Download or read book Extending a dynamic programming language and runtime environment with access control written by Tessenow, Philipp and published by Universitätsverlag Potsdam. This book was released on 2016-11-09 with total page 90 pages. Available in PDF, EPUB and Kindle. Book excerpt: Complexity in software systems is a major factor driving development and maintenance costs. To master this complexity, software is divided into modules that can be developed and tested separately. In order to support this separation of modules, each module should provide a clean and concise public interface. Therefore, the ability to selectively hide functionality using access control is an important feature in a programming language intended for complex software systems. Software systems are increasingly distributed, adding not only to their inherent complexity, but also presenting security challenges. The object-capability approach addresses these challenges by defining language properties providing only minimal capabilities to objects. One programming language that is based on the object-capability approach is Newspeak, a dynamic programming language designed for modularity and security. The Newspeak specification describes access control as one of Newspeak’s properties, because it is a requirement for the object-capability approach. However, access control, as defined in the Newspeak specification, is currently not enforced in its implementation. This work introduces an access control implementation for Newspeak, enabling the security of object-capabilities and enhancing modularity. We describe our implementation of access control for Newspeak. We adapted the runtime environment, the reflective system, the compiler toolchain, and the virtual machine. Finally, we describe a migration strategy for the existing Newspeak code base, so that our access control implementation can be integrated with minimal effort.
Download or read book k Inductive invariant checking for graph transformation systems written by Dyck, Johannes and published by Universitätsverlag Potsdam. This book was released on 2017-09-15 with total page 52 pages. Available in PDF, EPUB and Kindle. Book excerpt: While offering significant expressive power, graph transformation systems often come with rather limited capabilities for automated analysis, particularly if systems with many possible initial graphs and large or infinite state spaces are concerned. One approach that tries to overcome these limitations is inductive invariant checking. However, the verification of inductive invariants often requires extensive knowledge about the system in question and faces the approach-inherent challenges of locality and lack of context. To address that, this report discusses k-inductive invariant checking for graph transformation systems as a generalization of inductive invariants. The additional context acquired by taking multiple (k) steps into account is the key difference to inductive invariant checking and is often enough to establish the desired invariants without requiring the iterative development of additional properties. To analyze possibly infinite systems in a finite fashion, we introduce a symbolic encoding for transformation traces using a restricted form of nested application conditions. As its central contribution, this report then presents a formal approach and algorithm to verify graph constraints as k-inductive invariants. We prove the approach's correctness and demonstrate its applicability by means of several examples evaluated with a prototypical implementation of our algorithm.
Download or read book 13th National Computer Security Conference written by and published by . This book was released on 1990 with total page 400 pages. Available in PDF, EPUB and Kindle. Book excerpt:
Download or read book Transmorphic written by Schreiber, Robin and published by Universitätsverlag Potsdam. This book was released on 2017-03-03 with total page 106 pages. Available in PDF, EPUB and Kindle. Book excerpt: Defining Graphical User Interfaces (GUIs) through functional abstractions can reduce the complexity that arises from mutable abstractions. Recent examples, such as Facebook's React GUI framework have shown, how modelling the view as a functional projection from the application state to a visual representation can reduce the number of interacting objects and thus help to improve the reliabiliy of the system. This however comes at the price of a more rigid, functional framework where programmers are forced to express visual entities with functional abstractions, detached from the way one intuitively thinks about the physical world. In contrast to that, the GUI Framework Morphic allows interactions in the graphical domain, such as grabbing, dragging or resizing of elements to evolve an application at runtime, providing liveness and directness in the development workflow. Modelling each visual entity through mutable abstractions however makes it difficult to ensure correctness when GUIs start to grow more complex. Furthermore, by evolving morphs at runtime through direct manipulation we diverge more and more from the symbolic description that corresponds to the morph. Given that both of these approaches have their merits and problems, is there a way to combine them in a meaningful way that preserves their respective benefits? As a solution for this problem, we propose to lift Morphic's concept of direct manipulation from the mutation of state to the transformation of source code. In particular, we will explore the design, implementation and integration of a bidirectional mapping between the graphical representation and a functional and declarative symbolic description of a graphical user interface within a self hosted development environment. We will present Transmorphic, a functional take on the Morphic GUI Framework, where the visual and structural properties of morphs are defined in a purely functional, declarative fashion. In Transmorphic, the developer is able to assemble different morphs at runtime through direct manipulation which is automatically translated into changes in the code of the application. In this way, the comprehensiveness and predictability of direct manipulation can be used in the context of a purely functional GUI, while the effects of the manipulation are reflected in a medium that is always in reach for the programmer and can even be used to incorporate the source transformations into the source files of the application.
