An Ontology-based e-learning System for Network Security

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "An Ontology-based e-learning System for Network Security"

Transcription

1 An Ontology-based e-learning System for Network Security Yoshihito Takahashi, Tomomi Abiko, Eriko Negishi Sendai National College of Technology Goichi Itabashi Graduate School of Information Sciences, Tohoku University Scientia Corporation Yasushi Kato, Kaoru Takahashi Sendai National College of Technology Norio Shiratori Research Institute of Electrical Communication, Tohoku University Abstract Effective information services could be provided for users by investing meta-data in information sources and making software agents understand it. In this paper, we make better use of a collection (ontology) of meta-data in the Semantic Web technology for the design of an e- learning system that enables to provide learners with a more effective education support. The learning domain is cryptography in network security. We define various concepts in the cryptographic domain and the relations among them as the ontology, and propose a way of utilizing it in the learning process. The strength of our ontology-based e-learning system is demonstrated through application examples of the prototype system that we have been developing. 1. Introduction Many problems that cannot be worked out using only individual information sources may be effectively solved by combining and utilizing many heterogeneous information sources in a uniform and integrated way. There is the concept of information integration for achieving this purpose, and there is a proposal of a common integrated architecture In W3C (World Wide Web Consortium), the Semantic Web project is in progress [1][2] which is considered as one way of information integration. It aims at developing a more advanced and reliable Web model, by adding semantic information (meta-data) to the information sources on WWW (World Wide Web) and by making software agents process the information sources based on the meta-data. On the other hand, for education where the information technology is utilized, there are methods such as CBT (Computer-Based Training) which is stand-alone type and WBT (Web-Based Training) which is based on network and Web [3][4]. E-learning includes CBT and WBT, and it is characterized as anywhere, anytime, anyone instruction delivered over the Internet. In this paper, we intertwine the Semantic Web technology with e-learning. The learning domain is cryptography in network security. We define various concepts in the cryptographic domain and the relations among them as the ontology, and propose a way of utilizing it in the learning process. We have been designing and implementing a prototype of this e-learning system. The strength of our ontology-based e-learning system is demonstrated through application examples of the prototype system. This paper is organized as follows. Section 2 summarizes the Semantic Web and ontology. We design an e-learning system for cryptography in Section 3. An im-

2 Figure 2. An RDF example. Figure 1. Layered structure of Semantic Web. plementation of its prototype and some examples are described in Section 4. Finally, in Section 5, we conclude this paper with summary and future study. 2. Semantic Web and Ontology The Semantic Web is a model of the Web in which software agents understand and automatically process the information instead of human by giving meta-data to all information sources available on the Web [1][2]. This technology is organized under the concept of the layered structure shown in Figure 1. In the achievement of the Semantic Web, RDF (Resource Description Framework) [5], RDF Schema (RDF Vocabulary Description Language) [6] and the ontology language OWL (Web Ontology Language) [7] are important technologies. RDF offers a standard mechanism to describe metadata that can be understood by the machine. RDF provides a data model and a grammar to describe the predicate and the object in its Model and Syntax specification. The data model of RDF consists of three components: a resource, a property and a statement. A statement consists of a subject, a predicate and an object. These are usually described in XML (extensible Markup Language). However, there is N3 (Notation3) [8] as the third notation for describing the RDF model. N3 is not only compact and comprehensible but also can express Quotation that the description is difficult in the XML syntax. Furthermore, the Rules and Logic framework layers of the Semantic Web can be concretely described by using N3. As an example, when the vocabulary such as Doctor, treats, Diseases and name is defined in a certain document, the relation The doctor treats diseases. The doctor s name is Thomas. is represented as an RDF graph shown in Figure 2. In N3, it is described as follows: Doctor treats Deseases ; name Thomas. In N3, URIs (Uniform Resource Identifiers) that show a subject, a predicate and an object are enclosed with and enumerated. A period is put at the end. When the object is a literal, it is enclosed with. There is a shortcut for when there are several statements about the same subject. A semicolon ; introduces another property of the same subject. RDF Schema offers a basic mechanism to define the category of these properties and general resources. A necessary class can be defined by using the basic classes, the basic properties, etc. prepared in the specification of RDF Schema, and its instances and subclasses can be derived. In the Web, to relate the vocabulary (or concepts) originally defined here and there, and to interoperate each other, an ontology plays an important role. An ontology is used by people, databases and applications that need to share domain information, and it includes computer-usable definitions of basic concepts in the domain and the relationships among them. An ontology is usually expressed in a logic-based language so that detailed, accurate, consistent, sound and meaningful distinctions can be made among the classes, properties and relations. It encodes knowledge in a domain and also knowledge that spans several domains. In this way, it makes that knowledge reusable. OWL is the language developed by W3C that fills the requirement of ontology sharing, evolution, interoperability and inconsistency detection requested from the Web ontology language. In Figure 1, the Rules layer defines logic as a common basis that enables query and filtering. The Logic Framework layer describes knowledge that uses logic such as the first-order logic, and does the processing of the agent based on it. The Proof layer shows foundation like the history and the reason for the agent processing that leads to the processing result. The Trust layer guarantees the reliability of meta-data offered by the Semantic Web and the processing result of the agent which interprets and processes the meta-data.

