Information Flow Security in Tree-Manipulating Processes

Total Page:16

File Type:pdf, Size:1020Kb

Information Flow Security in Tree-Manipulating Processes TECHNISCHE UNIVERSITAT¨ MUNCHEN¨ Lehrstuhl f¨urInformatik II Information Flow Security in Tree-Manipulating Processes M´at´eAmad´eKov´acs Vollst¨andigerAbdruck der von der Fakult¨atf¨urInformatik der Technischen Universit¨atM¨unchen zur Erlangung des akademischen Grades eines Doktors der Naturwissenschaften (Dr. rer. nat.) genehmigten Dissertation. Vorsitzende: Univ.-Prof. Dr. Claudia Eckert Pr¨uferder Dissertation: 1. Univ.-Prof. Dr. Helmut Seidl 2. Univ.-Prof. Dr. Markus M¨uller-Olm Westf¨alische Wilhelms-Universit¨atM¨unster Die Dissertation wurde am 30.09.2013 bei der Technischen Universit¨atM¨unchen einge- reicht und durch die Fakult¨atf¨urInformatik am 05.03.2014 angenommen. Abstract This work describes methods to verify information flow properties of processes manipulating tree-structured data. The developed techniques can be applied, e.g., to enterprise workflows and web service technologies, where data is fre- quently represented in the form of XML documents. These systems are highly security critical, because they may be in control of important processes of or- ganizations, while communicating with external partners over the network. The first solution is a runtime monitor. It applies generalized constant prop- agation to overapproximate the results of secret-dependent branching constructs in order to prove their equality. The second method is a static analysis that ver- ifies information flow properties at compilation time. It relies on relational ab- stract interpretation applied to a statically determined alignment of two copies of the program and regular overapproximations of sets of pairs of program states. Both methods allow to enforce end-to-end information flow policies only, which are composed in terms of the initial and final states of computations. In the third part of the thesis tree-manipulating reactive systems are con- sidered, where information flow policies may change over time. The positive fragment of the Linear Temporal Logic is extended with a modal operator, the so-called hide operator, in order to express that the observable behavior of the system is independent of specific input values until a certain point in time. A model checking algorithm is provided to verify temporal information flow prop- erties, which combines methods of abstract interpretation with model checking. In order to foster semantic clarity, the algorithms and techniques are pre- sented for a small \assembly" language for tree-manipulation. ii Zusammenfassung Diese Arbeit beschreibt Methoden, die Informationsfluss-Eigenschaften von Pro- grammen sicherstellen k¨onnen,deren Schwerpunkt die Verarbeitung von baum- strukturierten Daten ist. Die entwickelten Techniken k¨onnenz.B. bei Enterprise- Workflow-Systemen und Web-Service-Technologien eingesetzt werden, bei denen Daten oft durch XML Dokumente repr¨asentiert werden. Diese Systeme sind sicherheitskritisch, weil sie wichtige Prozessabl¨aufeeiner Organisation kontrol- lieren k¨onnen,w¨ahrendsie mit externen Partnern ¨uber das Netzwerk kommu- nizieren. Die erste Methode nutzt einen Laufzeit-Monitor. Ein verallgemeinerter Konstantenfaltungs-Algorithmus wird verwendet, um das Ergebnis von Verzwei- gungen, die von geheimzuhaltenden Informationen abh¨angen,zu ¨uberapproxi- mieren, damit deren Aquivalenz¨ bewiesen werden kann. Die zweite Methode verifiziert Informationsfluss-Eigenschaften zur Ubersetzungszeit.¨ Sie basiert auf relationaler abstrakter Interpretation, angewandt auf die statische Abgleichung zweier Kopien des Programms, und regul¨arer Uberapproximation¨ von Mengen von Paaren von Programmzust¨anden. Beide Methoden k¨onnenlediglich soge- nannte \end-to-end" Informationsfluss-Eigenschaften sicherstellen, die in Bezug auf die ersten und letzten Zust¨andeder Ausf¨uhrungdefiniert sind. Im dritten Teil dieser Dissertation werden Baummanipulierende reaktive Systeme betrachtet, deren Sicherheitseigenschaften sich zur Laufzeit ¨andern k¨onnen. Sicherheitseigenschaften werden in einer Erweiterung des positiven Teils der linearen temporalen Logik erfasst, die es erm¨oglicht, mithilfe des hide Operators die Unabh¨angigkeit des beobachtbaren Verhaltens des Systems von bestimmten Werten bis zu einem bestimmten Zeitpunkt zu spezifizieren. Im Rahmen dieser Arbeit wurde ein Model-Checking-Algorithmus f¨urdie Analyse derartiger Eigenschaften entwickelt, der Methoden aus der abstrakten Interpre- tation mit Model-Checking kombiniert. Um die semantische Klarheit zu f¨ordern,werden die Algorithmen und Metho- den mithilfe einer kleinen Assemblersprache f¨urBaummanipulationen darge- stellt. Contents 1 Introduction 1 2 Runtime Monitor 7 2.1 Preliminaries . .8 2.1.1 Binary Trees . .8 2.1.2 Assembly Language for Tree Manipulation . .8 2.1.3 Information Flow Policies . 