DOCSLIB.ORG

Xround : a Reversible Template Language and Its Application in Model-Based Security Analysis

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Xround : a Reversible Template Language and Its Application in Model-Based Security Analysis This is a repository copy of XRound : A reversible template language and its application in model-based security analysis. White Rose Research Online URL for this paper: http://eprints.whiterose.ac.uk/54730/ Version: Submitted Version Article: Chivers, Howard Robert orcid.org/0000-0001-7057-9650 and Paige, Richard F. orcid.org/0000-0002-1978-9852 (2009) XRound : A reversible template language and its application in model-based security analysis. Information and Software Technology. pp. 876-893. https://doi.org/10.1016/j.infsof.2008.05.006 Reuse Items deposited in White Rose Research Online are protected by copyright, with all rights reserved unless indicated otherwise. They may be downloaded and/or printed for private study, or other acts as permitted by national copyright laws. The publisher or other rights holders may allow further reproduction and re-use of the full text version. This is indicated by the licence information on the White Rose Research Online record for the item. Takedown If you consider content in White Rose Research Online to be in breach of UK law, please notify us by emailing [email protected] including the URL of the record and the reason for the withdrawal request. [email protected] https://eprints.whiterose.ac.uk/ XRound: A Reversible Template Language and its application in Model-Based Security Analysis Howard Chivers and Richard F. Paige Department of Information Systems, Cranfield University, Shrivenham, UK. Department of Computer Science, University of York, UK. [email protected], [email protected] Limited tool support currently exists for bidirectional Abstract Successful analysis of the models used in Model- transformations; key state of the art is summarised in Driven Development requires the ability to synthesise the Section 2. Bidirectional transformations can be awkwardly results of analysis and automatically integrate these results implemented by the sequential application of with the models themselves. This paper presents a unidirectional transformations, but this is not entirely reversible template language called XRound which satisfactory because information – e.g., detailed supports round-trip transformations between models and representations of platforms, model element identities – the logic used to encode system properties. A template may be lost after each unidirectional transformation is processor that supports the language is described, and the applied. This will particularly be the case with use of the template language is illustrated by its application transformations that are reused from libraries in in an analysis workbench, designed to support analysis of unexpected ways. More generally, it is difficult to ensure security properties of UML and MOF-based models. As a round-trip consistency in a sequence of unidirectional result of using reversible templates, it is possible to transformations. seamlessly and automatically integrate the results of a This paper describes a new template-based language, security analysis with a model. called XRound, for specifying bidirectional transformations Keywords Model-Driven Development, Template between models of arbitrary languages. Moreover, the Processing, UML, Security Analysis paper presents powerful tool support for this language that implements bidirectional transformations, particularly to support merging of the results of model analysis with an original model. XRound and its tool support are both illustrated in the context of a case study demonstrating a particular form of model analysis, namely security risk 1. Introduction analysis (explained in Section 1.1). General lessons learned about model analysis and using XRound in the Transformations are a critical component of Model- context of merging analysis results with models are also Driven Development, particularly in the Model-Driven extracted and discussed. Architecture (MDA) [1]. To this end, the Query/Views/Transformations (QVT) [2] standard has 1.1 Context and contribution been developed, in order to provide a precise mechanism for describing transformations between models. Given a model of a system, such as a Unified Modelling QVT transformations can be unidirectional (i.e., from Language (UML) or Matlab/Simulink/Stateflow model, we one metamodel to a second not necessarily different can apply tools to analyse the model, to determine if it has metamodel) or bidirectional (i.e., reversible between two desirable properties. A variety of analyses are possible and metamodels). The former is of critical importance in are used in practice, particularly consistency checking (e.g., MDA, e.g., for transforming platform independent models does the information contained in one UML diagram (PIMs) into platform specific models (PSMs). The latter is contradict that contained in a second diagram), timing vital for supporting round-trip engineering, and also (e.g., is the worst-case execution time for a system rigorous analysis of models: the results of a logical satisfactory), failures (e.g., does the system mitigate for a analysis (e.g., correctness, timing analysis, security particular class of fault) and security. We illustrate the use analysis) may need to be reflected in the source of a of XRound and bidirectional transformations in the context transformation. For example, a static analysis