src/HOL/Auth/Event.thy
author paulson
Fri Jul 11 13:26:15 1997 +0200 (1997-07-11)
changeset 3512 9dcb4daa15e8
child 3519 ab0a9fbed4c0
permissions -rw-r--r--
Moving common declarations and proofs from theories "Shared"
and "Public" to "Event". NB the original "Event" theory was later renamed "Shared".

Addition of the Notes constructor to datatype "event".
     1 (*  Title:      HOL/Auth/Event
     2     ID:         $Id$
     3     Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
     4     Copyright   1996  University of Cambridge
     5 
     6 Theory of events for security protocols
     7 
     8 Datatype of events; function "sees"; freshness
     9 *)
    10 
    11 Event = Message + List + 
    12 
    13 consts  (*Initial states of agents -- parameter of the construction*)
    14   initState :: [agent set, agent] => msg set
    15 
    16 datatype  (*Messages--could add another constructor for agent knowledge*)
    17   event = Says  agent agent msg
    18         | Notes agent       msg
    19 
    20 consts  
    21   sees1 :: [agent, event] => msg set
    22 
    23 primrec sees1 event
    24            (*Spy reads all traffic whether addressed to him or not*)
    25   sees1_Says  "sees1 A (Says A' B X)  = (if A:{B,Spy} then {X} else {})"
    26   sees1_Notes "sees1 A (Notes A' X)   = (if A = A'    then {X} else {})"
    27 
    28 consts  
    29   sees :: [agent set, agent, event list] => msg set
    30 
    31 primrec sees list
    32   sees_Nil  "sees lost A []       = initState lost A"
    33   sees_Cons "sees lost A (ev#evs) = sees1 A ev Un sees lost A evs"
    34 
    35 
    36 constdefs
    37   (*Set of items that might be visible to somebody: complement of the set
    38         of fresh items*)
    39   used :: event list => msg set
    40     "used evs == parts (UN lost B. sees lost B evs)"
    41 
    42 end