3 3. Design of e-learning System 3.1. Outline and Characteristic We design an e-learning system on the Web in which a learner can study cryptography using a Web browser. This system introduces the concept of the Semantic Web, particularly the concept of ontology, into the design of the system. By using ontology, not only the learning materials but also the vocabulary of the concepts contained in the learning materials and their relations can be delivered to the learner. In this way, the following advantages are yielded in comparison with the traditional e-learning without ontology: Additional information can be also offered when the learner is provided with the learning materials. When a word (or concept) the learner wants to inquire is searched, the learner can get the information that represents the relation of the word with other words. For the part in which the learner made a mistake in an assessment (test), the system can feedback various words related with the mistake as well as the correct answer. In the process of learning, the system can adjust the amount of information provided to the learner and can infer the learning contents to be studied following the present contents, according to the learner s experience. Consequently, it is expected that convenience for the learner is enhanced and easy understanding of the learning contents is accomplished, because words to be studied and the relations among them are comprehensible and the learner can easily image the whole learning domain Ontology for Cryptography and its Use The ontology for cryptography is described in Notation3 which can simplify description in RDF. Figure 3 shows part of the ontology used in our e-learning system. It says A public key cipher is a cipher and uses a public key and a private key. A public key is a key. The system refers to the ontology, if need be, and it provides the learner with additional necessary information, while he/she peruses the contents of the learning materials. Also, when the learner wants to inquire further into a word, it searches the ontology for the word. As the result of this search and inference, the learner Figure 3. Part of ontology in Notation3. can acquire information such as the role of (the concept corresponding to) the word in the cryptographic domain. In this ontology, the relation among words (concepts) important in the cryptographic domain is organized as shown in Figure 4. The related two words are connected by an arrow and the name of the relation is attached to the arrow. There exist relations such as subclassof, has, type, equivalentclass, etc. The contents of this ontology are explained below: Cipher and authentication are two important concepts in cryptography. By cipher, the eavesdropping can be avoided and confidentiality which is the inverse concept of eavesdropping can be achieved. There are two ciphers, i.e. shared-key cipher and publickey cipher. Shared-key cipher is often identified with symmetric-key cipher, secret-key cipher and commonkey cipher. DES and Caesar cipher belong to sharedkey cipher where shared-keys are used. A shared-key is also called a symmetric-key. RSA and Elgamal cipher belong to public-key cipher where public-keys and private-keys (also called secret-keys) are used. They are keys and are used for encryption and decryption. In encryption, a plaintext is input and a ciphertext is output. On the other hand, in decryption, a ciphertext is input and a plaintext is output. Encryption and decryption are important concepts which constitute cipher. By authentication that uses cipher together, tampering and spoofing can be avoided. Integrity and authenticity are the inverse concepts of tampering and spoofing, respectively. Eavesdropping, tampering and spoofing threaten security. Hash functions such as SHA-1 and MD5 are used for authentication. A hash function inputs a plaintext and outputs a hash value. The above mentioned ontology can be used during the learning process, to provide the learner with intelligible learning information for cryptography. In the concrete, this ontology is applicable to the cases where a search for (the meaning of) a word is performed, a review of the portion mistaken in an assessment (test) is

4 Figure 4. Ontology for cryptography (part). of experience based on the learner s past history, past test results and so on. When the learning materials are perused, if the depth of experience is deep, the quality and quantity of the offered learning materials will be raised; on the other hand, if shallow, those will be reduced and the learning will be performed from the basics System Function Figure 5. Reasoning. performed, etc. In case of a word search, this system reasons as shown in Figure 5 for the specified word. In this figure, a dotted arrow shows the portion of the reasoning result. The learner can choose the depth of reasoning and thus he/she can attain the learning information according to the degree at which he/she wants to study. For the learner, the main part of learning is in perusal of the learning materials. If the system can use his/her personal information (profile), it is expected that the learning materials will become easier to be used. Therefore, we prepare another knowledge, i.e. learner profile, besides the cryptographic ontology. The learner profile includes the information about the depth The main functions of this e-learning system are as follows. Login security In order to protect personal and confidential information, a login security is required. When the learner uses this system, his/her account and password need to be input. The password is encrypted by using MD5 which is one of the hash functions and is then transmitted to the server of this system. Delivery of learning materials This is the function to provide the learner with the learning materials. By making better use of the ontology and learner profiles, it is planned that the optimal materials are provided. Assessment (test) After the learner studies with the learning materials to some extent, an assessment for achievement is made.

