The Information-Flow property of Non-Interference was recently relaxed into Abstract Non-Interference (ANI), a weakened version where attackers can only observe properties of data, rather than their exact value. ANI w...
详细信息
The Information-Flow property of Non-Interference was recently relaxed into Abstract Non-Interference (ANI), a weakened version where attackers can only observe properties of data, rather than their exact value. ANI was originally defined on integers, where a property models the set of numbers satisfying it. The present work proposes an object-oriented, Java-based formulation of an instance of ANI where data take the form of objects, and the observed property comes to be their type. The execution of a program is taken to be the invocation of some method by an external user: a class is secure if, for all its (non-private) methods, the type of their low-security data after the execution does not depend on the initial type of its high-security data (i.e., there are no illicit flows). The relation to ANI theory (in its abstract version) can be seen in the representation of abstract domains in terms of class hierarchies: an upper closure operator map an object into the smallest class it is an instance of. An analyzer for a non-trivial subset of Java is illustrated. A sketch of a soundness proof is provided: a program is never misclassified as secure, i.e., it is rejected whenever the absence of illicit ows cannot be guaranteed.
Software reliability and error handling are concepts that any programmer knows and deals with on a daily basis. Even so, studies suggest that the current approach to exception handling raises fundamental incompatibili...
详细信息
Software reliability and error handling are concepts that any programmer knows and deals with on a daily basis. Even so, studies suggest that the current approach to exception handling raises fundamental incompatibilities with object-oriented concepts, being a major cause for the lack of quality on error handling code. In this paper, we propose an exception handling model that makes the runtime environment responsible for automatically dealing with abnormal situations. The platform provides a number of benign recovery actions that are able to deal automatically with most common exception types. Whenever an exception is raised, and a benign recovery method can be found, code is re-executed from a clean transactional state. In this approach try blocks not only represent a nesting level where a fault can occur but also a block that can be re-executed transactionally as a clean slate. For validating the approach two case studies were performed. One involved providing automatic exception handling for Glassfish's Java Messaging System implementation and the other for the Hipergate CRM application. Both showed that increased robustness is possible while freeing the programmer from manually writing extensive error-handling code. (C) 2010 Elsevier Ltd. All rights reserved.
The use of automatic error detection and compensation techniques for testing the class cBigNumber written in C++ is discussed;this class is designed for performing operations on unbounded integer numbers. It implement...
详细信息
The use of automatic error detection and compensation techniques for testing the class cBigNumber written in C++ is discussed;this class is designed for performing operations on unbounded integer numbers. It implements the standard operations of C++, square rooting, binary exponentiation, and Miller-Rabin primality test. The class is tested in the automatic mode. The reliability of computations is ensured using the built-in error control and compensation tools.
The article focuses on the description of the java applications Eqboot. It is said that the java applications Eqboot is used for estimating equating constants and standards error of equating applying item response the...
详细信息
The article focuses on the description of the java applications Eqboot. It is said that the java applications Eqboot is used for estimating equating constants and standards error of equating applying item response theory (IRT) methods. It is noted that Eqboot enforces several equating methods of binary items which include Mean/Sigma, Stocking-Lord and Mean/Mean and which is supported by several models including rasch, 3PL, and 2PL. It is noted that Eqboot calculates the standard error of equating for all for equating methods applying bootsrap techniques. It is cited that when user applies Rasch model, one can use the support program eqwinboot which is also a java application.
A session takes place between two parties;after establishing a connection, each party interleaves local computations and communications (sending or receiving) with the other. Session types characterise such sessions i...
详细信息
A session takes place between two parties;after establishing a connection, each party interleaves local computations and communications (sending or receiving) with the other. Session types characterise such sessions in terms of the types of values communicated and the shape of protocols, and have been developed for the pi-calculus, CORBA interfaces, and functional languages. We study-the incorporation of session types into object-orientedlanguages through MOOSE, a multi-threaded language with session types, thread spawning, iterative, and higher-order sessions. Our design aims to consistently integrate the object-orientedprogramming style and sessions, and to be able to treat various case studies from the literature. We describe the design of MOOSE, its syntax, operational semantics, and type system, and develop a type inference system. After proving subject reduction, we establish the progress property: once a communication has been established, well-typed programs will never starve at communication points. (C) 2009 Elsevier Inc. All rights reserved.
Covariant types are a powerful language feature for improving type-safety. However, covariant types complicate type-checking when combined with polymorphism. We propose two new language features that can improve type-...
详细信息
Covariant types are a powerful language feature for improving type-safety. However, covariant types complicate type-checking when combined with polymorphism. We propose two new language features that can improve type-checking in a language with polymorphism and covariant typing, and also have the potential to improve efficiency as well. Published by Elsevier Ltd.
暂无评论