Transformational typing and unification for automatically correcting insecure programs

Before starting a rigorous security analysis of a given software system, the most likely outcome is often already clear, namely that the system is not entirely secure. Modifying a program such that it passes the analysis is a difficult problem and usually left entirely to the programmer. In this article, we show that and how unification can be used to compute such program transformations. This opens a new perspective on the problem of correcting insecure programs. We also demonstrate that integrating our approach into an existing transforming type system can improve the precision of the analysis and the quality of the resulting program

Formal Aspects in Security and Trust

his book constitutes the thoroughly refereed post-proceedings of the Third International Workshop on Formal Aspects in Security and Trust, FAST 2005, held in Newcastle upon Tyne, UK in July 2005. The 17 revised papers presented together with the extended abstract of 1 invited paper were carefully reviewed and selected from 37 submissions. The papers focus on formal aspects in security and trust policy models, security protocol design and analysis, formal models of trust and reputation, logics for security and trust, distributed trust management systems, trust-based reasoning, digital assets protection, data protection, privacy and ID issues, information flow analysis, language-based security, security and trust aspects in ubiquitous computing, validation/analysis tools, web service security/trust/privacy, GRID security, security risk assessment, and case studies

Proceedings of the 3rd International Workshop on Formal Aspects in Security and Trust (FAST2005)

The present report contains the pre-proceedings of the third international Workshop on Formal Aspects in Security and Trust (FAST2005), held in Newcastle upon Tyne, 18-19 July 2005. FAST is an event affliated with the Formal Methods 2005 Congress (FM05). The third international Workshop on Formal Aspects in Security and Trust (FAST2005) aims at continuing the successful effort of the previous two FAST workshop editions for fostering the cooperation among researchers in the areas of security and trust. The new challenges offered by the so-called ambient intelligence space, as a future paradigm in the information society, demand for a coherent and rigorous framework of concepts, tools and methodologies to provide user\u27s trust&confidence on the underlying communication/interaction infrastructure. It is necessary to address issues relating to both guaranteeing security of the infrastructure and the perception of the infrastructure being secure. In addition, user confidence on what is happening must be enhanced by developing trust models effective but also easily comprehensible and manageable by users

A heuristic-based approach to code-smell detection

Encapsulation and data hiding are central tenets of the object oriented paradigm. Deciding what data and behaviour to form into a class and where to draw the line between its public and private details can make the difference between a class that is an understandable, flexible and reusable abstraction and one which is not. This decision is a difficult one and may easily result in poor encapsulation which can then have serious implications for a number of system qualities. It is often hard to identify such encapsulation problems within large software systems until they cause a maintenance problem (which is usually too late) and attempting to perform such analysis manually can also be tedious and error prone. Two of the common encapsulation problems that can arise as a consequence of this decomposition process are data classes and god classes. Typically, these two problems occur together – data classes are lacking in functionality that has typically been sucked into an over-complicated and domineering god class. This paper describes the architecture of a tool which automatically detects data and god classes that has been developed as a plug-in for the Eclipse IDE. The technique has been evaluated in a controlled study on two large open source systems which compare the tool results to similar work by Marinescu, who employs a metrics-based approach to detecting such features. The study provides some valuable insights into the strengths and weaknesses of the two approache

Meaning versus Grammar

This volume investigates the complicated relationship between grammar, computation, and meaning in natural languages. It details conditions under which meaning-driven processing of natural language is feasible, discusses an operational and accessible implementation of the grammatical cycle for Dutch, and offers analyses of a number of further conjectures about constituency and entailment in natural language

