XML Ticket: Generalized Digital Ticket Definition Language Ko Fujimura NTT [email protected]...

XML Ticket: Generalized Digital Ticket Definition Language

Ko Fujimura

NTT

[email protected]

Position Paper for The W3C Signed XML Workshop

The W3C Signed XML Workshop - Copyright © 1999 NTT -2-

Contents Goals of NTT’s Flexible Digital Ticket Project

XML Ticket - Important application of XML DSig

Requirements

XML based approach

Important features

Issues to be discussed


Background Presently established information delivery methods:

Web

E-mail

News

Channel

Digital cash

...

No digital medium that prevents duplicate redemption and enables trading of various rights


Web Ticketing & Presentation

Wallet Page

ShopsShops My ticket walletMy ticket wallet

Ticket


Definition of Digital Ticket Digital medium that guarantees certain rights

of ticket owner

Signed I (I, P, O)

Is it a certificate?

Yes, but with an additional feature:

I: IssuerP: PromiseO: Owner

Certificate +Online currency checking system orTamper-proof device


Examples of Promise P A flight between Boston and Tokyo can be reserved

with this ticket

This ticket can be exchanged for 1g of gold

After Oct. 1999, this ticket can be exchanged for my car

One image file in a particular server can be downloaded with this ticket

The bearer of this ticket has unlimited telephone use for one month


Examples of Digital Tickets

TypeEvent ticketPlane ticketLottery ticketTicket for car washTelephone cardDigital cashSoftware licenseTransportation passGate cardDriver's license


Why Generalized? Reduces implementation cost

Ticketing system

Ticket wallet

Ticket examination system

Provides a uniform and collected view as a real wallet

Cash, credit cards, ID cards, and various tickets are stored together

Possibility of new businesses

Revocation and packaging service

Safety deposit box service

Requirements on Language


Composability

Consume

Consume

Consume

Consume

Sub-tickets issued separately A book of stamps Point cards Stamps of approval

Sub-tickets consumed separately Travel tickets A book of tickets for car wash


State Manageability Ticket properties may require changes while in

circulation

Payment status

Paid or Unpaid

Reservation status

Wait listed, reserved, or canceled

Approval status

Owner (if transferred)


Machine-understandability Reduces number of disputes

Facilitates ticket search

　　

ChipsChips


Efficiency Tickets can be stored in a smartcard

Restricted memory

Low data transmission speed Longer definitions causes longer data transfer time

High performance is critical

Transportation pass

Event ticket


Circulation Controllability Parameterization of ticket properties

Anonymity

Transferability

Redemption method Consume -- Number of times it can be consumed

Present

Circulation conditions

Examples:

Only qualified shops can issue tickets

Only registered members can circulates tickets

Only qualified shops can punch tickets


Security Supports a facility for preventing duplicate

redemption

Online currency checking system

Tamper-proof devices

XML Based Approach


A ticket is a set of signed descriptions with links

State-transitionality of ticket status

Composability of multiple tickets

XML-based Digital Ticket


XML-based Digital Ticket A ticket can be distributed

Links to up-to-date information Event location after postponement Certificates (may be revoked) Advertisements

Links to large contents Images, sounds, movies Conditions of contract


XML-based Digital Ticket Meaning of properties can be defined using RDF

schemas -- Useful for Promise property

RDF schemas can be located somewhere in a network

XML Ticket Features


Ticket Properties Three-layered Model

　

Properties ExamplesControlparameters

TypeID, TicketID, IssuerID, OwnerID,Validity, View

Industry-specific

Flight number, Class (Plane ticket)Place, Event name (Event ticket)

Promise

Issuer-specific

Mileage pointsAdvertisements


Autonomous Schema Definition Individual companies or organizations can maintain

their own ticket schemas (type) using XML schema

event.orgairline.org

TicketControl parameters

X.com

Y.comIndustry-specificproperties

Issuer-specificproperties

Issuer NetworkNetworkNetworkNetwork

Issuer

Issuer-specificSchema Industry-specific

Schema


Restriction-specified Incomplete Link <Variable> includes three sub-elements:

<CurrentValue>

<NewValue>

(Link to new value)

