Sergio Maffeis Joint work with Philippa Gardner Modelling
- Slides: 61
Sergio Maffeis Joint work with Philippa Gardner Modelling Dynamic Web Data APPSEM'04 Tallinn, 15 April 2004
Motivation
What is dynamic Web data? • • We model large scale, peer-to-peer systems for sharing dynamic data over the Web. Distribution is on large scale Each site provides and consumes data using a (standardised) set of functionalities Data is dynamic and intensional: can contain calls to Web services, forms, scripted code, etc. . . Data is interlinked
Modelling dynamic Web data Existing models: • query languages for semistructured data (XML) – Describe data manipulation – Do not include a distribution layer • process calculi for the distributed infrastructure – Are good at orchestrating data exchanges between Modelling peers dynamic Web data requires merging these approaches. – Tend to abstract from the actual data
A unified framework Reasoning about data and the distributed infrastructure in the same framework provides means to • understand the system behaviour • give schema/types to documents containing scripts • control access to resources • propose new optimisations
The Xd project • Dynamic Web data in Xd – syntax, sematics, examples • Observational equivalences – spectrum of network and process equivalences • Proof techniques – domain bisimilarity • Types and security – access control, data validation • Implementation – declarative platform for intensional data and WScoordination
Dynamic Web data in Xd
Xd L 2 L 1 L 3 Processes Trees L 4 • A flat space of locations • Locations contain (XML) trees and coordination processes
Representing data in Xd a a c T 1 b P T 3 c T 2 Processes a a T’ c b @L 1: a/c L 2 L 1 • Unordered, edge-labelled trees – Scripted processes (no reflection) – Pointers (links)
Data manipulation: cut = cuta/e(X). pastea/c< a X> c T’ P’ P Q b e a c b T L 1 • select some subtrees with a path expression L 2
Data manipulation: cut X= T T’ = cuta/e(X). pastea/c< a X> c P’ P Q b e a c b T L 1 • select some subtrees with a path expression • match the subtrees against a binding pattern L 2
Data manipulation: cut X= T T < = cuta/e(X). pastea/c > a T’ P’ P Q b c e a c b T L 1 • select some subtrees with a path expression • match the subtrees against a binding pattern • cut away the subtrees L 2
Data manipulation: paste T < = cuta/e(X). pastea/c > a T’ P’ P T L 1 • select some paths for pasting Q b e c a c b L 2
Data manipulation: paste T < = cuta/e(X). pastea/c > a T’ P’ L 1 • select some paths for pasting • paste the subtrees in place P Q b e c a c b T L 2
Data manipulation T < = cuta/e(X). pastea/c > a T’ P’ P Q b c e L 1 • Encode cut, copy, paste by general update command • Simple path expressions as query language (multiple selection) a c b T L 2
Process selection = runc a b e c a a c b R P Q b e c a c b T L 1 L 2 run activates scripts: click on a hyperlink, system ev
Process selection = runc a b e c a a c b R P Q b e c a c b T L 1 L 2 run activates scripts: click on a hyperlink, system ev
Process migration = go L 2. copya/c(X). go L 1. pastea/e<X> a b c e a a c b R P Q b c e a c b T L 1 • L 2 = intuitive specification of a hyperlink
Process migration = go L 2. copya/c(X). go L 1. pastea/e<X> a b c e a a c b R P Q b c e a c b T L 1 • L 2 = intuitive specification of a hyperlink
Process migration T = go L 2. copya/c(X). go L 1. paste a/e< a b c e a a c > b R P T Q b c e a c b T L 1 • L 2 = intuitive specification of a hyperlink
Process migration T = go L 2. copya/c(X). go L 1. paste a/e< a b c e a a c > b T R P Q b c e a c b T L 1 • L 2 = intuitive specification of a hyperlink
Process migration = go L 2. copya/c(X). go L 1. pastea/e<X> a b c e a a c b R P Q b c e T L 1 • = intuitive specification of a hyperlink • over-simplified a c b T L 2
Communication = web service call = web service = result handling code = service instance a b e c a a c b R P Q b e c a c b T L 1 L 2
Communication = go L 2. get<a/c, L 1> = !get(x, y). copyx(z). go y. put< = put(x). pastea/e<x> a b e c a a c b R P Q b e c a c b T L 1 L 2
