Reasoning about Concurrency for Security Tunnels

There has been excellent progress on languages for rigorously describing key exchange protocols and techniques for proving that the network security tunnels they establish preserve confidentiality and integrity. New problems arise in describing and analyzing establishment protocols and tunnels when they are used as building blocks to achieve high-level security goals for network administrative domains. We introduce a language called the tunnel calculus and associated analysis techniques that can address functional problems arising in the concurrent establishment of tunnels. In particular, we use the tunnel calculus to explain and resolve cases where interleavings of establishment messages can lead to deadlock. Deadlock can be avoided by making unwelcome security compromises, but we prove that it can be eliminated systematically without such compromises using a concept of session to relate tunnels. Our main results are noninterference and progress theorems familiar to the concurrency community, but not previously applied to tunnel establishment protocols

IoT and semantic web technologies for event detection in natural disasters

This article may be used for non-commercial purposes in accordance with Wiley Terms and Conditions for Self-Archiving.Natural disasters cannot be predicted well in advance, but it is still possible to decrease the loss of life and mitigate the damages, exploiting some peculiarities that distinguish them. Smart collection, integration, and analysis of data produced by distributed sensors and services are key elements for understanding the context and supporting decision making process for disaster prevention and management. In this paper, we demonstrate how Internet of Things and Semantic Web technologies can be effectively used for abnormal event detection in the contest of an earthquake. In our proposal, a prototype system, which retrieves the data streams from IoT sensors and web services, is presented. In order to contextualize and give a meaning to the data, semantic web technologies are applied for data annotation. We evaluate our system performances by measuring the response time and other parameters that are important in a disaster detection scenario.Peer ReviewedPostprint (author's final draft

Implementing a distributed mobile calculus using the IMC framework

In the last decade, many calculi for modelling distributed mobile code have been proposed. To assess their merits and encourage use, implementations of the calculi have often been proposed. These implementations usually consist of a limited part dealing with mechanisms that are specific of the proposed calculus and of a significantly larger part handling recurrent mechanisms that are common to many calculi. Nevertheless, also the "classic" parts are often re-implemented from scratch. In this paper we show how to implement a well established representative of the family of mobile calculi, the distributed [pi]-calculus, by using a Java middleware (called IMC - Implementing Mobile Calculi) where recurrent mechanisms of distributed and mobile systems are already implemented. By means of the case study, we illustrate a methodology to accelerate the development of prototype implementations while concentrating only on the features that are specific of the calculus under consideration and relying on the common framework for all the recurrent mechanisms like network connections, code mobility, name handling, etc

A Configurable Transport Layer for CAF

The message-driven nature of actors lays a foundation for developing scalable and distributed software. While the actor itself has been thoroughly modeled, the message passing layer lacks a common definition. Properties and guarantees of message exchange often shift with implementations and contexts. This adds complexity to the development process, limits portability, and removes transparency from distributed actor systems. In this work, we examine actor communication, focusing on the implementation and runtime costs of reliable and ordered delivery. Both guarantees are often based on TCP for remote messaging, which mixes network transport with the semantics of messaging. However, the choice of transport may follow different constraints and is often governed by deployment. As a first step towards re-architecting actor-to-actor communication, we decouple the messaging guarantees from the transport protocol. We validate our approach by redesigning the network stack of the C++ Actor Framework (CAF) so that it allows to combine an arbitrary transport protocol with additional functions for remote messaging. An evaluation quantifies the cost of composability and the impact of individual layers on the entire stack

Analysis domain model for shared virtual environments

The field of shared virtual environments, which also encompasses online games and social 3D environments, has a system landscape consisting of multiple solutions that share great functional overlap. However, there is little system interoperability between the different solutions. A shared virtual environment has an associated problem domain that is highly complex raising difficult challenges to the development process, starting with the architectural design of the underlying system. This paper has two main contributions. The first contribution is a broad domain analysis of shared virtual environments, which enables developers to have a better understanding of the whole rather than the part(s). The second contribution is a reference domain model for discussing and describing solutions - the Analysis Domain Model

Sheaf Semantics for Physically Motivated Network Description with Applications

This paper introduces the notion of event space, a physically motivated mathematical model of distributed non-deterministic concurrent interaction based on Goguen's work on sheaf semantics. It provides unifying compositional semantics suitable for network and protocol description, which we demonstrate by designing a formal language, network resource calculus (NRC), for which we use the event space as a model. We sketch how NRC can be utilized in two application scenarios: specification of information-centric protocols and proof-carrying network description in protocols, that can be used together