A Klaim specification of the Handover protocol: logic-based and type-based analysis Michele Loreti and Daniele Gorla Dipartimento di Sistemi e Informatica.

Slides:



Advertisements
Similar presentations
DISTRIBUTED COMPUTING PARADIGMS
Advertisements

Agent agent Outline of Presentation Introduction: Inter-Agent Message Passing ARP: Design and Analysis Generalization: A Generic Framework Conclusion.
An infrastructure language for Open Nets Michele Loreti Joint work with: Lorenzo Bettini and Rosario Pugliese Dipartimento di Sistemi e Informatica Università.
FIPA Interaction Protocol. Request Interaction Protocol Summary –Request Interaction Protocol allows one agent to request another to perform some action.
Behavioral Modeling: State Diagrams CIS 4800 Kannan Mohan Department of CIS Zicklin School of Business, Baruch College Copyright © 2009 John Wiley & Sons,
Programming Paradigms and languages
DISTRIBUTED SYSTEMS II FAULT-TOLERANT BROADCAST Prof Philippas Tsigas Distributed Computing and Systems Research Group.
BASIC BUILDING BLOCKS -Harit Desai. Byzantine Generals Problem If a computer fails, –it behaves in a well defined manner A component always shows a zero.
Report on Common Intrusion Detection Framework By Ganesh Godavari.
Concurrency Control Part 2 R&G - Chapter 17 The sequel was far better than the original! -- Nobody.
ZEIT2301 Design of Information Systems Behavioural Design: State Machines School of Engineering and Information Technology Dr Kathryn Merrick.
/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.
Dynamically Evolving Klaim Nets Lorenzo Bettini Joint work with Michele Loreti, Rosario Pugliese Dipartimento di Sistemi ed Informatica,
CPSC 668Set 14: Simulations1 CPSC 668 Distributed Algorithms and Systems Spring 2008 Prof. Jennifer Welch.
OASIS Reference Model for Service Oriented Architecture 1.0
Adding Organizations and Roles as Primitives to the JADE Framework NORMAS’08 Normative Multi Agent Systems, Matteo Baldoni 1, Valerio Genovese 1, Roberto.
Context-based Information Sharing and Authorization in Mobile Ad Hoc Networks Incorporating QoS Constraints Sanjay Madria, Missouri University of Science.
CS 290C: Formal Models for Web Software Lecture 10: Language Based Modeling and Analysis of Navigation Errors Instructor: Tevfik Bultan.
1 Formal Models for Distributed Negotiations Description Roberto Bruni Dipartimento di Informatica Università di Pisa XVII Escuela de Ciencias Informaticas.
1 Ugo Montanari Dipartimento di Informatica Università di Pisa Roberto Bruni, GianLuigi Ferrari, Hernan Melgratti, Emilio Tuosto (Pisa) Cosimo Laneve (Bologna)
Formalizing an Adaptive Security Infrastructure in Mob adtl Laura Semini & Carlo Montangero dip. Informatica, Pisa Outline Mob adtl instance ASI Mob adtl.
1 Ivan Lanese Computer Science Department University of Bologna Italy Concurrent and located synchronizations in π-calculus.
Collaborative Reinforcement Learning Presented by Dr. Ying Lu.
Decentralized Information Spaces for Composition and Unification of Services (DISCUS)  Successor to OzWeb  Builds on WebServices  (Relatively) Static.
Configuration Management
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
(C) 2010 Pearson Education, Inc. All rights reserved. Java™ How to Program, 8/e.
An Introduction to Software Architecture
Mobile Agent Technology for the Management of Distributed Systems - a Case Study Claudia Raibulet& Claudio Demartini Politecnico di Torino, Dipartimento.
2-Oct-15 Bojan Orlic, TU/e Informatica, System Architecture and Networking 12-Oct-151 Homework assignment 1 feedback Bojan Orlic Architecture.
Oct Multi-threaded Active Objects Ludovic Henrio, Fabrice Huet, Zsolt Istvàn June 2013 –
RELATIONAL FAULT TOLERANT INTERFACE TO HETEROGENEOUS DISTRIBUTED DATABASES Prof. Osama Abulnaja Afraa Khalifah
PERVASIVE COMPUTING MIDDLEWARE BY SCHIELE, HANDTE, AND BECKER A Presentation by Nancy Shah.
(Business) Process Centric Exchanges
New features for CORBA 3.0 by Steve Vinoski Presented by Ajay Tandon.
Ivan Lanese Computer Science Department University of Bologna/INRIA Italy Causal-Consistent Reversibility in a Tuple-Based Language Joint work with Elena.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