13 2.2 The Runtime Monitor through an Example . 14 2.3 Formal Treatment of the Monitor . 16 2.4 Guarantees . 22 2.5 Related Work . 23 3 Relational Abstract Interpretation 25 3.1 Merge over all Twin Computations . 27 3.2 Self-Compositions of Control Flow Graphs . 30 3.3 Proving Noninterference . 34 3.3.1 Case Study . 40 3.4 Practical Experiments . 43 3.5 Combining the Results of Multiple Analyses . 45 3.6 Related Work . 46 4 Model Checking 49 4.1 Transition Systems . 50 4.2 Temporal Information Flow Policies . 52 4.3 Model Checking Systems with Finite State Space . 54 4.4 Model Checking Systems with Infinite State Space . 58 4.4.1 Constructing the Abstract Transition System . 60 4.4.2 Constructing an Abstract State Machine Having Finite State Space . 62 4.4.3 Computing the Result . 66 4.5 Implementation . 67 4.5.1 Transforming Formulae into B¨uchi Automata . 67 4.5.2 The Verification Procedure . 68 4.6 Case Studies . 70 4.7 Related Work . 77 5 Conclusion 79 iii iv CONTENTS 6 Proofs 81 6.1 Proofs for Chapter 2 . 81 6.2 Proofs for Chapter 3 . 90 6.3 Proofs for Chapter 4 . 115 Chapter 1 Introduction Today companies and organizations frequently use computer systems to store data and to execute business logic. These workflow systems bear the risk of revealing critical information through software bugs, attacks, or simple miscon- figuration. Since these systems are frequently used by several principals possibly having conflicting interests, the conscious design and enforcement of information flow policies is of paramount importance. Conference Management System Reviewers Program Committee Chair Authors Figure 1.1: An imaginary conference management system and its cooperating partners. As an example, Figure 1.1 illustrates the users of an imaginary conference management system like EasyChair. The users cooperate in order to success- fully execute the workflow of submitting, reviewing and deciding about the acceptance of papers. The conference management system itself maintains a document base describing the state of the submission and review process. The document base stores among others the uploaded documents, the comments and scores given by the reviewers, and a value describing whether the submissions have been accepted. Some examples for conflicting interests in the context of 1 2 CHAPTER 1. INTRODUCTION conference management systems may be the following: • Authors might be interested in knowing the identity of their reviewers. • Authors might wish to know about their competitors previous to the dis- closure of accepted papers. There have already been security breaches in conference management systems. For instance HotCRP [40] version 2.47 had a bug which exposed comments of reviewers to the authors, which were exclusively meant for the program com- mittee. There are well established programming languages and technologies for the implementation of process management systems that are responsible for the coordination of workflows of organizations. The family of standards for web services (e.g., [37, 20]) enables the platform independent communication of com- puter programs on a network using messages in XML [16] format. Based on this technology, high level workflows can be composed from the functionalities of in- dividual web services using the Web Services Business Process Execution Lan- guage (BPEL) [6]. Accordingly, BPEL is designed to implement the autonomous business logic of companies and organizations that can also communicate with external, independent entities. Therefore, the information flow security of these processes may be crucial for organizations to fulfill their missions. Another cen- tral aspect of BPEL workflows is that the values of variables are document trees. Even though the goal of BPEL programs is not to carry out complex computa- tions, still the language is Turing complete. Data manipulation can be carried out using the XML Path Language [14] (XPath), and XSL Transformations [46] (XSLT). As motivated above, the goal of this work is to give methods for the verifica- tion and enforcement of information flow properties of programs manipulating tree-structured data. We will illustrate the developed solutions using exam- ples that implement fragments of the imaginary conference management system sketched in Figure 1.1. We suppose that the workflow of organizing a conference consists of a series of phases. In one phase authors are allowed to upload papers, an other phase is e.g., when the submission deadline is passed, and papers are reviewed. 