Maria Grazia Buscemi

CC-Pi: a constraint-based language for specifying service level agreements

Service Level Agreements are a key issue in Service Oriented Computing. SLA contracts specify client requirements and service guarantees, with emphasis on Quality of Service (cost, performance, availability, etc.). In this work we propose a simple model of contracts for QoS and SLAs that also allows to study mechanisms for resource allocation and for joining different SLA requirements. Our language combines two basic programming paradigms: name-passing calculi and concurrent constraint programming (cc programming). Specifically, we extend cc programming by adding synchronous communication and by providing a treatment of names in terms of restriction and structural axioms closer to nominal calculi than to variables with existential quantification. In the resulting framework, SLA requirements are constraints that can be generated either by a single party or by the synchronisation of two agents. Moreover, restricting the scope of names allows for local stores of constraints, which may become global as a consequence of synchronisations. Our approach relies on a system of named constraints that equip classical constraints with a suitable algebraic structure providing a richer mechanism of constraint combination. We give reduction-preserving translations of both cc programming and the calculus of explicit fusions.

A Framework for the Analysis of Security Protocols

Properties of security protocols such as authentication and secrecy are often verified by explictly generating an operational model of the protocol and then seeking for insecure states. However, message exchange between the intruder and the honest participants induces a form of state explosion that makes the model infinite in principle. Building on previous work on symbolic semantics, we propose a general framework for automatic analysis of security protocols that make use of a variety of crypto-functions. We start from a base language akin to the spi-calculus, equipped with a set of generic cryptographic primitives. We propose a symbolic operational semantics that relies on unification and provides finite and effective protocol models. Next, we give a method to carry out trace analysis directly on the symbolic model. Under certain conditions on the given cryptographic primitives, our method is proven complete for the considered class of properties.

High-Level Petri Nets as Type Theories in the Join Calculus

We study the expressiveness of the join calculus by comparison with (generalised, coloured) Petri nets and using tools from type theory. More precisely, we consider four classes of nets of increasing expressiveness, Πi, introduce a hierarchy of type systems of decreasing strictness, Δi, i = 0, ..., 3, and we prove that a join process is typeable according to Δi if and only if it is (strictly equivalent to) a net of class Πi. In the details, Π0 and Π1 contain, resp., usual place/transition and coloured Petri nets, while Π2 and Π3 propose two natural notions of high-level net accounting for dynamic reconfiguration and process creation and called reconfigurable and dynamic Petri nets, respectively.

Experimenting with STA, a tool for automatic analysis of security protocols

We present STA (Symbolic Trace Analyzer), a tool for the analysis of security protocols. STA relies on symbolic techniques that avoid explicit construction of the whole, possibly infinite, state-space of protocols. This results in accurate protocol modeling, increased efficiency and more direct formalization, when compared to finite-state techniques. We illustrate the use of STA by analyzing the well-known asymmetric Needham Schroeder protocol. We discuss the results of this analysis, and contrast them with previous work based on finite-state model checking.

D-Fusion: A Distinctive Fusion Calculus

We study the relative expressive power of Fusion and pi-calculus. Fusion is commonly regarded as a generalisation of pi-calculus. Actually, we prove that there is no uniform fully abstract embedding of pi-calculus into Fusion. This fact motivates the introduction of a new calculus, D-Fusion, with two binders, λ and ν. We show that D-Fusion is strictly more expressive than both pi-calculus and Fusion. The expressiveness gap is further clarified by the existence of a fully abstract encoding of mixed guarded choice into the choice-free fragment of D-Fusion.

