DOCSLIB.ORG

Swivel: Hardening Webassembly Against Spectre

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Swivel: Hardening Webassembly Against Spectre Swivel: Hardening WebAssembly against Spectre Shravan Narayan† Craig Disselkoen† Daniel Moghimi¶† Sunjay Cauligi† Evan Johnson† Zhao Gang† Anjo Vahldiek-Oberwagner? Ravi Sahita∗ Hovav Shacham‡ Dean Tullsen† Deian Stefan† †UC San Diego ¶Worcester Polytechnic Institute ?Intel Labs ∗Intel ‡UT Austin Abstract in recent microarchitectures [41] (see Section 6.2). In con- We describe Swivel, a new compiler framework for hardening trast, Spectre can allow attackers to bypass Wasm’s isolation WebAssembly (Wasm) against Spectre attacks. Outside the boundary on almost all superscalar CPUs [3, 4, 35]—and, browser, Wasm has become a popular lightweight, in-process unfortunately, current mitigations for Spectre cannot be im- sandbox and is, for example, used in production to isolate plemented entirely in hardware [5, 13, 43, 51, 59, 76, 81, 93]. different clients on edge clouds and function-as-a-service On multi-tenant serverless, edge-cloud, and function as a platforms. Unfortunately, Spectre attacks can bypass Wasm’s service (FaaS) platforms, where Wasm is used as the way to isolation guarantees. Swivel hardens Wasm against this class isolate mutually distursting tenants, this is particulary con- 1 of attacks by ensuring that potentially malicious code can nei- cerning: A malicious tenant can use Spectre to break out of ther use Spectre attacks to break out of the Wasm sandbox nor the sandbox and read another tenant’s secrets in two steps coerce victim code—another Wasm client or the embedding (§5.4). First, they mistrain different components of the under- process—to leak secret data. lying control flow prediction—the conditional branch predic- We describe two Swivel designs, a software-only approach tor (CBP), branch target buffer (BTB), or return stack buffer that can be used on existing CPUs, and a hardware-assisted (RSB)—to speculatively execute code that accesses data out- approach that uses extension available in Intel® 11th genera- side the sandbox boundary. Then, they reconstruct the secret tion CPUs. For both, we evaluate a randomized approach that data from the underlying microarchitectural state (typically mitigates Spectre and a deterministic approach that eliminates the cache) using a side channel (cache timing). Spectre altogether. Our randomized implementations impose One way to mitigate such Spectre-based sandbox breakout under 10.3% overhead on the Wasm-compatible subset of attacks is to partition mutually distrusting code into separate SPEC 2006, while our deterministic implementations impose processes. By placing untrusted code in a separate process overheads between 3.3% and 240.2%. Though high on some we can ensure that the attacker cannot access secrets. Chrome benchmarks, Swivel’s overhead is still between 9× and 36.3× and Firefox, for example, do this by partitioning different sites smaller than existing defenses that rely on pipeline fences. into separate processes [25, 64, 68]. On a FaaS platform, we could similarly place tenants in separate processes. 1 Introduction Unfortunately, this would still leave tenants vulnerable to WebAssembly (Wasm) is a portable bytecode originally de- cross-process sandbox poisoning attacks [12, 36, 50]. Specif- signed to safely run native code (e.g., C/C++ and Rust) in ically, attackers can poison hardware predictors to coerce a the browser [27]. Since its initial design, though, Wasm has victim sandbox to speculatively execute gadgets that access been increasingly used to sandbox untrusted code outside the secret data—from their own memory region—and leak it via browser. For example, Fastly and Cloudflare use Wasm to the cache (e.g., by branching on the secret). Moreover, using sandbox client applications running on their edge clouds— process isolation would sacrifice Wasm’s scalability (running where multiple client applications run within a single pro- many sandboxes within a process) and