1 <if name="If1"> 2 <condition> 3 <![CDATA[$phase = "notify"]]> 4 </condition> 5 <assign> <copy> <from>$subDB </from> 6 <to> $toAuthors </to> </copy> 7 </assign> 8 <else> 9 <sequence> 10 <if name="If2"> 11 <condition> <![CDATA[$averageScore < 1.5]]> 12 </condition> 13 <assign name="EvalReject"> 14 <copy>
Recommended publications
  • Web Services Security Using SOAP, \Rysdl and UDDI
    Web Services Security Using SOAP, \rySDL and UDDI by Lin Yan A Thesis Submitted to the Faculty of Graduate Studies in Partial Fulfillment of the Requirements for the Degtee of MASTER OF SCIENCE Department of Electrical and Computer Engineering University of Manitoba Winnipeg, Manitoba, Canada @ Lin Yan, 2006 THE I]NTVERSITY OF MANITOBA FACULTY OF GRÄDUATE STUDIES COPYRIGHT PERMISSION Web Services Security Using SOAP, WSDL and IJDDI BY Lin Yan A Thesis/Practicum submitted to the Faculty ofGraduate Studies ofThe University of Manitoba in partial fulfillment of the requirement of the degree OF MASTER OF SCIENCE Lin Yan @ 2006 Permission has been granted to the Library ofthe University of Manitoba to lend or sell copies of this thesis/practicum' to the National Library of Canada to microfilm this thesis and to lend or sell copies of the film, and to University Microfitms Inc, to publish an abstract of this thesis/practicum, This reproduction or copy ofthis thesis has been made available by authority ofthe copyright orvner solely for the purpose of private study and research, and may only be reproduced and copied as permitted by copyright laws or with express rvritten authorization from the copyright owner. ABSTRACT The Internet is beginning to change the way businesses operate. Companies are using the Web for selling products, to find suppliers or trading partners, and to link existing applications to other applications. With the rise of today's e-business and e-commerce systems, web services are rapidly becoming the enabling technology to meet the need of commerce. However, they are not without problems.
    [Show full text]
  • Second Year Report
    UNIVERSITY OF SOUTHAMPTON Web and Internet Science Research Group Electronics and Computer Science A mini-thesis submitted for transfer from MPhil toPhD Supervised by: Prof. Dame Wendy Hall Prof. Vladimiro Sassone Dr. Corina Cîrstea Examined by: Dr. Nicholas Gibbins Dr. Enrico Marchioni Co-Operating Systems by Henry J. Story 1st April 2019 UNIVERSITY OF SOUTHAMPTON ABSTRACT WEB AND INTERNET SCIENCE RESEARCH GROUP ELECTRONICS AND COMPUTER SCIENCE A mini-thesis submitted for transfer from MPhil toPhD by Henry J. Story The Internet and the World Wide Web are global engineering projects that emerged from questions around information, meaning and logic that grew out of telecommunication research. It borrowed answers provided by philosophy, mathematics, engineering, security, and other areas. As a global engineering project that needs to grow in a multi-polar world of competing and cooperating powers, such a system must be built to a number of geopolitical constraints, of which the most important is a peer-to-peer architecture, i.e. one which does not require a central power to function, and that allows open as well as secret communication. After elaborating a set of geopolitical constraints on any global information system, we show that these are more or less satisfied at the raw-information transmission side of the Internet, as well as the document Web, but fails at the Application web, which currently is fragmented in a growing number of large systems with panopticon like architectures. In order to overcome this fragmentation, it is argued that the web needs to move to generalise the concepts from HyperText applications known as browsers to every data consuming application.