may be of security risk analysis in this paper. applied to a PSM, resulting in changes being made to that Security risk analysis is concerned with discovering PSM. These changes may need to be reflected in the threat paths in a system which allow potential attackers to original PIM. access system assets. Concrete security objectives are in the form of specific unwanted outcomes to particular assets (e.g. integrity of particular data); however, the analysis transformations and independence between input and process is forced to consider all possible threat paths to output applications, while supporting bidirectional each asset, and this requires an efficient analytic tool. transformations. This language and its supporting template The basic idea behind any form of model analysis is as processor allow model analysis tools to import Extensible follows. A model (e.g., in UML) is annotated with Markup Language (XML) models with a source-specific properties. In the case of security risk analysis, the metamodel, and re-generate the XML when the analysis properties attached to a model are predicates: facts that are model is changed. The security analysis workbench true, or that we wish to assert, about the model (examples application described in Section 7 is one such application: follow in the sequel). These properties are collected by an a specialised analysis tool that imports UML models in the analytic tool, which then processes them and returns XML Metadata Interchange (XMI) format, and uses a results. The results of analysis may be additional properties bidirectional transformation to merge its results into the that need to be integrated with the original model, e.g., original XMI model. new security requirements that have been added to control The contribution of this paper is to describe the XRound threats, failure modes for collections of components, language, its motivation, its relationship with standard worst-case execution time for a subsystem. This template processing, and how it supports bidirectional integration is generally quite difficult, especially because transformations via so-called reversible templates. engineers may need to use different tools for modelling Additionally, the implementation and use of the XRound (e.g., a UML tool) and specialised analyses. language is shown to be feasible by presenting a The usual solution for lightweight tool integration of supporting template processor and a practical application. this form is template processing. A template processing XMLSource, a Java-based template processor for XRound, system applies a template to a data model via a template is described in both system and implementation terms, and processor, resulting in the extraction and formatting of the the successful use of XRound in security analysis is data for some particular application. An example of a discussed. General lessons learned about supporting template language is XSLT, which is used for transforming different kinds of model analysis are also synthesised in XML documents, usually into text or HTML. the conclusions. This is an attractive solution, since it allows designers to We commence with an overview of related work on use their preferred modelling environment, and does not transformations and model merging, and then in Section 3 necessarily require a complete definition of the languages discuss the notion of a reversible template, which is at the supported by that environment (e.g., a complete UML foundation of XRound. The required processing for metamodel). It is also preferable from the tool software reversible templates is presented. Section 4 presents perspective; for example, type checking of properties can XRound itself, and Section 5 illustrates the language with be implemented once within the analytic tool, rather than several small examples. Section 6 summarises the template in each UML environment. It is also attractive from the processor that supports XRound, and section 7 explains the perspective of compatibility with the traditional principles use of XRound in supporting security analysis. We then and practices of MDA and MDD. MDA, for example, discuss lessons learned, conclusions, and future work. operates in terms of application of
Load more

Recommended publications
  • Minimal Perl for UNIX and Linux People
    Minimal Perl For UNIX and Linux People BY TIM MAHER MANNING Greenwich (74° w. long.) For online information and ordering of this and other Manning books, please visit www.manning.com. The publisher offers discounts on this book when ordered in quantity. For more information, please contact: Special Sales Department Manning Publications Co. Cherokee Station PO Box 20386 Fax: (609) 877-8256 New York, NY 10021 email: [email protected] ©2007 by Manning Publications Co. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps. Recognizing the importance of preserving what has been written, it is Manning’s policy to have the books we publish printed on acid-free paper, and we exert our best efforts to that end. Manning Publications Co. Copyeditor: Tiffany Taylor 209 Bruce Park Avenue Typesetters: Denis Dalinnik, Dottie Marsico Greenwich, CT 06830 Cover designer: Leslie Haimes ISBN 1-932394-50-8 Printed in the United States of America 12345678910–VHG–1009080706 To Yeshe Dolma Sherpa, whose fortitude, endurance, and many sacrifices made this book possible. To my parents, Gloria Grady Washington and William N. Maher, who indulged my early interests in literature. To my limbic system, with gratitude for all the good times we’ve had together.