performance (cheap cess [30, 85]. Mozilla uses Wasm to sandbox third-party startup times and context switching) [28, 30, 65, 85]. C/C++ libraries in Firefox [21, 65]. Yet others use Wasm to The other popular approach, removing speculation within isolate untrusted code in serverless computing [28], IoT appli- the sandbox, is also unsatisfactory. For example, using cations [10], games [62], trusted execution environments [17], pipeline fences to restrict Wasm code to sequential execution and even OS kernels [79]. imposes a 1.8×–7.3× slowdown on SPEC 2006 (§5). Con- In this paper, we focus on hardening Wasm against Spec- servatively inserting pipeline fences before every dynamic tre attacks—the class of transient execution attacks which load—an approach inspired by the mitigation available in exploit control flow predictors [49]. Transient execution at- Microsoft’s Visual Studio compiler [61]—is even worse: it tacks which exploit features within the memory subsystem incurs a 7.3×–19.6× overhead on SPEC (§5). (e.g., Meltdown [57], MDS [11, 72, 84], and Load Value In- 1Though our techniques are general, for simplicity we henceforth focus jection [83]) are limited in scope and have already been fixed on Wasm as used on FaaS platforms. In this paper, we take a compiler-based approach to hard- To eliminate host poisoning attacks, we use both Intel® ening Wasm against Spectre, without resorting to process CET and Intel® MPK. In particular, we use Intel® MPK to par- isolation or the use of fences. Our framework, Swivel, ad- tition the application into two domains—the host and Wasm dresses not only sandbox breakout and sandbox poisoning sandbox(es)—and, on context switch, ensure that each domain attacks, but also host poisoning attacks, i.e., Spectre attacks can only access its own memory regions. We use Intel® CET that coerce the process hosting the Wasm sandboxes into leak- forward-edge control-flow integrity to ensure that application ing sensitive data. That is, Swivel ensures that a malicious code cannot jump, sequentially or speculatively, into arbitrary Wasm tenant cannot speculatively access data outside their sandbox code (e.g., due to a poisoned BTB). We do this by sandbox nor coerce another tenant or the host to divulge se- inserting endbranch instructions in Wasm sandboxes to de- crets of other sandboxes via poisoning. We develop Swivel marcate valid jump targets, essentially partitioning the BTB via three contributions: into two domains. Our use of Intel’s MPK and CET ensures that even if the host code runs with poisoned predictors, it 1. Software-only Spectre hardening (§3.2) Our first con- cannot read—and thus leak—sandbox data. tribution, Swivel-SFI, is a software-only approach to harden- ® ing Wasm against Spectre. Swivel-SFI eliminates sandbox Since Intel MPK only supports 16 protection regions, we breakout attacks by compiling Wasm code to linear blocks cannot use it to similarly prevent sandbox poisoning attacks: (LBs). Linear blocks are straight-line x86 code blocks that serverless, edge-cloud, and FaaS platforms have thousands satisfy two invariants: (1) all transfers of control, including of co-located tenants. Hence, to address sandbox poisoning function calls, are at the block boundary—to (and from) other attacks, like for Swivel-SFI, we consider and evaluate two linear blocks; and (2) all memory accesses within a linear designs. The first (again) uses ASLR to randomize the loca- block are masked to the sandbox memory. These invariants tion of each sandbox and flushes the BTB on sandbox entry; are necessary to ensure that the speculative control and data we don’t flush on sandbox exit since the host can safely run flow of the Wasm code is restricted to the sandbox boundary. with a poisoned BTB. The second is deterministic and not They are not sufficient though: Swivel-SFI must also be tol- only allows using conditional branches but also avoids BTB erant of possible RSB underflow. We address this by (1) not flushes. It does this using a new technique, register interlock- emitting