Presentation is loading. Please wait.

Presentation is loading. Please wait.

CBOR Manifest Serialisation

Published byJordan Hart Modified over 5 years ago

Similar presentations

Presentation on theme: "CBOR Manifest Serialisation"— Presentation transcript:

1 CBOR Manifest Serialisation

2 Open issues Should the primary object be an array or a map?
Should the graph described in draft-moran-suit-manifest-02 be replaced with trees? How are they overridden? How are they represented? Are there any use cases that break? Should one digest be used for the whole manifest, or is there a good reason to support more than one? Should more sections be severable? Should it be possible to encrypt severable sections? COSE has no algorithm identifiers for digests, so they cannot be reused May need another SUIT draft for COSE

3 Open Issues (Cont’d) Should encryption of the manifest be addressed explicitly, or should that be handled one level higher? Encoding of Processing Step Encoding of Directive Encoding of Conditions Extension encoding IANA implications for use of enums throughout the manifest

4 Primary structure array vs map
Most fields are mandatory Version digestInfo* Nonce Sequence Preconditions Resources Targets Those that aren’t used cost 1 byte (nil or 0-length object) Out of 12 fields, 7 are mandatory

5 Tree-based process description proposal
Things that are installed (assets) get their own section Digest Size Component identifier Description of how to obtain an asset: List of processing steps Resources are a processing step with URIs or a ComponentIdentifier instead of inputs

6 Tree-based process description (cont’d)
Asset = [ component: ComponentIdentifier, ; where to store the asset encoding: bstr / nil, ; the format of the asset parameters: bstr / nil, ; any specialized arguments for installing the asset size: uint / nil, ; size of the resource digest: Digest ; digest of the processed resource ] ComponentIdentifier = [* bstr ] Digest = [ digestAlgorithm : DigestIdentifiers / nint, ; Digest identifier rawDigest : bstr ; Raw bytes of the digest ? digestParameters : bstr ; optional extra arguments to the algorithm

7 Tree-based process description (cont’d)
AssetInstallationInfo = [ component : ComponentIdentifier processors : [ * Processor ], ? allowOverride : bool, ? extensions : { * int => bstr } ] Processor = [ type: &( resource: 1, decrypt: 2, decompress: 3, undiff: 4, relocate: 5, unrelocate: 6) / nint, inputs: UriList / ComponentIdentifier / {int => int}, parameters: bstr ; Note: this needs to have more detail instead of bstr

8 Description of installation process in manifest
Why not leave container information in the payload(s)? Reject early if unsupported Important for low-bandwidth Why not enums for aggregate formats? Lots of specialized parameters. Many possible configurations. Registration space of accepted enums becomes large

9 Description of installation process in manifest
Example: Raw binary payload: no arguments Encrypted binary payload: key identifier algorithm identifier Encrypted, compressed binary payload: encryption algorithm identifier compression algorithm identifier Encrypted, compressed, delta payload precursor digest precursor component ID, storage location delta algorithm identifier

10 Description of installation process in manifest
Each enum would need its own parameter structure Easy to miss a reasonable combination of supported steps Describe each step instead Each step can have a defined structure All steps can be represented in the same way How is flow described? Flow of data between steps is a tree, not a linear sequence Delta makes it clear that flow is at least a tree A resource shared between two steps makes it clear that flow is a graph Graphs make constrained processing hard Use multiple trees instead of a graph

11 Description of installation process in manifest
For each asset, a tree defines the installation process To reduce nesting depth in the parser, the tree is encoded as a list, where output identifiers are the index of the processor in the processor list inputs are a map of indices into the processor list. Resources are encoded as a processor with no inputs Assets designate a single input node Output nodes can be marked as non-overridable Dependent manifests can override any installation tree not marked as non- overridable

12 Examples: Raw Binary payload Installation Information:
Component Identifier: [ bstr(0) ] Resource: Parameters: List of URIs Asset Information Encoding: raw-binary

13 Examples: Delta payload Installation Information: Asset Information
Component Identifier: [ bstr(1) ] Processors: Delta: {1 => 1, 2 => 2} Resource: URIs Resource: [ bstr(1) ] Asset Information Encoding: raw-binary inode: bstr(2)

14 Current changes

15 Highlights of changes Primary structure is array (not map)
Text is severable Multiple payloads allowed Resources (before installation) separated from assets (after installation) Description of installation process in the manifest Conditions divided into preconditions and postconditions Added component identifier (replaces storage identifier) Timestamp removed, added sequence number

16 WIP status This serialization is still in development
There is ongoing discussion on the mailing list See Open Issues for more information

17 Severable Text Text is for humans
Text is not used by devices to make decisions Devices don’t need to receive text Text is still needed in management systems

18 Severable Text (cont’d)
Text lives outside the authenticated container AuthenticatedManifest = [ authenticatedManifest: COSE_Mac / COSE_Sign, text: bstr .cbor TextMap ] TextKeys = &( uninitialised: 0 manifestDescription: 1 payloadDescription: 2 vendorName: 3 modelName: 4 payloadVersion: 5 ) / nint TextMap = { * TextKeys => tstr }