5 Figure 7. Query about a word. Figure 6. System configuration. Perusal of personal information The assessment results, the mistaken parts, etc. can be perused. Word search This is used when there is a word (or concept) the learner wants to know in detail at the time of learning material perusal. For this purpose, the ontology is used to infer the related words. The search can be performed in accordance with the degree at which the learner wants to know, and a multi-stage reasoning is also possible. Adaptation of amount of learning materials With reference to the learner profile, the amount of information of the learning materials is adjusted according to the learner s experience. For the learner with a deep experience, a large amount of information is offered to raise knowledge further. On the other hand, a small amount of information (i.e. basics) is offered for the learner with a shallow experience. Moreover, at the time of learning material perusal, the learner can get the information such as antonym and synonym related with an interesting word. In order to realize the above functions, we have designed our e-learning system as shown in Figure 6. We outline how the system works below. A request from a learner is classified by Servlet at the server side, and the corresponding Bean is generated. When the desired learning material is picked out from the database, the ontology is referred for reasoning. Then if there is additional information, it is added and offered together. All of these information is passed to JSP (Java Server Pages), and is finally answered to the browser of the learner in HTML form. The communication between the client and server machines is securely performed using SSL (Secure Sockets Layer) which is a protocol for secure exchange of information on the Internet. 4. Implementation 4.1. Outline We have been implementing a prototype of the e- learning system designed in the preceding section. The prototype system has been built on the LAN of our college. The underlying OS is Windows2000 and the main implementation language is JAVA. In the following, we show the technology used in the implementation with an example. Suppose that a request for perusal of a learning material is issued from a learner. It reaches Servlet via the Web browser. In Servlet, a program dynamically generates HTML or other resources, and it returns the result to the Web browser. The requested processing is classified and Bean which performs the processing is generated. Bean is a kind of class whose properties and methods can be used from JSP. For this example, Bean for perusal of learning materials is generated. It acquires the corresponding information from the database, referring to the ontology. PostgreSQL is used for access to the database. The acquired information is passed to JSP. JSP can embed JAVA codes in HTML so that it becomes easy to, for example, change data to be displayed. Finally, with this mechanism, the acquired information is delivered to the learner via the Web browser in HTML form. SSL is used for secure communication between client and server Example Figure 7 shows a word search box on a Web browser. It is used when there is a word which the learner wants to know at the time of learning material perusal. The searchable words are contained in the box in advance. The learner chooses an interesting word from there. As described before, a flexible search in accordance with the degree at which the learner wants to know is possible. In the server side, the required information is reasoned with reference to the ontology and is offered to the learner. In case of a more detailed search, the learner can specify a multi-stage reasoning. We show below some examples that are presently demonstrable although this prototype system is still under development.

6 Figure 8. Query response. Figure 9. Adaptation of learning materials. Assume a situation where the word public-key is searched more in two stage reasoning. For this query, the system performs the reasoning as shown in Figure 5 with reference to the ontology (Figure 4) and understands that public-key is used in public-key cipher and it is a subclass of key. As a consequence, the related information is retrieved from the database. Then the result is returned to the learner as a response as shown on the window in Figure 8 where various information related with public-key is delivered to the learner in an easy-to-understand form. This is obtained from the ontology and database. Since this example is two-stage reasoning, the information about key and public-key cipher is also obtained. Next, we demonstrate an example where the amount of information of the learning materials is adapted according to the learner s experience. In learning RSA, the window in Figure 9 shows the contents which are offered to inexperienced learners about cryptography. An explanation of important concepts is mainly offered and theoretical parts such as formulas are not presented. On the contrary, experienced learners are offered theoretical parts such as formulas. By repeating the above learning, the learner could gradually understand the whole cryptographic domain. As the relations among individual concepts are also learned naturally, the learner could learn the whole concept efficiently. 5. Conclusion In this paper, we have considered a way of applying the Semantic Web technology to the design of e- learning system for cryptography, and described the development of a prototype system. This system is yet under development. It remains to sophisticate and complete the design in the following points, for example: completing the ontology and learning materials; using context or structure of the learning materials as knowledge; considering how to utilize the ontology for the feedback from the system in the process of learning or on an assessment. It is also important future works to investigate the advantages and disadvantages of the system through its use by many learners and to do an evaluation and improvement of the system. References [1] W3C, Semantic Web, [2] T.Berners-Lee, Semantic Web road map, [3] W.Horton, Designing Web-based training : how to teach anyone anything anywhere anytime, John Wiley & Sons, [4] M.J.Rosenberg, E-learning: strategies for delivering knowledge in the digital age, McGraw-Hill, [5] W3C, Resource description framework (RDF), [6] W3C, RDF vocabulary description language 1.0: RDF schema, [7] W3C, OWL Web ontology language reference, [8] T.Berners-Lee, Notation3,

