Dynamic typing in a statically typed language
ACM Transactions on Programming Languages and Systems (TOPLAS)
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Trust and partial typing in open systems of mobile agents
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A calculus for cryptographic protocols
Information and Computation
Secrecy by typing in security protocols
Journal of the ACM (JACM)
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Asynchronous process calculi: the first-and higher-order paradigms
Theoretical Computer Science - Special issues on models and paradigms for concurrency
Java Virtual Machine Specification
Java Virtual Machine Specification
PI-Calculus: A Theory of Mobile Processes
PI-Calculus: A Theory of Mobile Processes
PTCS '01 Proceedings of the International Seminar on Proof Theory in Computer Science
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
Proceedings of the 11th ACM conference on Computer and communications security
Secrecy despite compromise: types, cryptography, and the pi-calculus
CONCUR 2005 - Concurrency Theory
A Type Discipline for Authorization in Distributed Systems
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
The Intensional Lambda Calculus
LFCS '07 Proceedings of the international symposium on Logical Foundations of Computer Science
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
The Higher-Order, Call-by-Value Applied Pi-Calculus
APLAS '09 Proceedings of the 7th Asian Symposium on Programming Languages and Systems
Access control based on code identity for open distributed systems
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
A type discipline for authorization policies
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
| Hi-index | 0.00 |
Static analyses allow dangerous code to be rejected before it runs. The distinct security concerns of code providers and end users necessitate that analysis be performed, or at least confirmed, during deployment rather than development; examples of this approach include bytecode verification and proof-carrying code. The situation is more complex in multi-party distributed systems, in which the multiple web services deploying code may have their own competing interests. Applying static analysis techniques to such systems requires the ability to identify the codebase running at a remote location and to dynamically determine the static properties of a codebase associated with an identity. In this paper, we provide formal foundations for these requirements. Rather than craft special-purpose combinators to address these specific concerns, we define a reflective, higher-order applied pi calculus and apply it. We treat process abstractions as serialized program files, and thus permit the direct observation of process syntax. This leads to a semantics quite different from that of higher-order pi or applied pi.