Abstract
We propose a formal model of runtime safety enforcement for largescale, cross-language distributed applications with possibly untrusted endpoints. The underlying theory is based on multiparty session types with logical assertions (MPSA), an expressive protocol specification language that supports runtime validation through monitoring. Our method starts from global specifications based on MPSAs which the participants should obey. Distributed monitors use local specifications, projected from global specifications, to detect whether the interactions are well-behaved, and take appropriate actions, such as suppressing illegal messages. We illustrate the design of our model with examples from real-world distributed applications. We prove monitor transparency, communication conformance, and global session fidelity in the presence of possibly unsafe endpoints.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Barringer, H., Falcone, Y., Finkbeiner, B., Havelund, K., Lee, I., Pace, G., RoÅu, G., Sokolsky, O., Tillmann, N. (eds.): RV 2010. LNCS, vol.Ā 6418. Springer, Heidelberg (2010)
Bhargavan, K., Corin, R., DeniĆ©lou, P.-M., Fournet, C., Leifer, J.: Cryptographic protocol synthesis and verification for multiparty sessions. In: CSF, pp. 124ā140 (2009)
Bocchi, L., Honda, K., Tuosto, E., Yoshida, N.: A Theory of Design-by-Contract for Distributed Multiparty Interactions. In: Gastin, P., Laroussinie, F. (eds.) CONCUR 2010. LNCS, vol.Ā 6269, pp. 162ā176. Springer, Heidelberg (2010)
Caires, L., Vieira, H.T.: Conversation Types. In: Castagna, G. (ed.) ESOP 2009. LNCS, vol.Ā 5502, pp. 285ā300. Springer, Heidelberg (2009)
Carbone, M., Honda, K., Yoshida, N.: Structured Interactional Exceptions in Session Types. In: van Breugel, F., Chechik, M. (eds.) CONCUR 2008. LNCS, vol.Ā 5201, pp. 402ā417. Springer, Heidelberg (2008)
W3C WS-CDL, http://www.w3.org/2002/ws/chor/
Chave, M., Arrott, A., Farcas, C., Farcas, E., Krueger, I., Meisinger, M., Orcutt, J., Vernon, F., Peach, C., Schofield, O., Kleinert, J.: Cyberinfrastructure for the US Ocean Observatories Initiative. In: Proc. IEEE OCEANS 2009. IEEE (2009)
Chen, F., Rosu, G.: MOP:An Efficient and Generic Runtime Verification Framework. In: OOPSLA, pp. 569ā588 (2007)
Corin, R., Denielou, P.-M., Fournet, C., Bhargavan, K., Leifer, J.: Secure Implementations for Typed Session Abstractions. In: CSF, pp. 170ā186. IEEE Computer Society (2007)
Coulouris, G., Dollimore, J., Kindberg, T.: Distributed Systems, Concepts and Design. Addison-Wesley (2001)
Dam, M., Jacobs, B., Lundblad, A., Piessens, F.: Security Monitor Inlining for Multithreaded Java. In: Drossopoulou, S. (ed.) ECOOP 2009. LNCS, vol.Ā 5653, pp. 546ā569. Springer, Heidelberg (2009)
DeniĆ©lou, P.-M., Yoshida, N.: Buffered Communication Analysis in Distributed Multiparty Sessions. In: Gastin, P., Laroussinie, F. (eds.) CONCUR 2010. LNCS, vol.Ā 6269, pp. 343ā357. Springer, Heidelberg (2010)
DeniĆ©lou, P.-M., Yoshida, N.: Dynamic multirole session types. In: POPL, pp. 435ā446 (2011)
Falcone, Y.: You Should Better Enforce Than Verify. In: Barringer, H., Falcone, Y., Finkbeiner, B., Havelund, K., Lee, I., Pace, G., RoÅu, G., Sokolsky, O., Tillmann, N. (eds.) RV 2010. LNCS, vol.Ā 6418, pp. 89ā105. Springer, Heidelberg (2010)
Havelund, K., Goldberg, A.: Verify Your Runs. In: Meyer, B., Woodcock, J. (eds.) VSTTE 2005. LNCS, vol.Ā 4171, pp. 374ā383. Springer, Heidelberg (2008)
Hennessy, M., Rathke, J., Yoshida, N.: SafeDpi: a language for controlling mobile code. Acta Inf.Ā 42(4-5), 227ā290 (2005)
Honda, K., Yoshida, N., Carbone, M.: Multiparty Asynchronous Session Types. In: POPL 2008, pp. 273ā284. ACM (2008)
Leucker, M., Schallhart, C.: A brief account of runtime verification. J. Log. Algebr. Program.Ā 78(5), 293ā303 (2009)
Ligatti, J., Bauer, L., Walker, D.: Run-time enforcement of nonsafety policies. ACM Trans. Inf. Syst. Secur.Ā 12, 19:1ā19:41 (2009)
Online Appendix of this paper, http://www.eecs.qmul.ac.uk/~tcchen/TGC11/
Mostrous, D., Yoshida, N., Honda, K.: Global Principal Typing in Partially Commutative Asynchronous Sessions. In: Castagna, G. (ed.) ESOP 2009. LNCS, vol.Ā 5502, pp. 316ā332. Springer, Heidelberg (2009)
Mullender, S. (ed.): Distributed Systems. Addison-Wesley (1993)
Ocean Observatories Initiative (OOI), http://www.oceanleadership.org/programs-and-partnerships/ocean-observing/ooi/
Riely, J., Hennessy, M.: Trust and partial typing in open systems of mobile agents. In: Proc.Ā POPL 1999 (1999)
Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur.Ā 3, 30ā50 (2000)
Scribble Project homepage, http://www.scribble.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
Ā© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, TC., Bocchi, L., DeniƩlou, PM., Honda, K., Yoshida, N. (2012). Asynchronous Distributed Monitoring for Multiparty Session Enforcement. In: Bruni, R., Sassone, V. (eds) Trustworthy Global Computing. TGC 2011. Lecture Notes in Computer Science, vol 7173. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30065-3_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-30065-3_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-30064-6
Online ISBN: 978-3-642-30065-3
eBook Packages: Computer ScienceComputer Science (R0)