Savitribai Phule Pune University

Savitribai Phule Pune University Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter

More information

Security Issues for the Semantic Web

Security Issues for the Semantic Web Security Issues for the Semantic Web Dr. Bhavani Thuraisingham Program Director Data and Applications Security The National Science Foundation Arlington, VA On leave from The MITRE Corporation Bedford,

More information

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Using etoken for SSL Web Authentication. SSL V3.0 Overview Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents

More information

A Study on Secure Electronic Medical DB System in Hospital Environment

A Study on Secure Electronic Medical DB System in Hospital Environment A Study on Secure Electronic Medical DB System in Hospital Environment Yvette E. Gelogo 1 and Sungwon Park 2 * 1 Catholic University of Daegu, Daegu, Korea 2 Department of Nursing, Hannam University, 133

More information

Semantic Web Services for e-learning: Engineering and Technology Domain

Semantic Web Services for e-learning: Engineering and Technology Domain Web s for e-learning: Engineering and Technology Domain Krupali Shah and Jayant Gadge Abstract E learning has gained its importance over the traditional classroom learning techniques in past few decades.

More information

Secure Semantic Web Service Using SAML

Secure Semantic Web Service Using SAML Secure Semantic Web Service Using SAML JOO-YOUNG LEE and KI-YOUNG MOON Information Security Department Electronics and Telecommunications Research Institute 161 Gajeong-dong, Yuseong-gu, Daejeon KOREA

More information

Chapter 8. Network Security

Chapter 8. Network Security Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who

More information

Service Oriented Architecture

Service Oriented Architecture Service Oriented Architecture Charlie Abela Department of Artificial Intelligence charlie.abela@um.edu.mt Last Lecture Web Ontology Language Problems? CSA 3210 Service Oriented Architecture 2 Lecture Outline

More information

SEMANTIC VIDEO ANNOTATION IN E-LEARNING FRAMEWORK

SEMANTIC VIDEO ANNOTATION IN E-LEARNING FRAMEWORK SEMANTIC VIDEO ANNOTATION IN E-LEARNING FRAMEWORK Antonella Carbonaro, Rodolfo Ferrini Department of Computer Science University of Bologna Mura Anteo Zamboni 7, I-40127 Bologna, Italy Tel.: +39 0547 338830

More information

An Ontology Model for Organizing Information Resources Sharing on Personal Web

An Ontology Model for Organizing Information Resources Sharing on Personal Web An Ontology Model for Organizing Information Resources Sharing on Personal Web Istiadi 1, and Azhari SN 2 1 Department of Electrical Engineering, University of Widyagama Malang, Jalan Borobudur 35, Malang

More information

Is your data safe out there? -A white Paper on Online Security

Is your data safe out there? -A white Paper on Online Security Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects

More information

Lukasz Pater CMMS Administrator and Developer

Lukasz Pater CMMS Administrator and Developer Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign

More information

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview of CSS SSL. SSL Cryptography Overview CHAPTER CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

More information

Chapter 7 Transport-Level Security

Chapter 7 Transport-Level Security Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell

More information

Lightweight Data Integration using the WebComposition Data Grid Service

Lightweight Data Integration using the WebComposition Data Grid Service Lightweight Data Integration using the WebComposition Data Grid Service Ralph Sommermeier 1, Andreas Heil 2, Martin Gaedke 1 1 Chemnitz University of Technology, Faculty of Computer Science, Distributed

More information

Performance Analysis, Data Sharing, Tools Integration: New Approach based on Ontology

Performance Analysis, Data Sharing, Tools Integration: New Approach based on Ontology Performance Analysis, Data Sharing, Tools Integration: New Approach based on Ontology Hong-Linh Truong Institute for Software Science, University of Vienna, Austria truong@par.univie.ac.at Thomas Fahringer

More information

CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY

CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY Varun Gandhi 1 Department of Computer Science and Engineering, Dronacharya College of Engineering, Khentawas,

More information

Web Development. Owen Sacco. ICS2205/ICS2230 Web Intelligence

Web Development. Owen Sacco. ICS2205/ICS2230 Web Intelligence Web Development Owen Sacco ICS2205/ICS2230 Web Intelligence Brief Course Overview An introduction to Web development Server-side Scripting Web Servers PHP Client-side Scripting HTML & CSS JavaScript &

More information

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/ DB1 Phishing attacks, usually implemented through HTML enabled e-mails, are becoming more common and more sophisticated. As a network manager, how would you go about protecting your users from a phishing

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

Understanding digital certificates

Understanding digital certificates Understanding digital certificates Mick O Brien and George R S Weir Department of Computer and Information Sciences, University of Strathclyde Glasgow G1 1XH mickobrien137@hotmail.co.uk, george.weir@cis.strath.ac.uk

