Yasunori Ishihara

A translation method from natural language specifications into formal specifications using contextual dependencies

A method of translating natural language specifications of communication protocols into algebraic specifications is presented. Such a natural language specification specifies action sequences performed by the protocol machine (program). Usually, a sentence implicitly specifies the state of the protocol machine in which the described actions should be performed. A method of analyzing the implicitly specified states of the protocol machine is proposed, taking the OSI session protocol specification as an example. The method uses the following properties: (a) syntactic properties of a natural language; (b) syntactic properties introduced by the target algebraic specifications, e.g., subtype relations; and (c) properties of a data type, e.g., properties of timer. The results of applying this method to the main part of the OSI session protocol specification is shown.<<ETX>>

A Tractable Subclass of DTDs for XPath Satisfiability with Sibling Axes

The paper presents a tractable subclass of DTDs, called DC-DTDs, for XPath satisfiability with sibling axes. A DC-DTD is a DTD such that each content model is in the form of a concatenation of single tag names and Kleene-starred regular expressions. DC-DTDs are a proper subclass of covering DTDs proposed by Montazerian et al., and a proper superclass of disjunction-free DTDs. In this paper, it is shown that tractability by covering DTDs is fragile against sibling axes. Then, tractability of XPath satisfiability with sibling axes under DC-DTDs is demonstrated. Finally, as a limitation of the tractability of DC-DTDs, it is shown that upward axes appearing in qualifiers bring intractability under even disjunction-free DTDs.

Extending the tractability results on XPath satisfiability with sibling axes

This paper extends the tractability results on XPath satisfiability with sibling axes under DC-DTDs, which were presented by the authors at DBPL 2009, in the following two directions. First, we provide a condition to extend a class of DTDs without spoiling the tractability of XPath satisfiability, provided that only child, descendant-or-self, parent, ancestor-or-self, following-sibling, and preceding-sibling axes, path union, and qualifier are taken into account. By applying the condition to DC-DTDs, we obtain a strictly broader but still tractable class of DTDs, where operators ? (zero or one occurrence) and + (one or more occurrences) are allowed in regular expressions in a restricted manner. Second, we extend the existing method of analyzing the satisfiability under DC-DTDs to a broader class of XPath expressions. Then, we show that the extended satisfiability analysis can be performed efficiently for a new subclass of XPath expressions.

Authorization Analysis of Queries in Object-Oriented Databases

A simple model for method-based authorization is defined and an algorithm is presented for testing in compile-time whether a given database schema violates authorizations. As an underlying model of method execution, we adopt the model proposed by Hull et al.; a database schema consists of a class hierarchy, attribute declarations and method definitions. A method body is simply a sequence of statements. There are three types of statements: an access to an attribute of the self object, a method invocation, and a built-in operation on basic values. Authorizations are represented as a pair of finite sets: AUTH =〈AUTHm,AUTHs〉, AUTHm={(c1, m1, c′1, m′1), (c2, m2, c′2, m′2),..., (cl, ml, c′l, m′l)}, AUTHs= {(s1, c1, m1), (s2, c2, m2),..., (sn, cn, mn)} where si is a subject (user, process), ci, c′i are classes and mi, m′i are method names. Given a database schema S, a subject s and a set of authorizations AUTH, we say that (S, s) is valid with respect to AUTH, if, whenever a method m invoked by s on an object of a class c is directly invoking a method m′ on an object of a class c′, (s, c′, m′) belongs to AUTHs or (c, m, c′,m′) belongs to AUTHm. In this paper we show that if one of the following conditions holds, then it can be decided in polynomial time whether (S, s) is valid with respect to AUTH. 1. S is a retrieval schema, that is, does not contain any statement which updates an attribute. 2. S is a non-branching update schema, which permits updates in a restricted way, and a database instance is acyclic.

