The Experts below are selected from a list of 1761957 Experts worldwide ranked by ideXlab platform
Chun Yan - One of the best experts on this subject based on the ideXlab platform.
-
Soundness preservation in composed logical time workflow nets
Enterprise Information Systems, 2012Co-Authors: Wei Liu, Chun YanAbstract:An interorganisational logical time workflow net is formed by composing multiple logical time workflow nets via interface data places. However, even though each logical time workflow net is sound, the Soundness of the composed one is indeterminate. This article addresses the issues related to Soundness preservation when logical time workflow nets are composed. First, the reasons that the composed interorganisational logical time workflow net does not preserve Soundness are discussed. Second, because the Soundness is hard to be decided, an important class of interorganisational logical time workflow nets is put forward and the conditions to preserve Soundness are proposed. The results can be used by the designers of cooperative workflows because the method in this article can reduce the analysis complexity based on the static structure of interorganisational logical time workflow nets. Next, an example of the online sale system is given to verify the effectiveness of the proposed method. Furthermore, the l...
Matthias Felleisen - One of the best experts on this subject based on the ideXlab platform.
-
contract Soundness for object oriented languages
Conference on Object-Oriented Programming Systems Languages and Applications, 2001Co-Authors: Robert Bruce Findler, Matthias FelleisenAbstract:Checking pre- and post-conditions of procedures and methods at runtime helps improve software reliability. In the procedural world, pre- and post-conditions have a straightforward interpretation. If a procedure's pre-condition doesn't hold, the caller failed to establish the proper context. If a post-condition doesn't hold, the caller failed to establish the proper context. If a post-condition doesn't hold, the procedure failed to compute the expected result. In the object-oriented world, checking pre- and post-conditions for methods, often called contracts in this context, poses complex problems. Because methods may be overridden, it is not sufficient to check only pre- and post-conditions. In addition, the contract hierarchy must be checked to ensure that the contracts on overridden methods are properly related to the contracts on overriding methods. Otherwise, a class hierarchy may violate the substitution principle, that is, it may no longer be true that an instance of a class is substitutable for objects of the super-class. In this paper, we study the problem of contract enforcement in an object-oriented world from a foundational perspective. More specifically, we study contracts as refinements of types. Pushing the analogy further, we state and prove a contract Soundness theorem that captures the essential properties of contract enforcement. We use the theorem to illustrate how most existing tools suffer from a fundamental flaw and how they can be improved.
-
a syntactic approach to type Soundness
Information & Computation, 1994Co-Authors: Andrew K Wright, Matthias FelleisenAbstract:We present a new approach to proving type Soundness for Hindley/Milner-style polymorphic type systems. The keys to our approach are (1) an adaptation of subject reduction theorems from combinatory logic to programming languages, and (2) the use of rewriting techniques for the specification of the language semantics. The approach easily extends from polymorphic functional languages to imperative languages that provide references, exceptions, continuations, and similar features. We illustrate the technique with a type Soundness theorem for the core of Standard ML, which includes the first type Soundness proof for polymorphic exceptions and continuations.
Tiark Rompf - One of the best experts on this subject based on the ideXlab platform.
-
type Soundness proofs with definitional interpreters
Symposium on Principles of Programming Languages, 2017Co-Authors: Nada Amin, Tiark RompfAbstract:While type Soundness proofs are taught in every graduate PL class, the gap between realistic languages and what is accessible to formal proofs is large. In the case of Scala, it has been shown that its formal model, the Dependent Object Types (DOT) calculus, cannot simultaneously support key metatheoretic properties such as environment narrowing and subtyping transitivity, which are usually required for a type Soundness proof. Moreover, Scala and many other realistic languages lack a general substitution property. The first contribution of this paper is to demonstrate how type Soundness proofs for advanced, polymorphic, type systems can be carried out with an operational semantics based on high-level, definitional interpreters, implemented in Coq. We present the first mechanized Soundness proofs in this style for System F and several extensions, including mutable references. Our proofs use only straightforward induction, which is significant, as the combination of big-step semantics, mutable references, and polymorphism is commonly believed to require coinductive proof techniques. The second main contribution of this paper is to show how DOT-like calculi emerge from straightforward generalizations of the operational aspects of F, exposing a rich design space of calculi with path-dependent types inbetween System F and DOT, which we dub the System D Square. By working directly on the target language, definitional interpreters can focus the design space and expose the invariants that actually matter at runtime. Looking at such runtime invariants is an exciting new avenue for type system design.
Wei Liu - One of the best experts on this subject based on the ideXlab platform.
-
Soundness preservation in composed logical time workflow nets
Enterprise Information Systems, 2012Co-Authors: Wei Liu, Chun YanAbstract:An interorganisational logical time workflow net is formed by composing multiple logical time workflow nets via interface data places. However, even though each logical time workflow net is sound, the Soundness of the composed one is indeterminate. This article addresses the issues related to Soundness preservation when logical time workflow nets are composed. First, the reasons that the composed interorganisational logical time workflow net does not preserve Soundness are discussed. Second, because the Soundness is hard to be decided, an important class of interorganisational logical time workflow nets is put forward and the conditions to preserve Soundness are proposed. The results can be used by the designers of cooperative workflows because the method in this article can reduce the analysis complexity based on the static structure of interorganisational logical time workflow nets. Next, an example of the online sale system is given to verify the effectiveness of the proposed method. Furthermore, the l...
Hideki Sakurada - One of the best experts on this subject based on the ideXlab platform.
-
Trust Trust Me (The Additivity)
2017Co-Authors: Ken Mano, Hideki Sakurada, Yasuyuki TsukadaAbstract:We present a mathematical formulation of a trust metric using a quality and quantity pair. Under a certain assumption, we regard trust as an additive value and define the Soundness of a trust computation as not to exceed the total sum. Moreover, we point out the importance of not only Soundness of each computed trust but also the stability of the trust computation procedure against changes in trust value assignment. In this setting, we define trust composition operators. We also propose a trust computation protocol and prove its Soundness and stability using the operators.
-
Computational Soundness of Symbolic Blind Signatures under Active Attacker
Foundations and Practice of Security, 2014Co-Authors: Hideki SakuradaAbstract:Blind signature schemes enable users to obtain signatures on texts without revealing the texts to signers. They are often used to provide anonymity in protocols such as electronic cash and voting protocols. To confirm the security of such a voting scheme, Kremer and Ryan employ a symbolic model for protocols that use blind signatures. However, the Soundness of this model with respect to the computational model in which security of blind signatures is defined is yet to be explored. In this paper, we discuss certain difficulties involved in establishing the computational Soundness of their symbolic model, propose an alternative symbolic model, and show its computational Soundness.
-
FPS - Computational Soundness of Symbolic Blind Signatures under Active Attacker
Foundations and Practice of Security, 2013Co-Authors: Hideki SakuradaAbstract:Blind signature schemes enable users to obtain signatures on texts without revealing the texts to signers. They are often used to provide anonymity in protocols such as electronic cash and voting protocols. To confirm the security of such a voting scheme, Kremer and Ryan employ a symbolic model for protocols that use blind signatures. However, the Soundness of this model with respect to the computational model in which security of blind signatures is defined is yet to be explored. In this paper, we discuss certain difficulties involved in establishing the computational Soundness of their symbolic model, propose an alternative symbolic model, and show its computational Soundness.