Download or read book Improving hosted continuous integration services written by Weyand, Christopher and published by Universitätsverlag Potsdam. This book was released on 2017-02-17 with total page 128 pages. Available in PDF, EPUB and Kindle. Book excerpt: Developing large software projects is a complicated task and can be demanding for developers. Continuous integration is common practice for reducing complexity. By integrating and testing changes often, changesets are kept small and therefore easily comprehensible. Travis CI is a service that offers continuous integration and continuous deployment in the cloud. Software projects are build, tested, and deployed using the Travis CI infrastructure without interrupting the development process. This report describes how Travis CI works, presents how time-driven, periodic building is implemented as well as how CI data visualization can be done, and proposes a way of dealing with dependency problems.
Download or read book Proceedings of the 10th Ph D Retreat of the HPI Research School on Service oriented Systems Engineering written by Meinel, Christoph and published by Universitätsverlag Potsdam. This book was released on 2018-01-17 with total page 268 pages. Available in PDF, EPUB and Kindle. Book excerpt: Design and Implementation of service-oriented architectures imposes a huge number of research questions from the fields of software engineering, system analysis and modeling, adaptability, and application integration. Component orientation and web services are two approaches for design and realization of complex web-based system. Both approaches allow for dynamic application adaptation as well as integration of enterprise application. Commonly used technologies, such as J2EE and .NET, form de facto standards for the realization of complex distributed systems. Evolution of component systems has lead to web services and service-based architectures. This has been manifested in a multitude of industry standards and initiatives such as XML, WSDL UDDI, SOAP, etc. All these achievements lead to a new and promising paradigm in IT systems engineering which proposes to design complex software solutions as collaboration of contractually defined software services. Service-Oriented Systems Engineering represents a symbiosis of best practices in object-orientation, component-based development, distributed computing, and business process management. It provides integration of business and IT concerns. The annual Ph.D. Retreat of the Research School provides each member the opportunity to present his/her current state of their research and to give an outline of a prospective Ph.D. thesis. Due to the interdisciplinary structure of the research school, this technical report covers a wide range of topics. These include but are not limited to: Human Computer Interaction and Computer Vision as Service; Service-oriented Geovisualization Systems; Algorithm Engineering for Service-oriented Systems; Modeling and Verification of Self-adaptive Service-oriented Systems; Tools and Methods for Software Engineering in Service-oriented Systems; Security Engineering of Service-based IT Systems; Service-oriented Information Systems; Evolutionary Transition of Enterprise Applications to Service Orientation; Operating System Abstractions for Service-oriented Computing; and Services Specification, Composition, and Enactment.
Download or read book Probalistic Timed Graph Transformation Systems written by Maximove, Maria and published by Universitätsverlag Potsdam. This book was released on 2017-11-30 with total page 40 pages. Available in PDF, EPUB and Kindle. Book excerpt: Today, software has become an intrinsic part of complex distributed embedded real-time systems. The next generation of embedded real-time systems will interconnect the today unconnected systems via complex software parts and the service-oriented paradigm. Therefore besides timed behavior and probabilistic behaviour also structure dynamics, where the architecture can be subject to changes at run-time, e.g. when dynamic binding of service end-points is employed or complex collaborations are established dynamically, is required. However, a modeling and analysis approach that combines all these necessary aspects does not exist so far. To fill the identified gap, we propose Probabilistic Timed Graph Transformation Systems (PTGTSs) as a high-level description language that supports all the necessary aspects of structure dynamics, timed behavior, and probabilistic behavior. We introduce the formal model of PTGTSs in this paper and present a mapping of models with finite state spaces to probabilistic timed automata (PTA) that allows to use the PRISM model checker to analyze PTGTS models with respect to PTCTL properties.
