Mungo and StMungo: tools for typechecking protocols in Java

We present two tools that support static typechecking of communica- tion protocols in Java. Mungo associates Java classes with typestate specifications, which are state machines defining permitted sequences of method calls. StMungo translates a communication protocol specified in the Scribble protocol description language into a typestate specification for each role in the protocol by following the message sequence. Role implementations can be typechecked by Mungo to ensure that they satisfy their protocols, and then compiled as usual with javac. We demonstrate the Scribble, StMungo and Mungo toolchain via a typechecked POP3 client that can communicate with a real-world POP3 server

The ‘Work Grammar’ educational documentary film format in the Italian VET context (1958-1978): Some considerations on the evolution of film content and language

Context: This paper is part of my research on the birth and evolution of the „work grammar” VET audiovisual format in the second half of the XX century, aiming at clarifying how historical, cultural, and political circumstances have contributed to shaping a new educational dis-course in the Italian audiovisuals for vocational training. Approach: The research is based on multiple approaches: A) the study of VET audiovisual production and policies (and their relationship to the general VET policy in Italy and the general background of Italian society), since the days when the „work grammars” were first issued in the 1950s. It is also based: B) on the attempt to analyse the cinematic discourse of these films through the study of their content and structure and the interpretation of the cinematic language they use and its evolution. Findings: Crossing these two approaches, some original research themes have emerged. One is being developed in this paper: some important developments in the content and style of the „work grammars” were not only consequences of intentional educational or VET policy. They were rather caused by the evolution of Italian society into a modern free market. Conclusion: The work grammars evolved (in form and content) not only under the pressure of Italian VET policy and of parallel didactic evolutions in other forms (e.g. traditional non-audiovisual courses) of VET, but also under the influence of the laws on cinematographic production and fruition and eventually, thanks to the advent of commercial television and the changes that ensued in the Italian audiovisual scenario

A System For Visual Role-Based Policy Modelling

The definition of security policies in information systems and programming applications is often accomplished through traditional low level languages that are difficult to use. This is a remarkable drawback if we consider that security policies are often specified and maintained by top level enterprise managers who would probably prefer to use simplified, metaphor oriented policy management tools. To support all the different kinds of users we propose a suite of visual languages to specify access and security policies according to the role based access control (RBAC) model. Moreover, a system implementing the proposed visual languages is proposed. The system provides a set of tools to enable a user to visually edit security policies and to successively translate them into (eXtensible Access Control Markup Language) code, which can be managed by a Policy Based Management System supporting such policy language. The system and the visual approach have been assessed by means of usability studies and of several case studies. The one presented in this paper regards the configuration of access policies for a multimedia content management platform providing video streaming services also accessible through mobile devices

WWW Programming using computational logic systems (and the PiLLoW/Ciao library)

We discuss from a practical point of view a number of issues involved in writing Internet and WWW applications using LP/CLP systems. We describe Pd_l_oW, a public-domain Internet and WWW programming library for LP/CLP systems which we argüe significantly simplifies the process of writing such applications. Pd_l_oW provides facilities for generating HTML structured documents, producing HTML forms, writing form handlers, accessing and parsing WWW documents, and accessing code posted at HTTP addresses. We also describe the architecture of some application classes, using a high-level model of client-server interaction, active modules. We then propose an architecture for automatic LP/CLP code downloading for local execution, using generic browsers. Finally, we also provide an overview of related work on the topic. The PiLLoW library has been developed in the context of the &- Prolog and CIAO systems, but it has been adapted to a number of popular LP/CLP systems, supporting most of its functionality

Model-Based Security Testing

Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST) is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.Comment: In Proceedings MBT 2012, arXiv:1202.582

EMI REGISTRY MANUAL

EMI REGISTRY MANUA