Download - Programming with Live Distributed Objects
TRUST Autumn 2008 Conference: November 11-12, 2008
Programming with Live Distributed Objects
Krzysztof Ostrowski†
in collaboration with
Ken Birman†, Danny Dolev§, Jong Hoon Ahnn†
†Cornell University, §Hebrew University
http://liveobjects.cs.cornell.edu
TRUST Autumn 2008 Conference: November 11-12, 2008“Live Objects", Krzysztof Ostrowski 2
Introduction
TRUST Autumn 2008 Conference: November 11-12, 2008
Modern Software Development
“Live Objects", Krzysztof Ostrowski 3
reusable, replaceablecomponents
developer
shared
documentreplicated
datadistributedlock reliab
lemulticast
A
B
C D
application
object-orientation
typedcontracts
TRUST Autumn 2008 Conference: November 11-12, 2008
Object-Orientation has Benefits
“Live Objects", Krzysztof Ostrowski 4
rapid drag-and-drop visual design
in a managed, typed OO environment(Java, .NET, COM)
developer
shared
documentreplicated
datadistributedlock reliab
lemulticast
A
B
C D
application
reusabilityexamplebenefits modularity, decoupling
type safetybehavioral reflection
more conceptual design
TRUST Autumn 2008 Conference: November 11-12, 2008
Object-Orientation has Benefits
“Live Objects", Krzysztof Ostrowski 5
rapid drag-and-drop visual design
in a managed, typed OO environment(Java, .NET, COM)
developer
shared
documentreplicated
datadistributedlock reliab
lemulticast
A
B
C D
application
reusabilityexamplebenefits modularity, decoupling
type safetybehavioral reflection
more conceptual design
TRUST Autumn 2008 Conference: November 11-12, 2008
Distributed Systems: Out of Luck
“Live Objects", Krzysztof Ostrowski 6
rapid drag-and-drop visual design
in a managed, typed OO environment(Java, .NET, COM)
developer
shared
documentreplicated
datadistributedlock reliab
lemulticast
A
B
C D
application
reusabilityexamplebenefits modularity, decoupling
type safetybehavioral reflection
more conceptual design
TRUST Autumn 2008 Conference: November 11-12, 2008
Building a Collaborative App
“Live Objects", Krzysztof Ostrowski 7
shareddocument
TRUST Autumn 2008 Conference: November 11-12, 2008
Building a Collaborative App
“Live Objects", Krzysztof Ostrowski 8
replicationmiddleware
update
TRUST Autumn 2008 Conference: November 11-12, 2008
Building a Collaborative App
“Live Objects", Krzysztof Ostrowski 9
replicationmiddleware
obtaindocument
copy
TRUST Autumn 2008 Conference: November 11-12, 2008
Using Obscure, Proprietary APIs
“Live Objects", Krzysztof Ostrowski 10
ssize_t recvfrom( int socket, void *buffer, size_t length, int flags, struct sockaddr *address, socklen_t *address_len);
Channel channel = new JChannel( "UDP:PING:FD:STABLE:NAKACK:UNICAST:" + "FRAG:FLUSH:GMS:VIEW_ENFORCER:” + "STATE_TRANSFER:QUEUE");
obscureproprietary
low-level
confusing
TRUST Autumn 2008 Conference: November 11-12, 2008
Tightly Coupled Components
“Live Objects", Krzysztof Ostrowski 11
ApplicationLayer
MiddlewareLayer
shared
documentreplicated
datadistributedlock reliab
lemulticast
distributed application
tightlycoupled,unseparable
TRUST Autumn 2008 Conference: November 11-12, 2008
Many Layers In the Middleware
“Live Objects", Krzysztof Ostrowski 12
Layer 1
Layer 2
Layer 3
Layer 4
TRUST Autumn 2008 Conference: November 11-12, 2008
Many Layers In the Middleware
“Live Objects", Krzysztof Ostrowski 13
shared document
replicateddata
distributedlock
reliablemulticast
shared
documentreplicated
datadistributedlock reliab
lemulticast
distributed application
distributed components
composition
TRUST Autumn 2008 Conference: November 11-12, 2008
Many Layers In the Middleware
“Live Objects", Krzysztof Ostrowski 14
shared document
replicateddata
distributedlock
reliablemulticast
shared
documentreplicated
datadistributedlock reliab
lemulticast
distributed application
distributed components
composition