    [Show full text]
  • C DEFINES and C++ TEMPLATES Professor Ken Birman
    Professor Ken Birman C DEFINES AND C++ TEMPLATES CS4414 Lecture 10 CORNELL CS4414 - FALL 2020. 1 COMPILE TIME “COMPUTING” In lecture 9 we learned about const, constexpr and saw that C++ really depends heavily on these Ken’s solution to homework 2 runs about 10% faster with extensive use of these annotations Constexpr underlies the “auto” keyword and can sometimes eliminate entire functions by precomputing their results at compile time. Parallel C++ code would look ugly without normal code structuring. Const and constexpr allow the compiler to see “beyond” that and recognize parallelizable code paths. CORNELL CS4414 - FALL 2020. 2 … BUT HOW FAR CAN WE TAKE THIS IDEA? Today we will look at the concept of programming the compiler using the templating layer of C++ We will see that it is a powerful tool! There are also programmable aspects of Linux, and of the modern hardware we use. By controlling the whole system, we gain speed and predictability while writing elegant, clean code. CORNELL CS4414 - FALL 2020. 3 IDEA MAP FOR TODAY History of generics: #define in C Templates are easy to create, if you stick to basics The big benefit compared to Java is that a template We have seen a number of parameterized is a compile-time construct, whereas in Java a generic types in C++, like std::vector and std::map is a run-time construct. The template language is Turing-complete, but computes These are examples of “templates”. only on types, not data from the program (even when They are like generics in Java constants are provided).
    [Show full text]
  • Php, Template Et Http
    EPAI, Jérôme Frossard (2016) PHP, TEMPLATE ET HTTP Développer des application Web Notion de template 1 ¨ Un template est modèle de document, c’est-à-dire un document dont la forme est définie, mais dont une partie du contenu est variable. ¨ Pour réaliser les parties variables, on insère dans le texte du document des instructions qui permettront au moteur de template de produire le texte variable. ¨ On utilise généralement des balises telles que <% et %>, pour séparer les instructions que le moteur de template doit interpréter, du texte qu’il doit copier sans changement dans le ou les documents résultants. EPAI, Jérôme Frossard (2016) Notion de moteur de template 2 ¨ Un moteur de templates (template processor) est un programme qui combine un template (modèle) et des données pour produire un ou plusieurs documents. Données ... <html> <body> <h1> Moteur de Documents <?=$titre?> templates résultants </h1> ... Template (patron) ¨ Quelques exemples : ASP.NET, JSP, Apache Velocity EPAI, Jérôme Frossard (2016) PHP, un langage de template ? 3 ¨ Le code PHP peut être intégré dans n’importe quel fichier de texte grâce aux balises PHP (<?php et ?>) ¨ À l’exécution, les balises PHP sont remplacées par le texte affiché par le code. ¨ PHP peut donc être utiliser comme un langage de template et son interpréteur comme un moteur de template. EPAI, Jérôme Frossard (2016) Exemple de template PHP 4 <!DOCTYPE html> <html> Fichier guestbook.php <head> <?php <title>Livre d'or</title> // inclut le fichier autoload.php qui contient <link rel="stylesheet" href="guestbook.css"> // les fonctions nécessaires au chargement des </head> // classes utilisée dans le script.
    [Show full text]
  • 7X9 Word Template
    Apache Wink User Guide Software Version: 0.1 The Apache Wink User Guide document is a broad scope document that provides detailed information about the Apache Wink 0.1 design and implementation. Apache Wink 0.1 User Guide Table of Contents Apache Wink User Guide............................................................. 1 Table of Contents ......................................................................... 2 List of Tables ............................................................................... 8 1. Introduction .......................................................................... 9 1.1.1. Important Note ................................................................................................... 9 1.2. Target Audience .................................................................................................... 10 1.3. JAX-RS Compliancy .............................................................................................. 10 2. Apache Wink Architecture ................................................... 11 2.1. Wink Runtime Architecture Overview .................................................................. 11 2.2. Request Processor ................................................................................................. 12 2.3. Deployment Configuration .................................................................................... 13 2.3.1. Customization ................................................................................................... 13 2.4. Handler Chains ....................................................................................................
