A GraphQL-Based Interface for Secure and Efficient Querying of CSAF Documents

Andriy Melnyk, Iryna Spivak, Svitlana Krepych, Arkadiusz Banasik, Piotr Pikieiwcz, Aleksandra Czupryna-Nowak

Published: 2025, Last Modified: 19 Apr 2026ACIT 2025EveryoneRevisionsBibTeXCC BY-SA 4.0

Abstract: This paper presents an approach for implementing a GraphQL-based interface for querying CSAF (Common Security Advisory Framework) documents. The intermediate layer translates compact consumer queries into fully expanded GraphQL requests, handling nesting, enumeration harmonization, and logical operator alignment. It ensures complete document delivery, even when the consumer provides only partial structure definitions. Authentication via tokens restricts access based on TLP (Traffic Light Protocol) levels, enforcing secure distribution of CSAF advisories. The system is designed to minimize client-side effort while maintaining full data fidelity and security compliance.