PackagingYour data: Accessible, Manageable, and Secure

Jack DavisPM

Windows/DevX/AppX/Packaging

Start 12:10

Managing Application Content

Applications today commonly work using multiple content streams:

Text and markupImages, pictures, audio, and videoUser settingsApplication states

App developer’s dilemma:“How do I store, access, and manage app data that’s contained in multiple content steams?”

Organizing Content and Resources- previously -

Binary “container” files

“Flat file” Organization

Flat files:Simple to accessDifficult to move.

Binary container files:Easy to move. Harder to access.(each format unique, need special APIs and tools)

Web browser:• HTML pages – .html• Image files – .jpg, .png• Style Sheets – .css• Video, Audio – .mpeg, .wmv

Client applications:• Word – .doc• Excel – .xls• PowerPoint – .ppt• Acrobat – .pdf.

An ISO and ECMA industry-standard for creating new file formats.

Open Packaging Conventions (OPC)

A standalone component of Office Open XML ISO 29500-2 Open Packaging Conventions (2008)

ECMA 376-2 Open Packaging Conventions (2006 & 2008)

“Packaging”

OPC ZIP-based container Web-accessible content Relational organization (optional)

Organizing Content and Resources – Open Packaging Conventions –

Current OPC Products and Formats

Word & Win7 WordPad .docx

Excel .xlsx

PowerPoint .pptx

Windows Vista & Windows 7 print pipeline

XML Paper Specification.xps

Visual Studio .vsix

Semblio .semblio

Forefront Security .gfp

Autodesk AutoCAD .jtx

Siemens/UGS .jtx

Windows Azure .cspkg

SQL Analysis Services ?

Packaging provides:

• Robustness • Compact Size• Zip functionality• Web accessibility • ISO & ECMA industry-standard acceptance

Demo

Packaging “Min Bar”

Every OPC-based format is a ZIP file!

The reverse is not necessarily true:Not every ZIP file is an OPC package.

OPC adds two min requirements to Zip:

All parts (files) in a package must beweb-accessible: Names of all stored parts (files) must be URI/URL-compliant.

Packages must contain a [Content_Types].xml

Web-Accessible Part Names

All parts (files) stored in a package must be Web-accessible.

The names of all stored parts must be URI/URL-compliant:

Example: File name: “my file.txt”

(space characters are not allowed in URIs/URLs)

Part name: “my%20file.txt”(space characters percent-encoded)

[Content_Types].xmlEvery part (file) stored in a package has aMIME-style media type.[Content_Types].xml markup is simple:

Default: associates a generic file "Extension" to a specified "ContentType".Override: associates a specific "PartName" to a specified "ContentType" (overrides any Default extension association).

<?xml version="1.0" encoding="utf-8" ?> <Types xmlns="http://schemas.openxmlformats.org/package/2006/content-types">   <Default Extension="htm" ContentType="text/html" />   <Default Extension="css" ContentType="text/css" />   <Default Extension="png" ContentType="image/png" />   <Default Extension="jpg" ContentType="image/jpeg" />   <Default Extension="mp3" ContentType="audio/mpeg3" />   <Default Extension="xml" ContentType="application/xml" />   <Override PartName="/docProps/core.xml"    ContentType="application/vnd.openxmlformats-package.core-properties+xml" /> </Types>

Packaging Content and Resources

Application

AccessParts, ContentTypes

FileY

FileZ

FileX

Package

PartXContentType

PartYContentType

PartZContentType

PartXContentType

Optional Services

Data compression

Relational content associations.

Digital Signatures

Authenticate the signing individualor organization

Validate that signed content has not been altered after signing.

Storage and access to “core properties”metadata.

Storage and access of “thumbnail” images.

pack:// scheme forweb access (managed-code)

Interleaved content for streaming consumption.

Hierarchical OrganizationConventional file systems, including Zip, provide a simple hierarchical organization.

OPC RelationshipsRelationships allow file formats to organize content through directed-graph associations.

Relationship Attributes

Relationships are composed of four items:

Source (part or package root) – implied by reference

Target (internal part or external resource)IDRelationship-Type

S

T

ID="rId1"

Type="http://...#required-resource"

Target="/images/logo.png"(ContentType="image/png")

Relationships MarkupExample “\_rels\.rels” file<?xml version="1.0" encoding="UTF-8" standalone="yes" ?> <Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships">  <Relationship Id="rId3" Type="http://.../extended-properties" Target="docProps/app.xml" />   <Relationship Id="rId2“ Type="http://.../core-properties" Target="docProps/core.xml" />   <Relationship Id="rId1" Type="http://.../officeDocument" Target="word/document.xml" /> </Relationships>

Example “\word\_rels\document.xml.rels” file<?xml version="1.0" encoding="UTF-8" standalone="yes" ?> <Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships">  <Relationship Id="rId8" Type="http://.../header" Target="header1.xml" />   <Relationship Id="rId3" Type="http://.../styles" Target="styles.xml" />   <Relationship Id="rId7" Type="http://.../endnotes" Target="endnotes.xml" />   <Relationship Id="rId2" Type="http://.../numbering" Target="numbering.xml" />   <Relationship Id="rId1" Type="http://.../customXml" Target="../customXml/item1.xml" />   <Relationship Id="rId6" Type="http://.../footnotes" Target="footnotes.xml" />   <Relationship Id="rId5" Type="http://.../webSettings" Target="webSettings.xml" />   <Relationship Id="rId4" Type="http://.../settings" Target="settings.xml" /> </Relationships>

Digital SignaturesIdentifies the content originator.Validates that the content has not been altered.

Sign

Authenticate

& Validate

Content

X.509Certificate

Signing Policy

List .

of Parts and

Relationships

to sign.Package

PartXMIME=…

PartZContentType

Relationship

Relationship

PartXContentType

Relationship

PartYContentType Application

AccessParts, Relationships,

ContentTypes

Package

PartXMIME=…

PartYContentType

PartZContentType

Relationship

Relationship

Relationship

PartXContentType

DigitalSignature

Optional Services

Data compression

Relational content associations.

Digital Signatures

Authenticate the signing individualor organization

Validate that signed content has not been altered after signing.

Storage and access to “core properties”metadata.

Storage and access of “thumbnail” images.

pack:// scheme forweb access (managed-code)

Interleaved content for streaming consumption.

Win8 InvestigationsAppModel container (native pack:// scheme)

Data Protection (encryption / rights management)

XML Advanced Electronic Signatures (XAdES)

Enterprise Sign Tool (XML-based signing policies)

WinVerifyTrust extensions

Developer APIs for ZIP and Silverlight

Windows Shell handlers IProperties, IThumbnail, IFilter, IPreview

ISO 29500-2 OPC (2008) updates

SMPTE Media Package

Designing a File Format

5. For security, consider how the presence of unknown parts or relationships should be handled.

Allow none, allow any, allowed defined extensibility.

6. If the content of the package is not to be edited or modified, consider signing parts & relationships with a digital signature.

1. Use a package-level relationship to identify a “starting” part.

2. For parts that reference other parts, create a part-level relationship to each target resource.

3. Consider using relationship IDs for content references in markup to resources.

4. Avoid relative references to resources outside of a Package.

Open Packaging ConventionsISO 29500-2 / ECMA 376-2

For more information see Wikipedia “OPC” or go tohttp://en.wikipedia.org/wiki/Open_Packaging_Conventions