Communication = go L 2. get<a/c, L 1> = !get(x, y). copyx(z). go y. put< = put(x). pastea/e<x> a b e c a a c b R P Q b e c a c b T L 1 L 2
Communication = go L 2. get<a/c, L 1> = !get(x, y). copyx(z). go y. put< = put(x). pastea/e<x> = copya/c(z). go L 1. put<z> a b e c a a c b R P Q b e c a c b T L 1 L 2
Communication = go L 2. get<a/c, L 1> = !get(x, y). copyx(z). go y. put< = put(x). pastea/e<x> T = copya/c(z). go L 1. put< a b e L 1 c a a c b P R T Q b e c > a c b T L 2
Communication = go L 2. get<a/c, L 1> = !get(x, y). copyx(z). go y. put< = put(x). pastea/e<x> T = copya/c(z). go L 1. put< a b e c a a c b T R P Q b e c > a c b T L 1 L 2
Communication = go L 2. get<a/c, L 1> = !get(x, y). copyx(z). go y. put< = put(x). pastea/e T< > T = copya/c(z). go L 1. put< a b e c a a c b R T P Q b e c > a c b T L 1 L 2
Communication = go L 2. get<a/c, L 1> = !get(x, y). copyx(z). go y. put< = put(x). pastea/e T< > T = copya/c(z). go L 1. put< a b c c e T L 1 a a b R P Q b e c > a c b T L 2 Potential problem: who can return a result to put
Restriction = go L 2. get<a/c, L 1> = !get(x, y). copyx(z). go y. put<z = put(x). pastea/e<x> a b e c a a c b R P Q b e c a c b T L 1 L 2
Restriction = go L 2. get<a/c, L 1, put>= !get(x, y, w). copyx(z). go y. w< = put(x). pastea/e<x> a b e c a a c b R P Q b e c a c b T L 1 L 2 • Add the return channel put as a parameter to get
Restriction = go L 2. get<a/c, L 1, put>= !get(x, y, w). copyx(z). go y. w< = put(x). pastea/e<x> a b e c | a a c = (new put)( b R P Q b e c ) a c b T L 1 L 2 • Add the return channel put as a parameter to get • Make put an unforgeable secret with restriction binder
Restriction = go L 2. get<a/c, L 1, put>= !get(x, y, w). copyx(z). go y. w< = put(x). pastea/e<x> a b e c | a a c = (new put)( b R P Q b e c ) a c b T L 1 L 2
Restriction = go L 2. get<a/c, L 1, put>= !get(x, y, w). copyx(z). go y. w< = put(x). pastea/e<x> a b e c | a a c = (new put)( b R P Q b e c ) a c b T L 1 L 2
Restriction = go L 2. get<a/c, L 1, put>= !get(x, y, w). copyx(z). go y. w< = put(x). pastea/e<x> a b e c | a a c = (new put)( b R P Q b e c ) a c b T L 1 L 2
Restriction = go L 2. get<a/c, L 1, put>= !get(x, y, w). copyx(z). go y. w< = put(x). pastea/e<x> a b e L 1 c = (new put)( a a c | b P R T Q b e c ) a c b T L 2
Restriction = go L 2. get<a/c, L 1, put>= !get(x, y, w). copyx(z). go y. w< = put(x). pastea/e<x> a b e L 1 c | a a c = (new put)( b R T P Q b e c ) a c b T L 2
Restriction = go L 2. get<a/c, L 1, put>= !get(x, y, w). copyx(z). go y. w< = put(x). pastea/e<x> a b e c | a a c = (new put)( b R T P Q b e c ) a c b T L 1 L 2
Restriction = go L 2. get<a/c, L 1, put>= !get(x, y, w). copyx(z). go y. w< = put(x). pastea/e<x> a b c e T L 1 | a a c = (new put)( b R P Q b e c ) a c b T L 2 • Nothing can interefere with put now • Interference with get at L 2: same technique, types, …
Example: rendez-vous Client L 1 L 2 Function repository L 3 Data Repository L 4 Data warehouse
Example: rendez-vous Client L 1 L 2 Function repository L 3 Data Repository L 4 Data warehouse
Example: rendez-vous Client L 1 L 2 Function repository L 3 Data Repository L 4 Data warehouse
Example: rendez-vous Client L 1 L 2 Function repository L 3 Data Repository L 4 Data warehouse
Example: rendez-vous Client L 1 L 2 Function repository L 3 Data Repository L 4 Data warehouse
Example: rendez-vous Client L 1 L 2 Function repository L 3 Data Repository L 4 Data warehouse
Example: rendez-vous Client L 1 L 2 Function repository L 3 Data Repository L 4 Data warehouse
Example: rendez-vous Client L 1 L 2 Function repository L 3 Data Repository L 4 Data warehouse
Example: rendez-vous Client L 1 L 2 Function repository L 3 Data Repository L 4 Data warehouse
Example: rendez-vous Client L 1 L 2 Function repository L 3 Data Repository L 4 • Reduce network traffic Data warehouse • Comply to access control policies • Forward streams of results
Behavioural equivalences
Observational Equivalence Properties of an equivalence for concurrent systems: 1. Reduction closure: (N ~ M and N N’) ( M’. M * M’ and N’ ~ M’) 2. Contextuality 3. Preservation of (some) observables NN~~MM C[N] ~ C[M] ) * M’ and M’ ) ( C. (N M’. M
