Showing total 107 results

51. Security Enhancement of a Remote User Authentication Scheme Using Smart Cards.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Youngsook Lee, Junghyun Nam, and Dongho Won

Abstract

Designing cryptographic protocols well suited for today's distributed large networks poses great challenges in terms of cost, performance, user convenience, functionality, and above all security. As has been pointed out for many years, even designing a two-party authentication scheme is extremely error-prone. This paper discusses the security of Lee et al.'s remote user authentication scheme making use of smart cards. Lee et al.'s scheme was proposed to solve the security problem with Chien et al.'s authentication scheme and was claimed to provide mutual authentication between the server and the remote user. However, we demonstrate that Lee et al.'s scheme only achieves unilateral authentication — only the server can authenticate the remote user, but not vice versa. In addition, we recommend changes to the scheme that fix the security vulnerability. Keywords: Authentication scheme, password, smart card, parallel session attack, reflection attack. [ABSTRACT FROM AUTHOR]

Published

2006

52. An Ontology-Based Scheme Enabling the Modeling of Cooperation in Business Processes.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Noguera, Manuel, Hurtado, M. Visitación, and Garrido, José L.

Abstract

Nowadays enterprises face more and more ambitious projects which require the cooperative participation of different organizations. The modeling of one organization information is a crucial issue. There are several approaches for analyzing or representing how an organization is structured and operates. Much recent research points to ontologies as an appropriate technology for modeling enterprise systems. This paper presents a proposal for modeling cross-enterprise business processes from the perspective of cooperative systems. The proposal consists of a multi-level design scheme for the construction of cooperative system ontologies, and it is exemplified through a real case study. Benefits related to ontology integration are also presented. Keywords: Ontologies, Cross-enterprise Business Processes, Conceptual modeling, CSCW. [ABSTRACT FROM AUTHOR]

Published

2006

53. From Inter-organizational to Inter-departmental Collaboration - Using Multiple Process Levels.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, and Simonovich, Daniel

Abstract

Business process modeling has gained fundamental importance for describing the collaboration in and between enterprises. However, the lack of standardization and range of levels of detail used in corporate practice pose practical challenges. This is particularly true in transformations like outsourcing or mergers and acquisitions, where a high degree of flexibility is required from both organization structures and information and communication technology (ICT). Rather than suggesting a process modeling standard to fit all purposes, this paper presents three complementary and reality-checked levels of process design tailored at different audiences and serving corresponding modeling purposes in transformation projects. Keywords: Business process management, conceptual modeling, enterprise collaboration, organizational transformation. [ABSTRACT FROM AUTHOR]

Published

2006

54. Semantic LBS: Ontological Approach for Enhancing Interoperability in Location Based Services.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Jong-Woo Kim, Ju-Yeon Kim, and Chang-Soo Kim

Abstract

Location Based services (LBS) is a recent concept that integrates a mobile device's location with other information in order to provide added value to a user. Although Location Based Services provide users with much comfortable information, there are some complex issues. One of the most important issue is managing and sharing heterogeneous and numerous data in decentralized environments. The problem makes interoperability among LBS middleware, LBS contents providers, and LBS applications difficult. In this paper, we propose Semantic LBS Model as one of the solution to resolve the problem. Semantic LBS Model is a LBS middleware model that includes a data model for LBS POI information and its processing mechanism based on Semantic Web technologies. Semantic LBS Model provide rich expressiveness, interoperability, flexibility, and advanced POI retrieval services by associating POI Description Language (POIDL) ontology with heterogeneous domain specific ontologies. [ABSTRACT FROM AUTHOR]

Published

2006

55. Information Leakage and Capability Forgery in a Capability-Based Operating System Kernel.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Mossop, Dan, and Pose, Ronald

Abstract

The Password-Capability System has been designed as an operating system kernel suitable for general-purpose computing in a hostile environment. It has an access control mechanism based on password-capabilities, on top of which a confinement mechanism and a type management mechanism are layered. This paper studies the security of these mechanisms. We find that the mechanisms leak information which can be utilised by an attacker. Furthermore, we find that conditions placed on the generation of password-capabilities by the mechanisms enable the attacker to forge password-capabilities more efficiently than by exhaustive search. We show that all the discovered attacks can be prevented. This paves the way for the use of the mechanisms in a highly secure third-generation of the Password-Capability System. Keywords: Password-capabilities, access control, security analysis. [ABSTRACT FROM AUTHOR]

Published

2006

56. Secure and Seamless Handoff Scheme for a Wireless LAN System.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Jaesung Park, Beomjoon Kim, and Iksoon Hwang

Abstract

IEEE 802.11i standard specifies full authentication and preauthentication for secure handoff in 802.11 wireless LAN (WLAN). However, the full authentication is too slow to provide seamless services for handoff users, and preauthentication may fail in highly populated WLANs where it is highly probable that the cache entry of a preauthenticated user is evicted by other users before handoff. In this paper, we propose a seamless and secure handoff scheme by reducing authentication and key management delay in the handoff process. When a user handoffs, security context established between the user and the previous access point (AP) is forwarded from the previous AP to the current AP, and the session key is reused only for the handoff session. The freshness of session key is maintained by regenerating session keys after handoff session is terminated. The proposed scheme can achieve considerable reduction in handoff delay with providing the same security level as 802.1X authentication by letting an AP authenticate a handoff user before making an robust security network association (RSNA) with it. [ABSTRACT FROM AUTHOR]