A Logic of Belief and a Model Checking Algorithm for Security Protocols joint work with Massimo Benerecetti Fausto Giunchiglia University of Trento
Contracts for Concurrency - Contracts & Inheritance Aryabrata Basu University of Georgia.
SPEECH AND WRITING. Spoken language and speech communication In a normal speech communication a speaker tries to influence on a listener by making him:
UML diagrams What is UML UML diagrams –Static modeoing –Dynamic modeling 1.
Dipartimento di Informatica Università di Pisa Alberto Baragatti, Roberto Bruni, Hernán Melgratti, Ugo Montanari and Giorgio Spagnolo Prototype Platforms.
Secure Systems Research Group - FAU SW Development methodology using patterns and model checking 8/13/2009 Maha B Abbey PhD Candidate.
Correctness Proofs and Counter-model Generation with Authentication-Protocol Logic Koji Hasebe Mitsuhiro Okada Department of Philosophy, Keio University.
Internet Security CSCE 813 Communicating Sequential Processes.
The world of autonomous reconfigurable systems Intelligent Interactive Distributed Systems Group Vrije Universiteit Amsterdam /
Distribution and components. 2 What is the problem? Enterprise computing is Large scale & complex: It supports large scale and complex organisations Spanning.
Agenda Fail Stop Processors –Problem Definition –Implementation with reliable stable storage –Implementation without reliable stable storage Failure Detection.
Logical view –show classes and objects Process view –models the executables Implementation view –Files, configuration and versions Deployment view –Physical.
Demeter Aspects We study techniques for the emerging area of Aspect-Oriented Software Development and focus on the following areas:  Aspectual Collaborations.
 Copyright 2005 Digital Enterprise Research Institute. All rights reserved. Enabling Components Management and Dynamic Execution Semantic.
Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.
SelfCon Foil no 1 Variability in Self-Adaptive Systems.
Apostolos Niaouris Newcastle University Industry Day Mobility Plug-in.
Lecture 4 Mechanisms & Kernel for NOSs. Mechanisms for Network Operating Systems  Network operating systems provide three basic mechanisms that support.
1 Assertions. 2 A boolean expression or predicate that evaluates to true or false in every state In a program they express constraints on the state that.
Efficient Resource Allocation for Wireless Multicast De-Nian Yang, Member, IEEE Ming-Syan Chen, Fellow, IEEE IEEE Transactions on Mobile Computing, April.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Software Systems Verification and Validation Laboratory Assignment 4 Model checking Assignment date: Lab 4 Delivery date: Lab 4, 5.
Concurrent Object-Oriented Programming Languages Chris Tomlinson Mark Scheevel.
M1G Introduction to Programming 2 2. Creating Classes: Game and Player.
Francesco Tiezzi IMT Advanced Studies Lucca Causal-Consistent Reversibility in a Tuple-Based Distributed Language Joint work with Elena Giachino, Ivan.
ALLOY: A Formal Methods Tool Glenn Gordon Indiana University of Pennsylvania COSC 481- Formal Methods Dr. W. Oblitey 26 April 2005.
Chapter 2 1. Chapter Summary Sets (This Slide) The Language of Sets - Sec 2.1 – Lecture 8 Set Operations and Set Identities - Sec 2.2 – Lecture 9 Functions.
Model Checking Early Requirements Specifications in Tropos Presented by Chin-Yi Tsai.
Context-Aware Middleware for Resource Management in the Wireless Internet US Lab 신현정.
Software Connectors.
Distribution and components
CSCE 668 DISTRIBUTED ALGORITHMS AND SYSTEMS
Internet of Things A Process Calculus Approach
Presentation transcript:

A Klaim specification of the Handover protocol: logic-based and type-based analysis Michele Loreti and Daniele Gorla Dipartimento di Sistemi e Informatica University of Firenze

KlaimKLA IM Klaim: Kernel Language for Agent Interaction and Mobility Linda based communication model: Asynchronous communication; Via tuple space. Explicit use of localities: Multiple distributed tuple spaces. Possibility of code mobility.

