A Distributed Calculus for Role-Based Access Control

Role-based access control (RBAC) is increasingly attracting attention because it reduces the complexity and cost of security administration by interposing the notion of role in the assignment of permissions to users. In this paper, we present a formal framework relying on an extension of the π calculus to study the behavior of concurrent systems in a RBAC scenario. We define a type system ensuring that the specified policy is respected during computations, and a bisimulation to equate systems. The theory is then applied to three meaningful examples, namely finding the ‘minimal’ policy to run a given system, refining a system to be run under a given policy (whenever possible), and minimizing the number of users in a given system without changing the overall behavior

Output sampling for output diversity in automatic unit test generation

Diverse test sets are able to expose bugs that test sets generated with structural coverage techniques cannot discover. Input-diverse test set generators have been shown to be effective for this, but also have limitations: e.g., they need to be complemented with semantic information derived from the Software Under Test. We demonstrate how to drive the test set generation process with semantic information in the form of output diversity. We present the first totally automatic output sampling for output diversity unit test set generation tool, called OutGen. OutGen transforms a program into an SMT formula in bit-vector arithmetic. It then applies universal hashing in order to generate an output-based diverse set of inputs. The result offers significant diversity improvements when measured as a high output uniqueness count. It achieves this by ensuring that the test set’s output probability distribution is uniform, i.e. highly diverse. The use of output sampling, as opposed to any of input sampling, CBMC, CAVM, behaviour diversity or random testing improves mutation score and bug detection by up to 4150% and 963% respectively on programs drawn from three different corpora: the R-project, SIR and CodeFlaws. OutGen test sets achieve an average mutation score of up to 92%, and 70% of the test sets detect the defect. Moreover, OutGen is the only automatic unit test generation tool that is able to detect bugs on the real number C functions from the R-project

Comparison of predicted and measured elastohydrodynamic film thickness in a 20-millimeter-bore ball bearing

Elastohydrodynamic film thicknesses were measured for a 20-mm bore ball bearing using the capacitance technique. The bearing was thrust loaded to 90, 445, and 778 N (20, 100, and 175 lb). The corresponding maximum contact stress on the inner race was 1.28, 2.09, and 2.45 GPa (185 000, 303,000, and 356, 000 psi). Test speeds ranged from 400 to 15,000 rpm. Measurements were taken with four different lubricants: (1) synthetic paraffinic; (2) synthetic paraffinic with additives; (3) synthetic type II aircraft oil; and (4) synthetic cycloaliphatic hydrocarbon traction fluid. The test bearing was mist lubricated. Test temperatures were 27, 65, and 121 C (80, 150, and 250 F). The measured results for the various test parameters were compared to theoretical predictions from computer programs. Also the data were plotted on dimensionless coordinates and compared to several classical isothermal theories

The effect of personality on collaborative task performance and interaction

Collocated, multi-user technologies, which support group-work are becoming increasingly popular. Examples include MERL's Diamondtouch and Microsoft's Surface, both of which have evolved from research prototypes to commercial products. Many applications have been developed for such technologies which support the work and entertainment needs of small groups of people. None of these applications however, have been studied in terms of the interactions and performances of their users with regards to their personality. In this paper, we address this research gap by conducting a series of user studies involving dyads working on a number of multi-user applications on the DiamondTouch tabletop device

A criterion for separating process calculi

We introduce a new criterion, replacement freeness, to discern the relative expressiveness of process calculi. Intuitively, a calculus is strongly replacement free if replacing, within an enclosing context, a process that cannot perform any visible action by an arbitrary process never inhibits the capability of the resulting process to perform a visible action. We prove that there exists no compositional and interaction sensitive encoding of a not strongly replacement free calculus into any strongly replacement free one. We then define a weaker version of replacement freeness, by only considering replacement of closed processes, and prove that, if we additionally require the encoding to preserve name independence, it is not even possible to encode a non replacement free calculus into a weakly replacement free one. As a consequence of our encodability results, we get that many calculi equipped with priority are not replacement free and hence are not encodable into mainstream calculi like CCS and pi-calculus, that instead are strongly replacement free. We also prove that variants of pi-calculus with match among names, pattern matching or polyadic synchronization are only weakly replacement free, hence they are separated both from process calculi with priority and from mainstream calculi.Comment: In Proceedings EXPRESS'10, arXiv:1011.601