More information

CSE/EE 461 Lecture 23

CSE/EE 461 Lecture 23 CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data

More information

OpenHRE Security Architecture. (DRAFT v0.5)

OpenHRE Security Architecture. (DRAFT v0.5) OpenHRE Security Architecture (DRAFT v0.5) Table of Contents Introduction -----------------------------------------------------------------------------------------------------------------------2 Assumptions----------------------------------------------------------------------------------------------------------------------2

More information

First Semester Examinations 2011/12 INTERNET PRINCIPLES

First Semester Examinations 2011/12 INTERNET PRINCIPLES PAPER CODE NO. EXAMINER : Martin Gairing COMP211 DEPARTMENT : Computer Science Tel. No. 0151 795 4264 First Semester Examinations 2011/12 INTERNET PRINCIPLES TIME ALLOWED : Two Hours INSTRUCTIONS TO CANDIDATES

More information

Properties of Secure Network Communication

Properties of Secure Network Communication Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,

More information

How semantic technology can help you do more with production data. Doing more with production data

How semantic technology can help you do more with production data. Doing more with production data How semantic technology can help you do more with production data Doing more with production data EPIM and Digital Energy Journal 2013-04-18 David Price, TopQuadrant London, UK dprice at topquadrant dot

More information

Network Security Technology Network Management

Network Security Technology Network Management COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission

More information

Semantic Web. Riccardo Rosati. Corso di Laurea Magistrale in Ingegneria Informatica Sapienza Università di Roma 2012/2013

Semantic Web. Riccardo Rosati. Corso di Laurea Magistrale in Ingegneria Informatica Sapienza Università di Roma 2012/2013 Semantic Web Riccardo Rosati Corso di Laurea Magistrale in Ingegneria Informatica Sapienza Università di Roma 2012/2013 Overview Lecture 1: Introduction to the Semantic Web Lecture 2: The RDF layer 1 RDF

More information

HEALTH INFORMATION MANAGEMENT ON SEMANTIC WEB :(SEMANTIC HIM)

HEALTH INFORMATION MANAGEMENT ON SEMANTIC WEB :(SEMANTIC HIM) HEALTH INFORMATION MANAGEMENT ON SEMANTIC WEB :(SEMANTIC HIM) Nasim Khozoie Department of Computer Engineering,yasuj branch, Islamic Azad University, yasuj, Iran n_khozooyi2003@yahoo.com ABSTRACT Information

More information

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173 Security & Privacy on the WWW Briefing for CS4173 Topic Outline 1. Information Security Relationship to safety Definition of important terms Where breaches can occur Web techniques Components of security

More information

Chapter 10. Network Security

Chapter 10. Network Security Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce

More information

Semantic Search in Portals using Ontologies

Semantic Search in Portals using Ontologies Semantic Search in Portals using Ontologies Wallace Anacleto Pinheiro Ana Maria de C. Moura Military Institute of Engineering - IME/RJ Department of Computer Engineering - Rio de Janeiro - Brazil [awallace,anamoura]@de9.ime.eb.br

More information

Explorer's Guide to the Semantic Web

Explorer's Guide to the Semantic Web Explorer's Guide to the Semantic Web THOMAS B. PASSIN 11 MANNING Greenwich (74 w. long.) contents preface xiii acknowledgments xv about this booh xvii The Semantic Web 1 1.1 What is the Semantic Web? 3

More information

Chapter 17. Transport-Level Security

Chapter 17. Transport-Level Security Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics

More information

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1 Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1 How the Web Works - HTTP Hypertext transfer protocol (http). Clients request documents (or scripts) through URL. Server response with documents. Documents

More information

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon 1 Common security requirements Basic security tools Secret-key cryptography Public-key cryptography Example Online shopping with Amazon 2 Alice credit card # is xxxx Internet What could the hacker possibly

More information

CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

More information

Towards a Semantic Wiki Wiki Web

Towards a Semantic Wiki Wiki Web Towards a Semantic Wiki Wiki Web Roberto Tazzoli, Paolo Castagna, and Stefano Emilio Campanini Abstract. This article describes PlatypusWiki, an enhanced Wiki Wiki Web using technologies from the Semantic

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

Security Digital Certificate Manager

Security Digital Certificate Manager System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure

More information

Transport Layer Security Protocols

Transport Layer Security Protocols SSL/TLS 1 Transport Layer Security Protocols Secure Socket Layer (SSL) Originally designed to by Netscape to secure HTTP Version 2 is being replaced by version 3 Subsequently became Internet Standard known

More information

EUR-Lex 2012 Data Extraction using Web Services

EUR-Lex 2012 Data Extraction using Web Services DOCUMENT HISTORY DOCUMENT HISTORY Version Release Date Description 0.01 24/01/2013 Initial draft 0.02 01/02/2013 Review 1.00 07/08/2013 Version 1.00 -v1.00.doc Page 2 of 17 TABLE OF CONTENTS 1 Introduction...

