15,700 research outputs found
Scheduler-specific Confidentiality for Multi-Threaded Programs and Its Logic-Based Verification
Observational determinism has been proposed in the literature as a way to ensure confidentiality for multi-threaded programs. Intuitively, a program is observationally deterministic if the behavior of the public variables is deterministic, i.e., independent of the private variables and the scheduling policy. Several formal definitions of observational determinism exist, but all of them have shortcomings; for example they accept insecure programs or they reject too many innocuous programs. Besides, the role of schedulers was ignored in all the proposed definitions. A program that is secure under one kind of scheduler might not be secure when executed with a different scheduler. The existing definitions do not ensure that an accepted program behaves securely under the scheduler that is used to deploy the program. Therefore, this paper proposes a new formalization of scheduler-specific observational determinism. It accepts programs that are secure when executed under a specific scheduler. Moreover, it is less restrictive on harmless programs under a particular scheduling policy. In addition, we discuss how compliance with our definition can be verified, using model checking. We use the idea of self-composition and we rephrase the observational determinism property for a single program as a temporal logic formula over the program executed in parallel with an independent copy of itself. Thus two states reachable during the execution of are combined into a reachable program state of the self-composed program. This allows to compare two program executions in a single temporal logic formula. The actual characterization is done in two steps. First we discuss how stuttering equivalence can be characterized as a temporal logic formula. Observational determinism is then expressed in terms of the stuttering equivalence characterization. This results in a conjunction of an LTL and a CTL formula, that are amenable to model checking
On Properties of Update Sequences Based on Causal Rejection
We consider an approach to update nonmonotonic knowledge bases represented as
extended logic programs under answer set semantics. New information is
incorporated into the current knowledge base subject to a causal rejection
principle enforcing that, in case of conflicts, more recent rules are preferred
and older rules are overridden. Such a rejection principle is also exploited in
other approaches to update logic programs, e.g., in dynamic logic programming
by Alferes et al. We give a thorough analysis of properties of our approach, to
get a better understanding of the causal rejection principle. We review
postulates for update and revision operators from the area of theory change and
nonmonotonic reasoning, and some new properties are considered as well. We then
consider refinements of our semantics which incorporate a notion of minimality
of change. As well, we investigate the relationship to other approaches,
showing that our approach is semantically equivalent to inheritance programs by
Buccafurri et al. and that it coincides with certain classes of dynamic logic
programs, for which we provide characterizations in terms of graph conditions.
Therefore, most of our results about properties of causal rejection principle
apply to these approaches as well. Finally, we deal with computational
complexity of our approach, and outline how the update semantics and its
refinements can be implemented on top of existing logic programming engines.Comment: 59 pages, 2 figures, 3 tables, to be published in "Theory and
Practice of Logic Programming
Towards Closed World Reasoning in Dynamic Open Worlds (Extended Version)
The need for integration of ontologies with nonmonotonic rules has been
gaining importance in a number of areas, such as the Semantic Web. A number of
researchers addressed this problem by proposing a unified semantics for hybrid
knowledge bases composed of both an ontology (expressed in a fragment of
first-order logic) and nonmonotonic rules. These semantics have matured over
the years, but only provide solutions for the static case when knowledge does
not need to evolve. In this paper we take a first step towards addressing the
dynamics of hybrid knowledge bases. We focus on knowledge updates and,
considering the state of the art of belief update, ontology update and rule
update, we show that current solutions are only partial and difficult to
combine. Then we extend the existing work on ABox updates with rules, provide a
semantics for such evolving hybrid knowledge bases and study its basic
properties. To the best of our knowledge, this is the first time that an update
operator is proposed for hybrid knowledge bases.Comment: 40 pages; an extended version of the article published in Theory and
Practice of Logic Programming, 10 (4-6): 547 - 564, July. Copyright 2010
Cambridge University Pres
- …