ret instructions and therefore completely bypassing ing, which tracks the control flow of the Wasm sandbox and the RSB and (2) using a separate stack for return addresses. turns every misspeculated memory access into an access to To address poisoning attacks, Swivel-SFI must still account an empty guard page. Register interlocking allows a tenant for a poisoned BTB or CBP. Since these attacks are more so- to run with a poisoned BTB or CBP since any potentially phisticated, we evaluate two different ways of addressing poisoned speculative memory accesses will be invalidated. them, and allow tenants to choose between them according to their trust model. The first approach uses address space 3. Implementation and evaluation (§4–5) We implement layout randomization (ASLR) to randomize the placement of both Swivel-SFI and Swivel-CET by modifying the Lucet each Wasm sandbox and flushes the BTB on each sandbox compiler’s Wasm-to-x86 code generator (Cranelift) and run- boundary crossing. This does not eliminate poisoning attacks; time. To evaluate Swivel’s security we implement proof of it only raises the bar of Wasm isolation to that of process iso- concept breakout and poisoning attacks against stock Lucet lation. Alternately, tenants can opt to eliminate these attacks (mitigated by Swivel). We do this for all three Spectre variants, altogether; to this end, our deterministic Swivel-SFI rewrites i.e., Spectre attacks that abuse the CBP, BTB, and RSB. conditional branches to indirect jumps—thereby completely We evaluate Swivel’s performance against stock Lucet and bypassing the CBP (which cannot be directly flushed) and several fence-insertion techniques on several standard bench- relying solely on the BTB (which can). marks. On the Wasm compatible subset of the SPEC 2006 2. Hardware-assisted Spectre hardening (§3.3) Our sec- CPU benchmarking suite we find the ASLR variants of ond contribution, Swivel-CET, restores the use of all predic- Swivel-SFI and Swivel-CET impose little overhead—they tors, including the RSB and CBP, and partially obviates the are at most 10.3% and 6.1% slower than Lucet, respectively.
Load more

Recommended publications
  • Differential Fuzzing the Webassembly
    Master’s Programme in Security and Cloud Computing Differential Fuzzing the WebAssembly Master’s Thesis Gilang Mentari Hamidy MASTER’S THESIS Aalto University - EURECOM MASTER’STHESIS 2020 Differential Fuzzing the WebAssembly Fuzzing Différentiel le WebAssembly Gilang Mentari Hamidy This thesis is a public document and does not contain any confidential information. Cette thèse est un document public et ne contient aucun information confidentielle. Thesis submitted in partial fulfillment of the requirements for the degree of Master of Science in Technology. Antibes, 27 July 2020 Supervisor: Prof. Davide Balzarotti, EURECOM Co-Supervisor: Prof. Jan-Erik Ekberg, Aalto University Copyright © 2020 Gilang Mentari Hamidy Aalto University - School of Science EURECOM Master’s Programme in Security and Cloud Computing Abstract Author Gilang Mentari Hamidy Title Differential Fuzzing the WebAssembly School School of Science Degree programme Master of Science Major Security and Cloud Computing (SECCLO) Code SCI3084 Supervisor Prof. Davide Balzarotti, EURECOM Prof. Jan-Erik Ekberg, Aalto University Level Master’s thesis Date 27 July 2020 Pages 133 Language English Abstract WebAssembly, colloquially known as Wasm, is a specification for an intermediate representation that is suitable for the web environment, particularly in the client-side. It provides a machine abstraction and hardware-agnostic instruction sets, where a high-level programming language can target the compilation to the Wasm instead of specific hardware architecture. The JavaScript engine implements the Wasm specification and recompiles the Wasm instruction to the target machine instruction where the program is executed. Technically, Wasm is similar to a popular virtual machine bytecode, such as Java Virtual Machine (JVM) or Microsoft Intermediate Language (MSIL).
