[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: Valid RDF and security

  • From: Paul Prescod <paul@p...>
  • To: xml-dev <xml-dev@i...>
  • Date: Mon, 15 Feb 1999 13:16:32 -0600

rdf security
Perhaps this will help:
http://www.lists.ic.ac.uk/hypermail/xml-dev/9902/0371.html

Robb Shecter wrote:
> 
> Hi,
> 
> A week or so ago, someone asked how a piece of RDF can be validated,
> analogous to the way that a piece of XML can be validated with a DTD.  I
> don't think anybody answered this, or I missed the answer. (?)  I'm new
> to RDF, and don't know the answer, because as I understand it,
> validating RDF would mean making sure that the document properly follows
> (say) Dublin Core, and DC is defined as a schema, not as a DTD. (?)

Well, there is an initial Dublin Core schema, but I don't know if there is
any standard one:

http://www.w3.org/TR/WD-rdf-schema/#dublincore

> Idea 1:  Have webadmins write Java adapter classes that my framework
> would dynamically load via http.  This sounds cool, is possible
> (servlets do this), but has a security risk:  These webadmins at
> external sites are untrusted.  If I load and link their code on the fly,
> it could be programmed to do any number of destructive things on my
> server.

Declarative specifications are almost always better for this and many
other reasons. 

> Idea 3: Well, after reading about RDF, it seems like I'm reinventing the
> wheel a bit.  RDF is designed to do just what I was thinking about in
> 2.  But, how do I validate it?  And in my application, I really need the
> validation, because the validation enforces program functioning and
> security.

Define your document type with a DTD. Make the DTD such that every
document that conforms to it automatically conforms to RDF. Then you're
home free. If you don't need the degrees of syntactic freedom offered by
an RDF schema, then just use a DTD.

-- 
 Paul Prescod  - ISOGEN Consulting Engineer speaking for only himself
 http://itrc.uwaterloo.ca/~papresco

If you spend any time administering Windows NT, you're far too familiar 
with the Blue Screen of Death (BSOD) which displays the cause of the 
crash and gives some information about the state of the system when 
it crashed.  -- "Microsoft Developer Network Magazine"

xml-dev: A list for W3C XML Developers. To post, mailto:xml-dev@i...
Archived as: http://www.lists.ic.ac.uk/hypermail/xml-dev/ and on CD-ROM/ISBN 981-02-3594-1
To (un)subscribe, mailto:majordomo@i... the following message;
(un)subscribe xml-dev
To subscribe to the digests, mailto:majordomo@i... the following message;
subscribe xml-dev-digest
List coordinator, Henry Rzepa (mailto:rzepa@i...)


PURCHASE STYLUS STUDIO ONLINE TODAY!

Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Buy Stylus Studio Now

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Don't miss another message! Subscribe to this list today.
Email
First Name
Last Name
Company
Subscribe in XML format
RSS 2.0
Atom 0.3
 

Stylus Studio has published XML-DEV in RSS and ATOM formats, enabling users to easily subcribe to the list from their preferred news reader application.


Stylus Studio Sponsored Links are added links designed to provide related and additional information to the visitors of this website. they were not included by the author in the initial post. To view the content without the Sponsor Links please click here.

Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member
Stylus Studio® and DataDirect XQuery ™are products from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2013 All Rights Reserved.