19,497 research outputs found
KLAIM: A Kernel Language for Agents Interaction and Mobility
We investigate the issue of designing a kernel programming language for mobile computing and describe KLAIM, a language that supports a programming paradigm where processes, like data, can be moved from one computing environment to another. The language consists of a core Linda with multiple tuple spaces and of a set of operators for building processes. KLAIM naturally supports programming with explicit localities. Localities are first-class data (they can be manipulated like any other data), but the language provides coordination mechanisms to control the interaction protocols among located processes. The formal operational semantics is useful for discussing the design of the language and provides guidelines for implementations. KLAIM is equipped with a type system that statically checks access rights violations of mobile agents. Types are used to describe the intentions (read, write, execute, etc.) of processes in relation to the various localities. The type system is used to determine the operations that processes want to perform at each locality, and to check whether they comply with the declared intentions and whether they have the necessary rights to perform the intended operations at the specific localities. Via a series of examples, we show that many mobile code programming paradigms can be naturally implemented in our kernel language. We also present a prototype implementaton of KLAIM in Java
Architecture Description for Mobile Distributed Systems
In this paper we motivate an Architecture Description Language (ADL) for mobile distributed systems based on the Ļ-calculus. Different from other approaches, the non-functional properties, which are essential when mobile architectures are described, are treated in a flexible manner by inserting logical formulae for expressing and checking non-functional properties into Ļ-calculus processes. A formal example is
given to illustrate the approach before the constituents of the ADL are sketched
Location and link failure in a distributed Ļ-calculus
We develop a behavioural theory of distributed systems in the presence of failures. The framework we use is that of DĻ, a language in which located processes, or agents, may migrate between dynamically created locations. These processes run on a distributed network, in which individual nodes may fail, or the links between them may be broken. The original language, DĻ, is extended by a new construct for detecting and reacting to these failures together with constructs that induce failure. We define a bisimulation equivalence between these systems, based on labelled actions which record, in addition to the effect actions have on the processes, the actual state of the underlying network and the view of this state known to observers. We prove that the equivalence is fully abstract, in the sense that two systems will be differentiated if and only if, in some sense, there is a computational context, consisting of a network and an observer, which can see the difference.peer-reviewe
CPL: A Core Language for Cloud Computing -- Technical Report
Running distributed applications in the cloud involves deployment. That is,
distribution and configuration of application services and middleware
infrastructure. The considerable complexity of these tasks resulted in the
emergence of declarative JSON-based domain-specific deployment languages to
develop deployment programs. However, existing deployment programs unsafely
compose artifacts written in different languages, leading to bugs that are hard
to detect before run time. Furthermore, deployment languages do not provide
extension points for custom implementations of existing cloud services such as
application-specific load balancing policies.
