Date post: | 17-May-2015 |
Category: |
Technology |
Upload: | jack-davis |
View: | 1,420 times |
Download: | 1 times |
PackagingYour data: Accessible, Manageable, and Secure
Jack DavisPM
Windows/DevX/AppX/Packaging
Start 12:10
Managing Application Content
Applications today commonly work using multiple content streams:
Text and markupImages, pictures, audio, and videoUser settingsApplication states
App developer’s dilemma:“How do I store, access, and manage app data that’s contained in multiple content steams?”
Organizing Content and Resources- previously -
Binary “container” files
“Flat file” Organization
Flat files:Simple to accessDifficult to move.
Binary container files:Easy to move. Harder to access.(each format unique, need special APIs and tools)
Web browser:• HTML pages – .html• Image files – .jpg, .png• Style Sheets – .css• Video, Audio – .mpeg, .wmv
Client applications:• Word – .doc• Excel – .xls• PowerPoint – .ppt• Acrobat – .pdf.
An ISO and ECMA industry-standard for creating new file formats.
Open Packaging Conventions (OPC)
A standalone component of Office Open XML ISO 29500-2 Open Packaging Conventions (2008)
ECMA 376-2 Open Packaging Conventions (2006 & 2008)
“Packaging”
OPC ZIP-based container Web-accessible content Relational organization (optional)
Organizing Content and Resources – Open Packaging Conventions –
Current OPC Products and Formats
Word & Win7 WordPad .docx
Excel .xlsx
PowerPoint .pptx
Windows Vista & Windows 7 print pipeline
XML Paper Specification.xps
Visual Studio .vsix
Semblio .semblio
Forefront Security .gfp
Autodesk AutoCAD .jtx
Siemens/UGS .jtx
Windows Azure .cspkg
SQL Analysis Services ?
Packaging provides:
• Robustness • Compact Size• Zip functionality• Web accessibility • ISO & ECMA industry-standard acceptance
Demo
Packaging “Min Bar”
Every OPC-based format is a ZIP file!
The reverse is not necessarily true:Not every ZIP file is an OPC package.
OPC adds two min requirements to Zip:
All parts (files) in a package must beweb-accessible: Names of all stored parts (files) must be URI/URL-compliant.
Packages must contain a [Content_Types].xml
Web-Accessible Part Names
All parts (files) stored in a package must be Web-accessible.
The names of all stored parts must be URI/URL-compliant:
Example: File name: “my file.txt”
(space characters are not allowed in URIs/URLs)
Part name: “my%20file.txt”(space characters percent-encoded)
[Content_Types].xmlEvery part (file) stored in a package has aMIME-style media type.[Content_Types].xml markup is simple:
Default: associates a generic file "Extension" to a specified "ContentType".Override: associates a specific "PartName" to a specified "ContentType" (overrides any Default extension association).
<?xml version="1.0" encoding="utf-8" ?> <Types xmlns="http://schemas.openxmlformats.org/package/2006/content-types"> <Default Extension="htm" ContentType="text/html" /> <Default Extension="css" ContentType="text/css" /> <Default Extension="png" ContentType="image/png" /> <Default Extension="jpg" ContentType="image/jpeg" /> <Default Extension="mp3" ContentType="audio/mpeg3" /> <Default Extension="xml" ContentType="application/xml" /> <Override PartName="/docProps/core.xml" ContentType="application/vnd.openxmlformats-package.core-properties+xml" /> </Types>
Packaging Content and Resources
Application
AccessParts, ContentTypes
FileY
FileZ
FileX
Package
PartXContentType
PartYContentType
PartZContentType
PartXContentType
Optional Services
Data compression
Relational content associations.
Digital Signatures
Authenticate the signing individualor organization
Validate that signed content has not been altered after signing.
Storage and access to “core properties”metadata.
Storage and access of “thumbnail” images.
pack:// scheme forweb access (managed-code)
Interleaved content for streaming consumption.
Hierarchical OrganizationConventional file systems, including Zip, provide a simple hierarchical organization.
OPC RelationshipsRelationships allow file formats to organize content through directed-graph associations.
Relationship Attributes
Relationships are composed of four items:
Source (part or package root) – implied by reference
Target (internal part or external resource)IDRelationship-Type
S
T
ID="rId1"
Type="http://...#required-resource"
Target="/images/logo.png"(ContentType="image/png")
Relationships MarkupExample “\_rels\.rels” file<?xml version="1.0" encoding="UTF-8" standalone="yes" ?> <Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"> <Relationship Id="rId3" Type="http://.../extended-properties" Target="docProps/app.xml" /> <Relationship Id="rId2“ Type="http://.../core-properties" Target="docProps/core.xml" /> <Relationship Id="rId1" Type="http://.../officeDocument" Target="word/document.xml" /> </Relationships>
Example “\word\_rels\document.xml.rels” file<?xml version="1.0" encoding="UTF-8" standalone="yes" ?> <Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"> <Relationship Id="rId8" Type="http://.../header" Target="header1.xml" /> <Relationship Id="rId3" Type="http://.../styles" Target="styles.xml" /> <Relationship Id="rId7" Type="http://.../endnotes" Target="endnotes.xml" /> <Relationship Id="rId2" Type="http://.../numbering" Target="numbering.xml" /> <Relationship Id="rId1" Type="http://.../customXml" Target="../customXml/item1.xml" /> <Relationship Id="rId6" Type="http://.../footnotes" Target="footnotes.xml" /> <Relationship Id="rId5" Type="http://.../webSettings" Target="webSettings.xml" /> <Relationship Id="rId4" Type="http://.../settings" Target="settings.xml" /> </Relationships>
Digital SignaturesIdentifies the content originator.Validates that the content has not been altered.
Sign
Authenticate
& Validate
Content
X.509Certificate
Signing Policy
List .
of Parts and
Relationships
to sign.Package
PartXMIME=…
PartZContentType
Relationship
Relationship
PartXContentType
Relationship
PartYContentType Application
AccessParts, Relationships,
ContentTypes
Package
PartXMIME=…
PartYContentType
PartZContentType
Relationship
Relationship
Relationship
PartXContentType
DigitalSignature
Optional Services
Data compression
Relational content associations.
Digital Signatures
Authenticate the signing individualor organization
Validate that signed content has not been altered after signing.
Storage and access to “core properties”metadata.
Storage and access of “thumbnail” images.
pack:// scheme forweb access (managed-code)
Interleaved content for streaming consumption.
Win8 InvestigationsAppModel container (native pack:// scheme)
Data Protection (encryption / rights management)
XML Advanced Electronic Signatures (XAdES)
Enterprise Sign Tool (XML-based signing policies)
WinVerifyTrust extensions
Developer APIs for ZIP and Silverlight
Windows Shell handlers IProperties, IThumbnail, IFilter, IPreview
ISO 29500-2 OPC (2008) updates
SMPTE Media Package
Designing a File Format
5. For security, consider how the presence of unknown parts or relationships should be handled.
Allow none, allow any, allowed defined extensibility.
6. If the content of the package is not to be edited or modified, consider signing parts & relationships with a digital signature.
1. Use a package-level relationship to identify a “starting” part.
2. For parts that reference other parts, create a part-level relationship to each target resource.
3. Consider using relationship IDs for content references in markup to resources.
4. Avoid relative references to resources outside of a Package.
Open Packaging ConventionsISO 29500-2 / ECMA 376-2
For more information see Wikipedia “OPC” or go tohttp://en.wikipedia.org/wiki/Open_Packaging_Conventions