Learn More
AVISPA is a pushbutton tool for the automated validation of Internet security-sensitive protocols and applications. It provides a modular and expressive formal language for specifying protocols and their security properties, and integrates different back-ends that implement a variety of state-of-the-art automatic analysis techniques. To the best of our(More)
In this article we present Bali, the formalization of a large (hitherto sequential) sublanguage of Java. We give its abstract syntax, type system, well-formedness conditions, and an operational evaluation semantics. Based on these deenitions, we can express soundness of the type system, an important design goal claimed to be reached by the designers of(More)
SUMMARY This article presents a Hoare-style calculus for a substantial subset of Java Card, which we call Java Ø. The Hoare logic of partial correctness is proved not only sound (w.r.t. our operational semantics of Java Ø , described in detail elsewhere) but even complete. It is the first logic for an object-oriented language that is provably complete. The(More)
We present a (the rst?) sound and relatively complete Hoare logic for a simple imperative programming language including mutually recursive procedures with call-by-value parameters as well as global and local variables. For such a language we formalize an operational and an axiomatic semantics of partial correctness and prove their equivalence. Global and(More)
This paper introduces ASLan++, the AVANTSSAR Specification Language. ASLan++ has been designed for formally specifying dynamically composed security-sensitive web services and service-oriented architectures, their associated security policies, as well as their security properties, at both communication and application level. We introduce the main concepts(More)
The just recently finished EU project AVISPA, Automated Validation of Internet Security Protocols and Applications, has aimed at developing a pushbutton , industrial-strength technology for the analysis of large-scale Internet security-sensitive protocols and applications. In this short industrial contribution paper, after giving a very brief overview of(More)
The just recently finished EU project AVISPA, Automated Validation of Internet Security Protocols and Applications, has aimed at developing a pushbutton , industrial-strength technology for the analysis of large-scale Internet security-sensitive protocols and applications. In this short industrial contribution paper, after giving a very brief overview of(More)
We revisit the classical notion of noninterference for state-based systems, as presented by Rushby in 1992. We strengthen his results in several ways, in particular clarifying the impact of transitive vs. intransitive policies on unwinding. Inspired partially by Mantel's observations on unwinding for event systems, we remove the restriction on the unwinding(More)