dynamic verification of inter parameter constraints in
play

Dynamic Verification of Inter-Parameter Constraints in Web - PowerPoint PPT Presentation

Aug 21, 2023 •196 likes •387 views

# Dynamic Verification of Inter-Parameter Constraints in Web Applications Nathalie Oostvogels Joeri De Koster Wolfgang De Meuter Third party web services 2 Web API specifications 3 Web API requests request.post( { url:

  1. ‹#› Dynamic Verification of Inter-Parameter Constraints in Web Applications Nathalie Oostvogels ・ Joeri De Koster ・ Wolfgang De Meuter

  2. Third party web services 2

  3. Web API specifications 3

  4. Web API requests request.post( { url: “api.twitter.com/1.1/direct_messages/new.json”, form: { user_id: 42, screen_name: “Alice”, text: “Hello” }}, (error, r, result) => { console.log(result) }); 4

  5. Web API specifications optional number max length optional string = 15 max length required string = 140 5

  6. Automatically Verifying Requests 6

  7. ⎬ Dynamic verification request.post( { url: “api.twitter.com/1.1/direct_messages/new.json”, form: { user_id: 42, 
 screen_name: “Alice”, test : “Hello” }}, (error, r, result) => { console.log(result) }); Request to “api.twitter.com/1.1/ � direct_messages/new.json" is incorrect: required field “text” not present. 7

  8. ⎬ Dynamic verification request.post( { url: “api.twitter.com/1.1/direct_messages/new.json”, form: { user_id: 42 screen_name: “Alice”, text : “Hello” }}, (error, r, result) => { console.log(result) }); � 8

  9. At runtime… � “Incompatible parameters specified in the request” � “Some co-ordinate parameters were blank” � “You must specify either a list ID or a slug and owner” 9

  10. Inter-parameter constraints ○ constraints defined over multiple parameters Exclusive Dependent Group Constraints Constraints Constraints 10

  11. Automatically Verifying Requests 11

  12. Exclusive constraints ○ exactly one of a set of parameters is required Silent choice: Twitter chooses screen_name over user_id 12

  13. Dependent constraints ○ constraints on a parameter depend on a 
 property of another parameter Silent choice: Facebook ignores details of link when link is not provided 13

  14. Group constraints ○ a set of parameters should either be all 
 excluded from a request or all included Silent choice: Twitter ignores latitude when longitude is not provided 14

  15. Inter-parameter constraints in web APIs # entry XOR Dependent Group points 117 10 3 3 97 32 14 6 50 11 3 5 206 12 0 1 209 11 4 1 9 2 5 2 15

  16. A new specification language for web APIs paths: /direct_messages/new: post: parameters: - name: user_id type: number - name: screen_name type: string - name: text 
 type: string required: true x-constraints: - present(screen_name) XOR present(user_id) 16

  17. Dynamic verification request.post( { url: “api.twitter.com/1.1/direct_messages/new.json”, form: { user_id : 42, screen_name : “Alice”, text: “Hello” }}, (error, r, result) => { console.log(result) }); Request to “api.twitter.com/1.1/direct_messages/new.json" is incorrect: � the exclusive constraint on user_id and screen_name is not satisfied. 17

  18. Inter-parameter constraints in web APIs Error message when � Error message when constraints not satisfied. � constraints not satisfied. � Eliminating vague error messages � Uniform error messages 18

  19. Conclusion ○ When programming against Web APIs, programmers 
 oIen resort to trial and error ○ Introduced tool that transparently intercepts and 
 validates requests according to specificaKon ○ S upports validaKon of inter-parameter constraints ○ Future work: inter-parameter constraints outside 
 of web APIs 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

When the specification fails: documenting inter-parameter constraints About me Nathalie

When the specification fails: documenting inter-parameter constraints About me Nathalie

# When the specification fails: documenting inter-parameter constraints About me Nathalie Oostvogels PhD student Vrije Universiteit Brussel @noostvog Third party web services 3 Web API specifications 4 Web API specifications

726 views • 39 slides
From Reasoning with Constraints to Mining Constraints: Multi-Objective Parameter Fitting in

From Reasoning with Constraints to Mining Constraints: Multi-Objective Parameter Fitting in

From Reasoning with Constraints to Mining Constraints: Multi-Objective Parameter Fitting in Parametric Probabilistic Hybrid Automata Martin Frnzle 1 joint work (in progress) with Alessandro Abate (Oxford University, UK), Sebastian Gerwinn

709 views • 55 slides
Constraints in Verification Andreas Podelski University of Freiburg two kinds of constraints in

Constraints in Verification Andreas Podelski University of Freiburg two kinds of constraints in

Constraints in Verification Andreas Podelski University of Freiburg two kinds of constraints in verification 1. upper bound for fixpoint constraint over sets of states X F(X) X X bound verification

656 views • 52 slides
Dynamic Parameter Allocation in Parameter Servers Alexander Renz-Wieland 1 , Rainer Gemulla 2 ,