Published

2006

57. An Efficient Algorithm for Fingercode-Based Biometric Identification.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Hong-Wei Sun, Kwok-Yan Lam, Ming Gu, and Jia-Guang Sun

Abstract

With the emerging trend of incorporating biometrics information in e-financial and e-government systems arisen from international efforts in anti-money laundering and counter-terrorism, biometric identification is gaining increasing importance as a component in information security applications. Recently, fingercode has been demonstrated to be an effective fingerprint biometric scheme, which can capture both local and global details in a fingerprint. In this paper, we formulate fingercode identification as a vector quantization (VQ) problem, and propose an efficient algorithm for fingercode-based biometric identification. Given a fingercode of the user, the algorithm aims to efficiently find, among all fingercodes in the database of registered users, the one with minimum Euclidean distance from the user's fingercode. Our algorithm is based on a new VQ technique which is designed to address the special needs of fingercode identification. Experimental results on DB1 of FVC 2004 demonstrate that our algorithm can outperform the full search algorithm, the partial distance search algorithm and the 2-pixel-merging sum pyramid based search algorithm for fingercode-based identification in terms of computation efficiency without sacrificing accuracy and storage. Keywords: Biometric security, fingercode; fingerprint matching; vector quantization. [ABSTRACT FROM AUTHOR]

Published

2006

58. Improving the Dynamic ID-Based Remote Mutual Authentication Scheme.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Eun-Jun Yoon, and Kee-Young Yoo

Abstract

In 2005, Liao et al. pointed out the weaknesses of Das et al.'s dynamic ID-based remote user authentication scheme using smart cards, and then proposed a slight modification thereof to overcome these weaknesses. The current paper, however, demonstrates that Liao et al.'s scheme is still vulnerable to reflection attacks, privileged insider's attacks, and impersonation attacks by using lost or stolen smart card. Then, we present an improvement to the scheme in order to isolate such problems. Keywords: Authentication, Password, Dynamic ID, Smart card, Reflection attack. [ABSTRACT FROM AUTHOR]

Published

2006

59. Use of SAML for Single Sign-On Access to Multimedia Contents in a Peer-to-Peer Network.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Barrio, Rubén, Perramon, Xavier, and Delgado, Jaime

Abstract

The Single Sign-on technique (SSO) facilitates the management of authentication and authorization functions in a federation of servers providing access to protected resources. Different approaches to SSO exist, among them the XML-based Security Assertion Markup Language (SAML) standard, which has been used in applications such as intranet access within organizational domains. This paper focuses on the use of SAML for authentication and authorization in a project aimed at providing peer-to-peer access to high-definition audiovisual streams. Adaptation of various elements are proposed herein in order to cope with the specific characteristics of SSO in a P2P architecture. [ABSTRACT FROM AUTHOR]

Published

2006

60. New Key Generation Algorithms for the XTR Cryptosytem.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, and Grześkowiak, Maciej

Abstract

A. K. Lenstra and E. R. Verheul introduced a new public key system called XTR. They proposed two algorithms for finding primes p and q, where q (p2−p+1), p ≡2 (mod 3), which are the key parameters for the XTR. One is unable to estimate in a simple way a running time the above algorithms, nor to give a mathematical proof of their correctness or prove that these algorithms works in polynomial time as suggested authors above mentioned cryptosytem. In this paper we propose theoretical algorithms which find primes as above. We give a mathematical proof of its correctness, under the assumption of some conjecture. [ABSTRACT FROM AUTHOR]

Published

2006

61. On the Existence of Related-Key Oracles in Cryptosystems Based on Block Ciphers.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Razali, Ermaliza, and Phan, Raphael C. -W.

Abstract

The notion of a related-key attack (RKA) was formally introduced by Biham in 1993. It is essentially more of an attack model rather than a specific type of attack in that it considers what sort of oracles are available to the attacker. In this case, the attacker has access to related-key (RK) oracles, i.e. he is able to have encryptions performed on plaintexts of his choice, keyed by two or more unknown but related keys. The feasibility of this attack model is at times debated mainly because the assumption that an attacker would have access to RK oracles may be too strong to really exist in practice. Hence, attacks on block ciphers in this RKA model have commonly not been regarded on the same level of significance of those not requiring RK oracles. A good example is the AES. It is generally accepted that the best known attack is a non-RKA by Gilbert and Minier in 2000, although it applies to less rounds compared to the best known RKA on AES by Biham et al. that applies to more rounds. It is our aim in this paper to show how RK oracles exist in various block cipher based cryptosystems. The gist is to think outside the box, i.e. to note that a block cipher is often an underlying primitive within a larger cryptographic construct, thus it is only natural to evaluate the block cipher security in this setting and not as a standalone primitive. In doing so, we formally introduce the notion of related-key multiplicative differentials, and related-key compositionally differentials. We also consider the existence of RK oracles in PGV-type hash functions, message authentication codes, recent authenticated encryption modes and cases of key-exchange protocols not previously mentioned in literature. [ABSTRACT FROM AUTHOR]

Published

2006

62. Preamble Encryption Mechanism for Enhanced Privacy in Ethernet Passive Optical Networks.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Inácio, Pedro R. M., Hajduczenia, Marek, Freire, Mário M., Silva, Henrique J. A., and Monteiro, Paulo P.

