DOCSLIB.ORG

A Unified Peer-To-Peer Database Framework For

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Unified Peer-To-Peer Database Framework For A UNIFIED PEER-TO-PEER DATABASE FRAMEWORK FOR XQUERIES OVER DYNAMIC DISTRIBUTED CONTENT AND ITS APPLICATION FOR SCALABLE SERVICE DISCOVERY DISSERTATION DIPL. ING. WOLFGANG HOSCHEK AUSGEFUHRT¨ ZUM ZWECKE DER ERLANGUNG DES AKADEMISCHEN GRADES EINES DOKTORS DER TECHNISCHEN WISSENSCHAFTEN EINGEREICHT AN DER TECHNISCHEN UNIVERSITAT¨ WIEN FAKULTAT¨ FUR¨ TECHNISCHE NATURWISSENSCHAFTEN UND INFORMATIK CERN-THESIS-2002-050 //2002 UNTER DER ANLEITUNG VON O.UNIV.-PROF. DIPL.-ING. MAG. DR. GERTI KAPPEL AO.UNIV.-PROF. DR. ERICH SCHIKUTA CERN BETREUER: DR. BERND PANZER-STEINDEL GENF, IM MARZ¨ 2002 Contents 1 Introduction 1 1.1 Motivation . 1 1.2 Background . 4 1.3 Contribution and Organization of this Thesis . 7 1.4 Terminology . 13 2 Service Discovery Processing Steps 15 2.1 Introduction . 15 2.2 Description . 16 2.3 Presentation . 18 2.4 Publication . 19 2.5 Soft State Publication . 21 2.6 Request . 22 2.7 Discovery . 23 2.8 Brokering . 23 2.9 Execution . 24 2.10 Control . 25 2.11 Summary . 27 3 A Data Model and Query Language for Discovery 29 3.1 Introduction . 29 3.2 Database and Query Model . 30 3.3 Generic and Dynamic Data Model . 32 3.4 Query Examples and Types . 34 3.5 XQuery Language . 37 3.6 Related Work . 44 3.7 Summary . 46 4 A Database for Discovery of Distributed Content 49 4.1 Introduction . 49 4.2 Content Link and Content Provider . 51 4.3 Publication . 53 4.4 Query . 56 4.5 Caching . 57 i ii CONTENTS 4.6 Soft State . 59 4.7 Flexible Freshness . 61 4.8 Throttling . 62 4.9 Related Work . 63 4.10 Summary . 68 5 The Web Service Discovery Architecture 69 5.1 Introduction . 69 5.2 Interfaces . 70 5.3 Network Protocol Bindings . 74 5.4 Services . 75 5.5 Properties . 75 5.6 Comparison with Open Grid Services Architecture . 78 5.7 Summary . 81 6 A Unified Peer-to-Peer Database Framework 85 6.1 Introduction . 86 6.2 Agent P2P Model and Servent P2P Model . 89 6.3 Loop Detection . 90 6.4 Routed vs. Direct Response, Metadata Responses . 91 6.5 Query Processing . 96 6.6 Pipelining . 101 6.7 Static Loop Timeout and Dynamic Abort Timeout . 102 6.8 Query Scope . 106 6.9 Containers for Centralized Virtual Node Hosting . 110 6.10 Query Processing with Virtual Nodes . 112 6.11 Related Work . 115 6.12 Summary . 119 7 A Unified Peer-to-Peer Database Protocol 125 7.1 Introduction . 125 7.2 Originator and Node . 126 7.3 High-Level Messaging Model . 127 7.4 Concrete Messages . 131 7.5 Communication Model and Network Protocol . 134 7.6 Node State Table . 138 7.7 Related Work . 139 7.8 Summary . 141 8 Conclusion 145 8.1 Summary . 145 8.2 Directions for Future Research . 148 9 Acknowledgements 151 Abstract In a large distributed system spanning administrative domains such as a Grid, it is desirable to maintain and query dynamic and timely information about active participants such as services, resources and user communities. The web services vision promises that programs are made more flexible and powerful by querying Internet databases (registries) at runtime in order to discover information and network attached third-party building blocks. Services can advertise themselves and related metadata via such databases, enabling the assembly of distributed higher-level components. In support of this vision, this thesis shows how to support expressive general-purpose queries over a view that integrates autonomous dynamic database nodes from a wide range of distributed system topologies. We motivate and justify the assertion that realistic ubiquitous service and resource dis- covery requires a rich general-purpose query language such as XQuery or SQL. Next, we introduce the Web Service Discovery Architecture (WSDA), which subsumes an array of dis- parate concepts, interfaces and protocols under a single semi-transparent umbrella. WSDA specifies a small set