XML.orgXML.org
FOCUS AREAS |XML-DEV |XML.org DAILY NEWSLINK |REGISTRY |RESOURCES |ABOUT
OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
RE: Schematron Best Practice: A Schematron schema's area of responsibility?

Hi Folks,

Rick Jelliffe makes a very good point.  Before asking questions about
what sort of implementation(s) should be used, we must ask, "What are
the constraints? What are the requirements?"

Let's take a specific example of a document with constraints that our
application is required to ensure are met.  Perhaps a general rule will
emerge from the example.

EXAMPLE

Consider this XML instance document:
 
<?xml version="1.0"?>
<Document classification="secret">
    <Para classification="unclassified">
          One if by land, two if by sea;
    </Para>
</Document>

Suppose these two constraints must be implemented:

1. For the instance document to be valid no <Para> element may have a
classification value higher than the <Document>'s classification value.

2. For the instance document to be valid the value of each
classification attribute must be one of these values:
  - top-secret
  - secret
  - confidential
  - unclassified

IMPLEMENTATION

How should the two constraints be implemented?

The first constraint is a co-constraint and cannot be expressed using a
grammar-based language. It must be expressed using Schematron.  At the
bottom of this message is a Schematron implementation of the
constraint.

For the second constraint, however, there are alternatives:

(a) Use a grammar-based language to implement the constraint.  Here is
how the constraint may be implemented using XML Schemas:

   <attribute name="classification">
       <simpleType>
           <enumeration value="top-secret" />
           <enumeration value="secret" />
           <enumeration value="confidential" />
           <enumeration value="unclassified" />
       </simpleType>
   </attribute>

(b) Use a rule-based language to implement the constraint. Here is how
the constraint may be implemented using Schematron:

   <sch:pattern name="Classifications"> 

      <sch:rule context="*[@classification]">

         <sch:assert test="@classification='top-secret' or
                           @classification='secret' or
                           @classification='confidential' or
                           @classification='unclassified'">
             The value of a classification must be one of top-secret,
             secret, confidential, or unclassified.
         </sch:assert>

      </sch:rule>

   </sch:pattern>

QUESTIONS

(I) What are the advantages of implementing the second constraint using
a grammar-based language? What are its disadvantages?

(II) What are the advantages of implementing the second constraint
using a rule-based language (i.e. Schematron)? What are its
disadvantages?

In an earlier post Bryan Rasmussen hinted at an answer to these
questions. He wrote:

"Questions to ask about languages when they are equivalent in abilities
are which one would it be easiest to implement it in. Which one would
be easiest to maintain and extend."

For our example, both implementations seem pretty easy to implement.
What about maintainability and extensibility? Is one implementation
more maintainable or extensible than another?

/Roger

IMPLEMENTATION OF THE SECURITY CLASSIFICATION POLICY

   <sch:pattern name="Security Classification Policy">

      <sch:p>A Para's classification value cannot be more sensitive 
             than the Document's classification value.</sch:p> 

      <sch:rule context="Para[@classification='top-secret']">

         <sch:assert test="/Document/@classification='top-secret'">
             If there is a Para labeled "top-secret" then the Document

             must be labeled top-secret
         </sch:assert>

      </sch:rule>

      <sch:rule context="Para[@classification='secret']">

         <sch:assert test="(/Document/@classification='top-secret') or
                           (/Document/@classification='secret')">
             If there is a Para labeled "secret" then the Document  
             must be labeled either secret or top-secret
         </sch:assert>

      </sch:rule>

      <sch:rule context="Para[@classification='confidential']">

         <sch:assert test="(/Document/@classification='top-secret') or
                           (/Document/@classification='secret') or 
                           (/Document/@classification='confidential')">
             If there is a Para labeled "confidential" then the
Document  
             must be labeled either confidential, secret or top-secret
         </sch:assert>

      </sch:rule>

   </sch:pattern>

/Roger
 


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 1993-2007 XML.org. This site is hosted by OASIS