Abstract

Ethernet Optical Passive Networks (EPONs), defined as low cost access networks, combine Ethernet technology with an optical fiber infrastructure to deliver voice, video and data services from a Central Office (CO) to end-users. Since all data in the downstream is broadcasted, it is susceptible to be eavesdropped by a malicious user, which can use it to try Theft of Service (ToS) through masquerading techniques. These threats remain present when encryption is applied to EPON frame payloads. In order to avoid user profile inference through data mining techniques, a method for encryption of the preamble of the data units is proposed in this paper and a short description of its operations is presented. This new encryption mechanism assures that any two EPON frames are always transmitted with different and uncorrelated preambles. Keywords: Security, Ethernet Passive Optical Networks, EPON, encryption mechanism, EPON frame preamble, privacy. [ABSTRACT FROM AUTHOR]

Published

2006

63. An Efficient ID-Based Delegation Network.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Taek-Young Youn, Young-Ho Park, Chang Han Kim, and Jongin Lim

Abstract

Delegation of signing capability is a common practice in various applications. Mambo etal. proposed a proxy signatures as a solution for delegation of signing capability. Proxy signatures allow a designated proxy signer to sign on behalf of an original signer. After the concept of proxy signature scheme was proposed, many variants are proposed to support more general delegation setting. To capture all possible delegation structures, the concept of delegation network was introduced by Aura, and an ID-based delegation network was proposed by Chow etal. In the computational point of view, their solution requires E pairing operations and N elliptic curve scalar multiplications where E and N are the number of edges and nodes in a delegation structure, respectively. In this paper, we proposed an efficient ID-based delegation network which requires only E pairing operations. Moreover, we modify our delegation network, and the modified scheme requires only N pairing operations. In general, E is larger than N and E increases according to the complexity of the network. So the modified delegation network is remarkably efficient than the previous delegation network. Keywords: ID-based Signatures, Proxy Signatures, Delegation Network. [ABSTRACT FROM AUTHOR]

Published

2006

64. An Efficient Dispute Resolving Method for Digital Images.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Yunho Lee, Heasuk Jo, Seungjoo Kim, and Dongho Won

Abstract

Resolving rightful ownerships of digital images is an active research area of watermarking. Though a watermark is used to prove the owner's ownership, an attacker can invalidate it by creating his fake original image and its corresponding watermark. This kind of attack is called ambiguity attack and can be tackled either by use of non-invertible watermarking schemes or by use of zero-knowledge watermark detections. If a non-invertible watermarking scheme is used, then the owner should reveal her original image which should be kept secret. And if a zero-knowledge watermark detection is used, then no one can verify the claimed ownership unless the owner is involved. Moreover, in case of zero-knowledge watermark detection, the protocol is relatively complicated and needs more computations. In this paper, using the MSBs string of the original image other than the original image itself, we propose an efficient dispute resolving method while preserving secrecy of the original image. Keywords: Ownership, Non-invertible Watermark, Similarity Functions. [ABSTRACT FROM AUTHOR]

Published

2006

65. An Implementation of a Trusted and Secure DRM Architecture.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Torres, Víctor, Delgado, Jaime, and Llorente, Silvia

Abstract

Content providers and distributors need to have secured and trusted systems for the distribution of multimedia content with Digital Rights Management (DRM) to ensure the revenues derived from their works. This paper discusses the security mechanisms applied to the implementation of a DRM architecture, regarding the certification and verification of user tools integrity during their whole life cycle, the mechanisms for providing a secure and trusted communication between client tools and the server framework for authorisation, certification or verification purposes, and the mechanisms for the secure storage and resynchronisation of the reports that describe the actions performed by users during the tool offline operation. The presented architecture is being implemented in the AXMEDIS project, which aims to create an innovative technology framework for the automatic production, protection and distribution of digital cross media contents over a range of different media channels, including PC (on the Internet), PDA, kiosks, mobile phones and i-TV. Keywords: Secure content management, multimedia content protection, digital rights management systems. [ABSTRACT FROM AUTHOR]

Published

2006

66. Using Image Steganography for Decryptor Distribution.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Morkel, T., Eloff, J. H. P., and Olivier, M. S.

Abstract

When communicating secret information there is more than one route to follow to ensure the confidentiality of the message being transmitted. Encryption might be an obvious choice; however there are limitations and disadvantages to using encryption. An alternative approach is steganography, which is a technology for hiding information in other information. Combining the two disciplines may provide better security but more overhead, since the receiver must now have knowledge not only of how the information was encrypted, but also of how it was hidden, in order to retrieve the message. This paper proposes a system where image steganography is combined with encryption by hiding not only a message inside an image, but also the means to extract and decrypt the message. An executable program is hidden inside the image that functions as a decryptor, enabling the receiver to be oblivious to the encryption algorithm used. [ABSTRACT FROM AUTHOR]

Published

2006

67. Agent Community Support for Crisis-Response Organizations.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, and Weigand, Hans

Abstract

Crisis response organizations can be supported effectively by means of agent communities where agents represent human actors or organizational roles. An agent community can be organized in several ways. The paper defines requirements on agent community architecture and coordination structure from the point of view of crisis response, and proposes an architectural solution. Particular attention is given to the distribution of information. Keywords: Crisis-Response Systems, Multi-Agent Systems, Communities. [ABSTRACT FROM AUTHOR]

Published

2006

68. Metadata Mechanisms: From Ontology to Folksonomy ... and Back.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, and Christiaens, Stijn

