Optimising XML Schema for IODEF Data model

1
Optimising XML Schema for IODEF Data model

• INCH WG, IETF57
• July 16, 2003
• Yuri Demchenko ltdemch_at_NLnetLabs.nlgt

2
Outlines

• Motivation for moving to Schema definition
• Changes and Optimisations to IODEF elements
  semantics
• Extra features XML Signature and Multilingual
  text type

3
Motivation for moving to XML Schema

• DTD is document-oriented
• Like HTML
• Schema is data-oriented
• More object oriented
• Integrated into development tools
• Easier maintenance (validation, modification,
  documentation - using tools)
• Enabling other useful features
• XML Signature
• SAML
• XPath, XSL and XSLT, XLink, XPointer

4
Semantics change for some attributes (1)

• Due to more complex way of naming attributes in
  the schema, introduced and redefined few
  attributes
• introduced Contact.contactrole
• was just role defined locally for the Contact
  element
• introduced Contact.contacttype
• was just type defined locally for the Contact
  element
• cloned attribute Expectation.priority from
  attvals.severity
• Was priority attvals.severity IMPLIED
• renamed yesno -gt spoofed
• renamed Expectation.category -gt expectation and
  attvals.expectation
• Was just category defined as attvals.expectation
  s

5
Semantics change for some attributes (2)

• Attribute dtype is used for both AdditionalData
  and RecordItem
• Was adtype and dtype
• Problems with IDMEF compatibility?
• Data types for Telephone and Fax remains string
• Mistakenly was defined in my early comments as
  "decimal"

6
Container for Signature

• Added container element Signatures to top level
  class IODEF-Document
• May contain multiple signatures dsSignature with
  imported namespace
• ltxselement name"IODEF-Document"gt    
  ltxscomplexTypegt      ltxssequencegt     
  ltxselement ref"Incident" maxOccurs"unbounded"/gt
       ltxselement ref"Signatures"/gt      lt/xs
  sequencegt      ltxsattribute name"version"
  type"xsstring" fixed"0.1"/gt    
  lt/xscomplexTypegt lt/xselementgt ltxselement
  name"Signatures"gt     ltxscomplexTypegt     
  ltxssequencegt       ltxselement
  ref"dsSignature" maxOccurs"unbounded"/gt     
  lt/xssequencegt     lt/xscomplexTypegt
  lt/xselementgt

7
Simplified definition elements Node, Service,
UserId

• lt!ELEMENT Node (name?, Address, DateTime?,
  Location?, NodeRole)gt
• lt!ELEMENT Node (((name Address), Address),
  DateTime?, name?, Address, Location?,
  NodeRole)gt
• (domain) name of a node is one but optional IP
  Addresses may be many
• lt!ELEMENT Service (((name?, port) portlist),
  protocol?, SNMPService?, WebService?)gt
• lt!ELEMENT Service (((name port (name, port))
  portlist), protocol?, SNMPService?,
  WebService?)gt
• port primary identified by number, optionally -
  by name
• this simplified definition will help to avoid
  warnings in the future from too strict validators
  and parsers
• this definition will also validate initial IDMEF
  definition and XML text
• lt!ELEMENT UserId ((number, name?) (name,
  number?))gt
• Old definition (name number (name, number))
  generate warning of non-deterministic Schema
• Other possibility - (name?, number?)

8
New data types

• Some elements are defined not as a complexElement
  but via complexType to allow reuse and easier
  redefine some complexTypes, in particular
• AdditionalDataType
• IncidentIDType
• DateTimeType
• DescriptionType
• MultilingTextType
• TextAbstractType

9
MultilingualTextType and TextAbstractType

• To mark-up multilingual text preservation
  features, introduced two new classes
• TextAbstractType to carry language attribute
• MultilingTextType to describe possible
  multilingual text transformation by Transform
  class imported from XMLSig Schema
• Introduced new element "Name" for Contact class
  instead of more simple "name"
• Name defined via MultilingTextType ltxselement
  name"Name" type"MultilingTextType"/gt

10
dsTransform element

• ltxsschema xmlnsds"http//www.w3.org/2000/09/xml
  dsig" xmlnsxs"http//www.w3.org/2001/XMLSchema"
  gt
• ltxselement name"Transforms" type"TransformsTyp
  e"/gt
• ltxscomplexType name"TransformsType"gt
• ltxssequencegt
• ltxselement ref"Transform" maxOccurs"unbounde
  d"/gt
• lt/xssequencegt
• lt/xscomplexTypegt
• ltxselement name"Transform" type"TransformType"
  /gt
• ltxscomplexType name"TransformType"
  mixed"true"gt
• ltxschoice minOccurs"0" maxOccurs"unbounded"gt
• ltxsany namespace"other" processContents"la
  x"/gt
• ltxselement name"XPath" type"string"/gt
• (1,1) elements from (0,unbounded)
  namespaces
• lt/xschoicegt
• ltxsattribute name"Algorithm" type"xsanyURI"
  use"required"/gt
• lt/xscomplexTypegt

11
Issue to discuss Preserving multilingual text

• Measures to preserve multilingual non-UTF-8 text
  look complex, so they better will be limited to
  elements which are really sensitive to non-UTF-8
  encoding Description Name PostalAddress
  Impact Location
• IDN (internationalised domain name) required to
  use UTF-8 or other derived encoding.

12
Preserving ML text - usage

• Two cases are possible when using XML Signature
• Transform to UTF-8 all document and sign the
  document
• Use text transformation to keep multilingual text
  in binary form and sign the document
• In both cases you need to make conversion to
  display text on user machine that doesnt
  use/handle UTF-8/Unicode

13
Future steps

• Make changes to current DTD-01
• Include Schema into next IODEF draft?