To address these shortcomings, we propose CPL (Cloud Platform Language), a
statically-typed core language for programming both distributed applications as
well as their deployment on a cloud platform. In CPL, application services and
deployment programs interact through statically typed, extensible interfaces,
and an application can trigger further deployment at run time. We provide a
formal semantics of CPL and demonstrate that it enables type-safe, composable
and extensible libraries of service combinators, such as load balancing and
fault tolerance.Comment: Technical report accompanying the MODULARITY '16 submissio
A Coordination Language for Databases
We present a coordination language for the modeling of distributed database
applications. The language, baptized Klaim-DB, borrows the concepts of
localities and nets of the coordination language Klaim but re-incarnates the
tuple spaces of Klaim as databases. It provides high-level abstractions and
primitives for the access and manipulation of structured data, with integrity
and atomicity considerations. We present the formal semantics of Klaim-DB and
develop a type system that avoids potential runtime errors such as certain
evaluation errors and mismatches of data format in tables, which are monitored
in the semantics. The use of the language is illustrated in a scenario where
the sales from different branches of a chain of department stores are
aggregated from their local databases. Raising the abstraction level and
encapsulating integrity checks in the language primitives have benefited the
modeling task considerably
Types for Location and Data Security in Cloud Environments
Cloud service providers are often trusted to be genuine, the damage caused by
being discovered to be attacking their own customers outweighs any benefits
such attacks could reap. On the other hand, it is expected that some cloud
service users may be actively malicious. In such an open system, each location
may run code which has been developed independently of other locations (and
which may be secret). In this paper, we present a typed language which ensures
that the access restrictions put on data on a particular device will be
observed by all other devices running typed code. Untyped, compromised devices
can still interact with typed devices without being able to violate the
policies, except in the case when a policy directly places trust in untyped
locations. Importantly, our type system does not need a middleware layer or all
users to register with a preexisting PKI, and it allows for devices to
dynamically create new identities. The confidentiality property guaranteed by
the language is defined for any kind of intruder: we consider labeled
bisimilarity i.e. an attacker cannot distinguish two scenarios that differ by
the change of a protected value. This shows our main result that, for a device
that runs well typed code and only places trust in other well typed devices,
programming errors cannot cause a data leakage.Comment: Short version to appear in Computer Security Foundations Symposium
(CSF'17), August 201
A Distributed Calculus for Role-Based Access Control
Role-based access control (RBAC) is increasingly attracting attention because it reduces the complexity and cost of security administration by interposing the notion of role in the assignment of permissions to users. In this paper, we present a formal framework relying on an extension of the Ļ calculus to study the behavior of concurrent systems in a RBAC scenario. We define a type system ensuring that the specified policy is respected during computations, and a bisimulation to equate systems. The theory is then applied to three meaningful examples, namely finding the āminimalā policy to run a given system, refining a system to be run under a given policy (whenever possible), and minimizing the number of users in a given system without changing the overall behavior
Acute: high-level programming language design for distributed computation
Existing languages provide good support for typeful programming of standalone programs. In a distributed system, however, there may be interaction between multiple instances of many distinct programs, sharing some (but not necessarily all) of their module structure, and with some instances rebuilt with new versions of certain modules as time goes on. In this paper we discuss programming language support for such systems, focussing on their typing and naming issues. We describe an experimental language, Acute, which extends an ML core to support distributed development, deployment, and execution, allowing type-safe interaction between separately-built programs. The main features are: (1) type-safe marshalling of arbitrary values; (2) type names that are generated (freshly and by hashing) to ensure that type equality tests suffice to protect the invariants of abstract types, across the entire distributed system; (3) expression-level names generated to ensure that name equality tests suffice for type-safety of associated values, e.g. values carried on named channels; (4) controlled dynamic rebinding of marshalled values to local resources; and (5) thunkification of threads and mutexes to support computation mobility. These features are a large part of what is needed for typeful distributed programming. They are a relatively lightweight extension of ML, should be efficiently implementable, and are expressive enough to enable a wide variety of distributed infrastructure layers to be written as simple library code above the byte-string network and persistent store APIs. This disentangles the language runtime from communication intricacies. This paper highlights the main design choices in Acute. It is supported by a full language definition (of typing, compilation, and operational semantics), by a prototype implementation, and by example distribution libraries
Type systems for distributed programs: session communication
Distributed systems are everywhere around us and guaranteeing their correctness is of paramount importance. It is natural to expect that these systems interact and communicate among them to achieve a common task.
In this work, we develop techniques based on types and type systems for the verification of correctness, consistency and safety properties related to communication in complex distributed systems. We study advanced safety properties related to communication, like deadlock or lock freedom and progress. We study session types in the pi-calculus describing distributed systems and communication-centric computation. Most importantly, we de- fine an encoding of the session pi-calculus into the standard typed pi-calculus in order to understand the expressive power of these concurrent calculi. We show how to derive in the session pi-calculus basic properties, like type safety or complex ones, like progress, by exploiting this encoding
- ā¦