Abstract

In this paper we give a brief overview of different metadata mechanisms (like ontologies and folksonomies) and how they relate to each other. We identify major strengths and weaknesses of these mechanisms. We claim that these mechanisms can be classified from restricted (e.g., ontology) to free (e.g., free text tagging). In our view, these mechanisms should not be used in isolation, but rather as complementary solutions, in a continuous process wherein the strong points of one increase the semantic depth of the other. We give an overview of early active research already going on in this direction and propose that methodologies to support this process be developed. We demonstrate a possible approach, in which we mix tagging, taxonomy and ontology. Keywords: tagging, folksonomy, community informatics, faceted classification, ontology, Semantic Web. [ABSTRACT FROM AUTHOR]

Published

2006

69. Community-Driven Ontology Evolution Based on Folksonomies.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Gendarmi, Domenico, and Lanubile, Filippo

Abstract

The Semantic Web mission is to enable a better organization of the Web content to improve the searching, navigation and integration of the available information. Although the Semantic Web is intended for machines, the process of creating and maintaining it is a social one: only people, for example, have necessary skills to create and maintain ontologies. While most existing ontologies are designed by single individuals or small groups of experts, actual ontology users are not involved in the development process. Such an individual approach in creating ontologies, lead to a weak community grounding. On the other hand, Social Software is becoming increasingly popular among web users, giving opportunities to exploit the potential of collaboration within a community. Tools like wikis and folksonomies allow users to easily create new content and share contributions over a social network. Social Software tools can go beyond their current limits, by exploiting the power provided by semantic technologies. Conversely, Semantic Web tools can benefit from the ability of Social Software in fostering collaboration among users, by lowering entry barriers. In this paper we propose a new approach for ontology evolution, considering collaborative tagging systems as an opportunity to complement classic approaches used in maintaining ontologies. Keywords: folksonomy, collaborative tagging, ontology evolution, social software, semantic web, semantic collaboration. [ABSTRACT FROM AUTHOR]

Published

2006

70. Communications Breakdown: Revisiting the Question of Information and Its Significance for Community Informatics Projects.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, and Tibben, William

Abstract

The gap between those who understand the complexities of community requirements and the information technologists who can build the technologies represents a central focus of concern with Community Informatics (CI) research. This paper explores how different assumptions about the utility of information during this innovation process leads to poor communication between researchers and practitioners. Braman's four-part hierarchy is a useful vehicle to investigate this as she seeks to include a range of actors such as policy makers, technologists and community members. A number of case study examples are explored to illustrate the value of Braman's work for CI. [ABSTRACT FROM AUTHOR]

Published

2006

71. A Configurable Event Correlation Architecture for Adaptive J2EE Applications.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Liu, Yan, Gorton, Ian, and Le, Khanh Vinh

Abstract

Distributed applications that adapt as their environment changes are developed from self-managing, self-configuring and self-optimising behaviours. This requires constant monitoring of the state of the environment, and analysing multiple sources of events. Event correlation is the process of correlating monitored events from multiple sources for further analysis. It is essential that event correlation supports reliable event management with minimal delay. This paper describes the design and implementation of an event correlation architecture for adaptive J2EE applications. The architecture supports flexible configuration of event correlation in terms of the reliability and performance. This is especially useful in situations when multiple sources of events have different level of requirements for reliability and performance. We evaluate the performance overhead of this event correlation architecture and demonstrate its practical usage in a case study of an adaptive image server application. Keywords: Event correlation, adaptive, distributed application, message, middleware. [ABSTRACT FROM AUTHOR]

Published

2006

72. Dynamic Load Balancing for Online Games Using Predefined Area Information.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Beob Kyun Kim, Dong Un An, and Seung Jong Chung

Abstract

Usually, online games cannot adapt to the dynamic change of population. In this paper, we propose a new dynamic load balancing approach for online games using predefined area information. To control dynamic change of population, it divides or merges fields considering the surveyed load based on predefined area information. By the simple modification to this information, we can easily control problems that come from changes of map data, changes of resources' status, or changes of user's behavior pattern. [ABSTRACT FROM AUTHOR]

Published

2006

73. Mediation as Recommendation: An Approach to Design Mediators for Object Catalogs.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Brauner, Daniela F., Casanova, Marco A., and Milidiú, Ruy L.

Abstract

A catalog holds information about a set of objects, typically classified using terms taken from a given thesaurus. Mediated access to a collection of catalogs over the same domain therefore requires some strategy to deal with multiple thesauri, which represent different classifications for the same domain. This paper proposes an approach using online mapping rate estimations to define weighted relationships between terms of distinct thesauri. The mediator then uses such relationships to remap keyword-based queries to the different catalogs. Moreover, query answers provide valuable feedback to adjust the relationship weights, thereby improving the mediator accuracy. [ABSTRACT FROM AUTHOR]

Published

2006

74. Automated Deployment of Enterprise Systems in Large-Scale Environments.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Abdellatif, Takoua, Hoareau, Didier, and Mahéo, Yves

Abstract

The deployment of multi-tiered applications in large-scale environments remains a difficult task: the architecture of these applications is complex and the target environment is heterogeneous, open and dynamic. In this paper, we show how the component-based approach simplifies the design, the deployment and the reconfiguration of a J2EE system. We propose an architecture description language that allows specifying constraints on the resources needed by the components and on their location, and a deployment solution that handles failures. [ABSTRACT FROM AUTHOR]

Published

2006

75. Scheduling of Composite Web Services.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Dyachuk, Dmytro, and Deters, Ralph