TRUST Autumn 2008 Conference: November 11-12, 2008
Many Layers In the Middleware
“Live Objects", Krzysztof Ostrowski 15
shared document
replicateddata
distributedlock
reliablemulticast
shared
documentreplicated
datadistributedlock reliab
lemulticast
distributed application
distributed components
composition
TRUST Autumn 2008 Conference: November 11-12, 2008
Many Layers In the Middleware
“Live Objects", Krzysztof Ostrowski 16
shared document
replicateddata
distributedlock
reliablemulticast
shared
documentreplicated
datadistributedlock reliab
lemulticast
distributed application
distributed components
composition
TRUST Autumn 2008 Conference: November 11-12, 2008
Many Layers In the Middleware
“Live Objects", Krzysztof Ostrowski 17
shared document
replicateddata
distributedlock
reliablemulticast
shared
documentreplicated
datadistributedlock reliab
lemulticast
unreliable multicast
TRUST Autumn 2008 Conference: November 11-12, 2008
Many Layers In the Middleware
“Live Objects", Krzysztof Ostrowski 18
shared document
replicateddata
distributedlock
reliablemulticast
shared
documentreplicated
datadistributedlock reliab
lemulticast
unreliable multicast
overlay
TRUST Autumn 2008 Conference: November 11-12, 2008
Many Layers In the Middleware
“Live Objects", Krzysztof Ostrowski 19
shared document
replicateddata
distributedlock
shared
documentreplicated
datadistributedlock reliab
lemulticast
unreliable multicast
overlaymembership
reliablemulticast
TRUST Autumn 2008 Conference: November 11-12, 2008
Many Layers In the Middleware
“Live Objects", Krzysztof Ostrowski 20
shared document
replicateddata
distributedlock
shared
documentreplicated
datadistributedlock reliab
lemulticast
unreliable multicast
overlay
reliablemulticast
membership
failuredetector
TRUST Autumn 2008 Conference: November 11-12, 2008
Protocols = Components ???
“Live Objects", Krzysztof Ostrowski 21
canreuse
reliable multicastchannel
stronglytyped
well-definedcontracts
canreplace
:T1
:T2
TRUST Autumn 2008 Conference: November 11-12, 2008
…But Not In Java/.NET/COM/*
“Live Objects", Krzysztof Ostrowski 22
canreuse
reliable multicastchannel
stronglytyped
well-definedcontracts
canreplace
:T1
:T2
TRUST Autumn 2008 Conference: November 11-12, 2008
Related Work
“Live Objects", Krzysztof Ostrowski 23
Distributed objectsEmerald, Argus, Globus, Linda, F.T. Corba, Croquet
Protocol compositionx-Kernel, Horus, Ensemble, BAST
Protocol typesCSP, π-calculus, BPEL, SSDL, WSCL, CFSM, TLA, IOA, IA, temporal logic,
Protocol specificationsHorus, Ensemble, Chockler et al. [2001]
Distributed environmentsJini, JXTA, WS-* specifications
TRUST Autumn 2008 Conference: November 11-12, 2008
Related Work
“Live Objects", Krzysztof Ostrowski 24
Distributed objectsEmerald, Argus, Globus, Linda, F.T. Corba, Croquet
Protocol compositionx-Kernel, Horus, Ensemble, BAST
Protocol typesCSP, π-calculus, BPEL, SSDL, WSCL, CFSM, TLA, IOA, IA, temporal logic,
Protocol specificationsHorus, Ensemble, Chockler et al. [2001]
Distributed environmentsJini, JXTA, WS-* specifications
TRUST Autumn 2008 Conference: November 11-12, 2008
Related Work
“Live Objects", Krzysztof Ostrowski 25
Distributed objectsEmerald, Argus, Globus, Linda, F.T. Corba, Croquet
Protocol compositionx-Kernel, Horus, Ensemble, BAST
Protocol typesCSP, π-calculus, BPEL, SSDL, WSCL, CFSM, TLA, IOA, IA, temporal logic,
Protocol specificationsHorus, Ensemble, Chockler et al. [2001]
Distributed environmentsJini, JXTA, WS-* specifications
TRUST Autumn 2008 Conference: November 11-12, 2008
Every Protocol Instance = Object
“Live Objects", Krzysztof Ostrowski 26
my custom protocol (class)
runningprotocolinstance(object)
new()
TRUST Autumn 2008 Conference: November 11-12, 2008
Every Protocol Instance = Object
“Live Objects", Krzysztof Ostrowski 27
Internet as a managed environment (runtime)
protocol participant