of orthogonal multi-purpose communication primitives (building blocks) for discovery. These primitives cover service identification, service description retrieval, data publication as well as minimal and powerful query support. The individual primitives can be combined and plugged together by specific clients and services to yield a wide range of be- haviors and emerging synergies. Based on WSDA, we introduce the hyper registry, which is a centralized database node for discovery of dynamic distributed content, supporting XQueries over a tuple set from an XML data model. We address the problem of maintaining dynamic and timely information populated from a large variety of unreliable, frequently changing, autonomous and heterogeneous remote data sources. However, in a large cross-organizational system, the set of information tuples is partitioned over many such distributed nodes, for reasons including autonomy, scalability, availability, performance and security. This suggests the use of Peer-to-Peer (P2P) query technology. Consequently, we take the first steps towards unifying the fields of database management systems and P2P computing. As a result, we propose the WSDA based Unified Peer-to-Peer Database Framework (UPDF) and its associated Peer Database Protocol (PDP), which are unified in the sense that they allow to express specific applications for a wide range of data types (typed or untyped XML, any MIME type), node topologies (e.g. ring, tree, graph), query languages (e.g. XQuery, SQL), query response modes (e.g. Routed, Direct and Referral Response), neighbor selection policies, pipelining, timeout and other scope characteristics. The uniformity and wide applicability of our approach is distinguished from related work, which (1) addresses some but not all problems, and (2) does not propose a unified framework. iii iv CONTENTS Zusammenfassung In einem mehrere Organisationen ¨uberspannenden, großen verteilten System, wie z.B. einem Grid, ist es w¨unschenswert dynamische und zeitsensitive Information ¨uber Netzwerkdienste, Ressourcen und Benutzer zu verwalten und abzufragen. Das Konzept der Webdienste ver- spricht flexible Programme die zur Laufzeit Internet Datenbanken (Registries) benutzen um Informationen und Netzwerkdienste von Drittanbietern zu finden. Dienste k¨onnensich und verwandte Metadaten durch derartige Datenbanken anbieten und so das Zusammenf¨ugenvon h¨oherenverteilten Komponenten erm¨oglichen. Diese Dissertation unterst¨utztdiese Vision indem sie zeigt, wie ausdrucksstarke Mehrzweckabfragen ueber eine Sicht formuliert werden k¨onnen,die autonome dynamische Datenbankknoten von beliebigen Topologien integriert. Wir motivieren und rechtfertigen die Behauptung, daß das Finden von Ressourcen und Di- ensten eine reiche Mehrzweckabfragesprache wie z.B. XQuery oder SQL verlangt. Wir f¨uhren die sogenannte Web Service Discovery Architecture (WSDA) ein, die disparate Konzepte, Schnittstellen und Netzwerkprotokolle unter einem quasi-transparenten Dach zusammen- faßt. WSDA spezifiziert eine kleine Menge von orthogonalen Mehrzweckfunktionen (Bau- steinen) zum Finden von Diensten. Diese decken die Bereiche der Dienstidentifizierung, Dienstbeschreibung, Datenpublikation sowie minimale und m¨achtige Abfrageunterst¨utzung ab. Clients und Server k¨onnendiese Funktionen so kombinieren daß dabei eine breite Palette von Verhalten und Synergien ensteht. Basierend auf WSDA f¨uhrenwir eine zentrale Daten- bank f¨urdas Finden von dynamischen verteilten Daten ein, die Hyper Registry. Diese un- terst¨utztXQueries ¨uber dynamische, zeitsensitive Daten, die von unzuverl¨assigen,sich h¨aufig ¨andernden,autonomen und heterogenen Datenquellen stammen. In einem mehrere Organisationen ¨uberspannenden, großen verteilten System jedoch sind die Datentupel ¨uber viele Knoten verteilt, z.B. aus Gr¨undender Autonomie, Skalierbarkeit, Verf¨ugbarkeit, Effizienz und Sicherheit. Daher empfiehlt sich die