Malicious PSIs ( was Re: [topicmapmail] Using sort and display PSIs
in naming)
Kal Ahmed
kal@techquila.com
30 Mar 2003 18:13:54 +0100
On Sun, 2003-03-30 at 17:48, Thomas B. Passin wrote:
> [Kal Ahmed]
> > Once you do have software supporting the new PSIs, migrating your topic
> > map should be as simple as declaring subject equivalence between the old
> > and the new PSIs:
> >
> > <topicMap>
> > <topic id="sort">
> > <subjectIdentity>
> > <subjectIndicatorRef xlink:href="...XTM PSI ..."/>
> > <subjectIndicatorRef xlink:href="...SAM PSI ..."/>
> > </subjectIdentity>
> > </topic>
> > <!-- etc. -->
> > </topicMap>
> >
>
> It has just occurred to me to wonder what would happen if someone tried to
> game the system by using an incorrect PSI in this kind off equivalence
> assertion. Has anyone given this any thought so far?
>
I guess it depends on what the intention is. One could innocently want
to map PSIs to one's own vocabulary, for example - but I wouldn't regard
that as "gaming" the system, and I don't think that this would have any
effect beyond that of the applications making use of that vocabulary.
However, merging could be used for such malicious attacks as:
1) Mapping all PSIs to a single topic - forcing subjects to be collapsed
into a single topic.
2) Mapping PSIs to a resource containing malicious code or content in
the hope that the resource is downloaded
(1) could be difficult to trap in the general case - although a
processor depending upon a specific vocabulary such as the XTM/SAM PSIs
could be set up to reject any topic map that causes distinct (known)
PSIs to be merged.
(2) is really only an issue if the processing system chooses to download
the resource addressed by a subject indicator - and in the general case,
that is not necessary in order to determine subject equivalence.
Malicious code/content could be trapped by current mechanisms including
virus/trojan scanning, cookie filtering and so on. As with any
distributed system, interactions with third parties treated with
caution.
Cheers,
Kal