running instance of a distributed protocol (object)
TRUST Autumn 2008 Conference: November 11-12, 2008
“Live Objects", Krzysztof Ostrowski 28
Objects
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Live Distributed Objects
“Live Objects", Krzysztof Ostrowski 29
user
computer
local instance of a protocol stack
(“proxy”)
live object
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Live Distributed Objects
“Live Objects", Krzysztof Ostrowski 30
localstate and
logic live object
m m
mm m
m
m
networkmessages
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Live Distributed Objects
“Live Objects", Krzysztof Ostrowski 31
live object
“endpoint” communication & control
interface
black boxcan encapsulate state and threads
of execution
events
TRUST Autumn 2008 Conference: November 11-12, 2008
Live Objects vs. .NET Objects
“Live Objects", Krzysztof Ostrowski 32
ordinaryobject
state & logic
TRUST Autumn 2008 Conference: November 11-12, 2008
Live Objects vs. .NET Objects
“Live Objects", Krzysztof Ostrowski 33
accessprotocol
m m
remote object
mm
m
backendservice
(state & logic)
client
server
TRUST Autumn 2008 Conference: November 11-12, 2008
Live Objects vs. .NET Objects
“Live Objects", Krzysztof Ostrowski 34
accessprotocol
m m
remote object
mm
m
backendservice
(state & logic)
client
server
TRUST Autumn 2008 Conference: November 11-12, 2008
Live Objects vs. .NET Objects
“Live Objects", Krzysztof Ostrowski 35
remote object
m m
mm
mclient
server
clientm
m
backendservice(state & logic)
TRUST Autumn 2008 Conference: November 11-12, 2008
Live Objects vs. .NET Objects
“Live Objects", Krzysztof Ostrowski 36
m m
(replicated) remote object
mm
m
backend service(state & logic)
client
mm
server1
mm
mm
m
server2
TRUST Autumn 2008 Conference: November 11-12, 2008
Live Objects vs. .NET Objects
“Live Objects", Krzysztof Ostrowski 37
proxies collectively provide “service”to one another
m m
m
m
live object
mm
m
no backend
TRUST Autumn 2008 Conference: November 11-12, 2008
Live Objects vs. .NET Objects
“Live Objects", Krzysztof Ostrowski 38
m m
mm m
m
m
live object
BEHAVIOR
Service = Behavior
TRUST Autumn 2008 Conference: November 11-12, 2008
“Live Objects", Krzysztof Ostrowski 39
References
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating a Live Object
“Live Objects", Krzysztof Ostrowski 40
developer
node1 node2 nodeK
user1 user2 userK
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating a Live Object
“Live Objects", Krzysztof Ostrowski 41
create ina visualdesigner
node1 node2 nodeK
live objectreferenceXML (recipe)
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating a Live Object
“Live Objects", Krzysztof Ostrowski 42
distribute
1. over email,
2. embedded inside of a document,
3. through a shared folder node1 node2 nodeK
------------------------------------------------------------------
------
XML
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating a Live Object
“Live Objects", Krzysztof Ostrowski 43
store referencese.g. as files
node1 node2 nodeK
XML XML XMLXML XMLXMLXMLXML XML XMLXML
XMLXMLXML
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating a Live Object
“Live Objects", Krzysztof Ostrowski 44
dereference(execute)
node1 node2 nodeK
XML XML XMLXML XMLXMLXMLXML XML XMLXML
XMLXMLXML
liveobjectsruntime
liveobjectsruntime
liveobjectsruntime
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating a Live Object
“Live Objects", Krzysztof Ostrowski 45
parse XML,create proxy,run proxy
node1 node2 nodeK
liveobjectsruntime
liveobjectsruntime
liveobjectsruntime
a2a1
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating a Live Object
“Live Objects", Krzysztof Ostrowski 46
runningobject
node1 node2 nodeK
a2a1
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating a Live Object
“Live Objects", Krzysztof Ostrowski 47
node1 node2 nodeK
a2a1
XML