    [Show full text]
  • Mobile Three-Dimensional City Maps
    TKK Dissertations in Media Technology Espoo 2009 TKK-ME-D-2 MOBILE THREE-DIMENSIONAL CITY MAPS Antti Nurminen AB TEKNILLINEN KORKEAKOULU TEKNISKA HÖGSKOLAN HELSINKI UNIVERSITY OF TECHNOLOGY TECHNISCHE UNIVERSITÄT HELSINKI UNIVERSITE DE TECHNOLOGIE D’HELSINKI TKK Dissertations in Media Technology Espoo 2009 TKK-ME-D-2 MOBILE THREE-DIMENSIONAL CITY MAPS Antti Nurminen Dissertation for the degree of Doctor of Science in Technology to be presented with due permission of the Department of Media Technology, for public ex- amination and debate in Lecture Hall E at Helsinki University of Technology (Espoo, Finland) on the 10th of December, 2009, at 12 noon. Helsinki University of Technology Faculty of Information and Natural Sciences Department of Media Technology Teknillinen korkeakoulu Informaatio- ja luonnontieteiden tiedekunta Mediatekniikan laitos Distribution: Helsinki University of Technology Faculty of Information and Natural Sciences Department of Media Technology P.O.Box 5400 FIN-02015 TKK Finland Tel. +358-9-451 2870 Fax. +358-9-451 5253 http://media.tkk.fi/ Available in PDF format at http://lib.tkk.fi/Diss/2009/9789522481931/ c Antti Nurminen ISBN 978-952-248-192-4 (print) ISBN 978-952-248-193-1 (online) ISSN 1797-7096 (print) ISSN 1797-710X (online) Redfina Espoo 2009 ABSTRACT Author Antti Nurminen Title Mobile Three-Dimensional City Maps Maps are visual representations of environments and the objects within, depicting their spatial relations. They are mainly used in navigation, where they act as external information sources, supporting observation and de- cision making processes. Map design, or the art-science of cartography, has led to simplification of the environment, where the naturally three- dimensional environment has been abstracted to a two-dimensional repre- sentation, populated with simple geometrical shapes and symbols.
    [Show full text]
  • Addressing Threats and Security Issues in World Wide Web Technology∗†
    Addressing Threats and Security Issues in World Wide Web Technology∗† Stefanos Gritzalis Department of Informatics University of Athens TYPA Buildings, Athens GR-15771, GREECE tel.: +30-1-7291885, fax: +30-1-7219561 Department of Informatics Technological Educational Institute (T.E.I.) of Athens Ag.Spiridonos St. Aegaleo GR-12210, GREECE tel.: +30-1- 5910974, fax.: +30-1-5910975 email: [email protected] Diomidis Spinellis Department of Mathematics University of the Aegean Samos GR-83200, GREECE tel.: +30-273-33919, fax: +30-273-35483 email:[email protected] May, 1997 Abstract We outline the Web technologies and the related threats within the framework of a Web threat environment. We also examine the issue surrounding dowloadable executable content and present a number of security services that can be used for Web transactions categorised according to the Internet layering model. ∗In Proceedings CMS ’97 3rd IFIP TC6/TC11 International joint working Conference on Communica- tions and Multimedia Security, pages 33–46. IFIP, Chapman & Hall, September 1997. †This is a machine-readablerendering of a working paper draft that led to a publication. The publication should always be cited in preference to this draft using the reference in the previous footnote. This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author’s copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
    [Show full text]
  • Reflections on the REST Architectural Style and “Principled Design of the Modern Web Architecture”
    Reflections on the REST Architectural Style and “Principled Design of the Modern Web Architecture” Roy T. Fielding Adobe Richard N. Taylor University of California, Irvine Justin R. Erenkrantz Bloomberg Michael M. Gorlick University of California, Irvine Jim Whitehead University of California, Santa Cruz Rohit Khare Google Peyman Oreizy Dynamic Variable LLC Outline 1. The Story of REST § Early history of the Web § What REST is (and is not) § Contemporary influences 2. Work inspired by REST § Decentralization § Generalization § Secure computation 3. Reflections on REST § Investing in entrepreneurial students § Role of Software Engineering research ESEC/FSE’17, September 