    [Show full text]
  • XML a New Web Site Architecture
    XML A New Web Site Architecture Jim Costello Derek Werthmuller Darshana Apte Center for Technology in Government University at Albany, SUNY 1535 Western Avenue Albany, NY 12203 Phone: (518) 442-3892 Fax: (518) 442-3886 E-mail: [email protected] http://www.ctg.albany.edu September 2002 © 2002 Center for Technology in Government The Center grants permission to reprint this document provided this cover page is included. Table of Contents XML: A New Web Site Architecture .......................................................................................................................... 1 A Better Way? ......................................................................................................................................................... 1 Defining the Problem.............................................................................................................................................. 1 Partial Solutions ...................................................................................................................................................... 2 Addressing the Root Problems .............................................................................................................................. 2 Figure 1. Sample XML file (all code simplified for example) ...................................................................... 4 Figure 2. Sample XSL File (all code simplified for example) ....................................................................... 6 Figure 3. Formatted Page Produced
    [Show full text]
  • Document Object Model
    Document Object Model DOM DOM is a programming interface that provides a way for the values and structure of an XML document to be accessed and manipulated. Tasks that can be performed with DOM . Navigate an XML document's structure, which is a tree stored in memory. Report the information found at the nodes of the XML tree. Add, delete, or modify elements in the XML document. DOM represents each node of the XML tree as an object with properties and behavior for processing the XML. The root of the tree is a Document object. Its children represent the entire XML document except the xml declaration. On the next page we consider a small XML document with comments, a processing instruction, a CDATA section, entity references, and a DOCTYPE declaration, in addition to its element tree. It is valid with respect to a DTD, named root.dtd. <!ELEMENT root (child*)> <!ELEMENT child (name)> <!ELEMENT name (#PCDATA)> <!ATTLIST child position NMTOKEN #REQUIRED> <!ENTITY last1 "Dover"> <!ENTITY last2 "Reckonwith"> Document Object Model Copyright 2005 by Ken Slonneger 1 Example: root.xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE root SYSTEM "root.dtd"> <!-- root.xml --> <?DomParse usage="java DomParse root.xml"?> <root> <child position="first"> <name>Eileen &last1;</name> </child> <child position="second"> <name><![CDATA[<<<Amanda>>>]]> &last2;</name> </child> <!-- Could be more children later. --> </root> DOM imagines that this XML information has a document root with four children: 1. A DOCTYPE declaration. 2. A comment. 3. A processing instruction, whose target is DomParse. 4. The root element of the document. The second comment is a child of the root element.
    [Show full text]
  • Extensible Markup Language (XML) and Its Role in Supporting the Global Justice XML Data Model
    Extensible Markup Language (XML) and Its Role in Supporting the Global Justice XML Data Model Extensible Markup Language, or "XML," is a computer programming language designed to transmit both data and the meaning of the data. XML accomplishes this by being a markup language, a mechanism that identifies different structures within a document. Structured information contains both content (such as words, pictures, or video) and an indication of what role content plays, or its meaning. XML identifies different structures by assigning data "tags" to define both the name of a data element and the format of the data within that element. Elements are combined to form objects. An XML specification defines a standard way to add markup language to documents, identifying the embedded structures in a consistent way. By applying a consistent identification structure, data can be shared between different systems, up and down the levels of agencies, across the nation, and around the world, with the ease of using the Internet. In other words, XML lays the technological foundation that supports interoperability. XML also allows structured relationships to be defined. The ability to represent objects and their relationships is key to creating a fully beneficial justice information sharing tool. A simple example can be used to illustrate this point: A "person" object may contain elements like physical descriptors (e.g., eye and hair color, height, weight), biometric data (e.g., DNA, fingerprints), and social descriptors (e.g., marital status, occupation). A "vehicle" object would also contain many elements (such as description, registration, and/or lien-holder). The relationship between these two objects—person and vehicle— presents an interesting challenge that XML can address.