liveobjectsruntime
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating a Live Object
“Live Objects", Krzysztof Ostrowski 48
node1 node2 nodeK
a2a1 aK
TRUST Autumn 2008 Conference: November 11-12, 2008
“Live Objects", Krzysztof Ostrowski 49
Composition
TRUST Autumn 2008 Conference: November 11-12, 2008
Connecting Objects
“Live Objects", Krzysztof Ostrowski 50
c2 c3c1
use the same membership object
membership object
to membership
servicem3m2m1
TRUST Autumn 2008 Conference: November 11-12, 2008
Connecting Objects
“Live Objects", Krzysztof Ostrowski 51
s2 s3s1
c2 c3c1
m1 m2 m3
m4 m5 m6
membership service
“group”object
membership object
client node
servernode
TRUST Autumn 2008 Conference: November 11-12, 2008
Connecting Objects
“Live Objects", Krzysztof Ostrowski 52
a4 a5 a6
client endpoints
a1 a2 a3
C C C
C C C
S S S
S S S
server endpoints
TRUST Autumn 2008 Conference: November 11-12, 2008
Dependencies as Endpoints
“Live Objects", Krzysztof Ostrowski 53
fj
dk
ai
membershipobject
discoveryobject
cl
failuredetectorobject
node
yourobject
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating Composite Objects
“Live Objects", Krzysztof Ostrowski 54
x2 x3x1
y1 y2 y3 XML
XMLreference to x
reference to y
compositereference
instructions to connect endpoints
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating Composite Objects
“Live Objects", Krzysztof Ostrowski 55
liveobjectsruntime
XML
XMLreference to x
reference to y
activate
this is happening on a single machine
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating Composite Objects
“Live Objects", Krzysztof Ostrowski 56
liveobjectsruntime
XML
XMLreference to x
reference to y
infer type
infer type
this is happening on a single machine
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating Composite Objects
“Live Objects", Krzysztof Ostrowski 57
liveobjectsruntime
XML
XMLreference to x
reference to y
: θXML
XML : θ'A
Binfer types ofA and B
this is happening on a single machine
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating Composite Objects
“Live Objects", Krzysztof Ostrowski 58
liveobjectsruntime
XML
XMLreference to x
reference to y
: θXML
XML : θ'A
B
B : τ'
A : τ
test
τ µ τ'
can endpoint of type τ
be connected to endpoint of type τ'
???
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating Composite Objects
“Live Objects", Krzysztof Ostrowski 59
liveobjectsruntime
XML
XMLreference to x
reference to y
x1
create proxy of x
this is happening on a single machine
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating Composite Objects
“Live Objects", Krzysztof Ostrowski 60
liveobjectsruntime
XML
XMLreference to x
reference to y
x1
create proxy of y
y1
this is happening on a single machine
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating Composite Objects
“Live Objects", Krzysztof Ostrowski 61
liveobjectsruntime
XML
XMLreference to x
reference to y
x1
connectproxies
y1
this is happening on a single machine
TRUST Autumn 2008 Conference: November 11-12, 2008
Creating Composite Objects
“Live Objects", Krzysztof Ostrowski 62
XML
liveobjectsruntime
XMLXML
XML
y1
z1
x1
v1
TRUST Autumn 2008 Conference: November 11-12, 2008
“Live Objects", Krzysztof Ostrowski 63
Compatibility
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Endpoint Types
“Live Objects", Krzysztof Ostrowski 64
x1
y1
A
B
is thislegal?
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Endpoint Types
“Live Objects", Krzysztof Ostrowski 65
x1
y1
A:τ
B:τ'
endpoint of type τ
endpoint of type τ'
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Endpoint Types
“Live Objects", Krzysztof Ostrowski 66
x1
y1
A:τ
B:τ'τ µ τ'
compatible
???
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Endpoint Types
“Live Objects", Krzysztof Ostrowski 67
event : e event' : e'e e'
θ θ'τ τ'
Can we connect A: and B:‘ ?