Download or read book Proceedings of the Fourth HPI Cloud Symposium Operating the Cloud 2016 written by Klauck, Stefan and published by Universitätsverlag Potsdam. This book was released on 2017-09-15 with total page 46 pages. Available in PDF, EPUB and Kindle. Book excerpt: Every year, the Hasso Plattner Institute (HPI) invites guests from industry and academia to a collaborative scientific workshop on the topic Every year, the Hasso Plattner Institute (HPI) invites guests from industry and academia to a collaborative scientific workshop on the topic "Operating the Cloud". Our goal is to provide a forum for the exchange of knowledge and experience between industry and academia. Co-located with the event is the HPI's Future SOC Lab day, which offers an additional attractive and conducive environment for scientific and industry related discussions. "Operating the Cloud" aims to be a platform for productive interactions of innovative ideas, visions, and upcoming technologies in the field of cloud operation and administration. On the occasion of this symposium we called for submissions of research papers and practitioner's reports. A compilation of the research papers realized during the fourth HPI cloud symposium "Operating the Cloud" 2016 are published in this proceedings. We thank the authors for exciting presentations and insights into their current work and research. Moreover, we look forward to more interesting submissions for the upcoming symposium later in the year. Every year, the Hasso Plattner Institute (HPI) invites guests from industry and academia to a collaborative scientific workshop on the topic "Operating the Cloud". Our goal is to provide a forum for the exchange of knowledge and experience between industry and academia. Co-located with the event is the HPI's Future SOC Lab day, which offers an additional attractive and conducive environment for scientific and industry related discussions. "Operating the Cloud" aims to be a platform for productive interactions of innovative ideas, visions, and upcoming technologies in the field of cloud operation and administration.
Download or read book Automatic verification of behavior preservation at the transformation level for relational model transformation written by Dyck, Johannes and published by Universitätsverlag Potsdam. This book was released on 2017-04-26 with total page 126 pages. Available in PDF, EPUB and Kindle. Book excerpt: The correctness of model transformations is a crucial element for model-driven engineering of high quality software. In particular, behavior preservation is the most important correctness property avoiding the introduction of semantic errors during the model-driven engineering process. Behavior preservation verification techniques either show that specific properties are preserved, or more generally and complex, they show some kind of behavioral equivalence or refinement between source and target model of the transformation. Both kinds of behavior preservation verification goals have been presented with automatic tool support for the instance level, i.e. for a given source and target model specified by the model transformation. However, up until now there is no automatic verification approach available at the transformation level, i.e. for all source and target models specified by the model transformation. In this report, we extend our results presented in [27] and outline a new sophisticated approach for the automatic verification of behavior preservation captured by bisimulation resp. simulation for model transformations specified by triple graph grammars and semantic definitions given by graph transformation rules. In particular, we show that the behavior preservation problem can be reduced to invariant checking for graph transformation and that the resulting checking problem can be addressed by our own invariant checker even for a complex example where a sequence chart is transformed into communicating automata. We further discuss today's limitations of invariant checking for graph transformation and motivate further lines of future work in this direction.
Download or read book Encyclopedia of Computer Science and Technology written by Phillip A. Laplante and published by CRC Press. This book was released on 2017-10-02 with total page 1013 pages. Available in PDF, EPUB and Kindle. Book excerpt: With breadth and depth of coverage, the Encyclopedia of Computer Science and Technology, Second Edition has a multi-disciplinary scope, drawing together comprehensive coverage of the inter-related aspects of computer science and technology. The topics covered in this encyclopedia include: General and reference Hardware Computer systems organization Networks Software and its engineering Theory of computation Mathematics of computing Information systems Security and privacy Human-centered computing Computing methodologies Applied computing Professional issues Leading figures in the history of computer science The encyclopedia is structured according to the ACM Computing Classification System (CCS), first published in 1988 but subsequently revised in 2012. This classification system is the most comprehensive and is considered the de facto ontological framework for the computing field. The encyclopedia brings together the information and historical context that students, practicing professionals, researchers, and academicians need to have a strong and solid foundation in all aspects of computer science and technology.