A method for symbolic analysis of security protocols

In security protocols, message exchange between the intruder and honest participants induces a form of state explosion which makes protocol models infinite. We propose a general method for automatic analysis of security protocols based on the notion of frame, essentially a rewrite system plus a set of distinguished terms called messages. Frames are intended to model generic crypto-systems. Based on frames, we introduce a process language akin to Abadi and Fournets applied pi. For this language, we define a symbolic operational semantics that relies on unification and provides finite and effective protocol models. Next, we give a method to carry out trace analysis directly on the symbolic model. We spell out a regularity condition on the underlying frame, which guarantees completeness of our method for the considered class of properties, including secrecy and various forms of authentication. We show how to instantiate our method to some of the most common crypto-systems, including shared-and public-key encryption, hashing and Diffie-Hellman key exchange.

QoS negotiation in service composition

Service composition in Service Oriented Computing concerns not only integration of heterogeneous distributed applications but also dynamic selection of services. Quality of Service (QoS) plays a key role in service composition as services providing the same functionalities can be differentiated according to their QoS guarantees. At subscription time, a service requester and a provider may sign a contract recording the QoS of the supplied service. The cc-pi calculus has been introduced as a constraint-based model of QoS contracts. In this work we propose a variant of the cc-pi calculus in which the alternatives in a choice rather than being selected non-deterministically have a dynamic priority. Basically, a guard cj:πj in a choice is enabled if the constraint cj is entailed by the store of constraints and the prefix πj can be consumed. Moreover, the j-th branch can be selected not only if the corresponding guard cj:πj is enabled but also if cj is weaker than the constraints ci of the other enabled alternatives. We prove that our choice operator is more general than a choice operator with static priority. Finally, we exploit some examples to show that our prioritised calculus allows arbitrarily complex QoS negotiations and that a static form of priority is strictly less expressive than ours.

Symbolic Analysis of Crypto-Protocols Based on Modular Exponentiation

Automatic methods developed so far for analysis of security protocols only model a limited set of cryptographic primitives (often, only encryption and concatenation) and abstract from low-level features of cryptographic algorithms. This paper is an attempt towards closing this gap. We propose a symbolic technique and a decision method for analysis of protocols based on modular exponentiation, such as Diffie-Hellman key exchange. We introduce a protocol description language along with its semantics. Then, we propose a notion of symbolic execution and, based on it, a verification method. We prove that the method is sound and complete with respect to the language semantics.

Constraint-Based Policy Negotiation and Enforcement for Telco Services

Telco services are evolving under several aspects: for instance, services may combine different telecommunication features (messaging, multi-media, etc.) and may be activated and controlled by applications deployed in a 3rd party domain. Telco infrastructures are following this trend by adopting service oriented architecture solutions, e.g. for composing services and for introducing uniform interaction models among services. In a SOA-based system, capabilities, requirements and general features of services can be expressed in terms of policies. Such policies are negotiated in order to define a service level agreement among the involved parties. In this paper we show how to specify, negotiate, and enforce policies for Telco services by using a constraint-based model, the cc-pi calculus. This language extends concurrent constraint programming with synchronous communication and local names, and with the notion of soft constraints, that generalise classical constraints to represent preference levels. In cc-pi calculus, policies are expressed as soft constraints and the parties involved in the negotiation as communicating processes. The model allows to specify complex scenarios in which policy negotiations and validations can be arbitrarily nested.

A First Order Coalgebraic Model of pi-Calculus Early Observational Equivalence

In this paper, we propose a compositional coalgebraic semantics of the ?-calculus based on a novel approach for lifting calculi with structural axioms to coalgebraic models. We equip the transition system of the calculus with permutations, parallel composition and restriction operations, thus obtaining a bialgebra. No prefix operation is introduced, relying instead on a clause format defining the transitions of recursively defined processes. The unique morphism to the final bialgebra induces a bisimilarity relation which coincides with observational equivalence and which is a congruence with respect to the operations. The permutation algebra is enriched with a name extrusion operator ? a la De Brujin, that shifts any name to the successor and generates a new name in the first variable x0. As a consequence, in the axioms and in the SOS rules there is no need to refer to the support, i.e., the set of significant names, and, thus, the model turns out to be first order.