Security Policy Enforcement by Automated Program-rewriting

ions are star-free ω-regular expressions [Lad77, Tho79] with variables and intersection. In general, deciding subset for such a language is intractable, but not every history abstraction expression can appear in practice. Our implementation of Mobile decides subset for a sub-language of the language of history abstractions. We present this sub-language below, we argue that it captures most of the useful history abstractions that can appear in practice, and we prove that subset over this language can be reduced to subset over the language of regular expressions. D.1 History Variables and Intersection Intersection is introduced into a history abstraction during type-checking by typing rule 3.33 (the typing rule for condst). In our implementation, this typing rule substitutes an expression of the form θ ∩ H for each occurrence of variable θ, where H is a closed history abstraction. Since intersection is introduced in no other way, this reduces the language of history abstractions of interest to the following sub-language of the language given in Figure 3.2: H ::= | e |H1H2 |H1 ∪H2 |H | V V ::= θ | V ∩ C C ::= | e | C1C2 | C1 ∪ C2 | C