    [Show full text]
  • Seamless Offloading of Web App Computations from Mobile Device to Edge Clouds Via HTML5 Web Worker Migration
    Seamless Offloading of Web App Computations From Mobile Device to Edge Clouds via HTML5 Web Worker Migration Hyuk Jin Jeong Seoul National University SoCC 2019 Virtual Machine & Optimization Laboratory Department of Electrical and Computer Engineering Seoul National University Computation Offloading Mobile clients have limited hardware resources Require computation offloading to servers E.g., cloud gaming or cloud ML services for mobile Traditional cloud servers are located far from clients Suffer from high latency 60~70 ms (RTT from our lab to the closest Google Cloud DC) Latency<50 ms is preferred for time-critical games Cloud data center End device [Kjetil Raaen, NIK 2014] 2 Virtual Machine & Optimization Laboratory Edge Cloud Edge servers are located at the edge of the network Provide ultra low (~a few ms) latency Central Clouds Mobile WiFi APs Small cells Edge Device Cloud Clouds What if a user moves? 3 Virtual Machine & Optimization Laboratory A Major Issue: User Mobility How to seamlessly provide a service when a user moves to a different server? Resume the service at the new server What if execution state (e.g., game data) remains on the previous server? This is a challenging problem Edge computing community has struggled to solve it • VM Handoff [Ha et al. SEC’ 17], Container Migration [Lele Ma et al. SEC’ 17], Serverless Edge Computing [Claudio Cicconetti et al. PerCom’ 19] We propose a new approach for web apps based on app migration techniques 4 Virtual Machine & Optimization Laboratory Outline Motivation Proposed system WebAssembly
    [Show full text]
  • An XML Model of CSS3 As an XƎL ATEX-TEXML-HTML5 Stylesheet
    An XML model of CSS3 as an XƎLATEX-TEXML-HTML5 stylesheet language S. Sankar, S. Mahalakshmi and L. Ganesh TNQ Books and Journals Chennai Abstract HTML5[1] and CSS3[2] are popular languages of choice for Web development. However, HTML and CSS are prone to errors and difficult to port, so we propose an XML version of CSS that can be used as a standard for creating stylesheets and tem- plates across different platforms and pagination systems. XƎLATEX[3] and TEXML[4] are some examples of XML that are close in spirit to TEX that can benefit from such an approach. Modern TEX systems like XƎTEX and LuaTEX[5] use simplified fontspec macros to create stylesheets and templates. We use XSLT to create mappings from this XML-stylesheet language to fontspec-based TEX templates and also to CSS3. We also provide user-friendly interfaces for the creation of such an XML stylesheet. Style pattern comparison with Open Office and CSS Now a days, most of the modern applications have implemented an XML package format that includes an XML implementation of stylesheet: InDesign has its own IDML[6] (InDesign Markup Language) XML package format and MS Word has its own OOXML[7] format, which is another ISO standard format. As they say ironically, the nice thing about standards is that there are plenty of them to choose from. However, instead of creating one more non-standard format, we will be looking to see how we can operate closely with current standards. Below is a sample code derived from OpenOffice document format: <style:style style:name=”Heading_20_1” style:display-name=”Heading
    [Show full text]
  • Webassembly a New World of Native Exploits on the Web Agenda
    WebAssembly A New World Of Native Exploits On The Web Agenda • Introduction • The WebAssembly Platform • Emscripten • Possible Exploit Scenarios • Conclusion Wasm: What is it good for? ● Archive.org web emulators ● Image/processing ● Video Games ● 3D Modeling ● Cryptography Libraries ● Desktop Application Ports Wasm: Crazy Incoming ● Browsix, jslinux ● Runtime.js (Node), Nebulet ● Cervus ● eWASM Java Applet Joke Slide ● Sandboxed ● Virtual Machine, runs its own instruction set ● Runs in your browser ● Write once, run anywhere ● In the future, will be embedded in other targets What Is WebAssembly? ● A relatively small set of low-level instructions ○ Instructions are executed by browsers ● Native code can be compiled into WebAssembly ○ Allows web developers to take their native C/C++ code to the browser ■ Or Rust, or Go, or anything else that can compile to Wasm ○ Improved Performance Over JavaScript ● Already widely supported in the latest versions of all major browsers ○ Not limited to running in browsers, Wasm could be anywhere Wasm: A Stack Machine Text Format Example Linear Memory Model Subtitle Function Pointers Wasm in the Browser ● Wasm doesn’t have access to memory, DOM, etc. ● Wasm functions can be exported to be callable from JS ● JS functions can be imported into Wasm ● Wasm’s linear memory is a JS resizable ArrayBuffer ● Memory can be shared across instances of Wasm ● Tables are accessible via JS, or can be shared to other instances of Wasm Demo: Wasm in a nutshell Emscripten ● Emscripten is an SDK that compiles C/C++ into .wasm binaries ● LLVM/Clang derivative ● Includes built-in C libraries, etc. ● Also produces JS and HTML code to allow easy integration into a site.