Ben¨utzungvon Peer-to-Peer (P2P) Abfragetechnologie. So unternehmen wir die ersten Schritte zur Vereinheitlichung von Datenbank Management Systemen und P2P Computing. Auf WSDA basierend schlagen wir das Unified Peer-to-Peer Database Framework (UPDF) und korrespondierende Peer Database Protocol (PDP) vor. Beide sind vereinheitlicht in dem Sinn daß innerhalb ihreres Rah- mens spezifische Applikationen f¨ureine Vielfalt von Datentypen, Knotentopologien, Abfrage- sprachen, Antwort-Modi, und verschiedene Formen der Nachbarschaftsauswahl, des Pipelin- ing, und von Timeouts formuliert werden k¨onnen. Die Einheitlichkeit, breite Einsatzf¨ahigkeit und Wiederverwendbarkeit unseres Ansatzes unterscheidet sich von verwandten Arbeiten die (1) einzelne aber nicht alle Probleme behan- deln, und (2) keinen einheitlichen Rahmen einf¨uhren. v vi CONTENTS Chapter 1 Introduction 1.1 Motivation This thesis tackles the problems of information, resource and service discovery arising in large distributed Internet systems spanning multiple administrative domains. We show how to support expressive general-purpose queries over a view that integrates autonomous dy- namic database nodes from a wide range of distributed system topologies. The work was carried out in the context of the European DataGrid project (EDG) [1, 2, 3] at CERN, the European Organization for Nuclear Research, and supported by the Austrian Ministerium f¨urWissenschaft, Bildung und Kultur. The international High Energy Physics (HEP) research community is facing a substantial challenge in joining a massive set of loosely coupled people and resources from multiple distributed organizations. Although this is the driving use case of the EDG project, this thesis distills and generalizes the essential properties of the discovery problem and then develops generic solutions that apply to a wide range of large distributed
Load more

Recommended publications
  • An Arbitration System for Student Evaluation Based on XML Signature
    2nd EUROPEAN COMPUTING CONFERENCE (ECC’08) Malta, September 11-13, 2008 An Arbitration System for Student Evaluation based on XML Signature ROBERT ANDREI BUCHMANN, SERGIU JECAN Business Information Systems Dpt. Faculty of Economic Sciences and Business Administration Babes Bolyai University Cluj Napoca Str. Th. Mihali 58-60, ROMANIA [email protected], [email protected] Abstract: This paper promotes an e-learning application model for student evaluation, based on AJAX frameworks in order to provide improved user experience and asynchronous data exchange and the XML Signature standard in order to impose message authentications for the test papers. The motivation of this research is the need to arbitrate contestation for e-learning evaluation by providing an authentication and non-repudiation mechanism for both the students’ answers and the teachers’ evaluation criteria and rating, especially in open answer tests. Keywords: - e-learning, digital signature, AJAX 1 Introduction arose the issue of arbitration in contestation processes, especially in tests based on open E-learning already provides a mature model for questions, but also in multiple choice tests with educational processes. However, the separation no immediate answer validation. The proposed of parties in time and space is bound to solution is an extension to traditional e-learning communication gaps causing situations where an application models, regarding the evaluation arbitration system should provide trust module, based on XML-based digital signature mechanisms between the student and the and improved usability through AJAX teacher. The proposed application model is an frameworks. evolutionary step of the XML-driven e- commerce application previously implemented 3 Problem Solution for Flash 2004 with XML support and currently migrated under an AJAX framework and within 3.1 Instrumentation an e-learning context based on trust managed through XML Signatures.