Download or read book Symbolic model generation for graph properties written by Schneider, Sven and published by Universitätsverlag Potsdam. This book was released on 2017-05-09 with total page 54 pages. Available in PDF, EPUB and Kindle. Book excerpt: Graphs are ubiquitous in Computer Science. For this reason, in many areas, it is very important to have the means to express and reason about graph properties. In particular, we want to be able to check automatically if a given graph property is satisfiable. Actually, in most application scenarios it is desirable to be able to explore graphs satisfying the graph property if they exist or even to get a complete and compact overview of the graphs satisfying the graph property. We show that the tableau-based reasoning method for graph properties as introduced by Lambers and Orejas paves the way for a symbolic model generation algorithm for graph properties. Graph properties are formulated in a dedicated logic making use of graphs and graph morphisms, which is equivalent to firstorder logic on graphs as introduced by Courcelle. Our parallelizable algorithm gradually generates a finite set of so-called symbolic models, where each symbolic model describes a set of finite graphs (i.e., finite models) satisfying the graph property. The set of symbolic models jointly describes all finite models for the graph property (complete) and does not describe any finite graph violating the graph property (sound). Moreover, no symbolic model is already covered by another one (compact). Finally, the algorithm is able to generate from each symbolic model a minimal finite model immediately and allows for an exploration of further finite models. The algorithm is implemented in the new tool AutoGraph.
Download or read book Advanced Design and Implementation of Virtual Machines written by Xiao-Feng Li and published by CRC Press. This book was released on 2016-12-19 with total page 395 pages. Available in PDF, EPUB and Kindle. Book excerpt: Along with the increasingly important runtime engines pervasive in our daily-life computing, there is a strong demand from the software community for a solid presentation on the design and implementation of modern virtual machines, including the Java virtual machine, JavaScript engine and Android execution engine. The community expects to see not only formal algorithm description, but also pragmatic code snippets; to understand not only research topics, but also engineering solutions. This book meets these demands by providing a unique description that combines high level design with low level implementations and academic advanced topics with commercial solutions. This book takes a holistic approach to the design of VM architecture, with contents organized into a consistent framework, introducing topics and algorithms in an easily understood step by step process. It focuses on the critical aspects of VM design, which are often overlooked in other works, such as runtime helpers, stack unwinding and native interface. The algorithms are fully illustrated in figures and implemented in easy to digest code snippets, making the abstract concepts tangible and programmable for system software developers.
Download or read book Programming Languages and Systems written by Gilles Barthe and published by Springer Science & Business Media. This book was released on 2011-03-22 with total page 513 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book constitutes the refereed proceedings of the 20th European Symposium on Programming, ESOP 2011, held in Saarbrücken, Germany, March 30—April 1, 2011, as part of ETAPS 2011, the European Joint Conferences on Theory and Practice of Software. The 24 revised full papers presented together with one full length invited talk were carefully reviewed and selected from 93 full paper submissions. Papers were invited on all aspects of programming language research including: programming paradigms and styles, methods and tools to write and specify programs and languages, methods and tools for reasoning about programs, methods and tools for implementation, and concurrency and distribution.
Download or read book Die Cloud f r Schulen in Deutschland written by Meinel, Christoph and published by Universitätsverlag Potsdam. This book was released on 2017-03-23 with total page 50 pages. Available in PDF, EPUB and Kindle. Book excerpt: Die digitale Entwicklung durchdringt unser Bildungssystem, doch Schulen sind auf die Veränderungen kaum vorbereitet: Überforderte Lehrer/innen, infrastrukturell schwach ausgestattete Unterrichtsräume und unzureichend gewartete Computernetzwerke sind keine Seltenheit. Veraltete Hard- und Software erschweren digitale Bildung in Schulen eher, als dass sie diese ermöglichen: Ein zukunftssicherer Ansatz ist es, die Rechner weitgehend aus den Schulen zu entfernen und Bildungsinhalte in eine Cloud zu überführen. Zeitgemäßer Unterricht benötigt moderne Technologie und eine zukunftsorientierte Infrastruktur. Eine Schul-Cloud (https://hpi.de/schul-cloud) kann dabei helfen, die digitale Transformation in Schulen zu meistern und den fächerübergreifenden Unterricht mit digitalen Inhalten zu bereichern. Den Schüler/innen und Lehrkräften kann sie viele Möglichkeiten eröffnen: einen einfachen Zugang zu neuesten, professionell gewarteten Anwendungen, die Vernetzung verschiedener Lernorte, Erleichterung von Unterrichtsvorbereitung und Differenzierung. Die Schul-Cloud bietet Flexibilität, fördert die schul- und fächerübergreifende Anwendbarkeit und schafft eine wichtige Voraussetzung für die gesellschaftliche Teilhabe und Mitgestaltung der digitalen Welt. Neben den technischen Komponenten werden im vorliegenden Bericht ausgewählte Dienste der Schul-Cloud exemplarisch beschrieben und weiterführende Schritte aufgezeigt. Das in Zusammenarbeit mit zahlreichen Expertinnen und Experten am Hasso-Plattner-Institut (HPI) entwickelte und durch das Bundesministerium für Bildung und Forschung (BMBF) geförderte Konzept einer Schul-Cloud stellt eine wichtige Grundlage für die Einführung Cloud-basierter Strukturen und -Dienste im Bildungsbereich dar. Gemeinsam mit dem nationalen Excellence-Schulnetzwerk MINT-EC als Kooperationspartner startet ab sofort die Pilotphase. Aufgrund des modularen, skalierbaren Ansatzes der Schul-Cloud kommt dem infrastrukturellen Prototypen langfristig das Potential zu, auch über die begrenzte Anzahl an Pilotschulen hinaus bundesweit effizient eingesetzt zu werden.