19 Severable Text (cont’d)
Inside the authenticated container, text is authenticated with a digest

20 Multiple payloads Payloads had three components:
A resource identifier Installation instructions (cryptographic info) An asset description Required extension for advanced uses (e.g. Delta) Aliases, Dependencies, Payloads are now all resource references Assets are now separate from their resource identifier Installation instructions are now separate (examples below)

21 Resources separated from assets
All resource references are effectively the same No need to distinguish between alias, dependency, payload Resources define a local or remote input URI Digest Assets define an installed image: Size Location

22 Conditions divided into preconditions and postconditions
Some conditions need to be checked before installation Identifiers, time, precursors, custom Some conditions need to be checked after installation Content not identified by an asset digest, custom Two choices: Two lists makes it easier for devices to know what to do in each step of the process typically costs 1 byte Duplicate condition identifiers typically smaller serialization duplication of identifiers may increase integer encoding size more registration and maintenance with duplicate identifiers

23 Component Identifier Storage Identifier may not be adequate for all use cases Devices can be aggregates of one or more processors with two or more different storage systems Component Identifier allows designating the storage system Storage systems and hardware components can be nested Component Identifier needs to be a list to handle this. Storage Identifier can be merged into this list as the last element.

Download ppt "CBOR Manifest Serialisation"

Similar presentations

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
The Assembly Language Level

The Assembly Language Level
Introducing Hashing Chapter 21 Copyright ©2012 by Pearson Education, Inc. All rights reserved.

Introducing Hashing Chapter 21 Copyright ©2012 by Pearson Education, Inc. All rights reserved.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.

Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
C o n f i d e n t i a l Developed By Nitendra NextHome Subject Name: Data Structure Using C Title: Overview of Data Structure.

C o n f i d e n t i a l Developed By Nitendra NextHome Subject Name: Data Structure Using C Title: Overview of Data Structure.
Lesson 7-Creating and Changing Directories. Overview Using directories to create order. Managing files in directories. Using pathnames to manage files.

Lesson 7-Creating and Changing Directories. Overview Using directories to create order. Managing files in directories. Using pathnames to manage files.
CMPSC 16 Problem Solving with Computers I Spring 2014 Instructor: Lucas Bang Lecture 15: Linked data structures.

CMPSC 16 Problem Solving with Computers I Spring 2014 Instructor: Lucas Bang Lecture 15: Linked data structures.
Processing of structured documents Spring 2002, Part 2 Helena Ahonen-Myka.

Processing of structured documents Spring 2002, Part 2 Helena Ahonen-Myka.
March 16 & 21, 20001 Csci 2111: Data and File Structures Week 9, Lectures 1 & 2 Indexed Sequential File Access and Prefix B+ Trees.

March 16 & 21, Csci 2111: Data and File Structures Week 9, Lectures 1 & 2 Indexed Sequential File Access and Prefix B+ Trees.
COSE Overview Jim Schaad August Cellars. Willing Changes No crypto compatibility Use of CBOR idioms Partial change of naming schemes.

COSE Overview Jim Schaad August Cellars. Willing Changes No crypto compatibility Use of CBOR idioms Partial change of naming schemes.
Hashing Sections 10.2 – 10.3 CS 302 Dr. George Bebis.

Hashing Sections 10.2 – 10.3 CS 302 Dr. George Bebis.
Today’s Agenda  Reminder: HW #1 Due next class  Quick Review  Input Space Partitioning Software Testing and Maintenance 1.

Today’s Agenda  Reminder: HW #1 Due next class  Quick Review  Input Space Partitioning Software Testing and Maintenance 1.
PGP & IP Security  Pretty Good Privacy – PGP Pretty Good Privacy  IP Security. IP Security.

PGP & IP Security  Pretty Good Privacy – PGP Pretty Good Privacy  IP Security. IP Security.
The goal of XML Protocol Develop technologies allowing peers to communicate…....in a distributed environment......using XML as encapsulation language.

The goal of XML Protocol Develop technologies allowing peers to communicate…....in a distributed environment......using XML as encapsulation language.
VCE IT Theory Slideshows by Mark Kelly 2016-2019 study design By Mark Kelly, vceit.com, Begin.

VCE IT Theory Slideshows by Mark Kelly study design By Mark Kelly, vceit.com, Begin.
PerfSONAR Schema and Topology Martin Swany. Schema Key Goals: Extensibility, Normalization, Readability Break representation of performance measurements.

PerfSONAR Schema and Topology Martin Swany. Schema Key Goals: Extensibility, Normalization, Readability Break representation of performance measurements.
Parallel Computing Chapter 3 - Patterns R. HALVERSON MIDWESTERN STATE UNIVERSITY 1.

Parallel Computing Chapter 3 - Patterns R. HALVERSON MIDWESTERN STATE UNIVERSITY 1.
Recursion Powerful Tool

Recursion Powerful Tool
Stephen Banghart Dave Waltermire

Stephen Banghart Dave Waltermire
Chapter 3 Data Representation

Chapter 3 Data Representation

Similar presentations

Ads by Google