8, 2017, Paderborn, Germany 2 Original proposal for the World Wide Web IBM Computer GroupTalk conferencing Hyper for example Card uucp News ENQUIRE VAX/ NOTES Hierarchical systems for example for example unifies A Proposal Linked "Mesh" CERNDOC information describes describes includes includes C.E.R.N This describes document division "Hypertext" refers group group includes describes to wrote section Hypermedia etc Tim Comms Berners-Lee ACM [Berners-Lee, 1989] ESEC/FSE’17, September 8, 2017, Paderborn, Germany 3 The Web is an application integration system IBM Computer GroupTalk conferencing Hyper for example Card uucp News ENQUIRE VAX/ NOTES Hierarchical systems for example for example unifies A Proposal Linked "Mesh" CERNDOC information describes [Berners-Lee, 1989] ESEC/FSE’17, September 8, 2017, Paderborn, Germany 4 describes includes includes C.E.R.N This describes document
    [Show full text]
  • Pay-As-You-Go Data Cleaning and Integration
    Pay-as-you-go Data Cleaning and Integration Shawn Jeffery Electrical Engineering and Computer Sciences University of California at Berkeley Technical Report No. UCB/EECS-2008-102 http://www.eecs.berkeley.edu/Pubs/TechRpts/2008/EECS-2008-102.html August 20, 2008 Copyright 2008, by the author(s). All rights reserved. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission. Pay-as-you-go Data Cleaning and Integration by Shawn R. Jeffery B.S. (University of Wisconsin, Madison) 2002 M.S. (University of California, Berkeley) 2005 A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the GRADUATE DIVISION of the UNIVERSITY OF CALIFORNIA, BERKELEY Committee in charge: Professor Michael J. Franklin, Chair Professor Joseph M. Hellerstein Professor Dara O’Rourke Fall 2008 The dissertation of Shawn R. Jeffery is approved. Chair Date Date Date University of California, Berkeley Fall 2008 Pay-as-you-go Data Cleaning and Integration Copyright c 2008 by Shawn R. Jeffery Abstract Pay-as-you-go Data Cleaning and Integration by Shawn R. Jeffery Doctor of Philosophy in Computer Science University of California, Berkeley Professor Michael J. Franklin, Chair Many emerging applications such as Web mash-ups and large-scale sensor deploy- ments seek to make use of large collections of heterogeneous data sources to enable powerful new services.
    [Show full text]
  • Requests for Comments (RFC)
    ,QWHUQHW6RFLHW\ ,62& ,QWHUQHW$UFKLWHFWXUH%RDUG Requests for Comments (RFC) 6HOHFWHG5HTXHVWVIRU&RPPHQWVUHOHYDQWWRLQVWUXFWLRQDOGHVLJQ5HTXHVWV IRU&RPPHQWVRU5)&VLQFOXGH,QWHUQHWVWDQGDUGVGHYHORSHGE\WKH ,QWHUQHW$UFKLWHFWXUH%RDUGIRUWKH,QWHUQHW6RFLHW\0DQ\RIWKH5)&V SURYLGHLPSRUWDQWWHFKQLFDOLQIRUPDWLRQDQGDUHQRWFODVVLILHGDV ³VWDQGDUGV´ 5HSURGXFHGLQDFFRUGDQFHZLWKWKHSROLFLHVRIWKH,QWHUQHW6RFLHW\)RUWKH ODWHVWLQIRUPDWLRQDERXWWKH6RFLHW\VHHZZZLVRFRUJ)RUPRUH LQIRUPDWLRQDERXWVWDQGDUGVVHHZZZLDERUJ RFC1314 Web Address: Image Exchange Format http://sunsite.cnlab-switch.ch/ By: Katz & Cohen Network Working Group A. Katz Request for Comments: 1314 D. Cohen ISI April 1992 A File Format for the Exchange of Images in the Internet Status of This Memo This document specifies an IAB standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "IAB Official Protocol Standards" for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document defines a standard file format for the exchange of fax-like black and white images within the Internet. It is a product of the Network Fax Working Group of the Internet Engineering Task Force (IETF). The standard is: ** The file format should be TIFF-B with multi-page files supported. Images should be encoded as one TIFF strip per page. ** Images should be compressed using MMR when possible. Images may also be MH or MR compressed or uncompressed. If MH or MR compression is used, scan lines should be "byte-aligned". ** For maximum interoperability, image resolutions should either be 600, 400, or 300 dpi; or else be one of the standard Group 3 fax resolutions (98 or 196 dpi vertically and 204 dpi horizontally). Note that this specification is self contained and an implementation should be possible without recourse to the TIFF references, and that only the specific TIFF documents cited are relevant to this specification.
