UPB Bildmarke
System Security
Contact
  • Deutsch
  • English
  • Kontakt
  • Team
  • Open Positions
  • Research
  • Teaching
  • Theses
    • Open Page "Faculty"
    • Department of Mathematics
    • Department of Computer Science
    • Department of Electrical Engineering
    • Faculty for Electrical Engineering, Computer Science, and Mathematics
  1. Faculty of Computer Science, Electrical Engineering and Mathematics
  2. Institute of Computer Science
  3. System Security
  4. Teaching
  5. Theses

BA/MA: Se­cur­ity Ana­lys­is of XML/YAML/JSON/TOML/... Pars­ers

28.03.2025

Share post on:

  • Share on Instagram
  • Teilen auf Twitter
  • Teilen auf Facebook
  • Teilen auf Xing
  • Teilen auf LinkedIn
  • Teilen über E-Mail
  • Link kopieren

Plain text formats are used everywhere, from data storage and transfer to configurations of tools. Often languages like XML, YAML, JSON, or TOML are used. To make it easier on the developer to work with these files, programming languages have standard modules and third-party libraries to parse them.

In a thesis on this topic, you would add Dockerfiles for parsers in many of the most popular programming languages to an existing framework. As each file format has different capabilities and potential security problems, you would write dedicated test cases for that format. Additionally, there are advanced query languages for many of these formats xpath, jq, ... which can have their own problems.

The exact scope of your tasks would depend on the work already done by other students and if it is a Bachelor's or Master's thesis.

 

Requirements:

  • Python (the framework is written in Python)
  • Docker

 

Currently, three theses are being worked on; one on extending the existing XML framework and two working on YAML.

Contact

business-card image

Jost Rossel

System Security

Write email +49 5251 60-6685
More about the person

System Security

Warburger Str. 100
33098 Paderborn
Germany

Universität Paderborn

Warburger Str. 100
33098 Paderborn
Germany

Phone University

+49 5251 60-0
Legal notice
  • Imprint
  • Data privacy
  • Whistleblower system
Social networks