular, it
is demonstrated that ATS can readily accommodate a paradigm referred to as
programming with theorem-proving (PwTP) in which programs and proofs are
constructed in a syntactically intertwined manner, yielding a practical
approach to internalizing constraint-solving needed during type-checking. The
key salient feature of ATS lies in a complete separation between statics, where
types are formed and reasoned about, and dynamics, where programs are
constructed and evaluated. With this separation, it is no longer possible for a
program to occur in a type as is otherwise allowed in PTS. The paper contains
not only a formal development of ATS but also some examples taken from
ats-lang.org, a programming language with a type system rooted in ATS, in
support of employing ATS as a framework to formulate advanced type systems for
practical programming
A Foundational View on Integration Problems
The integration of reasoning and computation services across system and
language boundaries is a challenging problem of computer science. In this
paper, we use integration for the scenario where we have two systems that we
integrate by moving problems and solutions between them. While this scenario is
often approached from an engineering perspective, we take a foundational view.
Based on the generic declarative language MMT, we develop a theoretical
framework for system integration using theories and partial theory morphisms.
Because MMT permits representations of the meta-logical foundations themselves,
this includes integration across logics. We discuss safe and unsafe integration
schemes and devise a general form of safe integration
Formalizing structured file services for the data storage and retrieval subsystem of the data management system for Spacestation Freedom
A brief example of the use of formal methods techniques in the specification of a software system is presented. The report is part of a larger effort targeted at defining a formal methods pilot project for NASA. One possible application domain that may be used to demonstrate the effective use of formal methods techniques within the NASA environment is presented. It is not intended to provide a tutorial on either formal methods techniques or the application being addressed. It should, however, provide an indication that the application being considered is suitable for a formal methods by showing how such a task may be started. The particular system being addressed is the Structured File Services (SFS), which is a part of the Data Storage and Retrieval Subsystem (DSAR), which in turn is part of the Data Management System (DMS) onboard Spacestation Freedom. This is a software system that is currently under development for NASA. An informal mathematical development is presented. Section 3 contains the same development using Penelope (23), an Ada specification and verification system. The complete text of the English version Software Requirements Specification (SRS) is reproduced in Appendix A
State-of-the-art on evolution and reactivity
This report starts by, in Chapter 1, outlining aspects of querying and updating resources on
the Web and on the Semantic Web, including the development of query and update languages
to be carried out within the Rewerse project.
From this outline, it becomes clear that several existing research areas and topics are of
interest for this work in Rewerse. In the remainder of this report we further present state of
the art surveys in a selection of such areas and topics. More precisely: in Chapter 2 we give
an overview of logics for reasoning about state change and updates; Chapter 3 is devoted to briefly describing existing update languages for the Web, and also for updating logic programs;
in Chapter 4 event-condition-action rules, both in the context of active database systems and
in the context of semistructured data, are surveyed; in Chapter 5 we give an overview of some relevant rule-based agents frameworks
- âŠ