Abstract

Composite Web Services (CWS) aggregate multiple Web Services (WS) in one logical unit to accomplish a complex task (e.g. business process). This aggregation is achieved by defining a workflow that orchestrates the underlying Web Services in a manner consistent with the desired functionality. Since CWS can aggregate atomic WS and/or other CWS they foster the development of service layers and reuse of already existing functionality. An important issue in the deployment of services is their run-time performance under various loads. Due to the complex interactions of the underlying services, a CWS they can exhibit problematic and often difficult to predict behaviours in overload situations. This paper focuses on the use of request scheduling for improving CWS performance in overload situations. Different scheduling policies are investigated in regards to their effectiveness in helping with bulk arrivals. Keywords: Web Services, Composite Web Service, LWKR, SJF, Scheduling, Admission Control. [ABSTRACT FROM AUTHOR]

Published

2006

76. Middleware Support for Monitoring: Privacy and Audit in Healthcare Applications.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Shand, Brian, and Rashbass, Jem

Abstract

Healthcare applications have special needs that are not met by current messaging and workflow systems. This paper presents a framework which allows reliable audit of access to medical records, and also provides privacy protection and logistical monitoring information for assessing the effectiveness of medical automation. This is achieved by extending the messaging middleware semantics to support message monitoring tokens and privacy meta-data, together with distributed logging. The same mechanisms provide support for Workflow Management System (WfMS) integration and workflow monitoring; the rich log structure allows the actual workflow usage to be reconstructed as a Petri Net, with greater accuracy than existing techniques. This enables workflow mining and evolution without compromising the privacy of clinical data. [ABSTRACT FROM AUTHOR]

Published

2006

77. IS 2006 PC Co-chairs' Message.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Freire, Màrio, Sousa, Simão Melo, and Santos, Vitor

Abstract

On behalf of the Program Committee of the First International Workshop on Information Security (IS 2006), it was our great pleasure to welcome the participants to the IS 2006, held in conjunction with OnTheMove Federated Conferences (OTM 2006), from October 30 to November 1, 2006, in Montpellier, France. In recent years, significant advances in information security have been made throughout the world. The objective of the workshop was to promote information security related research and development activities and to encourage communication between researchers and engineers throughout the world in this area. [ABSTRACT FROM AUTHOR]

Published

2006

78. Multimodal Architectures: Issues and Experiences.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Frattini, Giovanni, Romano, Luigi, Carlo, Vladimiro Scotto, Petriccione, Pierpaolo, Supino, Gianluca, Leone, Giuseppe, and Autiero, Ciro

Abstract

The penetration of mobile device in western countries is still increasing. The Italian case is really surprising: every single Italian has more than one mobile terminal. Thus, considering this large potential audience, there is real need for innovation and new services. In this context, usable multimodal services could have an unexpected impact on social behaviour. Nevertheless, the research community should be able to propose a framework for building generic multi-modal services, covering all their lifecycle. We are currently defining an architecture for building coordinated simultaneous multimodal applications trying to use as much as possible open source software: our goal is to define a set of tools for enabling a rapid deployment of a generic multimodal service. In our opinion, a platform based on open source software could meet the expectations of a large numbers of service developers. A special effort for enabling a mass diffusion of mobile multimodal services should be focused on the client side, where the situation is still evolving. [ABSTRACT FROM AUTHOR]

Published

2006

79. Bringing Together Structured and Unstructured Sources: The OUMSUIS Approach.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Diallo, Gayo, Simonet, Michel, and Simonet, Ana

Abstract

Integration of heterogeneous sources is a means to offer the user an access to multiple information sources in a unified way through queries submitted to a global schema. We propose a semantic web-based mediator model, to provide unified access to various sources which may be both structured (database systems) and unstructured (textual medical reports, scientific publications, etc.). The mediator level is composed of the global ontology and a set of ontologies which make it possible to characterize sources (one or several ontologies by source). Unstructured sources are seen through their Semantic Document Representation obtained by a semantic characterization process. A reverse engineering process is then applied on each Semantic Document Representation schema and each structured source schema in order to provide semi-automatically a set of local ontologies. These local ontologies are articulated around the global schema following the global centric approach. A service called Terminology Server (ServO) is used to perform queries and manage the ontologies. The ontology-based query model combines databases and information retrieval techniques. We illustrate this approach with a case study in the brain disease field but it is sufficiently generic to be used in other domains. [ABSTRACT FROM AUTHOR]

Published

2006

80. Methodologically Designing a Hierarchically Organized Concept-Based Terminology Database to Improve Access to Biomedical Documentation.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Vaquero, Antonio, Sáenz, Fernando, Alvarez, Francisco, and Buenaga, Manuel

Abstract

Relational databases have been used to represent lexical knowledge since the days of machine-readable dictionaries. However, although software engineering provides a methodological framework for the construction of databases, most developing efforts focus on content, implementation and time-saving issues, and forget about the software engineering aspects of database construction. We have defined a methodology for the development of lexical resources that covers this and other aspects, by following a sound software engineering approach to formally represent knowledge. Nonetheless, the conceptual model from which it departs has some major limitations that need to be overcome. Based on a short analysis of common problems in existing lexical resources, we present an upgraded conceptual model as a first step towards the methodological development of a hierarchically organized concept-based terminology database, to improve the access to medical information as part of the SINAMED and ISIS projects. [ABSTRACT FROM AUTHOR]

