In recent times information flow and non-interference have become very popular concepts for expressing both integrity and privacy properties. We present the first general definitio...
act Account of Composition Mart n Abadi1 and Stephan Merz2 1 Digital Equipment Corporation, Systems Research Center, 130 Lytton Avenue, Palo Alto, CA 94301, U.S.A. 2 Institut fur I...
We define reactive simulatability for general asynchronous systems. Roughly, simulatability means that a real system implements an ideal system (specification) in a way that pre...
This paper continues the program initiated in [5], towards a derivation system for security protocols. The general idea is that complex protocols can be formally derived, starting...
Anupam Datta, Ante Derek, John C. Mitchell, Dusko ...
The behavior of reactive systems can be described by their black box properties as a relation between input and output streams. More operational is the behavior's description...