8,698 Hits in 4.8 sec

Type-Safe Eventful Sessions in Java [chapter]

Raymond Hu, Dimitrios Kouzapas, Olivier Pernet, Nobuko Yoshida, Kohei Honda
2010 Lecture Notes in Computer Science  
This paper develops a framework for type-safe event-driven session programming that integrates session types and asynchronous event programming in Java.  ...  This paper presents a Java language extension and a novel type discipline for type-safe event-driven session programming that counters the problems of traditional event-based programming with abstractions  ...  ESJ is built on SJ, an extension of Java for type-safe concurrent and distributed session programming [16] .  ... 
doi:10.1007/978-3-642-14107-2_16 fatcat:bw57rvpmvfff5divca4xv3jiha

Hybrid Session Verification Through Endpoint API Generation [chapter]

Raymond Hu, Nobuko Yoshida
2016 Lecture Notes in Computer Science  
The API generation promotes static type checking of the behavioural aspect of the source protocol by mapping the state space of an endpoint in the protocol to a family of channel types in the target language  ...  This paper proposes a new hybrid session verification methodology for applying session types directly to mainstream languages, based on generating protocol-specific endpoint APIs from multiparty session  ...  element towards event-driven sessions [16] ). async essentially allows the input transition in the local EFSM to be decoupled in the user program from the actual message input action in safe situations  ... 
doi:10.1007/978-3-662-49665-7_24 fatcat:ja5nmkdyjbevni3tpwt2dcan2u

Linguistic support for modern operating systems workshop on programming languages and operating systems 2006 (PLOS 2006)

Christian W. Probst, Andreas Gal, Robert Grimm, Olaf Spinczyk
2006 Proceedings of the 3rd workshop on Programming languages and operating systems linguistic support for modern operating systems - PLOS '06  
This approach allows to extend operating systems with elements written in type-safe languages, as compared to having to completely re-develop a type-safe OS.  ...  Session 1: Systems and Java OS The workshop started with a session focusing on system properties and Java support for operating systems.  ... 
doi:10.1145/1215995.1215996 dblp:conf/asplos/ProbstGGS06 fatcat:6snt26clmvhkngwblevru7eljm

Securing Java with Local Policies

Massimo Bartoletti, Gabriele Costa, Pierpaolo Degano, Fabio Martinelli, Roberto Zunino
2009 Journal of Object Technology  
We propose an extension to the security model of Java, that allows for specifying, analysing and enforcing history-based usage policies.  ...  A type system guarantees that well-typed programs are resource-safe.  ...  The approximation provided by CFGs is safe, in the sense that each actual execution flow is represented by a path in the CFG.  ... 
doi:10.5381/jot.2009.8.4.a1 fatcat:hgwi6kyymbhvlfdtsen6liwuv4

A SIP-Based Programming Framework for Advanced Telephony Applications [chapter]

Wilfried Jouve, Nicolas Palix, Charles Consel, Patrice Kadionik
2008 Lecture Notes in Computer Science  
This definition is passed to a generator to produce a Java programming framework, dedicated to the application area.  ...  To do so, we introduce a declarative language over Java to define the entities of a target telephony application area.  ...  For a command, the Java type is an interface listing the relevant methods (e.g., DeskPresence). For an event or session, the Java type indicates the type of the data that are exchanged.  ... 
doi:10.1007/978-3-540-89054-6_1 fatcat:njqud5thgncsrosl5xl5xpys7a

Explicit Connection Actions in Multiparty Session Types [chapter]

Raymond Hu, Nobuko Yoshida
2017 Lecture Notes in Computer Science  
This work extends asynchronous multiparty session types (MPST) with explicit connection actions to support protocols with optional and dynamic participants.  ...  We present a toolchain implementation, for distributed programming based on our extended MPST in Java, and a core formalism, demonstrating the soundness of our approach.  ...  Safe Java implementation of C in TravelAgency (Fig. 1) using generated APIs.  ... 
doi:10.1007/978-3-662-54494-5_7 fatcat:cgjqdckbbrawjfjpyu63urpvae

Detecting Cross-Site Scripting Vulnerabilities through Automated Unit Testing [article]

Mahmoud Mohammadi, Bill Chu, Heather Richter Lipford
2018 arXiv   pre-print
Handling events In order to find vulnerabilities associated with tag events, we must trigger each event with a JavaScript body.  ...  This is because sinks are part of the application logic written in Java, so it is natural for developers to use Java to express changes in HTML document context.  ... 
arXiv:1804.00755v1 fatcat:ttqz27sudnhnhew5335obs5fkq

Implementing protocols via declarative event patterns

Robert J. Walker, Kevin Viggers
2004 Software engineering notes  
DEPs are descriptions of sequences of events in the execution of a system that include the ability to recognize properly nested event structures.  ...  Support for DEPs has been implemented in a proof-of-concept extension to the AspectJ language that is based on advanced compiler technology.  ...  Transfer- Context maintains state regarding the session and connections, such as the IP address and the file type.  ... 
doi:10.1145/1041685.1029918 fatcat:vj37wfyfnfaivdm4x2rrmwmlkq