    [Show full text]
  • Tutorials Table of Contents
    Tutorials Table of Contents: Tutorials mod_perl related tutorials, teaching you things not only about mod_perl, but also about any related topics of great interest to mod_perl programmers. Last modified Sun Feb 16 01:37:13 2014 GMT 15 Feb 2014 1 Table of Contents: Part I: Application Design - 1. Building a Large-Scale E-commerce site with Apache and mod_perl mod_perl’s speed and Perl’s flexibility make them very attractive for large-scale sites. Through careful planning from the start, powerful application servers can be created for sites requiring excel- lent response times for dynamic content, such as eToys.com, all by using mod_perl. Part II: Templating - 2. Choosing a Templating System Everything you wanted to know about templating systems and didn’t dare to ask. Well, not every- thing.... Part III: Tips and Tricks - 3. Cute Tricks With Perl and Apache Perl and Apache play very well together, both for administration and coding. However, adding mod_perl to the mix creates a heaven for an administrator/programmer wanting to do cool things in no time! Part IV: Client side facts and bugs - 4. Workarounds for some known bugs in browsers. Unfortunately for web programmers, browser bugs are not uncommon, and sometimes we have to deal with them; refer to this chapter for some known bugs and how you can work around them. - 5. Web Content Compression FAQ Everything you wanted to know about web content compression 2 15 Feb 2014 Building a Large-Scale E-commerce site with Apache and mod_perl 1 Building a Large-Scale E-commerce site with Apache and mod_perl 1 Building a Large-Scale E-commerce site with Apache and mod_perl 15 Feb 2014 3 1.1 Description 1.1 Description mod_perl’s speed and Perl’s flexibility make them very attractive for large-scale sites.
    [Show full text]
  • A Transformation Language for RDF Based on SPARQL Olivier Corby, Catherine Faron Zucker
    A Transformation Language for RDF based on SPARQL Olivier Corby, Catherine Faron Zucker To cite this version: Olivier Corby, Catherine Faron Zucker. A Transformation Language for RDF based on SPARQL. van der Aalst, W.; Mylopoulos, J.; Rosemann, M.; Shaw, M.J.; Szyperski, C. Web Informa- tion Systems and Technologies, Springer, 2015, Lecture Notes in Business Information Processing, 10.5220/0005450604660476. hal-01186048 HAL Id: hal-01186048 https://hal.inria.fr/hal-01186048 Submitted on 24 Aug 2015 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. A Transformation Language for RDF based on SPARQL Olivier Corby1 and Catherine Faron-Zucker2 1 Inria, France 2 Univ. Nice Sophia Antipolis, CNRS, I3S, France Abstract. XSLT is a language for transforming XML documents into other XML documents. Despite its 16 years long life, the RDF Semantic Web language still waits its transformation language. Some propositions have been done, relying on and extending XSLT, but none of them be- came widely used. In this paper, we present a radically new transforma- tion language for RDF, called STTL. It enables to transform RDF into RDF as well as any other text format.
    [Show full text]
  • Moo in Practice - App::Math::Tutor
    Moo in practice - App::Math::Tutor Jens Rehsack Niederrhein Perl Mongers 2014 Jens Rehsack (Niederrhein.PM) Moo in practice - App::Math::Tutor 2014 1 / 41 Introduction Motivation Motivation Moo and App::Math::Tutor real world examples over far-fetched conceptuals MooX::Cmd, MooX::Options and MooX::ConfigFromFile provide way more features and flexibility than either ◮ App::Cmd with Getopt::Long::Descriptive ◮ MooseX::App::Cmd along with corresponding MooseX wrappers around related stuff 2nd generation of modern OO in Perl5 App::Math::Tutor Allow parents help their children improving their mathematical skills Add support for exercise types as children require provide extensible design to allow easy augment of exercise Goal: Improve to Web-Service, eg. by mapping MooX::Cmd to URI path and MooX::Options to GET parameters Jens Rehsack (Niederrhein.PM) Moo in practice - App::Math::Tutor 2014 3 / 41 Introduction Audience Audience Audience Developer who wants to create or improve Perl5 software Developer who wants to learn how to develop modern OO with Perl5 Developer who interested in developing mathematical exercises Prerequisites of the Audience Following knowledge is expected: General knowledge about object oriented programming or concepts like ◮ classes ◮ objects ◮ polymorphism, inheritance and/or roles ◮ methods, class functions ◮ attributes, properties slightly above basic Perl experience ever heard of Smalltalk and its OO-concept is a strong bonus Jens Rehsack (Niederrhein.PM) Moo in practice - App::Math::Tutor 2014 4 / 41 Modules Classes and Roles Classes in Moo classes can be instantiated one can inherit from classes one can aggregate classes distinguish naming conflicts is up to developer { package Natural; use Moo; sub _stringify { ..
