{ 
s:SES
(ActionsDisjoint
(es:EO+(Info). x,y:E.
(same-action(x;y) (e:E. n:
. ((e ->>^n x) (e ->>^n y)))))) }
{ Proof }
Definitions occuring in Statement :
ses-disjoint: ActionsDisjoint,
ses-info-flow: ->>,
same-action: same-action(x;y),
ses-info: Info,
security-event-structure: SES,
event-ordering+: EO+(Info),
es-E: E,
nat_plus: ,
infix_ap: x f y,
all: x:A. B[x],
implies: P Q,
rel_exp: R^n
Definitions :
equal: s = t,
prop: 
,
universe: Type,
limited-type: LimitedType,
member: t 
T,
function: x:A 
B[x],
all: x:A. B[x],
natural_number: $n,
set: {x:A| B[x]} ,
nat_plus: ,
int: 
,
security-event-structure: SES,
ses-disjoint: ActionsDisjoint,
event-ordering+: EO+(Info),
es-E: E,
same-action: same-action(x;y),
product: x:A 
B[x],
exists: 
x:A. B[x],
nat: ,
subtype: S 
T,
int_nzero: 
,
real: 
,
and: P 
Q,
apply: f a,
infix_ap: x f y,
subtype_rel: A r B,
strong-subtype: strong-subtype(A;B),
ses-info-flow: ->>,
rel_exp: R^n,
less_than: a < b,
record-select: r.x,
union: left + right,
assert: 
b,
or: P 
Q,
dep-isect: Error :dep-isect,
eq_atom: x =a y,
eq_atom: eq_atom$n(x;y),
record+: record+,
void: Void,
false: False,
not: 
A,
cand: A c B,
event_ordering: EO,
subtract: n - m,
le: A 
B,
implies: P Q,
guard: {T},
rationals: 
,
add: n + m,
rev_implies: P 
Q,
iff: P Q,
ses-info: Info,
Auto: Error :Auto,
ParallelOp: Error :ParallelOp,
CollapseTHEN: Error :CollapseTHEN,
CollapseTHENA: Error :CollapseTHENA,
D: Error :D,
RepeatFor: Error :RepeatFor
Lemmas :
ses-info-flow_functionality,
nat_plus_inc,
nat_plus_wf,
same-action_wf,
event-ordering+_inc,
event-ordering+_wf,
ses-info_wf,
ses-disjoint_wf,
security-event-structure_wf,
rel_exp_iff,
nat_wf,
member_wf,
le_wf,
es-E_wf,
rel_exp_wf,
ses-info-flow_wf
\mforall{}s:SES
(ActionsDisjoint
{}\mRightarrow{} (\mforall{}es:EO+(Info). \mforall{}x,y:E.
(same-action(x;y) {}\mRightarrow{} (\mforall{}e:E. \mforall{}n:\mBbbN{}\msupplus{}. ((e ->>\^{}n x) {}\mRightarrow{} (e ->>\^{}n y))))))
Date html generated:
2011_08_17-PM-07_29_26
Last ObjectModification:
2010_09_24-PM-02_46_31
Home
Index