Linda Communication Model Tuples (“foo”, 10+5, !x) Formal Fields Actual Fields Pattern Matching: Formal fields match any field of the same type Actual fields match if identical (“foo”, 10+5, true) matches (!s, 15, !b)

Klaim Nodes Name (Locality) Tuple Space Processes s1s1 P TS

Handover Protocol MSC BS1 rc BS2 rc MS

The Klaim Implementation

Processes...

Interesting Properties Every sent message is delivered; No message is delivered when an Handover is occurring; Messages are sent throw the correct Base Station.

Features of the Klaim Logic Is a variant of HML (with recursion) Modal operators   and [ ] are indexed with predicates that: Describe the actual use of resources; Express spatial properties; State formulae for describing resources distribution

Formulae: Every sent message is delivered: No message is delivered when an Handover is occurring:

Context specification Core part of the system is specified in Klaim; Context is specified with an ad-hoc formalism: n[N]

Nets and Contexts A net N approximates a context n, w.r.t N 1, if N does not perform more accesses to N 1 than n. A net N agrees a context n w.r.t. N 1, if N behaves like n w.r.t. N 1. approximation and agreement are formally defined in term of a behavioural equivalence (a preorder) between Klaim net.

Contexts and Properties (informal) If  specify properties about nodes that belong to N 1, then: If N approximates n w.r.t. N 1, and (n)[N 1 ] satisfies   then N 1 ||N satisfies   (where  is positive) If N agrees n w.r.t. N 1, then n [N 1 ] satisfies  iff N 1 ||N satisfies 

Type system for Klaim

Types for Resource Access Control We control via types the possible operation, i.e. i,r,o,e,n (capabilities)  is formed by the non-- empty subsets of capabilities A node is s ::  P, where  is the security policy of the node (i.e. what P can perform once executed in s) Formally, For example : Well--typedness ) no illegal operations at run-time.

We want the possibility of a dynamic reconfiguration of policies But capabilities cannot be forged, i.e. processes/nodes cannot autonomously create rights not owned Solution: access rights can be passed through the net via communication We require that who passes the capability must own it (statically or dynamically) Dynamic Acquisition of Rights

Example of Dynamic Acquisition

If rights are wastable resources, once a capability has been used/passed its owner looses it Dynamic Consumption of Rights

If rights are wastable resources, once a capability has been used/passed its owner looses it Dynamic Consumption of Rights

In a dynamic setting, the use of capability sets in types is not appropriate (we have to count). Hence we use multisets Formally:

Process Rights Up to now, nodes acquire/loose rights We allow single processes to acquire/loose rights we tag processes with the rights owned if a process acquires rights, the tag is increased if a process uses rights, the tag is decreased

Example of Process Rights

Variations on Dynamic Reconfiguration We can choose various models for acquisition/consumption: Nodes have dynamic policies, while process have no rights Processes have dynamic policies, while nodes just static ones Both nodes and processes have dynamic policies The second solution is a good compromise between efficiency and flexibility.

The Handover Revisited During an handover the user should not stop its activity (i.e. the handover must be transparent for a user) In particular, the credit of an user must be mantained and the information on it must be properly passed during the handover This scenario is well realized via our type theory

The Handover Revisited (2) Assumptions: the information on the credit of a user is held by the Base Station associate to that user it is slotted in credit units and is represented by the messages the BS can take from the MS and pass to the MSC

Revised code...

The system...

Policies...

Case Study: The Active Base Station

Final remarks... Two different approaches to mobile and distributed languages; Presented example can be extended to be a real application; Detailed papers are available at:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.