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Endpoint Types
“Live Objects", Krzysztof Ostrowski 68
event : e event' : e'e e'
θ θ'τ τ'
Provided Required'
θ θ'τ τ'
Provided Þ Required'
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Live Object Types
“Live Objects", Krzysztof Ostrowski 69
IP multicast
θ
channel:τ
receive:ɛreceive
send:ɛsend
θ:Reliable atomic broadcastθ:
sametype
wildly different semantics
TRUST Autumn 2008 Conference: November 11-12, 2008
“Live Objects", Krzysztof Ostrowski 70
Types
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Live Object Types
“Live Objects", Krzysztof Ostrowski 71
live objecttype
A:τ
B:τ'
C:τ"
θ
θ=(E, … )
E={A:τ,B:τ',C:τ"}list of endpoints:
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Live Object Types
“Live Objects", Krzysztof Ostrowski 72
live objecttype
A:τ
B:τ'
C:τ"
θ
θ=(E, … )
E={A:τ,B:τ',C:τ"}endpoint
type
list of endpoints:
A:τ
B:τ'C:τ"
A:τ
B:τ'C:τ"
A:τ
B:τ'C:τ"
every proxy must have endpoints A:τ,B:τ',C:τ"
TRUST Autumn 2008 Conference: November 11-12, 2008
Defining Endpoint Types
“Live Objects", Krzysztof Ostrowski 73
live objecttype
A:τ
B:τ'
C:τ"
θ
θ=(E, … )
E={A:τ,B:τ',C:τ"}
receive:ɛreceive
view:ɛview
send:ɛsend
leave:ɛleave
join:ɛjoin
τ=(I, O, … )endpoint
type
list of endpoints:
input events
outputevents
TRUST Autumn 2008 Conference: November 11-12, 2008
Behavioral Constraints
“Live Objects", Krzysztof Ostrowski 74
live objecttype
A:τ
B:τ'
C:τ"
θ
θ=(E,Pθ,Rθ)
constraints provided constraints required
E={A:τ,B:τ',C:τ"}
receive:ɛreceive
view:ɛview
send:ɛsend
leave:ɛleave
join:ɛjoin
τ=(I,O,Pτ,Rτ)endpoint
type
list of endpoints:
input events
outputevents
constraints provided
constraints required
TRUST Autumn 2008 Conference: November 11-12, 2008
Behavioral Constraints
“Live Objects", Krzysztof Ostrowski 75
[ObjectConstraint(“Security”, “Level=5”)][ObjectClass(“Channel”)]interface Channel {
[EndpointConstraint(“Order”, “Total”)][Endpoint(“C”)]ChannelEndpoint C { get; }
}
annotation
alias for a live object type
TRUST Autumn 2008 Conference: November 11-12, 2008
“Live Objects", Krzysztof Ostrowski 76
Constraints
TRUST Autumn 2008 Conference: November 11-12, 2008
Behavioral Constraints
“Live Objects", Krzysztof Ostrowski 77
A:τ
B:τ'
C:τ"
θ
A:τ A:τ A:τ
structure we’ve defined:the world of events
that occur atinstances of endpoint A
TRUST Autumn 2008 Conference: November 11-12, 2008
Behavioral Constraints
“Live Objects", Krzysztof Ostrowski 78
A:τ
B:τ'
C:τ"
θ
A:τ A:τ A:τ
occurs...everywhere...somewhere...
