Abstract
The SEAL calculus is a calculus of mobile computations
designed for programming secure distributed
applications over large scale open networks. The
calculus is a distributed variant of the pi-calculus
that incorporates agent mobility as well as strong
protection mechanisms. Linear, revocable, capabilities
control access to resources and ensure that agents may
only use resources that have been allocated to them.
Capabilities are also used to protect agents from the
hosts on which they execute. The syntax and semantics
of the SEAL calculus are presented and its expressive
power is demonstrated with an example secure mobile