Dynamic Parameter Allocation in Parameter Servers Alexander Renz-Wieland 1 , Rainer Gemulla 2 ,

Dynamic Parameter Allocation in Parameter Servers Alexander Renz-Wieland 1 , Rainer Gemulla 2 , Stefgen Zeuch 1,3 , Volker Markl 1,3 VLDB 2020 1 / 11 1 TU Berlin, 2 University of Mannheim, 3 DFKI Takeaways communication overhead 2 / 11 Key

314 views • 15 slides
Static and dynamic verification Static and dynamic V&V Software inspections Concerned

Static and dynamic verification Static and dynamic V&V Software inspections Concerned

1 2 Static and dynamic verification Static and dynamic V&V Software inspections Concerned with analysis of the static system Static representation to discover problems (static verification verification) May be supplement by

107 views • 6 slides
Design Verification with e The language e Contains all the constructs necessary

Design Verification with e The language e Contains all the constructs necessary

Design Verification with e The language e Contains all the constructs necessary for a complete verification tool Allows objects in the verification environment to be extended Needs to express constraints Coverage

946 views • 80 slides
Dynamic Financial Constraints: Distinguishing Mechanism Design from Exogenously Incomplete

Dynamic Financial Constraints: Distinguishing Mechanism Design from Exogenously Incomplete

Dynamic Financial Constraints: Distinguishing Mechanism Design from Exogenously Incomplete Regimes Alexander Karaivanov Robert Townsend Simon Fraser University M.I.T. Karaivanov and Townsend Dynamic Financial Constraints Literature on

825 views • 69 slides
Dynamic logics INF5140 Specification and Verification of Parallel Systems Dynamic logics,

Dynamic logics INF5140 Specification and Verification of Parallel Systems Dynamic logics,

Dynamic logics INF5140 Specification and Verification of Parallel Systems Dynamic logics, lecture 3 Spring 2015 February 24, 2015 2 / 21 Introduction Problem FOL is very (at leat relative) expressive but undecidable. Good for

380 views • 21 slides
A Maximum A-Posteriori Based Algorithm for Dynamic Load Model Parameter Estimation Siming Guo and

A Maximum A-Posteriori Based Algorithm for Dynamic Load Model Parameter Estimation Siming Guo and

A Maximum A-Posteriori Based Algorithm for Dynamic Load Model Parameter Estimation Siming Guo and Prof. Thomas Overbye sguo6@illinois.edu September 21, 2015 Measurement based parameter estimation 1.05 1 Voltage [pu] 0.95 0.9 0.85 0 0.2

511 views • 11 slides
Verification of One Integer Parameter Recursive Sequential Procedures Ahmed Bouajjani Liafa -

Verification of One Integer Parameter Recursive Sequential Procedures Ahmed Bouajjani Liafa -

Verification of One Integer Parameter Recursive Sequential Procedures Ahmed Bouajjani Liafa - University of Paris 7 joint work with Peter Habermehl and Richard Mayr 1 Verification of Boolean Recursive Procedures Boolean Recursive Procedures

639 views • 42 slides
Dynamic validation of OCL constraints with mOdCL Manuel Rold an Francisco Dur an

Dynamic validation of OCL constraints with mOdCL Manuel Rold an Francisco Dur an

Dynamic validation of OCL constraints with mOdCL Manuel Rold an Francisco Dur an Universidad de M alaga, Spain OCL 2011 M. Rold an & F. Dur an (University of M alaga) Dynamic validation of OCL constraints with mOdCL OCL

640 views • 28 slides
Lumped parameter model Lumped parameter models describe the fluid-dynamic behavior within a vessel

Lumped parameter model Lumped parameter models describe the fluid-dynamic behavior within a vessel

Lesson 4 University of Bergamo Engineering and Management for Health FOR CHRONIC DISEASES MEDICAL SUPPORT SYSTEMS LESSON 4 Lumped parameter models of the cardiovascular system: introduction and clinical applications. Ettore Lanzarone March

597 views • 23 slides
Tree Automata, Approximations, and Constraints for Verification Ph.D. thesis defence for Vincent

Tree Automata, Approximations, and Constraints for Verification Ph.D. thesis defence for Vincent

Tree Automata, Approximations, and Constraints for Verification Ph.D. thesis defence for Vincent Hugot , Supervised by O. Kouchnarenko and P.-C. Ham {pheam,vhugot,okouchna}@femto-st.fr University of Franche-Comt DGA & Inria/CASSIS &

1.97k views • 181 slides
Static and dynamic verification Software inspections Concerned with analysis of the

Static and dynamic verification Software inspections Concerned with analysis of the

1 Static and dynamic verification Software inspections Concerned with analysis of the static system representation to discover problems (static verification) May be supplement by tool-based document and code analysis

310 views • 12 slides
Dynamic control Greedy, turnpike, constraints and some applications Enrique Zuazua 1