    [Show full text]
  • XML Signature/Encryption — the Basis of Web Services Security
    Special Issue on Security for Network Society Falsification Prevention and Protection Technologies and Products XML Signature/Encryption — the Basis of Web Services Security By Koji MIYAUCHI* XML is spreading quickly as a format for electronic documents and messages. As a consequence, ABSTRACT greater importance is being placed on the XML security technology. Against this background research and development efforts into XML security are being energetically pursued. This paper discusses the W3C XML Signature and XML Encryption specifications, which represent the fundamental technology of XML security, as well as other related technologies originally developed by NEC. KEYWORDS XML security, XML signature, XML encryption, Distributed signature, Web services security 1. INTRODUCTION 2. XML SIGNATURE XML is an extendible markup language, the speci- 2.1 Overview fication of which has been established by the W3C XML Signature is an electronic signature technol- (WWW Consortium). It is spreading quickly because ogy that is optimized for XML data. The practical of its flexibility and its platform-independent technol- benefits of this technology include Partial Signature, ogy, which freely allows authors to decide on docu- which allows an electronic signature to be written on ment structures. Various XML-based standard for- specific tags contained in XML data, and Multiple mats have been developed including: ebXML and Signature, which enables multiple electronic signa- RosettaNet, which are standard specifications for e- tures to be written. The use of XML Signature can commerce transactions, TravelXML, which is an EDI solve security problems, including falsification, spoof- (Electronic Data Interchange) standard for travel ing, and repudiation. agencies, and NewsML, which is a standard specifica- tion for new distribution formats.
    [Show full text]
  • Introduction to XML
    Introduction to XML CS 317/387 Agenda – Introduction to XML 1. What is it? 2. What’s it good for? 3. How does it work? 4. The infrastructure of XML 5. Using XML on the Web 6. Implementation issues & costs 2 1. What is it? Discussion points: First principles: OHCO Example: A simple XML fragment Compare/contrast: SGML, HTML, XHTML A different XML for every community Terminology 3 1 Ordered hierarchies of content objects Premise: A text is the sum of its component parts A <Book> could be defined as containing: <FrontMatter>, <Chapter>s, <BackMatter> <FrontMatter> could contain: <BookTitle> <Author>s <PubInfo> A <Chapter> could contain: <ChapterTitle> <Paragraph>s A <Paragraph> could contain: <Sentence>s or <Table>s or <Figure>s … Components chosen should reflect anticipated use 4 Ordered hierarchies of content objects OHCO is a useful, albeit imperfect, model Exposes an object’s intellectual structure Supports reuse & abstraction of components Better than a bit-mapped page image Better than a model of text as a stream of characters plus formatting instructions Data management system for document-like objects Does not allow overlapping content objects Incomplete; requires infrastructure 5 Content objects in a book Book FrontMatter BookTitle Author(s) PubInfo Chapter(s) ChapterTitle Paragraph(s) BackMatter References Index 6 2 Content objects in a catalog card Card CallNumber MainEntry TitleStatement TitleProper StatementOfResponsibility Imprint SummaryNote AddedEntrySubject(s) Added EntryPersonalName(s) 7 Semistructured Data Another data model, based on trees. Motivation: flexible representation of data. Often, data comes from multiple sources with differences in notation, meaning, etc. Motivation: sharing of documents among systems and databases.