Adaptive object management for distributed systems

This thesis describes an architecture supporting the management of pluggable software components and evaluates it against the requirement for an enterprise integration platform for the manufacturing and petrochemical industries. In a distributed environment, we need mechanisms to manage objects and their interactions. At the least, we must be able to create objects in different processes on different nodes; we must be able to link them together so that they can pass messages to each other across the network; and we must deliver their messages in a timely and reliable manner. Object based environments which support these services already exist, for example ANSAware(ANSA, 1989), DEC's Objectbroker(ACA,1992), Iona's Orbix(Orbix,1994)Yet such environments provide limited support for composing applications from pluggable components. Pluggability is the ability to install and configure a component into an environment dynamically when the component is used, without specifying static dependencies between components when they are produced. Pluggability is supported to a degree by dynamic binding. Components may be programmed to import references to other components and to explore their interfaces at runtime, without using static type dependencies. Yet thus overloads the component with the responsibility to explore bindings. What is still generally missing is an efficient general-purpose binding model for managing bindings between independently produced components. In addition, existing environments provide no clear strategy for dealing with fine grained objects. The overhead of runtime binding and remote messaging will severely reduce performance where there are a lot of objects with complex patterns of interaction. We need an adaptive approach to managing configurations of pluggable components according to the needs and constraints of the environment. Management is made difficult by embedding bindings in component implementations and by relying on strong typing as the only means of verifying and validating bindings. To solve these problems we have built a set of configuration tools on top of an existing distributed support environment. Specification tools facilitate the construction of independent pluggable components. Visual composition tools facilitate the configuration of components into applications and the verification of composite behaviours. A configuration model is constructed which maintains the environmental state. Adaptive management is made possible by changing the management policy according to this state. Such policy changes affect the location of objects, their bindings, and the choice of messaging system

Principles of Security and Trust: 7th International Conference, POST 2018, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2018, Thessaloniki, Greece, April 14-20, 2018, Proceedings

authentication; computer science; computer software selection and evaluation; cryptography; data privacy; formal logic; formal methods; formal specification; internet; privacy; program compilers; programming languages; security analysis; security systems; semantics; separation logic; software engineering; specifications; verification; world wide we

Modular Logic Programming: Full Compositionality and Conflict Handling for Practical Reasoning

With the recent development of a new ubiquitous nature of data and the profusity of available knowledge, there is nowadays the need to reason from multiple sources of often incomplete and uncertain knowledge. Our goal was to provide a way to combine declarative knowledge bases – represented as logic programming modules under the answer set semantics – as well as the individual results one already inferred from them, without having to recalculate the results for their composition and without having to explicitly know the original logic programming encodings that produced such results. This posed us many challenges such as how to deal with fundamental problems of modular frameworks for logic programming, namely how to define a general compositional semantics that allows us to compose unrestricted modules. Building upon existing logic programming approaches, we devised a framework capable of composing generic logic programming modules while preserving the crucial property of compositionality, which informally means that the combination of models of individual modules are the models of the union of modules. We are also still able to reason in the presence of knowledge containing incoherencies, which is informally characterised by a logic program that does not have an answer set due to cyclic dependencies of an atom from its default negation. In this thesis we also discuss how the same approach can be extended to deal with probabilistic knowledge in a modular and compositional way. We depart from the Modular Logic Programming approach in Oikarinen & Janhunen (2008); Janhunen et al. (2009) which achieved a restricted form of compositionality of answer set programming modules. We aim at generalising this framework of modular logic programming and start by lifting restrictive conditions that were originally imposed, and use alternative ways of combining these (so called by us) Generalised Modular Logic Programs. We then deal with conflicts arising in generalised modular logic programming and provide modular justifications and debugging for the generalised modular logic programming setting, where justification models answer the question: Why is a given interpretation indeed an Answer Set? and Debugging models answer the question: Why is a given interpretation not an Answer Set? In summary, our research deals with the problematic of formally devising a generic modular logic programming framework, providing: operators for combining arbitrary modular logic programs together with a compositional semantics; We characterise conflicts that occur when composing access control policies, which are generalisable to our context of generalised modular logic programming, and ways of dealing with them syntactically: provided a unification for justification and debugging of logic programs; and semantically: provide a new semantics capable of dealing with incoherences. We also provide an extension of modular logic programming to a probabilistic setting. These goals are already covered with published work. A prototypical tool implementing the unification of justifications and debugging is available for download from http://cptkirk.sourceforge.net