Determinacy and Subsumption for Single-Valued Bottom-Up Tree Transducers

This paper discusses the decidability of determinacy and subsumption for tree transducers. For two tree transducers T 1 and T 2, T 1 determines T 2 if the output of T 2 is identified by the output of T 1, that is, there is a partial function f such that \([\![T_2]\!]=f\circ [\![T_1]\!]\) where \([\![T_1]\!]\) and \([\![T_2]\!]\) are tree transformation relations induced by T 1 and T 2, respectively. Also, T 1 subsumes T 2 if T 1 determines T 2 and the partial function f such that \([\![T_2]\!]=f \circ [\![T_1]\!]\) can be defined by a transducer in a designated class that T 2 belongs to. In this paper, we show that determinacy is decidable for single-valued linear extended bottom-up tree transducers as the determiner class and single-valued bottom-up tree transducers as the determinee class. We also show that subsumption is decidable for these classes.

Owens Luis — A context-aware multi-modal smart office chair in an ambient environment

This paper introduces a smart office chair, Owens Luis, whose pronunciation has a meaning of “an encouraging chair (****)” in Japanese. For most of the people, office environments are the place where they spend the longest time while awake. To improve the quality of life (QoL) in the office, Owens Luis monitors an office workers mental and physiological states such as sleepiness and concentration, and controls the working environment by multi-modal displays including a motion chair, a variable color-temperature LED light and a hypersonic directional speaker.

Schema update operations preserving the expressive power in XML databases

This paper proposes schema update operations preserving the expressive power in XML databases. XML documents are modeled as labeled ordered trees and schemas are modeled as regular tree grammars. Under these models, the notion of embeddability between tree languages is defined. We say that a schema G_2 has more expressive power than G_1 if the tree language generated by G_1 is embeddable in that generated by G-2. Then, four update operations on schemas are introduced. It is shown that the operations are sound with respect to preservation of the expressive power. Moreover, it is shown that the operations are also complete for local tree grammars, which correspond to DTDs.

Security against Inference Attacks on Negative Information in Object-Oriented Databases

Inference attacks mean that a user derives information on the execution results of unauthorized queries from the execution results of authorized queries. Although many studies so far focus on only inference of positive information (i.e., which object is the execution result of a given unauthorized query), negative information (i.e., which object is never the execution result of a given unauthorized query) is also sensitive. In this paper, we define the following two types of security problems against inference attacks on given negative information: (1) Is the information secure under a given database instance? (2) Is it secure under any database instance of a given database schema? It is shown that the first problem is decidable in polynomial time in the description size of the database instance while the second one is undecidable. A decidable sufficient condition for given negative information to be secure under any database instance of a given database schema is also proposed.

Refinements of Complexity Results on Type Consistency for Object-Oriented Databases

The method invocation mechanism is one of the essential features in object-oriented programming languages. This mechanism contributes to data encapsulation and code reuse, but there is a risk of a run-time type error. In the case of object-oriented databases (OODBs), a run-time error causes rollback. Therefore, it is desirable to ensure that a given OODB schema is consistent; i.e., no run-time type error occurs during the execution of queries under any database instance of the OODB schema. This paper discusses the computational complexity of the type-consistency problem. As a model of OODB schemas, we adopt update schemas introduced by R. Hull et al., which have all of the basic features of OODBs such as class hierarchy, inheritance, and complex objects. For several subclasses of update schemas, the complexity of the type-consistency problem is presented. Importantly, it turns out that nonflatness of the class hierarchy, recursion in the queries, and update operations in the queries each make the problem difficult.

The Security Problem against Inference Attacks on Object-Oriented Databases

Inference attacks mean that a user infers (or tries to infer) the result of an unau-thorized method execution using only authorized methods to the user. We say that a method m is secure against inference attacks by a user u if there exists no database instance for which u can infer the result of m. It is important for database administrators to know which methods are secure and which ones are not. When an administrator finds that a method which retrieves top secret information is not secure against inference attacks by u, then the administrator can prevent u from attacking the method by changing the authorization for u. This paper formalizes the security problem (i.e., to determine whether given method is secure or not) for method schemas, and presents the following results. First, it is shown that the security problem is undecidable. Next, a decidable sufficient condition for a given method to be secure is proposed. Furthermore, it is shown that the sufficient condition is also a necessary one if a given schema is monadic (i.e., every method has exactly one parameter). The time complexity to decide the condition is also evaluated. For a monadic schema, the condition is decidable (and therefore, the security problem is solvable) in polynomial time of the size of the schema.