We add an operation of group creation to the typed πcalculus, where a group is a type for channels. Creation of fresh groups has the effect of statically preventing certain communications, and can block the accidental or malicious leakage of secrets. Intuitively, no channel belonging to a fresh group can be received by processes outside the initial scope of the group, even if those processes ar...

A second-level security protocol is defined as a security protocol that relies on an underlying security protocol in order to achieve its goals. The verification of classical authentication protocols has become routine, but second-level protocols raise new challenges. These include the formalisation of appeals to the underlying protocols, the modification of the threat model, and the formalisat...

Security risk assessments are costly and time consuming and cannot be carried out from scratch each time a component is being reused in a new setting. This calls for a component-oriented approach tightly integrating security assessment in the system development and maintenance process. Such an approach requires a strategy for inferring useful information about the security of a composite compon...

By adding a new technique and a simple proof strategy to Abadi & Lamport's 1988 method 1] for proving reenement between spec-iications of distributed programs correct, the inherent limitation of their method, occurring when the abstract level of speciication features so-called innnite invisible nondeterminism or internal discontinuity, can be sometimes overcome. This technique is applied to the...

INRIA Sophia-Antipolis Abstract. We describe a model of concurrent objects based on the blue calculus ( ?), a typed variant of the asynchronous -calculus in which the notion of function is directly embedded. We propose a definition for a simple concurrent object-based calculus and show how objects can be translated in ?. We also present the type system for objects derived from our definition an...

An interpretation of Abadi and Cardelli’s first-order Imperative Object Calculus into a typed π-calculus is presented. The interpretation validates the subtyping relation and the typing judgements of the Object Calculus, and is computationally adequate. The proof of computational adequacy makes use of (a π-calculus version) of ready simulation, and of a factorisation of the interpretation into ...

We propose an interpretation of a typed concurrent calculus of objects (conc&) based on the model of Abadi and Cardelli's imperative object calculus. The target of our interpretation is a version of the blue calculus, a variant of the-calculus that directly contains the-calculus, with record and rst-order types. We show that reduction and type judgements can be derived in a rather simple and na...

We present a Theory of Objects based on the original functional ςcalculus by Abadi and Cardelli [1] but with an additional parameter to methods. We prove confluence of the operational semantics following the outline of Nipkow’s proof of confluence for the λ-calculus reusing his general Commutation.thy [4] a generic diamond lemma reduction. We furthermore formalize a simple type system for our ς...