Copyright (c) 2009 Bond University All rights reserved. http://epublications.bond.edu.au/paddy_krishnan Recent documents in Paddy Krishnan en-us Sun, 22 Feb 2009 21:07:32 PST 3600 http://epublications.bond.edu.au/infotech_pubs/44 http://epublications.bond.edu.au/infotech_pubs/44 Tue, 12 Jun 2007 23:11:04 PDT Business Process Execution Language (BPEL), or Web Services BPEL (WS-BPEL), is the standard for specifying workflow process definition using web services. Research on formal modelling and verificiation of BPEL has largely concentrated on control flow and data flow, while security related properties have received little attention. In this work, we present a formal framework that integrates Role Based Access Control (RBAC) into BPEL and allows us to express authorisation constraints, using temporal logic. Using this framework, we show how model-checking can be applied to verify that a given BPEL process satisfies the security constraints. Zhao Xiangpeng http://epublications.bond.edu.au/infotech_pubs/31 http://epublications.bond.edu.au/infotech_pubs/31 Thu, 07 Jun 2007 22:33:59 PDT We present an architecture for the secure circulation of electronic medical records. The architecture considers two issues prevalent in e-health - inter-operability and secure and privacy - and is designed for inter-organisational information flow. We focus our attention on the protection of patient privacy and discuss how privacy policies are applied and enforced on medical records. A key feature of the architecture is that privacy policies are not assumed to be complete. For cases where policies do not contain sufficient information to make a privacy-related decision, we show how a simple reasoning scheme can be used based on the "need to know" principle. Copyright © QUT. All rights reserved Shane Bracher http://epublications.bond.edu.au/infotech_pubs/17 http://epublications.bond.edu.au/infotech_pubs/17 Wed, 08 Nov 2006 22:34:02 PST In this article we present a technique which helps students in understanding proofs in the context of automata theory. The main conclusion is that student understanding can be improved by using a collection of lemmas and trying to automate the proof in a mechanical theorem prover. Padmanabhan Krishnan http://epublications.bond.edu.au/infotech_pubs/12 http://epublications.bond.edu.au/infotech_pubs/12 Sun, 05 Nov 2006 23:36:33 PST This paper summarises our experience in using model checking technology to test concurrent programs. We use the tool Verisoft to understand various aspects of a firewall tool kit by instrumenting three components of the firewall tool kit with hooks to test their behaviour. Some of the key changes include changing socket communication to message passing queues and adding appropriate synchronisations so that the behaviour of the system can be tracked. We aim to minimize the number of changes to the original source code so that its original behaviour is not affected. The main conclusion is that it is possible to inspect source code with a view towards verifying key behavioural properties without understanding the entire behaviour of the system. Padmanabhan Krishnan http://epublications.bond.edu.au/infotech_pubs/11 http://epublications.bond.edu.au/infotech_pubs/11 Sun, 05 Nov 2006 22:58:00 PST Component-based development is a trend towards building e-commerce applications. However, commercial components are rarely used during the development. The reason is that existing approaches to selecting and composing components suffer from the problem that the components retrieved usually do not exactly fit with other components in the system being developed. While formal methods can be used to describe and check semantic characteristics to better match components, there are practical limitations which restrict their adoption.We have proposed a framework to support a semantic description and selection of components. We used Simple Component Interface Language (SCIL) to describe user requirements and pre-built components from the current component sources. Specifications in SCIL can be translated to a variety of models including those that have a formal basis.In this paper, we preform a case study of searching commercial components for a generic e-commerce application. We specify the commercial components in SCIL and use two specific tools: jMocha and Alloy Analyser to identify the correct components that suit a particular task. Lei Wang http://epublications.bond.edu.au/infotech_pubs/9 http://epublications.bond.edu.au/infotech_pubs/9 Tue, 25 Jul 2006 22:42:02 PDT Component selection and composition are the main is- sues inComponent-Based Development (CBD). Existing approaches suer from the problem that the components retrieved usually do not exactly t with other components in the system being developed. While formal methods can be used to describe and check semantic characteristics to better match components, there are practical limitations which restrict their adoption. In this paper, we propose a framework to support a semantic description and selection of components. To- wards this we rst introduce a Simple Component Inter- face Language (SCIL). SCIL les can be translated to a variety of models including those that have a formal basis. We report our experience with two specic tools, viz., Re- active Modules and Alloy with a view to using tools based on formal methods but without exposing the details of the tools. Lei Wang http://epublications.bond.edu.au/infotech_pubs/8 http://epublications.bond.edu.au/infotech_pubs/8 Tue, 25 Jul 2006 07:34:59 PDT In this paper a framework which uses linear time temporal logic and model checking techniques to describe the semantics of a variety of test specifications is developed. These include a semantics for action words, which are a practical approach to model based testing, and coverage requirements. Features of tools that support the development of tests using this approach are also presented. While model-checking ideas are used, a model of the system is not actually required. Test sequences are directly generated from the specification of properties. Padmanabhan Krishnan