An Ontology-based e-learning System for Network Security



Similar documents
Savitribai Phule Pune University

Security Issues for the Semantic Web

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Semantic Web Services for e-learning: Engineering and Technology Domain

Secure Semantic Web Service Using SAML

Chapter 8. Network Security

Service Oriented Architecture

Chapter 7 Transport-Level Security

Lightweight Data Integration using the WebComposition Data Grid Service

Performance Analysis, Data Sharing, Tools Integration: New Approach based on Ontology

Is your data safe out there? -A white Paper on Online Security

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY

HEALTH INFORMATION MANAGEMENT ON SEMANTIC WEB :(SEMANTIC HIM)

Lukasz Pater CMMS Administrator and Developer

OpenHRE Security Architecture. (DRAFT v0.5)

CSE/EE 461 Lecture 23

Web Development. Owen Sacco. ICS2205/ICS2230 Web Intelligence

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from

Properties of Secure Network Communication

Content Teaching Academy at James Madison University

Understanding digital certificates

First Semester Examinations 2011/12 INTERNET PRINCIPLES

Chapter 10. Network Security

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

Linked Data Interface, Semantics and a T-Box Triple Store for Microsoft SharePoint

Towards a Semantic Wiki Wiki Web

Overview. SSL Cryptography Overview CHAPTER 1

Network Security Technology Network Management

Security Digital Certificate Manager

CS 758: Cryptography / Network Security

Explorer's Guide to the Semantic Web

Sync Security and Privacy Brief

DRAFT Standard Statement Encryption

EUR-Lex 2012 Data Extraction using Web Services

Semantic Search in Portals using Ontologies

CHAPTER 1 INTRODUCTION

A Semantic web approach for e-learning platforms

Annotea and Semantic Web Supported Collaboration

Semantic Knowledge Management System. Paripati Lohith Kumar. School of Information Technology

OWL based XML Data Integration

Chapter 17. Transport-Level Security

SubmitedBy: Name Reg No Address. Mirza Kashif Abrar T079 kasmir07 (at) student.hh.se

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Information and Communications Technology Courses at a Glance

technische universiteit eindhoven WIS & Engineering Geert-Jan Houben

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173

Computer System Management: Hosting Servers, Miscellaneous

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1

Cornerstones of Security

Iowa Immunization Registry Information System (IRIS) Web Services Data Exchange Setup. Version 1.1 Last Updated: April 14, 2014

CS 356 Lecture 28 Internet Authentication. Spring 2013

Transport Layer Security Protocols

Department of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Lecture 9: Application of Cryptography

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Last Updated: July STATISTICA Enterprise Server Security

Designing a Secure Client-Server System Master of Science Thesis in the Programme Software Engineering & Technology

Last update: February 23, 2004

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Oracle Database Security

Cloud-based Identity and Access Control for Diagnostic Imaging Systems

WebLogic Server 7.0 Single Sign-On: An Overview

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

A Pluggable Security Framework for Message Oriented Middleware

Spirent Abacus. SIP over TLS Test 编 号 版 本 修 改 时 间 说 明

XML: ITS ROLE IN TCP/IP PRESENTATION LAYER (LAYER 6)

Criteria for web application security check. Version

ONTOLOGY-ORIENTED INFERENCE-BASED LEARNING CONTENT MANAGEMENT SYSTEM

As enterprises conduct more and more

FileMaker Server 9. Custom Web Publishing with PHP

Security Digital Certificate Manager

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Lecture 9 - Network Security TDTS (ht1)

Secure web transactions system

How To Protect Your Data From Attack

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

XML Signatures in an Enterprise Service Bus Environment

Security Protocols/Standards

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

On the Standardization of Semantic Web Services-based Network Monitoring Operations

Name: 1. CSE331: Introduction to Networks and Security Fall 2003 Dec. 12, /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35.

Client Server Registration Protocol

Chapter 10. Cloud Security Mechanisms

Application of ontologies for the integration of network monitoring platforms

Introduction to Service Oriented Architectures (SOA)

Network Security. Network Security. Security in Computer Networks

Message Authentication Code

Chapter 9 Key Management 9.1 Distribution of Public Keys Public Announcement of Public Keys Publicly Available Directory

Transcription:

An Ontology-based e-learning System for Network Security Yoshihito Takahashi, Tomomi Abiko, Eriko Negishi Sendai National College of Technology a0432@ccedu.sendai-ct.ac.jp Goichi Itabashi Graduate School of Information Sciences, Tohoku University Scientia Corporation itabashi@scientia.co.jp Yasushi Kato, Kaoru Takahashi Sendai National College of Technology kato@info.sendai-ct.ac.jp, kaoru@cc.sendai-ct.ac.jp Norio Shiratori Research Institute of Electrical Communication, Tohoku University norio@shiratori.riec.tohoku.ac.jp Abstract Effective information services could be provided for users by investing meta-data in information sources and making software agents understand it. In this paper, we make better use of a collection (ontology) of meta-data in the Semantic Web technology for the design of an e- learning system that enables to provide learners with a more effective education support. The learning domain is cryptography in network security. We define various concepts in the cryptographic domain and the relations among them as the ontology, and propose a way of utilizing it in the learning process. The strength of our ontology-based e-learning system is demonstrated through application examples of the prototype system that we have been developing. 1. Introduction Many problems that cannot be worked out using only individual information sources may be effectively solved by combining and utilizing many heterogeneous information sources in a uniform and integrated way. There is the concept of information integration for achieving this purpose, and there is a proposal of a common integrated architecture In W3C (World Wide Web Consortium), the Semantic Web project is in progress [1][2] which is considered as one way of information integration. It aims at developing a more advanced and reliable Web model, by adding semantic information (meta-data) to the information sources on WWW (World Wide Web) and by making software agents process the information sources based on the meta-data. On the other hand, for education where the information technology is utilized, there are methods such as CBT (Computer-Based Training) which is stand-alone type and WBT (Web-Based Training) which is based on network and Web [3][4]. E-learning includes CBT and WBT, and it is characterized as anywhere, anytime, anyone instruction delivered over the Internet. In this paper, we intertwine the Semantic Web technology with e-learning. The learning domain is cryptography in network security. We define various concepts in the cryptographic domain and the relations among them as the ontology, and propose a way of utilizing it in the learning process. We have been designing and implementing a prototype of this e-learning system. The strength of our ontology-based e-learning system is demonstrated through application examples of the prototype system. This paper is organized as follows. Section 2 summarizes the Semantic Web and ontology. We design an e-learning system for cryptography in Section 3. An im-

Figure 2. An RDF example. Figure 1. Layered structure of Semantic Web. plementation of its prototype and some examples are described in Section 4. Finally, in Section 5, we conclude this paper with summary and future study. 2. Semantic Web and Ontology The Semantic Web is a model of the Web in which software agents understand and automatically process the information instead of human by giving meta-data to all information sources available on the Web [1][2]. This technology is organized under the concept of the layered structure shown in Figure 1. In the achievement of the Semantic Web, RDF (Resource Description Framework) [5], RDF Schema (RDF Vocabulary Description Language) [6] and the ontology language OWL (Web Ontology Language) [7] are important technologies. RDF offers a standard mechanism to describe metadata that can be understood by the machine. RDF provides a data model and a grammar to describe the predicate and the object in its Model and Syntax specification. The data model of RDF consists of three components: a resource, a property and a statement. A statement consists of a subject, a predicate and an object. These are usually described in XML (extensible Markup Language). However, there is N3 (Notation3) [8] as the third notation for describing the RDF model. N3 is not only compact and comprehensible but also can express Quotation that the description is difficult in the XML syntax. Furthermore, the Rules and Logic framework layers of the Semantic Web can be concretely described by using N3. As an example, when the vocabulary such as Doctor, treats, Diseases and name is defined in a certain document, the relation The doctor treats diseases. The doctor s name is Thomas. is represented as an RDF graph shown in Figure 2. In N3, it is described as follows: Doctor treats Deseases ; name Thomas. In N3, URIs (Uniform Resource Identifiers) that show a subject, a predicate and an object are enclosed with and enumerated. A period is put at the end. When the object is a literal, it is enclosed with. There is a shortcut for when there are several statements about the same subject. A semicolon ; introduces another property of the same subject. RDF Schema offers a basic mechanism to define the category of these properties and general resources. A necessary class can be defined by using the basic classes, the basic properties, etc. prepared in the specification of RDF Schema, and its instances and subclasses can be derived. In the Web, to relate the vocabulary (or concepts) originally defined here and there, and to interoperate each other, an ontology plays an important role. An ontology is used by people, databases and applications that need to share domain information, and it includes computer-usable definitions of basic concepts in the domain and the relationships among them. An ontology is usually expressed in a logic-based language so that detailed, accurate, consistent, sound and meaningful distinctions can be made among the classes, properties and relations. It encodes knowledge in a domain and also knowledge that spans several domains. In this way, it makes that knowledge reusable. OWL is the language developed by W3C that fills the requirement of ontology sharing, evolution, interoperability and inconsistency detection requested from the Web ontology language. In Figure 1, the Rules layer defines logic as a common basis that enables query and filtering. The Logic Framework layer describes knowledge that uses logic such as the first-order logic, and does the processing of the agent based on it. The Proof layer shows foundation like the history and the reason for the agent processing that leads to the processing result. The Trust layer guarantees the reliability of meta-data offered by the Semantic Web and the processing result of the agent which interprets and processes the meta-data.