    [Show full text]
  • OASIS Digital Signature Services (OASIS-DSS) an Architecture, Implementation and Interoperability Master’S Thesis at Graz University of Technology 2008
    OASIS Digital Signature Services (OASIS-DSS) An Architecture, Implementation and Interoperability Master’s Thesis at Graz University of Technology 2008 submitted by Konrad Lanz, bakk.techn., BSc Hons Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology A-8010 Graz, Austria December 2008 © Copyright 2005-2008 Konrad Lanz Assessor: O.Univ.-Prof. Dipl.-Ing. Dr.techn. Reinhard Posch Supervisor: Ass.-Prof. Dipl.-Ing. Dr.techn. Peter Lipp i The candidate confirms that the work submitted is his own and the appropriate credit has been given where reference has been made to the work of others. I understand that failure to attribute material which is obtained from another source may be considered as plagiarism. (Signature of student) Signature Value F4BtvtUqSBPSgBeE2QPp1suVNoU75kZAk05AgIgLKJlMEov7RCAW35vkkEr/HwdR Signatory C=AT,OU=VSig,O=Hauptverband österr. Sozialvers.,CN=Konrad Lanz Date/Time-UTC 2008-12-15T23:15:40Z Issuer-Certificate C=AT,O=Hauptverband österr. Sozialvers.,CN=VSig CA 2 Serial-No. 17293657787164074630362273138432232730208 Method urn:pdfsigfilter:bka.gv.at:binaer:v1.1.0 Parameter etsi-bka-1.0@1229382940-394096199@31239-32542-0-14959-320 Verification Verification service: http://demo.a-sit.at/el_signatur/verification ©2005-2008 Konrad Lanz, All Rights reserved. Permission to copy this document is granted to Graz University of Technology i.e. the Institute for Applied Information Processing and Communications (IAIK) for in house educational purposes and its library and on a fair use basis. For permission to copy this document otherwise please do not hesitate to contact [email protected] with the following subject “request for copy permission MSc-Thesis 2008”.
    [Show full text]
  • Signxml Documentation Release 0.0.1
    SignXML Documentation Release 0.0.1 Andrey Kislyuk Oct 29, 2020 Contents 1 Installation 3 2 Synopsis 5 2.1 Verifying SAML assertions.......................................5 2.2 XML signature methods: enveloped, detached, enveloping.......................6 2.3 XML parsing security and compatibility with xml.etree.ElementTree .............7 3 Authors 9 4 Links 11 4.1 Bugs................................................... 11 5 License 13 6 API documentation 15 7 Release Notes 21 8 Changes for v2.8.1 (2020-10-29) 23 9 Changes for v2.8.0 (2020-06-20) 25 10 Changes for v2.7.3 (2020-06-10) 27 11 Changes for v2.7.2 (2019-12-01) 29 12 Changes for v2.7.1 (2019-11-30) 31 13 Changes for v2.7.0 (2019-11-30) 33 14 Changes for v2.6.0 (2019-01-10) 35 15 Changes for v2.5.2 (2017-12-07) 37 16 Changes for v2.5.1 (2017-12-07) 39 17 Changes for v2.5.0 (2017-12-07) 41 18 Changes for v2.4.0 (2017-07-10) 43 i 19 Changes for v2.3.0 (2017-04-24) 45 20 Changes for v2.2.4 (2017-03-19) 47 21 Changes for v2.2.3 (2016-12-20) 49 22 Changes for v2.2.2 (2016-12-20) 51 23 Changes for v2.2.1 (2016-09-26) 53 24 Changes for v2.2.0 (2016-09-25) 55 25 Changes for v2.1.4 (2016-09-18) 57 26 Changes for v2.1.0 (2016-09-18) 59 26.1 Version 2.0.0 (2016-08-05).......................................
