Process Expression of Security Automaton

Security is an essential aspect for mobile systems. Usually, mobile system modeling and its security policies specification are realized in different techniques. So when constructed a mobile system using formal methods it is difficult to verify if the system comply with any given security policies. A method was introduced to express security automata which specifying enforceable security policies as processes in an extended π-calculus. In this extended π-calculus, an exception termination process was introduced, called bad. Any input which violating a security automaton will correspond to a step of transformation of the process that specifying the security automaton to exception termination process. Our method shows that any security automata which specifying enforceable security policies would decide a process in the extended π-calculus.     

A Theory of Secure Mobile Computation with Confined Movement and Communication

An extended π calculus was introduced to deal with secure movement and intercommunication between agents. The system extends Nomadic-π with objective migration primitive and confined region which serves as annotation labels of agents and channels. The confined region labels were used to uniquely identify the constraints on the migration and communication of agents, with the labels, the agents could be confined in a secure subsystem and the inter-agent communication could be confined between agents located on trusted sites during computation. The operational semantics for the calculus was given out, and a type system which enforces security properties called confined migration and confined communication was developed.