3. Design of e-learning System 3.1. Outline and Characteristic We design an e-learning system on the Web in which a learner can study cryptography using a Web browser. This system introduces the concept of the Semantic Web, particularly the concept of ontology, into the design of the system. By using ontology, not only the learning materials but also the vocabulary of the concepts contained in the learning materials and their relations can be delivered to the learner. In this way, the following advantages are yielded in comparison with the traditional e-learning without ontology: Additional information can be also offered when the learner is provided with the learning materials. When a word (or concept) the learner wants to inquire is searched, the learner can get the information that represents the relation of the word with other words. For the part in which the learner made a mistake in an assessment (test), the system can feedback various words related with the mistake as well as the correct answer. In the process of learning, the system can adjust the amount of information provided to the learner and can infer the learning contents to be studied following the present contents, according to the learner s experience. Consequently, it is expected that convenience for the learner is enhanced and easy understanding of the learning contents is accomplished, because words to be studied and the relations among them are comprehensible and the learner can easily image the whole learning domain. 3.2. Ontology for Cryptography and its Use The ontology for cryptography is described in Notation3 which can simplify description in RDF. Figure 3 shows part of the ontology used in our e-learning system. It says A public key cipher is a cipher and uses a public key and a private key. A public key is a key. The system refers to the ontology, if need be, and it provides the learner with additional necessary information, while he/she peruses the contents of the learning materials. Also, when the learner wants to inquire further into a word, it searches the ontology for the word. As the result of this search and inference, the learner Figure 3. Part of ontology in Notation3. can acquire information such as the role of (the concept corresponding to) the word in the cryptographic domain. In this ontology, the relation among words (concepts) important in the cryptographic domain is organized as shown in Figure 4. The related two words are connected by an arrow and the name of the relation is attached to the arrow. There exist relations such as subclassof, has, type, equivalentclass, etc. The contents of this ontology are explained below: Cipher and authentication are two important concepts in cryptography. By cipher, the eavesdropping can be avoided and confidentiality which is the inverse concept of eavesdropping can be achieved. There are two ciphers, i.e. shared-key cipher and publickey cipher. Shared-key cipher is often identified with symmetric-key cipher, secret-key cipher and commonkey cipher. DES and Caesar cipher belong to sharedkey cipher where shared-keys are used. A shared-key is also called a symmetric-key. RSA and Elgamal cipher belong to public-key cipher where public-keys and private-keys (also called secret-keys) are used. They are keys and are used for encryption and decryption. In encryption, a plaintext is input and a ciphertext is output. On the other hand, in decryption, a ciphertext is input and a plaintext is output. Encryption and decryption are important concepts which constitute cipher. By authentication that uses cipher together, tampering and spoofing can be avoided. Integrity and authenticity are the inverse concepts of tampering and spoofing, respectively. Eavesdropping, tampering and spoofing threaten security. Hash functions such as SHA-1 and MD5 are used for authentication. A hash function inputs a plaintext and outputs a hash value. The above mentioned ontology can be used during the learning process, to provide the learner with intelligible learning information for cryptography. In the concrete, this ontology is applicable to the cases where a search for (the meaning of) a word is performed, a review of the portion mistaken in an assessment (test) is

Figure 4. Ontology for cryptography (part). of experience based on the learner s past history, past test results and so on. When the learning materials are perused, if the depth of experience is deep, the quality and quantity of the offered learning materials will be raised; on the other hand, if shallow, those will be reduced and the learning will be performed from the basics. 3.3. System Function Figure 5. Reasoning. performed, etc. In case of a word search, this system reasons as shown in Figure 5 for the specified word. In this figure, a dotted arrow shows the portion of the reasoning result. The learner can choose the depth of reasoning and thus he/she can attain the learning information according to the degree at which he/she wants to study. For the learner, the main part of learning is in perusal of the learning materials. If the system can use his/her personal information (profile), it is expected that the learning materials will become easier to be used. Therefore, we prepare another knowledge, i.e. learner profile, besides the cryptographic ontology. The learner profile includes the information about the depth The main functions of this e-learning system are as follows. Login security In order to protect personal and confidential information, a login security is required. When the learner uses this system, his/her account and password need to be input. The password is encrypted by using MD5 which is one of the hash functions and is then transmitted to the server of this system. Delivery of learning materials This is the function to provide the learner with the learning materials. By making better use of the ontology and learner profiles, it is planned that the optimal materials are provided. Assessment (test) After the learner studies with the learning materials to some extent, an assessment for achievement is made.