Network Observations L 2 L 1 L 3 R pastea/e<T’>. P Q T L 4 • If N= L 1| L 2| L 3| L 4 then we say N L 4 • pastea/e • Network equivalence is the largest symmetric relation
A hierarchy of equivalences Many possible observables: • the tree at each location (~t) copyp(x). 0 ~t 0 • process actions affecting trees (~) !a(x). a<x> ~a 0, . . . • actions affecting trees, outputs (~a) (new a)(a(x). P) ~s • any process action (~s) ~s ⊊ ~a = ~ ⊊ 0 ~t
Process Equivalence L 2 L 1 ~ L 3 R P Q L 1 L 2 L 3 R T L 4 P’ Q Replace a Web service P with P’ (optimisation) independently from: • the rest of the network L 1| L 2| L 3 P P’ L 4 • the actual data content T of L 4 • other services Q and R at L 4 T L 4
Establishing Equivalences Separating processes from data: L 1 L 2 L 3 PQ T L 4 = L 1 L 2 L 3 Q L 4 P L 4 T L 4 • Theorem: N ~ M if and only if [N] ~ [M] • Contextuality of ~ : compositional reasoning on L 1, and • LP 2, L 4 L~3, P’ and only if, for all T, (T, P) L ~ (T, P’) L L 4 if. Q 4 4
Proof technique • A bisimulation relation on located processes • Theorem: PL 4 P’L 4 implies PL 4 ~ P’L 4 = web service call = result handling code = intuitive specification = web service The refinement respects the specification: (new req)((new rep)( | )L | 1 L 2) L 1
More on bisimulation • Store updates modelled in message-passing style • We adapt techniques from the HO π-calculus for translating HO actions into FO actions • The definition of is non-standard: our choice of network composition makes a difference • Not complete due to “grainless concurrency” anomaly
Concluding remarks
The present and future of Xd • Formal model of p 2 p systems for sharing dynamic Web data • Examples: Web services, forms, Xlinks, scripting, Active XML • Behavioural equivalences, coinductive proof method, … • Types and security: [with Ahern, Gardner, Hayman] – access control based on spatial logics – document validation based on XDuce-like types and process types
Related work • Active XML [Abiteboul, Benjelloun, Milo, et. al. ] • ub. QL [Sahuguet, Tannen, Pierce] • Object Globe; Hyperqueries [Kiedl, Kemper, et al. ; Kemper, Wiesner] • Iota [Biermann, Sewell] • Asynchronous π [Honda, Tokoro; Honda, Yoshida; Merro; Amadio et al. ] • Dπ; λπ [Hennessy, Riely; Yoshida, Hennessy] • HOπ [Sangiorgi; Jeffrey, Rathke]
- Sergio maffeis
- Gardner and gardner 1969
- Monogenic diabetes
- Philippa foot
- Philippa fawcett
- Philippa costello
- Philippa lawson
- 2016679
- Cutability
- Hyaline cartilage in vertebrae
- Different ways of making permanent joints
- Memorandum joint venture account
- Break joint vs spool joint
- Ellipsoid joint
- Technological modelling
- Homology modelling steps
- Java modelling tools
- Molecular modelling laboratory
- Modelling madness what's new
- Richer interaction in hci
- Lbo model test
- Geometric rotation
- Homology modelling steps
- Hair modelling
- Different phases of edlc in embedded system
- Homology modelling steps
- Advanced process modeling
- Mathematical modeling of electrical systems
- Modelling rich interaction
- Unit 5 data modelling assignment 2
- Tools of structured analysis
- Algorithmic cost modelling
- Class responsibility collaborator modelling
- State modelling
- Object oriented modelling
- Multi jet modeling
- Cognitive modelling
- Cognitive modelling
- Types of financial modelling techniques
- Menurut anda apa tujuan dari dimensional modelling
- Data modelling techniques in business intelligence
- Malatesta's modelling e.g. by mother
- Cognitive modelling
- Modelling relationships and trends in data
- Building information modeling ppt
- Sd3 security framework
- Rock physics modelling
- Modelling
- Define the relationship chapter 16
- Unified modelling language
- Disease modelling
- Modelling software
- Crc model
- Marco arpagaus
- Consequences of heteroscedasticity
- What is solid modelling
- Pipeline risk assessment software
- Unit 42 spreadsheet modelling
- Matlab biological modelling
- Modelling
- Mom modelling
- Modelling task