    [Show full text]
  • CV January 2001 Geoffrey Charles
    Geoffrey Charles Fox Phone Email Cell: 8122194643 [email protected] Informatics: 8128567977 [email protected] Lab: 8128560927 [email protected] Home: 8123239196 Web Site: http://www.infomall.org Addresses ..................................................................................................... 2 Date of Birth ................................................................................................. 2 Education ...................................................................................................... 2 Professional Experience .................................................................................. 2 Awards and Honors ........................................................................................ 3 Board Membership ......................................................................................... 3 Industry Experience ....................................................................................... 3 Current Journal Editor..................................................................................... 3 Previous Journal Responsibility ........................................................................ 4 PhD Theses supervised ................................................................................... 4 Research Activities ......................................................................................... 7 Conferences Organized ................................................................................... 8 Publications: Introduction ..............................................................................
    [Show full text]
  • Cgcopyright 2013 Alexei Czeskis
    c Copyright 2013 Alexei Czeskis Practical, Usable, and Secure Authentication and Authorization on the Web Alexei Czeskis A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy University of Washington 2013 Reading Committee: Tadayoshi Kohno, Chair Arvind Krishnamurty Hank Levy Raadhakrishnan Poovendran Program Authorized to Offer Degree: UW Computer Science and Engineering University of Washington Abstract Practical, Usable, and Secure Authentication and Authorization on the Web Alexei Czeskis Chair of the Supervisory Committee: Associate Professor Tadayoshi Kohno Department of Computer Science and Engineering User authentication and authorization are two of the most critical aspects of computer security and privacy on the web. However, despite their importance, in practice, authen- tication and authorization are achieved through the use of decade-old techniques that are both often inconvenient for users and have been shown to be insecure against practical at- tackers. Many approaches have been proposed and attempted to improve and strengthen user authentication and authorization. Among them are authentication schemes that use hardware tokens, graphical passwords, one-time-passcode generators, and many more. Sim- ilarly, a number of approaches have been proposed to change how user authorization is performed. Unfortunately, none of the new approaches have been able to displace the tradi- tional authentication and authorization strategies on the web. Meanwhile, attacks against user authentication and authorization continue to be rampant and are often (due to the lack of progress in practical defenses) successful. This dissertation examines the existing challenges to providing secure, private, and us- able user authentication and authorization on the web. We begin by analyzing previous approaches with the goal of fundamentally understanding why and how previous solutions have not been adopted.
    [Show full text]
  • Principled Design of the Modernweb Architecture
    Principled Design of the ModernWeb Architecture Roy T. Fielding and Richard N. Taylor Information and Computer Science University of California, Irvine Irvine, CA 92697–3425 USA +1.949.824.4121 {fielding,taylor}@ics.uci.edu ABSTRACT A software architecture determines how system elements are The World Wide Web has succeeded in large part because its identified and allocated, how the elements interact to form a software architecture has been designed to meet the needs of system, the amount and granularity of communication an Internet-scale distributed hypermedia system. The needed for interaction, and the interface protocols used for modern Web architecture emphasizes scalability of communication. An architectural style is an abstraction of component interactions, generality of interfaces, the key aspects within a set of potential architectures independent deployment of components, and intermediary (instantiations of the style), encapsulating important components to reduce interaction latency, enforce security, decisions about the architectural elements and emphasizing and encapsulate legacy systems. In this paper, we introduce constraints on the elements and their relationships [17]. In the Representational State Transfer (REST) architectural other words, a style is a coordinated set of architectural style, developed as an abstract model of the Web architecture constraints that restricts the roles/features of architectural to guide our redesign and definition of the Hypertext elements and the allowed relationships among those Transfer Protocol and Uniform Resource Identifiers. We elements within any architecture that conforms to the style. describe the software engineering principles guiding REST REST is a coordinated set of architectural constraints that and the interaction constraints chosen to retain those attempts to minimize latency and network communication principles, contrasting them to the constraints of other while at the same time maximizing the independence and architectural styles.