    [Show full text]
  • The OWASP Foundation OWASP XML External Entity Attacks (XXE)
    AppSec Germany 2010 XML External Entity Attacks (XXE) Sascha Herzog Compass Security AG [email protected] OWASP +41 55 214 41 78 20.10.2010 Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation http://www.owasp.org XML External Entity Attacks (XXE), Sacha Herzog AppSec Germany 2010 Agenda Introduction Server2Server Communication – Web Services Client2Server Communication – Web 2.0 (AJAX) XML Basics DTD XML Schema XML Attacks Generator Attacks XML Parser Attacks Mitigation Xerces Hardening OWASP OWASP AppSec Germany 2010 Conference XML External Entity Attacks (XXE), Sacha Herzog AppSec Germany 2010 B2B / Server2Server XML Data Exchange in Web Services B2B integration with XML documents SOAP Services ORDER XML Shop Internet Supplier CONFIRM XML Example Order processing systems OWASP OWASP AppSec Germany 2010 Conference XML External Entity Attacks (XXE), Sacha Herzog AppSec Germany 2010 B2B / Server2Server Example: Web Service Integration of Web Services into portal (Stock Quotes) Data or presentation oriented Remote Portlets can be distinguished. OWASP OWASP AppSec Germany 2010 Conference XML External Entity Attacks (XXE), Sacha Herzog AppSec Germany 2010 XMLHttpRequest / Client2Server XML Data Exchange XMLHttpRequest Object JavaScript OWASP OWASP AppSec Germany 2010 Conference XML External Entity Attacks (XXE), Sacha Herzog AppSec Germany 2010 Web 2.0 - Data Exchange Formats Upstream Data Format Web 2.0 GET & POST(form, txt/xml, soap-xml) Downstream Data Format Web 2.0 html,css,xml,java-script,json,custom OWASP OWASP AppSec Germany 2010 Conference XML External Entity Attacks (XXE), Sacha Herzog AppSec Germany 2010 XML Basics: Introduction XML is a standard for exchanging structured data in textual format <?xml version="1.0" encoding="UTF-8"?> <order> <product>1234</product> <count>1</count> <orderer> <contact>Jan P.
    [Show full text]
  • HTML5 and Digital Signatures
    HTML5 and Digital Signatures Signature Creation Service 1.1 Nov 22, 2017 13.10.2014 SPECIFICATION 2 (23) Signature Creation Service 1.1 22.11.2017 Väestörekisterikeskus DOCUMENT MANAGEMENT Prepared by Antti Partanen / VRK <[email protected]> Inspected by Approved by VERSION CONTROL version no. what has been done date/person 1,0 Final version (no changes to 0.7 version) 17.2.2015/PL 1.0.1 Added 30.6.2015/PL https usage as requirement server certificate requirements SCS module for javascript (example) clarifications for selector.akis and selector.issuers format removed selector.validate parameter added requirement for SCS to check whether certificate is valid or not removed localhost.fineid.fi as dnsName parameter in SCS server certificate (compared to previous 1.0.1 version) protocol version is still the same: 1.0 1.1 Added: 4.6.2017/PL support for http based access dropped completely separation of authentication and signing purpose authentication challenge to be used for authentication purpose keyalgorithms array to selector functionality cms signature type and cms signature profile protocol version 1.1 support signature request size up to 100MB (was 2MB) minor editorial corrections 21.11.2017/AP SPECIFICATION 3 (23) Signature Creation Service 1.1 22.11.2017 Väestörekisterikeskus Table of contents 1 Introduction ........................................................................................................................................... 4 1.1 Definitions and Acronyms ..............................................................................................................
    [Show full text]
  • Digital Signature with Hashing and XML Signature Patterns
    Digital Signature with Hashing and XML Signature Patterns Keiko Hashizume, Eduardo B. Fernandez, and Shihong Huang Dept. of Computer Science and Engineering, Florida Atlantic University Boca Raton, FL 33431, USA, [email protected], [email protected], [email protected] Abstract Data security has become one of the most important concerns for organizations. Information is a valuable asset and needs to be protected. One important countermeasure against attackers is the use of digital signatures. Digital signatures provides message authentication and may also provide message integrity. We present here two patterns: XML Signature and Digital Signature with Hashing patterns. The XML Signature pattern, a specialization of the Digital Signature with Hashing, is used to secure XML messages. 1. Introduction Data security has become one of the most important concerns among us, especially for organizations that have valuable information. An important security risk is that information can be modified during its transmission by somebody trying to make us believe something to his convenience. How do we prove that a message came from a specific user? Digital signatures use public-key cryptography to provide message authentication by proving that a message was sent indeed from a specific sender [dig, Sta06]. The sender encrypts the message using his private key to sign it. In this case, the signature has at least the same length as the message. This works but it wastes bandwidth and time. Thus, we need to reduce the length to the message before signing it. This can be done producing a digest through hashing. When the receiver gets the signed message, he verifies the signature by decrypting it using the sender’s public key, thus proving that the message was encrypted by the sender.
