[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
Schematron Best Practice: A Schematron schema's area of responsibility?
- From: "Costello, Roger L." <costello@mitre.org>
- To: <xml-dev@lists.xml.org>
- Date: Thu, 28 Jun 2007 10:48:41 -0400
ISSUE
When implementing an XML instance document's set of constraints, what
is a Schematron schema's area of responsibility?
EXAMPLE
Consider this XML instance document:
<?xml version="1.0"?>
<Document classification="secret">
<Para classification="unclassified">
One if by land, two if by sea;
</Para>
</Document>
Schematron is very well-suited for implementing this co-constraint:
Security Classification Policy: For the instance document to be valid
no <Para> element may have a classification value higher than the
<Document>'s classification value.
The implementation of this co-constraint is shown at the bottom of this
message.
RESPONSIBILITY OF A SCHEMATRON SCHEMA
The implementation makes some assumptions. For example, it assumes
that the classification attributes have already been verified to have
legal values (top-secret, secret, confidential, and unclassified).
The Schematron schema *could* validate that the classification
attributes have legal values. But so could a grammar-based schema
language (e.g. Relax NG, XML Schema).
QUESTIONS
1. What is the responsibility of a Schematron schema?
2. Should a Schematron schema implement constraints that could be done
by a grammar-based schema language?
3. Should a Schematron schema implement only those constraints which
cannot be implemented by a grammar-based schema languages such as
co-constraints, data cardinality checks, and algorithmic checks?
4. How much intersection should there be between the set of constraints
implemented by a Schematron schema and the set of constraints
implemented by a grammar-based schema?
IMPLEMENTATION OF THE SECURITY CLASSIFICATION POLICY
<sch:pattern name="Security Classification Policy">
<sch:p>A Para's classification value cannot be more sensitive
than the Document's classification value.</sch:p>
<sch:rule context="Para[@classification='top-secret']">
<sch:assert test="/Document/@classification='top-secret'">
If there is a Para labeled "top-secret" then the Document
must be labeled top-secret
</sch:assert>
</sch:rule>
<sch:rule context="Para[@classification='secret']">
<sch:assert test="(/Document/@classification='top-secret') or
(/Document/@classification='secret')">
If there is a Para labeled "secret" then the Document
must be labeled either secret or top-secret
</sch:assert>
</sch:rule>
<sch:rule context="Para[@classification='confidential']">
<sch:assert test="(/Document/@classification='top-secret') or
(/Document/@classification='secret') or
(/Document/@classification='confidential')">
If there is a Para labeled "confidential" then the
Document
must be labeled either confidential, secret or top-secret
</sch:assert>
</sch:rule>
</sch:pattern>
/Roger
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]