Scope-bounded multistack pushdown systems: fixed-point, sequentialization, and tree-width

We present a novel fixed-point algorithm to solve reachability of multi-stack pushdown systems restricted to runs of bounded-scope. The followed approach is compositional, in the sense that the runs of the system are summarized by bounded-size interfaces. Moreover, it is suitable for a direct implementation and can be exploited to prove two new results. We give a sequentialization for this class of systems, i.e., for each such multi-stack pushdown system we construct an equivalent single-stack pushdown system that faithfully simulates the behaviour of each thread. We prove that the behaviour graphs (multiply nested words) for these systems have bounded three-width, and thus a number of decidability results can be derived from Courcelle’s theorem

CSeq: A Sequentialization Tool for C - (Competition Contribution)

Abstract. Sequentialization translates concurrent programs into equivalent nondeterministic sequential programs so that the different concurrent schedules no longer need to be handled explicitly. It can thus be used as a concurrency preprocessor for many sequential program verification techniques. CSeq implements sequentialization for C and uses ESBMC as sequential verification backend [5].

Policy analysis for self-administrated role-based access control

Current techniques for security analysis of administrative role-based access control (ARBAC) policies restrict themselves to the separate administration assumption that essentially separates administrative roles from regular ones. The naive algorithm of tracking all users is all that is known for the security analysis of ARBAC policies without separate administration, and the state space explosion that this results in precludes building effective tools. In contrast, the separate administration assumption greatly simplifies the analysis since it makes it sufficient to track only one user at a time. However, separation limits the expressiveness of the models and restricts modeling distributed administrative control. In this paper, we undertake a fundamental study of analysis of ARBAC policies without the separate administration restriction, and show that analysis algorithms can be built that track only a bounded number of users, where the bound depends only on the number of administrative roles in the system. Using this fundamental insight paves the way for us to design an involved heuristic to further tame the state space explosion in practical systems. Our results are also very effective when applied on policies designed under the separate administration restriction. We implement our techniques and report on experiments conducted on several realistic case studies

Security Analysis of Role-based Access Control through Program Verification

We propose a novel scheme for proving administrative role-based access control (ARBAC) policies correct with respect to security properties using the powerful abstraction based tools available for program verification. Our scheme uses a combination of abstraction and reduction to program verification to perform security analysis. We convert ARBAC policies to imperative programs that simulate the policy abstractly, and then utilize further abstract-interpretation techniques from program analysis to analyze the programs in order to prove the policies secure. We argue that the aggressive set-abstractions and numerical-abstractions we use are natural and appropriate in the access control setting. We implement our scheme using a tool called VAC that translates ARBAC policies to imperative programs followed by an interval-based static analysis of the program, and show that we can effectively prove access control policies correct. The salient feature of our approach are the abstraction schemes we develop and the reduction of role-based access control security (which has nothing to do with programs) to program verification problems

Slices of the unitary spread

We prove that slices of the unitary spread of Q(+)(7, q), q equivalent to 2 (mod 3), can be partitioned into five disjoint classes. Slices belonging to different classes are non-equivalent under the action of the subgroup of P Gamma O+(8, q) fixing the unitary spread. When q is even, there is a connection between spreads of Q(+)(7, q) and symplectic 2-spreads of PG(5, q) (see Dillon, Ph.D. thesis, 1974 and Dye, Ann. Mat. Pura Appl. (4) 114, 173-194, 1977). As a consequence of the above result we determine all the possible non-equivalent symplectic 2-spreads arising from the unitary spread of Q(+)(7, q), q = 2(2h+1). Some of these already appeared in Kantor, SIAM J. Algebr. Discrete Methods 3(2), 151-165, 1982. When q = 3(h), we classify, up to the action of the stabilizer in P Gamma O(7, q) of the unitary spread of Q(6, q), those among its slices producing spreads of the elliptic quadric Q(-)(5, q)

On the Path-Width of Integer Linear Programming

We consider the feasibility problem of integer linear programming (ILP). We show that solutions of any ILP instance can be naturally represented by an FO-definable class of graphs. For each solution there may be many graphs representing it. However, one of these graphs is of path-width at most 2n, where n is the number of variables in the instance. Since FO is decidable on graphs of bounded path- width, we obtain an alternative decidability result for ILP. The technique we use underlines a common principle to prove decidability which has previously been employed for automata with auxiliary storage. We also show how this new result links to automata theory and program verification.Comment: In Proceedings GandALF 2014, arXiv:1408.556

Monumenta tuae religionis: aspetti della committenza ecclesiastica di Giovan Francesco Gambara nella diocesi di Viterbo

L'articolo discute alcuni aspetti della commitenza ecclesiastica di Giovan Francesco Gambara, anche alla luce dell'orazione pronunciata durante le esequie del prelat

Lippi, Filippino

Biografia del pittore Filippino Lippi (voce del Dizionario Biografico degli Italiani)http://www.treccani.it/enciclopedia/filippino-lippi_%28Dizionario-Biografico%29