891 research outputs found
On the Distributability of Mobile Ambients
Modern society is dependent on distributed software systems and to verify
them different modelling languages such as mobile ambients were developed. To
analyse the quality of mobile ambients as a good foundational model for
distributed computation, we analyse the level of synchronisation between
distributed components that they can express. Therefore, we rely on earlier
established synchronisation patterns. It turns out that mobile ambients are not
fully distributed, because they can express enough synchronisation to express a
synchronisation pattern called M. However, they can express strictly less
synchronisation than the standard pi-calculus. For this reason, we can show
that there is no good and distributability-preserving encoding from the
standard pi-calculus into mobile ambients and also no such encoding from mobile
ambients into the join-calculus, i.e., the expressive power of mobile ambients
is in between these languages. Finally, we discuss how these results can be
used to obtain a fully distributed variant of mobile ambients.Comment: In Proceedings EXPRESS/SOS 2018, arXiv:1808.08071. Conference version
of arXiv:1808.0159
An overview of Boxed Ambients (Abstract)
AbstractIn this lecture we present some work we published in [2,3] and hint at some new current lines of research on information flow and security.More precisely, we describe the calculus of Boxed Ambients a variant of Cardelli and Gordon's Mobile Ambients [4] a calculus of mobile and dynamically reconfigurable agents. Boxed Ambients inherit from Mobile Ambients (part of) the mobility primitives but rely on a completely different model of communication. The new communication primitives fit nicely the design principles of Mobile Ambients, and complement the existing constructs for ambient mobility with finer-grained, and more effective, mechanisms for ambient interaction. As a result Boxed Ambients retain the expressive power and the computational flavor of Ambient Calculus, as well as the elegance of its formal presentation. In addition, they enhance the flexibility of typed communications over Mobile Ambients, and provide new insight into the relationship between synchronous and asynchronous input-output
Mutual Mobile Membranes with Timers
A feature of current membrane systems is the fact that objects and membranes
are persistent. However, this is not true in the real world. In fact, cells and
intracellular proteins have a well-defined lifetime. Inspired from these
biological facts, we define a model of systems of mobile membranes in which
each membrane and each object has a timer representing their lifetime. We show
that systems of mutual mobile membranes with and without timers have the same
computational power. An encoding of timed safe mobile ambients into systems of
mutual mobile membranes with timers offers a relationship between two
formalisms used in describing biological systems
A Mobile Ambients-based Approach for Network Attack Modelling and Simulation
Attack Graphs are an important support for assessment and subsequent improvement of network security. They reveal possible paths an attacker can take to break through security perimeters and traverse a network to reach valuable assets deep inside the network. Although scalability is no longer the main issue, Attack Graphs still have some problems that make them less useful in practice. First, Attack Graphs remain difficult to relate to the network topology. Second, Attack Graphs traditionally only consider the exploitation of vulnerable hosts. Third, Attack Graphs do not rely on automatic identification of potential attack targets. We address these gaps in our MsAMS (Multi-step Attack Modelling and Simulation) tool, based on Mobile Ambients. The tool not only allows the modelling of more static aspects of the network, such as the network topology, but also the dynamics of network attacks. In addition to Mobile Ambients, we use the PageRank algorithm to determine targets and hub scores produced by the HITS (Hypertext Induced Topic Search) algorithm to guide the simulation of an attacker searching for targets
A Mobile Ambients-based Approach for Network Attack Modelling and Simulation
Attack Graphs are an important support for assessment and subsequent improvement of network security. They reveal possible paths an attacker can take to break through security perimeters and traverse a network to reach valuable assets deep inside the network. Although scalability is no longer the main issue, Attack Graphs still have some problems that make them less useful in practice. First, Attack Graphs remain difficult to relate to the network topology. Second, Attack Graphs traditionally only consider the exploitation of vulnerable hosts. Third, Attack Graphs do not rely on automatic identification of potential attack targets. We address these gaps in our MsAMS (Multi-step Attack Modelling and Simulation) tool, based on Mobile Ambients. The tool not only allows the modelling of more static aspects of the network, such as the network topology, but also the dynamics of network attacks. In addition to Mobile Ambients, we use the PageRank algorithm to determine targets and hub scores produced by the HITS (Hypertext Induced Topic Search) algorithm to guide the simulation of an attacker searching for targets
A Type Inference Algorithm for Secure Ambients
We consider a type discipline for the Ambient Calculus that associates ambients with security levels and constrains them to be traversed by or opened in ambients of higher security clearance only. We present a bottom-up algorithm that, given an untyped process , computes a minimal set of constraints on security levels such that all actions during runs of are performed without violating the security level priorities. Such an algorithm appears to be a prerequisite to use type systems to ensure security properties in the web scenario
Expressiveness of Generic Process Shape Types
Shape types are a general concept of process types which work for many
process calculi. We extend the previously published Poly* system of shape types
to support name restriction. We evaluate the expressiveness of the extended
system by showing that shape types are more expressive than an implicitly typed
pi-calculus and an explicitly typed Mobile Ambients. We demonstrate that the
extended system makes it easier to enjoy advantages of shape types which
include polymorphism, principal typings, and a type inference implementation.Comment: Submitted to Trustworthy Global Computing (TGC) 2010
- …