More information

A Tool for Searching the Semantic Web for Supplies Matching Demands

A Tool for Searching the Semantic Web for Supplies Matching Demands A Tool for Searching the Semantic Web for Supplies Matching Demands Zuzana Halanová, Pavol Návrat, Viera Rozinajová Abstract: We propose a model of searching semantic web that allows incorporating data

More information

Sync Security and Privacy Brief

Sync Security and Privacy Brief Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical

More information

A Semantic web approach for e-learning platforms

A Semantic web approach for e-learning platforms A Semantic web approach for e-learning platforms Miguel B. Alves 1 1 Laboratório de Sistemas de Informação, ESTG-IPVC 4900-348 Viana do Castelo. mba@estg.ipvc.pt Abstract. When lecturers publish contents

More information

Annotea and Semantic Web Supported Collaboration

Annotea and Semantic Web Supported Collaboration Annotea and Semantic Web Supported Collaboration Marja-Riitta Koivunen, Ph.D. Annotea project Abstract Like any other technology, the Semantic Web cannot succeed if the applications using it do not serve

More information

DRAFT Standard Statement Encryption

DRAFT Standard Statement Encryption DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held

More information

SubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se

SubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se SubmitedBy: Name Reg No Email Address Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se Abid Hussain 780927-T039 abihus07 (at) student.hh.se Imran Ahmad Khan 770630-T053 imrakh07 (at) student.hh.se

More information

Semantic Knowledge Management System. Paripati Lohith Kumar. School of Information Technology

Semantic Knowledge Management System. Paripati Lohith Kumar. School of Information Technology Semantic Knowledge Management System Paripati Lohith Kumar School of Information Technology Vellore Institute of Technology University, Vellore, India. plohithkumar@hotmail.com Abstract The scholarly activities

More information

OWL based XML Data Integration

OWL based XML Data Integration OWL based XML Data Integration Manjula Shenoy K Manipal University CSE MIT Manipal, India K.C.Shet, PhD. N.I.T.K. CSE, Suratkal Karnataka, India U. Dinesh Acharya, PhD. ManipalUniversity CSE MIT, Manipal,

More information

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates Entrust Managed Services Entrust Managed Services PKI Configuring secure LDAP with Domain Controller digital certificates Document issue: 1.0 Date of issue: October 2009 Copyright 2009 Entrust. All rights

More information

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security (2) CPSC 441 Department of Computer Science University of Calgary Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate

More information

Lecture 9: Application of Cryptography

Lecture 9: Application of Cryptography Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that

More information

CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay

CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement

More information

Last Updated: July 2011. STATISTICA Enterprise Server Security

Last Updated: July 2011. STATISTICA Enterprise Server Security Last Updated: July 2011 STATISTICA Enterprise Server Security STATISTICA Enterprise Server Security Page 2 of 10 Table of Contents Executive Summary... 3 Introduction to STATISTICA Enterprise Server...

More information

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1 Lecture 11: Network Security Reference: Chapter 8 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice

More information

Cornerstones of Security

Cornerstones of Security Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to

More information

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead

More information

Information and Communications Technology Courses at a Glance

Information and Communications Technology Courses at a Glance Information and Communications Technology Courses at a Glance Level 1 Courses ICT121 Introduction to Computer Systems Architecture This is an introductory course on the architecture of modern computer

More information

CHAPTER 1 INTRODUCTION

CHAPTER 1 INTRODUCTION 1 CHAPTER 1 INTRODUCTION 1.1 Introduction Cloud computing as a new paradigm of information technology that offers tremendous advantages in economic aspects such as reduced time to market, flexible computing

More information

Computer System Management: Hosting Servers, Miscellaneous

Computer System Management: Hosting Servers, Miscellaneous Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation

More information

Linked Data Interface, Semantics and a T-Box Triple Store for Microsoft SharePoint

Linked Data Interface, Semantics and a T-Box Triple Store for Microsoft SharePoint Linked Data Interface, Semantics and a T-Box Triple Store for Microsoft SharePoint Christian Fillies 1 and Frauke Weichhardt 1 1 Semtation GmbH, Geschw.-Scholl-Str. 38, 14771 Potsdam, Germany {cfillies,

More information

technische universiteit eindhoven WIS & Engineering Geert-Jan Houben

technische universiteit eindhoven WIS & Engineering Geert-Jan Houben WIS & Engineering Geert-Jan Houben Contents Web Information System (WIS) Evolution in Web data WIS Engineering Languages for Web data XML (context only!) RDF XML Querying: XQuery (context only!) RDFS SPARQL

More information

Iowa Immunization Registry Information System (IRIS) Web Services Data Exchange Setup. Version 1.1 Last Updated: April 14, 2014