    [Show full text]
  • Code Generator for HPF Library on Fujitsu VPP5000
    UDC 681.325.3 Code Generator for HPF Library on Fujitsu VPP5000 VMatthijs van Waveren VCliff Addison VPeter Harrison VDave Orange VNorman Brown (Manuscript received October 23, 1999) The Fujitsu VPP5000 supports the data parallel language High Performance Fortran (HPF). The HPF Library gives a user access to intrinsic functions that are particularly useful in a data parallel environment. The implementation of HPF Library presents the challenge that all data types, all data kinds, all array ranks and all input distributions need to be supported. The number of specific functions runs into the billions so it is not feasible to code each individually. This paper presents a method to solve this problem. We have developed a library generator, which consists of templates and a template processor along with an interface to the HPF compiler. We show that instead of implementing billions of specific functions, we only need to implement five templates. 1. Introduction cation and for enlargement of description capa- The VPP5000 is the latest generation of bility are also supported. Fujitsu VPP supercomputers. The basic architec- One of the language features of the core lan- ture of the system is very similar to the guage of HPF 2.0 is a library of intrinsic functions, VX/VPP300/VPP700 discussed in Refs. 1), 2), and called HPF Library. These intrinsic functions 3) in that it comprises a group of vector proces- allow a user to develop portable data parallel im- sors linked via a crossbar switch. There are, plementations of highly irregular problems, as however, several important differences, which are described by Hu et al.
    [Show full text]
  • Portabilling: Templates Guide MR55
    PORTA ONE PortaBilling $ Templates 55 Guide Maintenance Release Documentation ©2000–2016 PortaOne, Inc. www.portaone.com All rights reserved Porta Billing® PortaBilling® Templates Guide Copyright Notice & Disclaimers Copyright © 2000–2016 PortaOne, Inc. All rights reserved PortaBilling® Templates Guide, May 2016 Maintenance Release 55 V1.55.03 Please address your comments and suggestions to: Sales Department, PortaOne, Inc. Suite #408, 2963 Glen Drive, Coquitlam BC V3B 2P7 Canada. Changes may be made periodically to the information in this publication. Such changes will be incorporated in new editions of the guide. The software described in this document is furnished under a license agreement, and may be used or copied only in accordance with the terms thereof. It is against the law to copy the software on any other medium, except as specifically provided in the license agreement. The licensee may make one copy of the software for backup purposes. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopied, recorded or otherwise, without the prior written permission of PortaOne Inc. The software license and limited warranty for the accompanying products are set forth in the information packet supplied with the product, and are incorporated herein by this reference. If you cannot locate the software license, contact your PortaOne representative for a copy. All product names mentioned in this manual are for identification purposes only, and are either trademarks or registered trademarks of their respective owners. © 2000–2016 PortaOne, Inc. All rights Reserved. www.portaone.com 2 ® Porta Billing PortaBilling® Templates Guide Table of Contents Preface .............................................................................................................................4 1.