    [Show full text]
  • Harvesting Commonsense and Hidden Knowledge from Web Services Julien Romero
    Harvesting commonsense and hidden knowledge from web services Julien Romero To cite this version: Julien Romero. Harvesting commonsense and hidden knowledge from web services. Artificial Intelli- gence [cs.AI]. Institut Polytechnique de Paris, 2020. English. NNT : 2020IPPAT032. tel-02979523 HAL Id: tel-02979523 https://tel.archives-ouvertes.fr/tel-02979523 Submitted on 27 Oct 2020 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Harvesting Commonsense and Hidden Knowledge From Web Services Thèse de doctorat de l’Institut Polytechnique de Paris préparée à Télécom Paris École doctorale n◦626 École doctorale de l’Institut Polytechnique de Paris (ED IP Paris) NNT : 2020IPPAT032 Spécialité de doctorat: Computing, Data and Artificial Intelligence Thèse présentée et soutenue à Palaiseau, le 5 Octobre 2020, par Julien Romero Composition du Jury : Pierre Senellart Professor, École Normale Supérieure Président Tova Milo Professor, Tel Aviv University Rapporteur Katja Hose Professor, Aalborg University Rapporteur Michael Benedikt Professor, University of Oxford
    [Show full text]
  • Kapanfangrechts
    KapAnfangRechts Literaturverzeichnis 1. Marc Abrams, Charles R. Standridge, Ghaleb Abdulla, Stephen Williams und Edward A. Fox. Caching Proxies: Limitations and Potentials. In Proceedings of the Fourth International World Wide Web Conference, S. 119–133, Boston, Massachu- setts, Dezember 1995. 2. Adobe Systems Inc. Postscript Language Reference Manual. Addison-Wesley, Reading, Massachusetts, 2. Auflage, Dezember 1990. 3. Adobe Systems Inc. Postscript Language Reference Manual. Addison-Wesley, Reading, Massachusetts, 3. Auflage, Januar 1999. 4. Nabeel AI-Shamma, Robert Ayers, Richard Cohn, Jon Ferraiolo, Martin Newell, Roger K. de Bry, Kevin McCluskey und Jerry Evans. Precision Graphics Markup Language (PGML). World Wide Web Consortium, Note NOTE-PGML-19980410, April 1998. 5. Paul Albitz und Cricket Liu. DNS and BIND. O'Reilly & Associates, Inc., Sebastopol, California, Januar 1992. 6. Aldus Corporation. TIFF – Revision 6.0. Seattle, Washington, Juni 1992. 7. Harald Tveit Alvestrand. Tags for the Identification of Languages. Internet proposed standard RFC 1766, März 1995. 8. American National Standards Institute. Coded Character Set – 7-Bit American National Standard Code for Information Interchange. ANSI X3.4, 1992. 9. American National Standards Institute. Information Retrieval (Z39.50): Applica- tion Service Definition and Protocol Specification. ANSI/NISO Z39.501995, Juli 1995. 10. Mark Andrews. Negative Caching of DNS Queries (DNS NCACHE). Internet proposed standard RFC 2308, März 1998. 11. Farhad Anklesaria, Mark McCahill, Paul Lindner, David Johnson, Daniel Torrey und Bob Alberti. The Internet Gopher Protocol. Internet informational RFC 1436, März 1993. 12. Apple Computer, Inc., Cupertino, California. The TrueType Reference Manual, Oktober 1996. 13. Helen Ashman und Paul Thistlewaite, Herausgeber. Proceedings of the Seventh International World Wide Web Conference, Brisbane, Australia, April 1998.
    [Show full text]