Dynamic control Greedy, turnpike, constraints and some applications Enrique Zuazua 1

Dynamic control Greedy, turnpike, constraints and some applications Enrique Zuazua 1 DeustoTech-Bilbao & UAM-Madrid, Spain enrique.zuazua@deusto.es http://cmc.deusto.es Marrakech, Avril 2018 1 ERC Advanced Grant DYCON-Dynamic Control (

985 views • 49 slides
Dynamic Financial Constraints: Distinguishing Mechanism Design from Exogenously Incomplete

Dynamic Financial Constraints: Distinguishing Mechanism Design from Exogenously Incomplete

Dynamic Financial Constraints: Distinguishing Mechanism Design from Exogenously Incomplete Regimes Alexander Karaivanov Robert Townsend Simon Fraser University M.I.T. Toulouse, January 2012 Karaivanov and Townsend Dynamic Financial

816 views • 68 slides
Dynamic Link Exchange Protocol DLEP Stan Ratliff

Dynamic Link Exchange Protocol DLEP Stan Ratliff

Dynamic Link Exchange Protocol DLEP Stan Ratliff sratliff@cisco.com What were trying to address Link speed and quality can vary moment-to- moment

591 views • 6 slides
Semantically Weighted Similarity Analysis for XML-based Content Components Jan Oevermann

Semantically Weighted Similarity Analysis for XML-based Content Components Jan Oevermann

Semantically Weighted Similarity Analysis for XML-based Content Components Jan Oevermann Christoph Lth christoph.lueth@dfki.de jan.oevermann@dfki.de DocEng 2018, Halifax, 29.08.2018 2 <descriptive nodeid="PI-70006536">

914 views • 14 slides
Wh y generate feat u res ? FE ATU R E E N G IN E E R IN G FOR MAC H IN E L E AR N IN G IN P

Wh y generate feat u res ? FE ATU R E E N G IN E E R IN G FOR MAC H IN E L E AR N IN G IN P

Wh y generate feat u res ? FE ATU R E E N G IN E E R IN G FOR MAC H IN E L E AR N IN G IN P YTH ON Robert O ' Callaghan Director of Data Science , Ordergroo v e Feat u re Engineering FEATURE ENGINEERING FOR MACHINE LEARNING IN PYTHON

461 views • 29 slides
Minimal ESP draft-mglt-lwig-minimal-esp-05 Migault, Guggemos -- IETF99 Motivations Securing m2m

Minimal ESP draft-mglt-lwig-minimal-esp-05 Migault, Guggemos -- IETF99 Motivations Securing m2m

Minimal ESP draft-mglt-lwig-minimal-esp-05 Migault, Guggemos -- IETF99 Motivations Securing m2m communications with IPsec/ESP presents significant advantages [1] especially for small devices: - Interoperability - VPN - Transport layer

413 views • 8 slides
Pointers Ch 9 & 13.1 Highlights - pointers - dynamic arrays - new & delete object vs

Pointers Ch 9 & 13.1 Highlights - pointers - dynamic arrays - new & delete object vs

Pointers Ch 9 & 13.1 Highlights - pointers - dynamic arrays - new & delete object vs memory address An object is simply a box in memory and if you pass this into a function it makes a copy A memory address is where a box is located

457 views • 41 slides
Impact of server dynamic allocation on the response time for energy-efficient virtualized web

Impact of server dynamic allocation on the response time for energy-efficient virtualized web

Impact of server dynamic allocation on the response time for energy-efficient virtualized web clusters energy-efficient virtualized web clusters Carlos Oliveira, Vinicius Petrucci, Orlando Loques {cjunior, vpetrucci, loques} @ic.uff.br

388 views • 24 slides
CS 473: Algorithms Chandra Chekuri Ruta Mehta University of Illinois, Urbana-Champaign Fall

CS 473: Algorithms Chandra Chekuri Ruta Mehta University of Illinois, Urbana-Champaign Fall

CS 473: Algorithms Chandra Chekuri Ruta Mehta University of Illinois, Urbana-Champaign Fall 2016 Chandra & Ruta (UIUC) CS473 1 Fall 2016 1 / 19 CS 473: Algorithms, Fall 2016 Administrivia, Introduction Lecture 1 August 24, 2016

325 views • 19 slides
CSC373 Algorithm Design, Analysis & Complexity Nisarg Shah 373F19 - Nisarg Shah 1

CSC373 Algorithm Design, Analysis & Complexity Nisarg Shah 373F19 - Nisarg Shah 1

CSC373 Algorithm Design, Analysis & Complexity Nisarg Shah 373F19 - Nisarg Shah 1 Introduction Instructors Karan Singh o dgp.toronto.edu/~karan, karan@dgp, BA 5258 o SEC 5101 and 5201 Nisarg Shah o cs.toronto.edu/~nisarg,

1.18k views • 65 slides

More recommend