Iowa Immunization Registry Information System (IRIS) Web Services Data Exchange Setup. Version 1.1 Last Updated: April 14, 2014 Iowa Immunization Registry Information System (IRIS) Web Services Data Exchange Setup Version 1.1 Last Updated: April 14, 2014 Table of Contents SSL Certificate Creation... 3 Option 1: Complete the Provider

More information

Cloud-based Identity and Access Control for Diagnostic Imaging Systems

Cloud-based Identity and Access Control for Diagnostic Imaging Systems Cloud-based Identity and Access Control for Diagnostic Imaging Systems Weina Ma and Kamran Sartipi Department of Electrical, Computer and Software Engineering University of Ontario Institute of Technology

More information

CS 356 Lecture 28 Internet Authentication. Spring 2013

CS 356 Lecture 28 Internet Authentication. Spring 2013 CS 356 Lecture 28 Internet Authentication Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists

More information

XML: ITS ROLE IN TCP/IP PRESENTATION LAYER (LAYER 6)

XML: ITS ROLE IN TCP/IP PRESENTATION LAYER (LAYER 6) 51-40-05 DATA COMMUNICATIONS MANAGEMENT XML: ITS ROLE IN TCP/IP PRESENTATION LAYER (LAYER 6) Judith Myerson INSIDE Breaking the Barrier; Product Integration; Translation for All Browsers; Dynamic XML Servers;

More information

Department of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus

Department of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus Department of Computer & Information Sciences CSCI-445: Computer and Network Security Syllabus Course Description This course provides detailed, in depth overview of pressing network security problems

More information

Tenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved.

Tenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved. Tenrox Single Sign-On (SSO) Setup Guide January, 2012 2012 Tenrox. All rights reserved. About this Guide This guide provides a high-level technical overview of the Tenrox Single Sign-On (SSO) architecture,

More information

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public

More information

FileMaker Server 9. Custom Web Publishing with PHP

FileMaker Server 9. Custom Web Publishing with PHP FileMaker Server 9 Custom Web Publishing with PHP 2007 FileMaker, Inc. All Rights Reserved. FileMaker, Inc. 5201 Patrick Henry Drive Santa Clara, California 95054 FileMaker is a trademark of FileMaker,

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

Oracle Spatial and Graph: Benchmarking a Trillion Edges RDF Graph ORACLE WHITE PAPER OCTOBER 2014

Oracle Spatial and Graph: Benchmarking a Trillion Edges RDF Graph ORACLE WHITE PAPER OCTOBER 2014 Oracle Spatial and Graph: Benchmarking a Trillion Edges RDF Graph ORACLE WHITE PAPER OCTOBER 2014 Introduction One trillion is a really big number. What could you store with one trillion facts?» 1000 tweets

More information

Message Authentication Code

Message Authentication Code Message Authentication Code Ali El Kaafarani Mathematical Institute Oxford University 1 of 44 Outline 1 CBC-MAC 2 Authenticated Encryption 3 Padding Oracle Attacks 4 Information Theoretic MACs 2 of 44

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Understanding Digital Certificates and Secure Sockets Layer (SSL) Understanding Digital Certificates and Secure Sockets Layer (SSL) Author: Peter Robinson January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What are they?

More information

Web Services for Environmental Informatics

Web Services for Environmental Informatics Web Services for Environmental Informatics Erick Arauco a and Lorenzo Sommaruga b a University of Piura - Engineering Department,Piura, Perú- earauco@udep.edu.pe b University of Applied Sciences of Southern

More information

Integrating adaptive functionality in a LMS

Integrating adaptive functionality in a LMS Integrating adaptive functionality in a LMS Kees van der Sluijs 1 and Kai Michael Höver 2 1 Technische Universiteit Eindhoven, Eindhoven, The Netherlands 2 IMC Information Multimedia Communication AG,

More information

1 What Are Web Services?

1 What Are Web Services? Oracle Fusion Middleware Introducing Web Services 11g Release 1 (11.1.1) E14294-04 January 2011 This document provides an overview of Web services in Oracle Fusion Middleware 11g. Sections include: What

More information

Designing a Secure Client-Server System Master of Science Thesis in the Programme Software Engineering & Technology

Designing a Secure Client-Server System Master of Science Thesis in the Programme Software Engineering & Technology Designing a Secure Client-Server System Master of Science Thesis in the Programme Software Engineering & Technology FREDRIK ANDERSSON Department of Computer Science and Engineering CHALMERS UNIVERSITY

More information

Last update: February 23, 2004

Last update: February 23, 2004 Last update: February 23, 2004 Web Security Glossary The Web Security Glossary is an alphabetical index of terms and terminology relating to web application security. The purpose of the Glossary is to

More information

Oracle Database Security

Oracle Database Security breaking through barriers to progress By Raman Jathar an award winning '2004 Future 50 Company' 18650 W. Corporate Drive Suite 120 Brookfield, WI 53045 262.792.0200 Database Security Lately, database security

More information

A Pluggable Security Framework for Message Oriented Middleware

A Pluggable Security Framework for Message Oriented Middleware A Pluggable Security Framework for Message Oriented Middleware RUEY-SHYANG WU, SHYAN-MING YUAN Department of Computer Science National Chiao-Tung University 1001 Ta Hsueh Road, Hsinchu 300, TAIWAN, R.