span across instancesproxies are anonymous
TRUST Autumn 2008 Conference: November 11-12, 2008
Behavioral Constraints
“Live Objects", Krzysztof Ostrowski 79
A:τ
B:τ'
C:τ"
θ
A:τ A:τ A:τ
“receive(x), receive(y) occur
in the same ordereverywhere”
TRUST Autumn 2008 Conference: November 11-12, 2008
Constraint Formalisms
“Live Objects", Krzysztof Ostrowski 80
A:τ
τ=(I,O,Pτ,Rτ)
Pτ=
X: φX
Y: φY
Z: φZ
formula in X
formula in Y
formula in Z
PÞP' iff "X φX Þ φ'X(X)
constraints expressed in different formalisms
point-wise comparison
logical consequence in formalism “X”
TRUST Autumn 2008 Conference: November 11-12, 2008
Constraint Formalisms
“Live Objects", Krzysztof Ostrowski 81
A:τ
τ=(I,O,Pτ,Rτ)
Pτ=
X: φX
Y: φY
Z: φZ
formula in X
formula in Y
formula in Z
PÞP' iff "X φX Þ φ'X(X)
constraints expressed in different formalisms
point-wise comparison
logical consequence in formalism “X”
TRUST Autumn 2008 Conference: November 11-12, 2008
Constraint Formalisms
“Live Objects", Krzysztof Ostrowski 82
A:τ
τ=(I,O,Pτ,Rτ)
Pτ=
X: φX
Y: φY
Z: φZ
formula in X
formula in Y
formula in Z
PÞP' iff "X φX Þ φ'X(X)
constraints expressed in different formalisms
point-wise comparison
logical consequence in formalism “X”
TRUST Autumn 2008 Conference: November 11-12, 2008
Constraint Formalisms
“Live Objects", Krzysztof Ostrowski 83
A:τ
τ=(I,O,Pτ,Rτ)
Pτ=
X: φX
Y: φY
Z: φZ
formula in X
formula in Y
formula in Z
PÞP' iff "X φX Þ φ'X(X)
constraints expressed in different formalisms
point-wise comparison
logical consequence in formalism “X”
TRUST Autumn 2008 Conference: November 11-12, 2008
Constraint Formalisms
“Live Objects", Krzysztof Ostrowski 84
A:τ
τ=(I,O,Pτ,Rτ)
Pτ=X: φX
formula in X
Xparse(I,O,φX:string)
liveobjectsruntimeenvironment
C:ConstraintX1
2
n compare(C, C')
pluggable module “X”
TRUST Autumn 2008 Conference: November 11-12, 2008
Constraint Formalisms
“Live Objects", Krzysztof Ostrowski 85
A:τ
τ=(I,O,Pτ,Rτ)
Pτ=X: φX
formula in X
Xparse(I,O,φX:string)
liveobjectsruntimeenvironment
C:ConstraintX1
2
n compare(C, C')
pluggable module “X”
TRUST Autumn 2008 Conference: November 11-12, 2008
Constraint Formalisms
“Live Objects", Krzysztof Ostrowski 86
A:τ
τ=(I,O,Pτ,Rτ)
Pτ=X: φX
formula in X
Xparse(I,O,φX:string)
liveobjectsruntimeenvironment
C:ConstraintX1
2
n compare(C, C')
pluggable module “X”
TRUST Autumn 2008 Conference: November 11-12, 2008
“Live Objects", Krzysztof Ostrowski 87
Authentication
TRUST Autumn 2008 Conference: November 11-12, 2008
Authentication
“Live Objects", Krzysztof Ostrowski 88
A:τ
θ=(E,Pθ,Rθ)
X: βX says φX
formula in X
type of the object that must assert it
Pθ=
PÞP' iff "X βX β'X ˄ φX Þ φ'X(X)
additionalrequirement
TRUST Autumn 2008 Conference: November 11-12, 2008
Authentication
“Live Objects", Krzysztof Ostrowski 89
A:τ
θ=(E,Pθ,Rθ)
X: βX says φX
formula in X
type of the object that must assert it
Pθ=
PÞP' iff "X βX β'X ˄ φX Þ φ'X(X)
additionalrequirement
TRUST Autumn 2008 Conference: November 11-12, 2008
Authentication
“Live Objects", Krzysztof Ostrowski 90
liveobjectsruntimeenvironment
2
3
says XML φX
verify(…, φX)
ok
createproxy
infer type1
XML :θ
4 θ said φX
TRUST Autumn 2008 Conference: November 11-12, 2008
Authentication
“Live Objects", Krzysztof Ostrowski 91
liveobjectsruntimeenvironment
2
3
says XML φX
verify(…, φX)
ok
createproxy
infer type1
XML :θ
4 θ said φX
TRUST Autumn 2008 Conference: November 11-12, 2008
“Live Objects", Krzysztof Ostrowski 92
Demo
TRUST Autumn 2008 Conference: November 11-12, 2008
“Live Objects", Krzysztof Ostrowski 93
http://liveobjects.cs.cornell.edu