Published

2006

81. Secure EPCglobal Class-1 Gen-2 RFID System Against Security and Privacy Problems.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Kyoung Hyun Kim, Eun Young Choi, Su Mi Lee, and Dong Hoon Lee

Abstract

Radio Frequency Identification (RFID) system is an important technology in ubiquitous computing environment. RFID system should be compatible with most RFID system applications to support the ubiquitous computing environment. Recently, researchers had studied about RFID standardization. After all, EPCglobal Class-1 Gen-2 (C1G2) RFID is selected as an international standard of RFID systems. Unfortunately, it has fatal security problems to be vulnerable to information leakage and traceability since a tag of EPCglobal C1G2 emits its fixed ID(EPC) without hiding or modifying. A main goal of our work is to propose the secure protocol well suitable for EPCglobal C1G2. First of all, our protocol exactly follows RFID standard with only current capabilities of a tag approved in the standard, assuring that our protocol is secure against impersonation, information leakage, and traceability etc. [ABSTRACT FROM AUTHOR]

Published

2006

82. Agent-Grid Integration Ontology.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Duvert, Frederic, Jonquet, Clement, Dugenie, Pascal, and Cerri, Stefano A.

Abstract

The integration of GRID and MAS (Multi-Agents Systems) is an active research topic. We have recently proposed the Agent-Grid Integration Language, to describe a service-based integration of GRID and MAS models. However, the complexity of the mutual integration aspects leads us to define a rigorous way to formalize the key concepts, their relations and the integration rules by means of an ontology. With this ontology, we can describe the elements and their composition that occur in various service exchange scenarios with agent on the Grid. The ontology could be used both to model the behaviour of GRID-MAS integrated systems and to check the consistency of these systems and their instances. A concrete scenario is illustrated. [ABSTRACT FROM AUTHOR]

Published

2006

83. Filtering Internet News Feeds Using Ad-Hoc Ontologies.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Bröcker, Lars, and Paal, Stefan

Abstract

News feeds using RDF Site Summary (RSS) are becoming common-place for news providers on the Internet. Using a news aggregator, users can stay informed about the topics they are interested in without having to constantly check the actual web pages themselves. This near instant availability of a plethora of news sources poses new challenges: filtering and categorisation techniques are needed that adapt to changing information needs of the users as well as to the changes occurring in the topics reported on. This paper presents an approach to filtering news feeds relevant to a set of interests using ad-hoc ontologies. These filters are created from a small core-ontology describing topics of articles the user is interested in. [ABSTRACT FROM AUTHOR]

Published

2006

84. Autonomous Deployment and Reconfiguration of Component-Based Applications in Open Distributed Environments.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Dubus, Jérémy, and Merle, Philippe

Abstract

In open distributed environments (ODEs), such as grid and ubiquitous computing, deployment domains can not be statically identified as they dynamically evolve. Thus, ADLs are unadapted to describe explicitly and exhaustively applications deployed and executed on ODEs. We argue that concepts for managing evolution autonomously should allow architects to describe how their component-based applications must evolve when the deployment domain evolves too. The contribution of this paper is Dacar, a rule-based framework to address autonomous evolution of software architectures in open distributed environments. [ABSTRACT FROM AUTHOR]

Published

2006

85. Distributed Adaptation Reasoning for a Mobility and Adaptation Enabling Middleware.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Paspallis, Nearchos, and Papadopoulos, George A.

Abstract

The prospect of adaptive, mobile applications provides both opportunity and challenge to the application developers. Adaptive, mobile applications are designed to constantly adapt to the contextual conditions with the aim of optimizing the quality of their offered service. In this respect the MADAM project provides software engineers with reusable models, tools and runtime support for enabling adaptive behavior in their mobile applications. This paper presents an extension to the MADAM middleware architecture which enables distributed compositions. To this end, a new adaptation reasoning approach is described, which improves on the original one in two ways: it allows decentralized reasoning for selecting the most suitable adaptation and it supports distributed application composition. Moreover, the proposed approach is argued to provide additional benefits such as robustness, agility and scalability. [ABSTRACT FROM AUTHOR]

Published

2006

86. Erratum.

Author

Meersman, Robert, Tari, Zahir, and Herrero, Pilar

Published

2006

87. MONET 2006 PC Co-chairs' Message.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Ferri, Fernando, Rafanelli, Maurizio, and D'Ulizia, Arianna

Abstract

In recent years the research area of social mobile and networking technologies has made rapid progress, due to the increasing development of new mobile technologies and the widespread usage of the Internet as a new platform for social interactions. Social applications of mobile and networking technologies serve groups of people in shared activities, in particular geographically dispersed groups who are collaborating on some task in a shared context. An important characteristic of those social applications is the continuous interaction between people and technology to achieve a common purpose. Again social applications tend to be large-scale and complex, involving difficult social and policy issues such as those related to privacy and security access. [ABSTRACT FROM AUTHOR]

Published

2006

88. MIOS-CIAO 2006 PC Co-chairs' Message.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Albani, Antonia, and Dietz, Jan L. G.