Figure 7. Query about a word. Figure 6. System configuration. Perusal of personal information The assessment results, the mistaken parts, etc. can be perused. Word search This is used when there is a word (or concept) the learner wants to know in detail at the time of learning material perusal. For this purpose, the ontology is used to infer the related words. The search can be performed in accordance with the degree at which the learner wants to know, and a multi-stage reasoning is also possible. Adaptation of amount of learning materials With reference to the learner profile, the amount of information of the learning materials is adjusted according to the learner s experience. For the learner with a deep experience, a large amount of information is offered to raise knowledge further. On the other hand, a small amount of information (i.e. basics) is offered for the learner with a shallow experience. Moreover, at the time of learning material perusal, the learner can get the information such as antonym and synonym related with an interesting word. In order to realize the above functions, we have designed our e-learning system as shown in Figure 6. We outline how the system works below. A request from a learner is classified by Servlet at the server side, and the corresponding Bean is generated. When the desired learning material is picked out from the database, the ontology is referred for reasoning. Then if there is additional information, it is added and offered together. All of these information is passed to JSP (Java Server Pages), and is finally answered to the browser of the learner in HTML form. The communication between the client and server machines is securely performed using SSL (Secure Sockets Layer) which is a protocol for secure exchange of information on the Internet. 4. Implementation 4.1. Outline We have been implementing a prototype of the e- learning system designed in the preceding section. The prototype system has been built on the LAN of our college. The underlying OS is Windows2000 and the main implementation language is JAVA. In the following, we show the technology used in the implementation with an example. Suppose that a request for perusal of a learning material is issued from a learner. It reaches Servlet via the Web browser. In Servlet, a program dynamically generates HTML or other resources, and it returns the result to the Web browser. The requested processing is classified and Bean which performs the processing is generated. Bean is a kind of class whose properties and methods can be used from JSP. For this example, Bean for perusal of learning materials is generated. It acquires the corresponding information from the database, referring to the ontology. PostgreSQL is used for access to the database. The acquired information is passed to JSP. JSP can embed JAVA codes in HTML so that it becomes easy to, for example, change data to be displayed. Finally, with this mechanism, the acquired information is delivered to the learner via the Web browser in HTML form. SSL is used for secure communication between client and server. 4.2. Example Figure 7 shows a word search box on a Web browser. It is used when there is a word which the learner wants to know at the time of learning material perusal. The searchable words are contained in the box in advance. The learner chooses an interesting word from there. As described before, a flexible search in accordance with the degree at which the learner wants to know is possible. In the server side, the required information is reasoned with reference to the ontology and is offered to the learner. In case of a more detailed search, the learner can specify a multi-stage reasoning. We show below some examples that are presently demonstrable although this prototype system is still under development.

Figure 8. Query response. Figure 9. Adaptation of learning materials. Assume a situation where the word public-key is searched more in two stage reasoning. For this query, the system performs the reasoning as shown in Figure 5 with reference to the ontology (Figure 4) and understands that public-key is used in public-key cipher and it is a subclass of key. As a consequence, the related information is retrieved from the database. Then the result is returned to the learner as a response as shown on the window in Figure 8 where various information related with public-key is delivered to the learner in an easy-to-understand form. This is obtained from the ontology and database. Since this example is two-stage reasoning, the information about key and public-key cipher is also obtained. Next, we demonstrate an example where the amount of information of the learning materials is adapted according to the learner s experience. In learning RSA, the window in Figure 9 shows the contents which are offered to inexperienced learners about cryptography. An explanation of important concepts is mainly offered and theoretical parts such as formulas are not presented. On the contrary, experienced learners are offered theoretical parts such as formulas. By repeating the above learning, the learner could gradually understand the whole cryptographic domain. As the relations among individual concepts are also learned naturally, the learner could learn the whole concept efficiently. 5. Conclusion In this paper, we have considered a way of applying the Semantic Web technology to the design of e- learning system for cryptography, and described the development of a prototype system. This system is yet under development. It remains to sophisticate and complete the design in the following points, for example: completing the ontology and learning materials; using context or structure of the learning materials as knowledge; considering how to utilize the ontology for the feedback from the system in the process of learning or on an assessment. It is also important future works to investigate the advantages and disadvantages of the system through its use by many learners and to do an evaluation and improvement of the system. References [1] W3C, Semantic Web, http://www.w3.org/2001/sw [2] T.Berners-Lee, Semantic Web road map, http://www.w3.org/designissues/semantic.html, 1998. [3] W.Horton, Designing Web-based training : how to teach anyone anything anywhere anytime, John Wiley & Sons, 2000. [4] M.J.Rosenberg, E-learning: strategies for delivering knowledge in the digital age, McGraw-Hill, 2001. [5] W3C, Resource description framework (RDF), http://www.w3.org/rdf [6] W3C, RDF vocabulary description language 1.0: RDF schema, http://www.w3.org/tr/rdf-schema, 2004. [7] W3C, OWL Web ontology language reference, http://www.w3.org/tr/owl-ref, 2004. [8] T.Berners-Lee, Notation3, http://www.w3.org/designissues/notation3.html, 1998.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information