    [Show full text]
  • Superoptimization of Webassembly Bytecode
    Superoptimization of WebAssembly Bytecode Javier Cabrera Arteaga Shrinish Donde Jian Gu Orestis Floros [email protected] [email protected] [email protected] [email protected] Lucas Satabin Benoit Baudry Martin Monperrus [email protected] [email protected] [email protected] ABSTRACT 2 BACKGROUND Motivated by the fast adoption of WebAssembly, we propose the 2.1 WebAssembly first functional pipeline to support the superoptimization of Web- WebAssembly is a binary instruction format for a stack-based vir- Assembly bytecode. Our pipeline works over LLVM and Souper. tual machine [17]. As described in the WebAssembly Core Specifica- We evaluate our superoptimization pipeline with 12 programs from tion [7], WebAssembly is a portable, low-level code format designed the Rosetta code project. Our pipeline improves the code section for efficient execution and compact representation. WebAssembly size of 8 out of 12 programs. We discuss the challenges faced in has been first announced publicly in 2015. Since 2017, it has been superoptimization of WebAssembly with two case studies. implemented by four major web browsers (Chrome, Edge, Firefox, and Safari). A paper by Haas et al. [11] formalizes the language and 1 INTRODUCTION its type system, and explains the design rationale. The main goal of WebAssembly is to enable high performance After HTML, CSS, and JavaScript, WebAssembly (WASM) has be- applications on the web. WebAssembly can run as a standalone VM come the fourth standard language for web development [7]. This or in other environments such as Arduino [10]. It is independent new language has been designed to be fast, platform-independent, of any specific hardware or languages and can be compiled for and experiments have shown that WebAssembly can have an over- modern architectures or devices, from a wide variety of high-level head as low as 10% compared to native code [11].
    [Show full text]
  • Markup Languages SGML, HTML, XML, XHTML
    Markup Languages SGML, HTML, XML, XHTML CS 431 – February 13, 2006 Carl Lagoze – Cornell University Problem • Richness of text – Elements: letters, numbers, symbols, case – Structure: words, sentences, paragraphs, headings, tables – Appearance: fonts, design, layout – Multimedia integration: graphics, audio, math – Internationalization: characters, direction (up, down, right, left), diacritics • Its not all text Text vs. Data • Something for humans to read • Something for machines to process • There are different types of humans • Goal in information infrastructure should be as much automation as possible • Works vs. manifestations • Parts vs. wholes • Preservation: information or appearance? Who controls the appearance of text? • The author/creator of the document • Rendering software (e.g. browser) – Mapping from markup to appearance •The user –Window size –Fonts and size Important special cases • User has special requirements – Physical abilities –Age/education level – Preference/mood • Client has special capabilities – Form factor (mobile device) – Network connectivity Page Description Language • Postscript, PDF • Author/creator imprints rendering instructions in document – Where and how elements appear on the page in pixels Markup languages •SGML, XML • Represent structure of text • Must be combined with style instructions for rendering on screen, page, device Markup and style sheets document content Marked-up document & structure style sheet rendering rendering software instructions formatted document Multiple renderings from same
    [Show full text]
  • Development and Maintenance of Xml-Based Versus Html-Based Websites: a Case Study
    DEVELOPMENT AND MAINTENANCE OF XML-BASED VERSUS HTML-BASED WEBSITES: A CASE STUDY Mustafa Atay Department of Computer Science Winston-Salem State University Winston-Salem, NC 27110 USA [email protected] ABSTRACT HTML (Hyper Text Markup Language) has been the primary tool for designing and developing web pages over the years. Content and formatting information are placed together in an HTML document. XML (Extensible Markup Language) is a markup language for documents containing semi-structured and structured information. XML separates formatting from the content. While websites designed in HTML require the formatting information to be included along with the new content when an