49 research outputs found
Execution Models for Choreographies and Cryptoprotocols
A choreography describes a transaction in which several principals interact.
Since choreographies frequently describe business processes affecting
substantial assets, we need a security infrastructure in order to implement
them safely. As part of a line of work devoted to generating cryptoprotocols
from choreographies, we focus here on the execution models suited to the two
levels.
We give a strand-style semantics for choreographies, and propose a special
execution model in which choreography-level messages are faithfully delivered
exactly once. We adapt this model to handle multiparty protocols in which some
participants may be compromised.
At level of cryptoprotocols, we use the standard Dolev-Yao execution model,
with one alteration. Since many implementations use a "nonce cache" to discard
multiply delivered messages, we provide a semantics for at-most-once delivery
Analysis and Verification of Service Interaction Protocols - A Brief Survey
Modeling and analysis of interactions among services is a crucial issue in
Service-Oriented Computing. Composing Web services is a complicated task which
requires techniques and tools to verify that the new system will behave
correctly. In this paper, we first overview some formal models proposed in the
literature to describe services. Second, we give a brief survey of verification
techniques that can be used to analyse services and their interaction. Last, we
focus on the realizability and conformance of choreographies.Comment: In Proceedings TAV-WEB 2010, arXiv:1009.330
COWS: A Timed Service-Oriented Calculus
COWS (Calculus for Orchestration of Web Services) is a foundational language for Service Oriented Computing that combines in an original way a number of ingredients borrowed from well-known process calculi, e.g. asynchronous communication, polyadic synchronization, pattern matching, protection, delimited receiving and killing activities, while resulting different from any of them. In this paper, we extend COWS with timed orchestration constructs, this way we obtain a language capable of completely formalizing the semantics of WS-BPEL, the ‘de facto’ standard language for orchestration of web services. We present the semantics of the extended language and illustrate its peculiarities and expressiveness by means of several examples
Reasoning About a Service-oriented Programming Paradigm
This paper is about a new way for programming distributed applications: the
service-oriented one. It is a concept paper based upon our experience in
developing a theory and a language for programming services. Both the
theoretical formalization and the language interpreter showed us the evidence
that a new programming paradigm exists. In this paper we illustrate the basic
features it is characterized by
Parameterized Concurrent Multi-Party Session Types
Session types have been proposed as a means of statically verifying
implementations of communication protocols. Although prior work has been
successful in verifying some classes of protocols, it does not cope well with
parameterized, multi-actor scenarios with inherent asynchrony. For example, the
sliding window protocol is inexpressible in previously proposed session type
systems. This paper describes System-A, a new typing language which overcomes
many of the expressiveness limitations of prior work. System-A explicitly
supports asynchrony and parallelism, as well as multiple forms of
parameterization. We define System-A and show how it can be used for the static
verification of a large class of asynchronous communication protocols.Comment: In Proceedings FOCLASA 2012, arXiv:1208.432
Choreographies with Secure Boxes and Compromised Principals
We equip choreography-level session descriptions with a simple abstraction of
a security infrastructure. Message components may be enclosed within (possibly
nested) "boxes" annotated with the intended source and destination of those
components. The boxes are to be implemented with cryptography. Strand spaces
provide a semantics for these choreographies, in which some roles may be played
by compromised principals. A skeleton is a partially ordered structure
containing local behaviors (strands) executed by regular (non-compromised)
principals. A skeleton is realized if it contains enough regular strands so
that it could actually occur, in combination with any possible activity of
compromised principals. It is delivery guaranteed (DG) realized if, in
addition, every message transmitted to a regular participant is also delivered.
We define a novel transition system on skeletons, in which the steps add
regular strands. These steps solve tests, i.e. parts of the skeleton that could
not occur without additional regular behavior. We prove three main results
about the transition system. First, each minimal DG realized skeleton is
reachable, using the transition system, from any skeleton it embeds. Second, if
no step is possible from a skeleton A, then A is DG realized. Finally, if a DG
realized B is accessible from A, then B is minimal. Thus, the transition system
provides a systematic way to construct the possible behaviors of the
choreography, in the presence of compromised principals
Softly safely spoken: Role playing for Session Types
Session types have made much progress at permitting programs be statically verified concordant with a specified protocol. However, it is difficult to build abstractions of, or encapsulate Session types, thus limiting their flexibility. Global session types add further constraints to communication, by permitting the order of exchanges amongst many participants to be specified. The cost is that the number of participants is statically fixed. We introduce Roles in which, similarly to global session types, the number of roles and the conversations involving roles are statically known, but participants can dynamically join and leave roles and the number of participants within a role is not statically known. Statically defined roles which conform to a specified conversation can be dynamically instantiated, participants can be members of multiple roles simultaneously and can participate in multiple conversations concurrently
A Graphical Approach to Progress for Structured Communication in Web Services
We investigate a graphical representation of session invocation
interdependency in order to prove progress for the pi-calculus with sessions
under the usual session typing discipline. We show that those processes whose
associated dependency graph is acyclic can be brought to reduce. We call such
processes transparent processes. Additionally, we prove that for well-typed
processes where services contain no free names, such acyclicity is preserved by
the reduction semantics.
Our results encompass programs (processes containing neither free nor
restricted session channels) and higher-order sessions (delegation).
Furthermore, we give examples suggesting that transparent processes constitute
a large enough class of processes with progress to have applications in modern
session-based programming languages for web services.Comment: In Proceedings ICE 2010, arXiv:1010.530
Amending Contracts for Choreographies
Distributed interactions can be suitably designed in terms of choreographies.
Such abstractions can be thought of as global descriptions of the coordination
of several distributed parties. Global assertions define contracts for
choreographies by annotating multiparty session types with logical formulae to
validate the content of the exchanged messages. The introduction of such
constraints is a critical design issue as it may be hard to specify contracts
that allow each party to be able to progress without violating the contract. In
this paper, we propose three methods that automatically correct inconsistent
global assertions. The methods are compared by discussing their applicability
and the relationships between the amended global assertions and the original
(inconsistent) ones.Comment: In Proceedings ICE 2011, arXiv:1108.014
Service discovery and negotiation with COWS
To provide formal foundations to current (web) services technologies, we put forward using COWS, a process calculus for specifying, combining and analysing services, as a uniform formalism for modelling all the relevant phases of the life cycle of service-oriented applications, such as publication, discovery, negotiation, deployment and execution. In this paper, we show that constraints and operations on them can be smoothly incorporated in COWS, and propose a disciplined way to model multisets of constraints and to manipulate them through appropriate interaction protocols. Therefore, we demonstrate that also QoS requirement specifications and SLA achievements, and the phases of dynamic service discovery and negotiation can be comfortably modelled in COWS. We illustrate our approach through a scenario for a service-based web hosting provider