<Restriction>

Value of <Variable> is interpreted as <CurrentValue>

if D1 is not instantiated

Value of <Variable> is interpreted as D1

if D1 is instantiated and D1 satisfies <Restriction>

D0

D1

<Variable>

<NewValue>


Restriction-specified Incomplete Link A unique ticket ID is used to establish the relation bet

ween the property that is referred to and referred description

Other restrictions: Schema (Type) restriction Property value restriction Hash value restriction


Restriction-specified Incomplete Link

Original ticket Attached ticket / descriptionType Property Schema

restrictionValue restriction

Any transferableticket

Owner Transfer(certificate)

Issuer is thetransferor

Any deferredpayment ticket

Paymentstatus

Check or draft Issuer is a bank

Any document tobe authorized

Approval Approvedstamp

Issuer is thespecified issuer

Any ticket detailcan be described

Conditions None Digest value isspecified

Applications


Ticket Circulation Model

IIII

UU11UU11 UUnnUUnn

SSSS

IssueIssue

TransferTransfer

ConsumeConsume

Issuer Service Provider

UserUser

010110

0011

110011

1010

010110

0011

110011

1010

010110

0011

110011

1010

010110

0011

110011

1010

010110

0011

110011

1010

010110

0011

110011

1010


UUUU

Circulation Controllability Types of required tickets for a transaction are defined in the ticket to be circulated itself

2) Only registered members can circulate tickets

ABC

Driver’s license

Membership

Qualified shop

3) Only qualified shops can punch tickets

1) Only qualified shops can issue tickets

Check

Check

CheckCheck

UUUU

IIII

UU11UU11 UU22UU22

SSSSA MartA Mart

IssueIssue

TransferTransfer

RedeemRedeem


Ticket Trust Model

IIII

UU11UU11 UUnnUUnn

SSSS

IssueIssue

TransferTransfer

RedeemRedeem

OOOOOrganizer of a specific ticket

Issuer certIssuer cert Examiner certExaminer cert

User certsUser certs

Allows construction of a closed system for each ticket

A MartA Mart

A MartA Mart

ABC

ABC ABC


IIII

UU11UU11 UUnnUUnn

SSSS

IssueIssue

TransferTransfer

RedeemRedeem

OOOO Department of Motor Vehicles

Any ticket with PK can be used as a PK certificate

It depends on issuer’s or organizer’s decision

IIDDIIDD

Ticket Trust Model

A MartA Mart

A MartA Mart

ABC

ABC

ABC


Discussion Should we initiate XML Ticket WG?

Transform any Web terminal into a ticketing Transform any Web terminal into a ticketing machine for any ticket in the world!machine for any ticket in the world!

Should XML Ticket use the XML DSig?

Requirements:

Allows specification of digital signature attributes in the XML schema definition

Supports direct signature

Should we provide XML-based public key certificate?

We need simple certificates without ASN.1

XML Ticket can play the role


Requirements on XML DSig

AAAA BBBB

ReceiverSender

010110

0011

110011

1010

010110

0011

110011

1010

AAAA BBBB

ReceiverSender

010110

0011

110011

1010

010110

0011

110011

1010

NetworkNetworkNetworkNetwork

Schema

Schema cashSchema cash

Static properties:• Signature semantics• Defaults

Reduces ticket size by pre-distributing the schema


Requirements on XML DSig Overhead of separation is not negligible

Support direct signature?

<SignedDescription>

<Ticket>...</Ticket>

<Signature>...</Signature>

</SignedDescription>

<SignedDescription>


<Signature>...</Signature>

</SignedDescription>

<Package ID=‘data’>


</Package>

<Package ID=‘data’>


</Package>

<Signature>

<Manifest>

<Locator href=‘#data’>

<Digest>...</Digest>

</Manifest>

</Signature>

<Signature>

<Manifest>

<Locator href=‘#data’>

<Digest>...</Digest>

</Manifest>

</Signature>

Direct signature Indirect signature


Canonicalization is less important in XML Ticket

Signature is preserved since no change is made in each signed documents

Only attaches new signed documents

Requirements on XML DSig

AAAA 010110

0011

110011

1010

010110

0011

110011

1010 CCCCBBBB 010

110001

1

110011

1010

010110

0011

110011

1010

010110

0010

1100

Java object Java object

XML Ticket: Generalized Digital Ticket Definition Language Ko Fujimura NTT [email protected]...

Documents

Transcript of XML Ticket: Generalized Digital Ticket Definition Language Ko Fujimura NTT [email protected]...