update occurs, XML does not require adding format information as this information is separately included in XML stylesheets (XSL) and need not be updated when new content is added. On the other hand, XML makes use of extra tags in the XML and XSL files which increase the space usage. In this study, we design and implement two experimental websites using HTML and XML respectively. We incrementally update both websites with the same data and record the change in the size of code for both HTML and XML editions to evaluate the space efficiency of these websites. KEYWORDS XML, XSLT, HTML, Website Development, Space Efficiency 1. INTRODUCTION HTML (Hyper Text Markup Language) [1] has been the primary tool for designing and developing web pages for a long time. HTML is primarily intended for easily designing and formatting web pages for end users. Web pages developed in HTML are unstructured by its nature. Therefore, programmatic update and maintenance of HTML web pages is not an easy task.
    [Show full text]
  • Webassembly Backgrounder
    Copyright (c) Clipcode Limited 2021 - All rights reserved Clipcode is a trademark of Clipcode Limited - All rights reserved WebAssembly Backgrounder [DRAFT] Written By Eamon O’Tuathail Last updated: January 8, 2021 Table of Contents 1: Introduction.................................................................................................3 2: Tooling & Getting Started.............................................................................13 3: Values.......................................................................................................18 4: Flow Control...............................................................................................27 5: Functions...................................................................................................33 6: (Linear) Memory.........................................................................................42 7: Tables........................................................................................................50 1: Introduction Overview The WebAssembly specification is a definition of an instruction set architecture (ISA) for a virtual CPU that runs inside a host embedder. Initially, the most widely used embedder is the modern standard web browser (no plug-ins required). Other types of embedders can run on the server (e.g. inside standard Node.js v8 – no add-ons required) or in future there could be more specialist host embedders such as a cross- platform macro-engine inside desktop, mobile or IoT applications. Google, Mozilla, Microsoft and
    [Show full text]
  • Schema Based Storage of Xml Documents in Relational Databases
    International Journal on Web Service Computing (IJWSC), Vol.4, No.2, June 2013 SCHEMA BASED STORAGE OF XML DOCUMENTS IN RELATIONAL DATABASES Dr. Pushpa Suri1 and Divyesh Sharma2 1Department of Computer Science and Applications, Kurukshetra University, Kurukshetra [email protected] 2Department of Computer Science and Applications, Kurukshetra University, Kurukshetra [email protected] ABSTRACT XML (Extensible Mark up language) is emerging as a tool for representing and exchanging data over the internet. When we want to store and query XML data, we can use two approaches either by using native databases or XML enabled databases. In this paper we deal with XML enabled databases. We use relational databases to store XML documents. In this paper we focus on mapping of XML DTD into relations. Mapping needs three steps: 1) Simplify Complex DTD’s 2) Make DTD graph by using simplified DTD’s 3) Generate Relational schema. We present an inlining algorithm for generating relational schemas from available DTD’s. This algorithm also handles recursion in an XML document. KEYWORDS XML, Relational databases, Schema Based Storage 1. INTRODUCTION As XML (extensible markup language) documents needs efficient storage. The concept of Relational data bases provides more mature way to store and query these documents. Research on storage of XML documents using relational databases are classified by two kinds : Schema oblivious storage, Schema Based storage .Schema oblivious storage does not use any DTD (document type definition) or XML schema to map XML document in to relations[4][5][6][7][8][9][10]. Schema based storage requires DTD attached with the XML documents itself .
    [Show full text]