Download or read book Proceedings of the Second International Workshop on Database Programming Languages written by Richard Hull and published by Morgan Kaufmann. This book was released on 1990 with total page 464 pages. Available in PDF, EPUB and Kindle. Book excerpt:
Download or read book Advances in Computer Science Information Security and Privacy written by Anupam Datta and published by Springer Science & Business Media. This book was released on 2009-11-24 with total page 166 pages. Available in PDF, EPUB and Kindle. Book excerpt: This volume contains the papers presented at the 13th Annual Asian Comp- ing Science Conference (ASIAN 2009) held in Seoul, South Korea, December 14-16, 2009. The theme of this year's conference was “Information Security and Privacy: Theory and Practice.” The series of annual Asian Computing Science Conferences (ASIAN) was initiated in 1995 by AIT, INRIA and UNU/IIST to provideaforumforresearchersincomputersciencefromtheAsiancontinentand to promote interaction with researchers in other regions. Accordingly, the c- ference moves every year to a di?erent center of research throughout Asia. This year ASIAN was co-located with the 7th Asian Symposium on Programming Languages and Systems (APLAS 2009). We received 45 submissions. Each submission was carefully reviewed by the ProgramCommittee.The committeedecided to acceptsevenregularpapers and three short papers, which are included in the proceedings. The program also - cluded two invited talks by Jean Goubault-Larrecq (LSV, ENS Cachan, CNRS, INRIASaclay)andNaokiKobayashi(TohokuUniversity);thecorresponding- persarealsoincludedinthis volume.Iwouldlikethank the ProgramCommittee members and external reviewers for their work in selecting the contributed - pers.IwouldalsoliketothanktheSteeringCommitteefortheirtimelyadvice,in particular, Kazunori Ueda and Iliano Cervesato. Finally, I would like to thank the Local Arrangements Chair, Gyesik Lee, for ensuring that the conference proceeded smoothly.
Download or read book Research Advances in Database and Information Systems Security written by Vijay Atluri and published by Springer. This book was released on 2013-03-14 with total page 336 pages. Available in PDF, EPUB and Kindle. Book excerpt: Computer technology evolves at a rate that challenges companies to maintain appropriate security for their enterprises. With the rapid growth in Internet and www facilities, database and information systems security remains a key topic in businesses and in the public sector, with implications for the whole of society. Research Advances in Database and Information Systems Security covers issues related to security and privacy of information in a wide range of applications, including: Critical Infrastructure Protection; Electronic Commerce; Information Assurance; Intrusion Detection; Workflow; Policy Modeling; Multilevel Security; Role-Based Access Control; Data Mining; Data Warehouses; Temporal Authorization Models; Object-Oriented Databases. This book contains papers and panel discussions from the Thirteenth Annual Working Conference on Database Security, organized by the International Federation for Information Processing (IFIP) and held July 25-28, 1999, in Seattle, Washington, USA. Research Advances in Database and Information Systems Security provides invaluable reading for faculty and advanced students as well as for industrial researchers and practitioners engaged in database security research and development.