More information

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

Spirent Abacus. SIP over TLS Test 编 号 版 本 修 改 时 间 说 明

Spirent Abacus. SIP over TLS Test 编 号 版 本 修 改 时 间 说 明 Spirent Abacus SIP over TLS Test 编 号 版 本 修 改 时 间 说 明 1 1. TLS Interview (Transport Layer Security Protocol) (1) TLS Feature Introduction: 1. TLS is a successor of Secure Sockets Layer (SSL), a cryptographic

More information

Criteria for web application security check. Version 2015.1

Criteria for web application security check. Version 2015.1 Criteria for web application security check Version 2015.1 i Content Introduction... iii ISC- P- 001 ISC- P- 001.1 ISC- P- 001.2 ISC- P- 001.3 ISC- P- 001.4 ISC- P- 001.5 ISC- P- 001.6 ISC- P- 001.7 ISC-

More information

RemotelyAnywhere Getting Started Guide

RemotelyAnywhere Getting Started Guide April 2007 About RemotelyAnywhere... 2 About RemotelyAnywhere... 2 About this Guide... 2 Installation of RemotelyAnywhere... 2 Software Activation...3 Accessing RemotelyAnywhere... 4 About Dynamic IP Addresses...

More information

Secure web transactions system

Secure web transactions system Secure web transactions system TRUSTED WEB SECURITY MODEL Recently, as the generally accepted model in Internet application development, three-tier or multi-tier applications are used. Moreover, new trends

More information

One of the main reasons for the Web s success

One of the main reasons for the Web s success Editor: Peiya Liu Siemens Corporate Research Metadata Standards for Web-Based Resources Achim Steinacker University of Technology, Darmstadt Amir Ghavam University of Ottawa Ralf Steinmetz German National

More information

U.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC)

U.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC) U.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC) econsent Trial Project Architectural Analysis & Technical Standards Produced

More information

As enterprises conduct more and more

As enterprises conduct more and more Efficiently handling SSL transactions is one cornerstone of your IT security infrastructure. Do you know how the protocol actually works? Wesley Chou Inside SSL: The Secure Sockets Layer Protocol Inside

More information

Lecture 9 - Network Security TDTS41-2006 (ht1)

Lecture 9 - Network Security TDTS41-2006 (ht1) Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,

More information

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Subject Code Department Semester : Network Security : XCS593 : MSc SE : Nineth Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Part A (2 marks) 1. What are the various layers of an OSI reference

More information

Security in Communication Networks

Security in Communication Networks Security in Communication Networks Lehrstuhl für Informatik 4 RWTH Aachen Prof. Dr. Otto Spaniol Dr. rer. nat. Dirk Thißen Page 1 Organization Lehrstuhl für Informatik 4 Lecture Lecture takes place on

More information

XML Signatures in an Enterprise Service Bus Environment

XML Signatures in an Enterprise Service Bus Environment XML Signatures in an Enterprise Bus Environment Eckehard Hermann Research & Development XML Integration Uhlandstraße 12 64297 Darmstadt, Germany Eckehard.Hermann@softwareag.com Dieter Kessler Research

More information

Formalization of the CRM: Initial Thoughts

Formalization of the CRM: Initial Thoughts Formalization of the CRM: Initial Thoughts Carlo Meghini Istituto di Scienza e Tecnologie della Informazione Consiglio Nazionale delle Ricerche Pisa CRM SIG Meeting Iraklio, October 1st, 2014 Outline Overture:

More information

Security Protocols/Standards

Security Protocols/Standards Security Protocols/Standards Security Protocols/Standards Security Protocols/Standards How do we actually communicate securely across a hostile network? Provide integrity, confidentiality, authenticity

More information

On the Standardization of Semantic Web Services-based Network Monitoring Operations

On the Standardization of Semantic Web Services-based Network Monitoring Operations On the Standardization of Semantic Web Services-based Network Monitoring Operations ChenglingZhao^, ZihengLiu^, YanfengWang^ The Department of Information Techonlogy, HuaZhong Normal University; Wuhan,

More information

Name: 1. CSE331: Introduction to Networks and Security Fall 2003 Dec. 12, 2003 1 /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35.

Name: 1. CSE331: Introduction to Networks and Security Fall 2003 Dec. 12, 2003 1 /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35. Name: 1 CSE331: Introduction to Networks and Security Final Fall 2003 Dec. 12, 2003 1 /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35 Total /135 Do not begin the exam until you are told to do so. You

More information