Abstract

Modern enterprises face a strong economical pressure to increase competitiveness, to operate on a global market, and to engage in alliances of several kinds. Agility thus has become the new guiding principle for enterprises. This requires flexible organizational structures and business processes, as well as flexible supporting information systems and a flexible information and communication technology (ICT) infrastructure. In addition, an enterprise needs to be able to easily expand or shrink, be it through collaborations with other enterprises, through mergers or acquisitions, or through insourcing or outsourcing of services. In order to meet these economical requirements, enterprises rely increasingly on the benefits of modern ICT. However, the appropriate knowledge to deploy this technology as needed, and in an effective and efficient way, is largely lacking,particularly knowledge regarding the cooperation in and between enterprises and knowledge regarding the interoperability of their information systems. [ABSTRACT FROM AUTHOR]

Published

2006

89. AWeSOMe 2006 PC Co-chairs' Message.

Author

Meersman, Robert, Tari, Zahir, Grosu, Daniel, Herrero, Pilar, Médez, Gonzalo, and Sabou, Marta

Abstract

The Second International Workshop on Agents, Web Services and Ontologies Merging (AWeSOMe'06) is held in conjunction with the OnTheMove Federated Conferences (OTM'06) in Montpellier, France, 29th October 2006. AWeSOMe is an interdisciplinary workshop focusing on research and applications combining web services, ontologies and agents leading to the development of an intelligent service Web. Web services are a rapidly expanding approach to building distributed software systems across networks such as the Internet. A Web service is an operation typically addressed via a URI, declaratively described using widely accepted standards, and accessed via platform-independent XML-based messages. [ABSTRACT FROM AUTHOR]

Published

2006

90. MobiSoft: An Agent-Based Middleware for Social-Mobile Applications.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Kern, Steffen, Braun, Peter, and Rossak, Wilhelm

Abstract

We present an agent-based middleware for social-mobile applications, which has been developed as part of an ongoing linkage project. One aspect of the MobiSoft project is the vision of facilitating, augmenting, and promoting human social interaction by electronic personal assistants during face-to-face encounters. Possible areas of social mobile applications include the establishment of groups or communities based on shared interests or goals, the exchange of information such as personal profiles, news, private sales, or any kind of recommendations, and the preselection of possible communication partners in social networks. We outline the decentralized peer-to-peer based architecture and present techniques for information representation using semantically rich languages based on existing standards. We describe, how mobile agents are facilitated as user representatives and intelligent information carriers in mobile ad-hoc networks and present a first prototype of a social-mobile application. [ABSTRACT FROM AUTHOR]

Published

2006

91. Supporting Mobile Activities in a Shared Semantic Ambient.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Pittarello, Fabio, and Celentano, Augusto

Abstract

We discuss an approach for modeling human activities in complex real environments, considering the delivery of services as a function of the semantic features of the environment and of the interaction between the users and their social networks. We propose an architecture supporting such a model, and discuss a case study about cooperative learning in a cultural heritage site. [ABSTRACT FROM AUTHOR]

Published

2006

92. An Event-Trigger-Rule Model for Supporting Collaborative Knowledge Sharing Among Distributed Organizations.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Minsoo Lee, Su, Stanley Y. W., and Lam, Herman

Abstract

The Internet has become the major platform for future inter-organizational knowledge-based applications. There is a need for knowledge modeling and processing techniques to perform event management and rule processing in such a distributed environment. We present an Event-Trigger-Rule (ETR) model, which differs from the conventional ECA rule model in that events and rules can be defined and managed independently by different people/organizations at different sites. Triggers are specifications that link distributed events with potentially complex structures of distributed rules to capture semantically rich and useful knowledge. Triggers can also be specified by different people/organizations in a distributed environment. Based on the ETR model, we have implemented an ETR Server that can be installed at multiple sites over the Internet. The ETR Server provides platform inde-pendence, extensibility, processing of event histories and rule structures, dynamic rule change at run-time, and Web-based GUI tools. The ETR Model and the implemented ETR Server can support various inter-organizational collaborative knowledge-based applications such as a Web-based negotiation system, supply chains, dynamic workflow management system, Knowledge Networks, and transnational information system. [ABSTRACT FROM AUTHOR]

Published

2006

93. Modeling and Storing Scientific Protocols.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Kwasnikowska, Natalia, Chen, Yi, and Lacroix, Zoé

Abstract

We propose an abstract model for scientific protocols, where several atomic operators are proposed for protocol composition. We distinguish two different layers associated with scientific protocols: design and implementation, and discuss the mapping between them. We illustrate our approach with a representative example and describe ProtocolDB, a scientific protocol repository currently in development. Our approach benefits scientists by allowing the archiving of scientific protocols with the collected data sets to constitute a scientific portfolio for the laboratory to query, compare and revise protocols. [ABSTRACT FROM AUTHOR]

Published

2006

94. A Proposal for a Gene Functions Wiki.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Hoehndorf, Robert, Prüfer, Kay, Backhaus, Michael, Herre, Heinrich, Kelso, Janet, Loebe, Frank, and Visagie, Johann

Abstract

Large knowledge bases integrating different domains can provide a foundation for new applications in biology such as data mining or automated reasoning. The traditional approach to the construction of such knowledge bases is manual and therefore extremely time consuming. The ubiquity of the internet now makes large-scale community collaboration for the construction of knowledge bases, such as the successful online encyclopedia "Wikipedia", possible. We propose an extension of this model to the collaborative annotation of molecular data. We argue that a semantic wiki provides the functionality required for this project since this can capitalize on the existing representations in biological ontologies. We discuss the use of a different relationship model than the one provided by RDF and OWL to represent the semantic data. We argue that this leads to a more intuitive and correct way to enter semantic content in the wiki. Furthermore, we show how formal ontologies could be used to increase the usability of the software through type-checking and automatic reasoning. [ABSTRACT FROM AUTHOR]