    [Show full text]
  • A Template-Based Approach to Modeling Variability
    A Template-Based Approach to Modeling Variability Soheila Bashardoust Tajali, Jean-Pierre Corriveau and Wei Shi School of Computer Science, Carleton University Colonel By Drive Ottawa, CANADA 1-613-520-2600 {sbtajali, jeanpier, wei_shi}@scs.carleton.ca ABSTRACT With respect to terminology, we will adopt the one of Arnold and Corriveau have recently described ACL/VF, a non- Czarnecki and Eisenecker [9]: In System Family state-based quality-driven approach to software specification that Engineering (or equivalently, Software Product Lines), enables the requirements of stakeholders to be validated against members of a domain share a set of common features, as the actual behavior of an implementation under test. well as possibly possessing their specific ones. Simultaneously, in recent years, the software product line (SPL) Commonalities, we repeat, refer to the characteristics that approach, initiated by Parnas back in the 1970s, has emerged as a are common to all family members, while variabilities promising way to improve software productivity and quality. The distinguish the members of a family from each other and problem we address here can be summarized in one question: how can ACL/VF support product lines? The solution we propose need to be explicitly modeled and separated from the adopts Cleaveland's template-based general approach to common parts. Conceptually, a feature is a variation point variability. We first explain how to go from the traditional feature in a space of requirements (the domain) and has several diagram and feature grammar used in SPL to a) ACL domain variants (also called feature values) associated with it. The contracts capturing commonalities between the requirements two main processes of SPL engineering are a) domain contracts of a domain and b) variability contracts capturing how engineering (for analyzing the commonality and variability features and their relationships (captured in a feature grammar) between members) and application engineering (for can affect these domain contracts.
    [Show full text]
  • Choosing a Templating System 1 Choosing a Templating System
    Choosing a Templating System 1 Choosing a Templating System 1 Choosing a Templating System 15 Feb 2014 1 1.1 Description 1.1 Description Everything you wanted to know about templating systems and didn’t dare to ask. Well, not everything.... 1.2 Introduction Go on, admit it: you’ve written a templating system. It’s okay, nearly everyone has at some point. You start out with something beautifully simple like $HTML =~ s/\$(\w+)/${$1}/g and end up adding conditionals and loops and includes until you’ve created your very own unmaintainable monster. Luckily for you, you are not the first to think it might be nice to get the HTML out of your code. Many have come before, and more than a few have put their contributions up on CPAN. At this time, there are so many templating modules on CPAN that it’s almost certain you can find one that meets your needs. This document aims to be your guide to those modules, leading you down the path to the templating system of your dreams. And, if you just went straight to CPAN in the first place and never bothered to write your own, congratula- tions: you’re one step ahead of the rest of us. 1.2.1 On A Personal Note Nothing can start an argument faster on the mod_perl mailing list than a claim that one approach to templating is better than another. People get very attached to the tools they’ve chosen. Therefore, let me say up front that I am biased. I’ve been at this for a while and I have opinions about what works best.
    [Show full text]
  • XML Tutorial
    XML Tutorial Thomas G. Habing Grainger Engineering Library Information Center E-Text Working Group 2004-01-15 Presenters Tom Habing Research Programmer, Grainger Engineering Library Information Center [email protected] XML Tutorial 2004-01-15 Tom Habing 2 Agenda – XML Tutorial 1. Well-formed XML (basic markup) 2. DTDs and schemas 3. Stylesheets 4. XML and databases Topics include illustrations, demos, and exercises. XML Tutorial 2004-01-15 Tom Habing 3 1. Well-formed XML XML 1.0 Specification Markup Prolog & Document Type Declaration Elements Attributes Content Entities Encoded (Unicode) characters XML Tutorial 2004-01-15 Tom Habing 4 Prolog & Document Type Definition XML documents should begin with an XML Declaration which specifies version Optionally may also include: Encoding (recommended) Stand-alone declaration Document Type Definition is typically next <?xml version="1.0" encoding='UTF-8' standalone='no' ?> <!DOCTYPE root SYSTEM "myDocs.dtd" > XML Tutorial 2004-01-15 Tom Habing 5 Elements Elements are markup that enclose content <element_name>…</element_name> or <element_name /> Content models Parsed Character Data Only Child Elements Only Mixed Empty <author>Cole, T</author> XML Tutorial 2004-01-15 Tom Habing 6 Attributes Associate a name-value pair with an element <tag name1="value1" name2='value2'>…</tag> Can be used to embellish content… or to associate added content to an element Attributes beginning XML are reserved <author order='1'>Cole, T</author> <author name='Habing, T' /> XML Tutorial 2004-01-15 Tom
    [Show full text]