    [Show full text]
  • Information Integration with XML
    Information Integration with XML Chaitan Baru Richard Marciano {baru,marciano}@sdsc.edu Data Intensive Computing Environments (DICE) Group San Diego Supercomputer Center National Partnership for Advanced Computational Infrastructure San Diego Supercomputer Center Members of the DICE Group • Staff • Students • Chaitan Baru • Pratik Mukhopadhyay • Amarnath Gupta • Azra Mulic • Bertram Ludäscher • Kevin Munroe • Richard Marciano • Paul Nguyen • Reagan Moore • Michail Petropolis • Yannis Papakonstantinou • Nicholas Puz • Arcot Rajasekar • Pavel Velikhov • Wayne Schroeder • Michael Wan • Ilya Zaslavsky Tutorial Outline • PART I • Introduction to XML • The MIX Project • PART II • Storing/retrieving XML documents • XML and GIS • Open Issues Information Integration with XML PART I • Introduction to XML • HTML vs. XML • XML Industry Initiatives • DTD, Schema, Namespaces • DOM, SAX • XSL, XSLT • Tools • The MIX Project Introduction to XML • SGML (Standard Generalized Markup Language) • ISO Standard, 1986, for data storage & exchange • Used in U.S. gvt. & contractors, large manufacturing companies, technical info. Publishers. • HTML, a simple application of SGML, 1992 - 1999 • SGML reference is 600 pages long • XML (eXtensible Markup Language) • W3C (World Wide Web Consortium) -- http://www.w3.org/XML/) recommendation in 1998 • Simple subset of SGML: “The ASCII of the Web”. • XML specification is 26 pages long • Canonical XML • equivalence testing of XML documents • SML (Simple Markup Language) • No Attributes / No Processing Instructions (PI) /
    [Show full text]
  • XML and Applications 2014/2015 Lecture 12 – 19.01.2015 Standards for Inter-Document Relations
    Some more XML applications and XML-related standards (XLink, XPointer, XForms) Patryk Czarnik XML and Applications 2014/2015 Lecture 12 – 19.01.2015 Standards for inter-document relations XPointer – addressing documents and their fragments XInclude – logical inclusion of documents within other documents XLink – declarative relations between documents and their fragments 2 / 22 XPointer The standard defines addressing XML documents and their fragments using standard URI syntax: http://www.sejm.gov.pl/ustawa.xml#def-las 3 W3C recommendations dated 2002-2003: XPointer Framework http://www.w3.org/TR/xptr-framework/ XPointer element() Scheme http://www.w3.org/TR/xptr-element/ XPointer xmlns() Scheme http://www.w3.org/TR/xptr-xmlns/ XPointer xpointer() Scheme http://www.w3.org/TR/xptr-xpointer/ (neverending?) Working Draft 3 / 22 XPointer – xpointer scheme xpointer scheme allows to address elements using XPath: http://www.sejm.gov.pl/ustawa.xml#xpointer(/art[5]/par[2]) xmlns scheme adds namespace declarations to the above: ustawa.xml#xmlns(pr=http://www.sejm.gov.pl/prawo) xpointer(/pr:art[5]/pr:par[2]) 4 / 22 XPointer – element scheme Element carrying ID attribute with given value: document.xml#element(def-las) Element with given position (absolute or relative to element carrying ID with given value): document.xml#element(/1/4/3) document.xml#element(def-las/2/3) Short syntax: document.xml#def-las document.xml#/1/4/3 document.xml#def-las/2/3 5 / 22 XInclude Including external XML documents (or their fragments) in another XML document. Similar to entities, but: normal element markup, no special syntax, no need to declare anything in DTD, nor to have DTD at all Main capabilities: including complete documents (identified by URL) or their fragments (pointed by XPointer) including XML tree (default) or raw text defining content to be used in case of an error Supported by many parsers, including Java (JAXP).