Published

2006

95. Suggested Ontology for Pharmacogenomics (SO-Pharm): Modular Construction and Preliminary Testing.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Coulet, Adrien, Smaïl-Tabbone, Malika, Napoli, Amedeo, and Devignes, Marie-Dominique

Abstract

Pharmacogenomics studies the involvement of interindividual variations of DNA sequence in different drug responses (especially adverse drug reactions). Knowledge Discovery in Databases (KDD) process is a means for discovering new pharmacogenomic knowledge in biological databases. However data complexity makes it necessary to guide the KDD process by representation of domain knowledge. Three domains at least are in concern: genotype, drug and phenotype. The approach described here aims at reusing whenever possible existing domain knowledge in order to build a modular formal representation of domain knowledge in pharmacogenomics. The resulting ontology is called SO-Pharm for Suggested Ontology for Pharmacogenomics. Various situations encountered during the construction process are analyzed and discussed. A preliminary validation is provided by representing with SO-Pharm concepts some well-known examples of pharmacogenomic knowledge. [ABSTRACT FROM AUTHOR]

Published

2006

96. Solving Bao's Colluding Attack in Wang's Fair Payment Protocol.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Payeras-Capellà, M. Magdalena, Gomila, Josep L. Ferrer, and Rotger, Llorenç Huguet

Abstract

An electronic purchase is an essential operation of electronic commerce. Fairness in the exchange of money and product, as well as anonymity of the buyer, are desirable features. In Asiacrypt 2003, C.H. Wang [8] presented a purchase protocol satisfying both anonymity and fairness, adapting the anonymous payment system of Brands [2], using a restrictive confirmation signature scheme. Later, In Asiacrypt 2004, Feng Bao [1] demonstrated that Wang's protocol [8] can be vulnerable to attacks produced by colluding users, and he affirmed that the protocol cannot be corrected due to the anonymity of the protocol. We will show that it is possible to correct Wang's protocol in order to avoid colluding attacks. We present a solution that modifies slightly the original protocol, maintaining the anonymity and untraceability of the original version. Finally, we discuss the convenience to achieve the property of timeliness. [ABSTRACT FROM AUTHOR]

Published

2006

97. Securing Data Accountability in Decentralized Systems.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Corin, Ricardo, Galindo, David, and Hoepman, Jaap-Henk

Abstract

We consider a decentralized setting in which agents exchange data along with usage policies. Agents may violate the intended usage policies, although later on auditing authorities may verify the agents' data accountability with respect to the intended policies. Using time-stamping and signature schemes, we design and analyze an efficient cryptographic protocol generating communication evidences, in such a way that an agent is accountable in our protocol only if the agent behaved honestly. Keywords: applied cryptography, data accountability, timed communication evidence, decentralized systems. [ABSTRACT FROM AUTHOR]

Published

2006

98. Examining the DoS Resistance of HIP.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Tritilanunt, Suratose, Boyd, Colin, Foo, Ernest, and Nieto, Juan Manuel González

Abstract

We examine DoS resistance of the Host Identity Protocol (HIP) and discuss a technique to deny legitimate services. To demonstrate the experiment, we implement a formal model of HIP based on Timed Petri Nets and use a simulation approach provided in CPN Tools to achieve a formal analysis. By integrating adjustable puzzle difficulty, HIP can mitigate the effect of DoS attacks. However, the inability to protect against coordinated adversaries on a hash-based puzzle causes the responder to be susceptible to DoS attacks at the identity verification phase. As a result, we propose an enhanced approach by employing a time-lock puzzle instead of a hash-based scheme. Once the time-lock puzzle is adopted, the effect of coordinated attacks will be removed and the throughput from legitimate users will return to the desirable level. [ABSTRACT FROM AUTHOR]

Published

2006

99. From Features Extraction to Strong Security in Mobile Environment: A New Hybrid System.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Cauchie, Stéphane, Brouard, Thierry, and Cardot, Hubert

Abstract

This article describes a complete original biometric system named Tactim based on the skin reaction coupled with security concepts. Even if the experiments showed that there is much work left, our approach has many advantages. Security and biometry are strongly linked together, the biometric features are original and strongly depend of the user's will, it can be easily interfaced to existing systems, so we finally propose a way to integrate this system in a Service Oriented Architecture and analyze its advantages and drawbacks. [ABSTRACT FROM AUTHOR]

Published

2006

100. A Case Against Currently Used Hash Functions in RFID Protocols.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Feldhofer, Martin, and Rechberger, Christian

Abstract

Designers of RFID security protocols can choose between a wide variety of cryptographic algorithms. However, when implementing these algorithms on RFID tags fierce constraints have to be considered. Looking at the common assumption in the literature that hash functions are implementable in a manner suitable for RFID tags and thus heavily used by RFID security protocol designers we claim the following. Current standards and state-of-the-art low-power implementation techniques favor the use of block ciphers like the Advanced Encryption Standard (AES) instead of hash functions from the SHA family as building blocks for RFID security protocols. In turn, we present a low-power architecture for the widely recommended hash function SHA-256 which is the basis for the smallest and most energy-efficient ASIC implementation published so far. To back up our claim we compare the achieved results with the smallest available AES implementation. The AES module requires only a third of the chip area and half of the mean power. Our conclusions are even stronger since we can show that smaller hash functions like SHA-1, MD5 and MD4 are also less suitable for RFID tags than the AES. Our analysis of the reasons of this result gives some input for future hash function designs. [ABSTRACT FROM AUTHOR]

Published

2006