A Java Beans Component Architecture for Cryptographic Protocols

Pekka Nikander, Arto Karila
1998 USENIX Security Symposium  
Furthermore, these protocols can be safely downloaded through the Internet and run on virtually any workstation equipped with a Java capable browser * .  ...  Future work will include Java 1.2 support, and utilization of a graphical Beans editor to further ease the work of the protocol composer. * In order to achieve real sandbox security, either JDK 1.2 or  ...  In addition to the few predefined notification types, the Beans are assumed to define new ones. Given this, it is natural to map conduit messages onto Java events.  ... 
dblp:conf/uss/NikanderK98 fatcat:f3c5sg3l5ff4bkezmpobhmqr7u

Multiparty Session Type-safe Web Development with Static Linearity

Jonathan King, Nicholas Ng, Nobuko Yoshida
2019 Electronic Proceedings in Theoretical Computer Science  
First, the global interaction protocol is described in the Scribble protocol language -- based on multiparty session types.  ...  following the protocol will type check.  ...  Notably, Scribble-Java [11, 12] was the earliest work to propose hybrid session verification, by generating Java API from Scribble to statically type check user's I/O action usages against the generated  ... 
doi:10.4204/eptcs.291.4 fatcat:kuebmh4p4ncpxh7hqdxxpv5niu

Formal verification of security protocol implementations: a survey

Matteo Avalle, Alfredo Pironti, Riccardo Sisto
2012 Formal Aspects of Computing  
Automated formal verification of security protocols has been mostly focused on analyzing highlevel abstract models which, however, are significantly different from real protocol implementations written in  ...  spi calculus models can be translated into Java by the Spi2Java framework, namely those spi calculus models that can be translated into a type-safe Java program.  ...  In Jif, policies are expressed through labeled Java types.  ... 
doi:10.1007/s00165-012-0269-9 fatcat:z7bgh5nnuzh4leo7wgf5rwd5ci

Resource Management for Safe Languages [chapter]

Grzegorz Czajkowski, Jan Vitek
2002 Lecture Notes in Computer Science  
Thus, program transformations that are correct for pure Java may break native code in the runtime system.  ...  Prevailing approaches to provide resource control in Java-based platforms rely on a modified Java Virtual Machine (JVM), on native code libraries, or on program transformations.  ...  Final Session In the final session a list of open or not yet satisfactorily solved problems related to resource management for safe languages was created.  ... 
doi:10.1007/3-540-36208-8_1 fatcat:xfainuaekndkridx7ksxqxebha

Automatic Generation of XSS and SQL Injection Attacks with Goal-Directed Model Checking

Michael C. Martin, Monica S. Lam
2008 USENIX Security Symposium  
In addition, for a class of applications, QED can guarantee that it has found all the potential bugs in the program. We have run QED over 3 Java web applications totaling 130,000 lines of code.  ...  The analyst specifies the vulnerability of interest in a specification that looks like a Java code fragment, along with a range of values for form parameters.  ...  This work was supported in part by the National Science Foundation under Grant No. UCB-0424422 and Grant No. 0326227.  ... 
dblp:conf/uss/MartinL08 fatcat:y7r55pntprbrthz4syz6ym2uoi


Jin Yu, Boualem Benatallah, Fabio Casati, Regis Saint-Paul
2006 Proceedings of the 6th international conference on Web engineering - ICWE '06  
First, downloaded code in form of Java Applet or ActiveX can be executed in browsers.  ...  Our approach is based on the Extensible User Interface Protocol (XUP), a SOAP-based protocol for communicating events and incremental user interface updates on the web.  ...  In addition, to filter events of the same type, XUP supports the concept of event masks, which further refine the event selection criteria.  ... 
doi:10.1145/1145581.1145638 dblp:conf/icwe/YuBCS06 fatcat:2akhyrxjvfgfrak3c7xxm5h6na

Synergies among Testing, Verification, and Repair for Concurrent Programs (Dagstuhl Seminar 16201)

Julian Dolby, Orna Grumberg, Peter Müller, Omer Tripp, Marc Herbstritt
2016 Dagstuhl Reports  
These include Dagstuhl Seminar 13021 "Symbolic Methods in Testing"; Dagstuhl  ...  Actor services can specify how parts of a program respond to messages, both in terms of guaranteed future messages, and relations between the program states in which messages are received and responses  ...  In this talk, I discuss how the current Java memory model affects type safety and Java's security guarantees. The findings are based on a formal model of Java and the Java memory model.  ... 
doi:10.4230/dagrep.6.5.56 dblp:journals/dagstuhl-reports/DolbyGMT16 fatcat:3ou6mdvytrfnfhjf542sbpn6lm
« Previous Showing results 1 — 15 out of 8,698 results