Michele Boreale

SCC: a service centered calculus

We seek for a small set of primitives that might serve as a basis for formalising and programming service oriented applications over global computers. As an outcome of this study we introduce here SCC, a process calculus that features explicit notions of service definition, service invocation and session handling. Our proposal has been influenced by Orc, a programming model for structured orchestration of services, but the SCCs session handling mechanism allows for the definition of structured interaction protocols, more complex than the basic request-response provided by Orc. We present syntax and operational semantics of SCC and a number of simple but nontrivial programming examples that demonstrate flexibility of the chosen set of primitives. A few encodings are also provided to relate our proposal with existing ones.

Symbolic Trace Analysis of Cryptographic Protocols

A cryptographic protocol can be described as a system of concurrent processes, and analysis of the traces generated by this system can be used to verify authentication and secrecy properties of the protocol. However, this approach suffers from a state-explosion problem that causes the set of states and traces to be typically infinite or very large. In this paper, starting from a process language inspired by the spi-calculus, we propose a symbolic operational semantics that relies on unification and leads to compact models of protocols. We prove that the symbolic and the conventional semantics are in full agreement, and then give a method by which trace analysis can be carried out directly on the symbolic model. The method is proven to be complete for the considered class of properties and is amenable to automatic checking.

Proof Techniques for Cryptographic Processes

Contextual equivalences for cryptographic process calculi, like the spi-calculus, can be used to reason about correctness of protocols, but their definition suffers from quantification over all possible contexts. Here, we focus on two such equivalences, namely may-testing and barbed equivalence, and investigate tractable proof methods for them. To this aim, we design an enriched labelled transition system, where transitions are constrained by the knowledge the environment has of names and keys. The new transition system is then used to define a trace equivalence and a weak bisimulation equivalence that avoid quantification over contexts. Our main results are soundness and completeness of trace and weak bisimulation equivalence with respect to may-testing and barbed equivalence, respectively. They lead to more direct proof methods for equivalence checking. The use of these methods is illustrated with a few examples concerning implementation of secure channels and verification of protocol correctness.

Testing Equivalence for Mobile Processes

The impact of applying the testing approach to a calculus of processes with dynamic communication topology is investigated. A proof system is introduced that consists of two groups of laws: those for strong observational equivalence and those needed to deal with invisible actions. Soundness and completeness of this proof system w.r.t. a testing preorder are shown. A fully abstract denotational model for the language is presented that takes advantage of reductions of processes to normal forms.

On the expressiveness of internal mobility in name-passing calculi

We consider the language πI, a name-passing calculus introduced by Sangiorgi, where only private names can be exchanged among processes (internal mobility). The calculus πI has simple mathematical theory, very close to that of CCS. We provide an encoding from (an asynchronous variant of) the π-calculus to πI, which is fully abstract on the reduction relations of the two calculi. The result shows that, in name-passing calculi, internal mobility is the essential ingredient as far as expressiveness is concerned.

A Symbolic Semantics for the π-Calculus

We use symbolic transition systems as a basis for providing the?-calculus with an alternative semantics. The latter is more amenable to automatic manipulation and sheds light on the logical differences among different forms of bisimulation over algebras of name-passing processes. Symbolic transitions have the formformula], where?is a boolean combination of equalities on names that has to hold for the transition to take place, and?is standard a?-calculus action. On top of the symbolic transition system, a symbolic bisimulation is defined that captures the standard ones. Finally, a sound and complete proof system is introduced for symbolic bisimulation.

A fully abstract semantics for causality in the

Abstract. We examine the meaning of causality in calculi for mobile processes like the

\pi

\pi

-calculus

-calculus, and we investigate the relationship between interleaving and causal semantics for such calculi. We separate two forms of causal dependencies on actions of

Trace and testing equivalence on asynchronous processes

\pi