    [Show full text]
  • Secure Semantic Web Data Management
    Secure Semantic Web Data Management Confidentiality, Integrity, and Compliant Availability in Open and Distributed Networks Vom Promotionsausschuss des Fachbereichs 4: Informatik der Universit¨at Koblenz-Landau zur Verleihung des akademischen Grades Doktor der Naturwissenschaften (Dr. rer. nat.) genehmigte Dissertation vorgelegt von Andreas Kasten Vorsitzender des Promotionsausschusses Prof. Dr. Ralf L¨ammel,Universit¨atKoblenz-Landau Vorsitzender der Promotionskommission Prof. Dr. Steffen Staab, Universit¨atKoblenz-Landau Berichterstatter Prof. Dr. R¨udiger Grimm, Universit¨atKoblenz-Landau Prof. Dr. habil. Ansgar Scherp, Universit¨atKiel und Leibniz-Informationszentrum Wirtschaft Datum der wissenschaftlichen Aussprache 11.11.2016 Datum der Einreichung 30.05.2016 Abstract Confidentiality, integrity, and availability are often listed as the three major requirements for achieving data security and are collectively referred to as the C-I-A triad. Confiden- tiality of data restricts the data access to authorized parties only, integrity means that the data can only be modified by authorized parties, and availability states that the data must always be accessible when requested. Although these requirements are relevant for any computer system, they are especially important in open and distributed networks. Such networks are able to store large amounts of data without having a single entity in control of ensuring the data's security. The Semantic Web applies to these characteristics as well as it aims at creating a global and decentralized network of machine-readable data. Ensuring the confidentiality, integrity, and availability of this data is therefore also important and must be achieved by corresponding security mechanisms. However, the current reference architecture of the Semantic Web does not define any particular security mechanism yet which implements these requirements.
    [Show full text]
  • Bringing Semantic Security to Semantic Web Services
    Chapter 7 BRINGING SEMANTIC SECURITY TO SEMANTIC WEB SERVICES Authors: Richard S. Patterson1, John A. Miller1, Jorge Cardoso2, Mike Davis3 1University of Georgia, 2University of Madeir, 3U.S. Department of Veterans Affairs& Chair HL7 Security Committee Abstract: Semantic Web services begin to emerge as the next evolution of the Service Oriented Architecture. It is become clear that authorization is going to be one of the biggest challenges. The typical obstacles which most areas of Semantic Web services have had to overcome are what parts of a Web services need semantic information, how best to use the semantics, and agreeing on standards. However, for authorization there are the fine grained security implications as well. For instance, how much authorization information is necessary to aid in Semantic Discovery of Web services? Is the authorization information opening any new security holes? We will examine a framework for expressing the proper authorization information in order to aid in the Semantic Discovery of Web services in which the requesting service most likely has the authority to invoke. Key words: Web Services Discovery, Authorization, Semantic Matching of Web Services, Ontology-based matching of Authorization, Web Service Authorization Discovery, Semantic Web Services 1. INTRODUCTION 1.1 The Semantic Web Currently, the World Wide Web is primarily composed of documents written in HTML (Hyper Text Markup Language), a language that is useful for visual presentation. HTML is a set of “markup” symbols contained in a Web page intended for display on a Web browser. Most of the information 2 Chapter 7 on the Web is designed only for human consumption.
    [Show full text]