Security Theorems via Model Theory

A model-theoretic approach can establish security theorems for cryptographic protocols. Formulas expressing authentication and non-disclosure properties of protocols have a special form. They are quantified implications for all xs . (phi implies for some ys . psi). Models (interpretations) for these formulas are *skeletons*, partially ordered structures consisting of a number of local protocol behaviors. Realized skeletons contain enough local sessions to explain all the behavior, when combined with some possible adversary behaviors. We show two results. (1) If phi is the antecedent of a security goal, then there is a skeleton A_phi such that, for every skeleton B, phi is satisfied in B iff there is a homomorphism from A_phi to B. (2) A protocol enforces for all xs . (phi implies for some ys . psi) iff every realized homomorphic image of A_phi satisfies psi. Hence, to verify a security goal, one can use the Cryptographic Protocol Shapes Analyzer CPSA (TACAS, 2007) to identify minimal realized skeletons, or "shapes," that are homomorphic images of A_phi. If psi holds in each of these shapes, then the goal holds

On the relative expressiveness of higher-order session processes

By integrating constructs from the λ-calculus and the π-calculus, in higher-order process calculi exchanged values may contain processes. This paper studies the relative expressiveness of HOπ, the higher-order π-calculus in which communications are governed by session types. Our main discovery is that HO, a subcalculus of HOπ which lacks name-passing and recursion, can serve as a new core calculus for session-typed higher-order concurrency. By exploring a new bisimulation for HO, we show that HO can encode HOπ fully abstractly (up to typed contextual equivalence) more precisely and efficiently than the first-order session π-calculus (π). Overall, under session types, HOπ, HO, and π are equally expressive; however, HOπ and HO are more tightly related than HOπ and π

Structure of Cryptosporidium IMP de­hydrogenase bound to an inhibitor with in vivo antiparasitic activity

Inosine 50-monophosphate dehydrogenase (IMPDH) is a promising target for the treatment of Cryptosporidium infections. Here, the structure of C. parvum IMPDH (CpIMPDH) in complex with inosine 50-monophosphate (IMP) and P131, an inhibitor with in vivo anticryptosporidial activity, is reported. P131 contains two aromatic groups, one of which interacts with the hypoxanthine ring of IMP, while the second interacts with the aromatic ring of a tyrosine in the adjacent subunit. In addition, the amine and NO2 moieties bind in hydrated cavities, forming water-mediated hydrogen bonds to the protein. The design of compounds to replace these water molecules is a new strategy for the further optimization of C. parvum inhibitors for both antiparasitic and antibacterial applications

Kanamycin resistance during in vitro development of pollen from transgenic tomato plants

Effects of kanamycin on pollen germination and tube growth of pollen from non-transformed plants and from transgenic tomato plants containing a chimaeric kanamycin resistance gene were determined. Germination of pollen was not affected by the addition of kanamycin to the medium in both genotypes. Kanamycin, however, severely affected tube growth of pollen from non-transformed plants, while pollen from plants containing the chimaeric gene were less sensitive and produced significantly longer tubes at kanamycin concentrations between 200-400 mg l-1. Apparently, this resistance for kanamycin correlates with the expression of the chimaeric gene during male gametophytic development.

Output sampling for output diversity in automatic unit test generation

Diverse test sets are able to expose bugs that test sets generated with structural coverage techniques cannot discover. Input-diverse test set generators have been shown to be effective for this, but also have limitations: e.g., they need to be complemented with semantic information derived from the Software Under Test. We demonstrate how to drive the test set generation process with semantic information in the form of output diversity. We present the first totally automatic output sampling for output diversity unit test set generation tool, called OutGen. OutGen transforms a program into an SMT formula in bit-vector arithmetic. It then applies universal hashing in order to generate an output-based diverse set of inputs. The result offers significant diversity improvements when measured as a high output uniqueness count. It achieves this by ensuring that the test set’s output probability distribution is uniform, i.e. highly diverse. The use of output sampling, as opposed to any of input sampling, CBMC, CAVM, behaviour diversity or random testing improves mutation score and bug detection by up to 4150% and 963% respectively on programs drawn from three different corpora: the R-project, SIR and CodeFlaws. OutGen test sets achieve an average mutation score of up to 92%, and 70% of the test sets detect the defect. Moreover, OutGen is the only automatic unit test generation tool that is able to detect bugs on the real number C functions from the R-project