S     H     I     P
Secure Heterogeneous Information Presentation
 

Overview

Our networked society is dependent on the access to and use of information through computer networks. Their multitude and heterogeneity, one of the great advantages of these networks, also poses many technical problems and challenges. There is a growing multitude of formats and platforms, of demands and expectations, of user types and information content, of communication channels and security requirements.

This project addresses the problem of tailoring content (text, sound, images or video) to the possibilities and limitations of various platforms (terminals, PDA, mobile telephone, laptop computer, home video installation) and the preferences of the user (mute, large font or even braille, black-and-white, only the headlines, etc.). A particular concern is the situation where the information is not organized in a way matching the needs of someone seeking the information. Anyone browsing the Internet will have tried to use documents that are in a `document format' that your computer does not handle properly, or in a graphical format which does not suit you or the machine you are using. The latter is often a problem for the increasing number of computers with small screens, such as mobile phones. It could also be that you are not authorized to access the information you want, typically, for some security reasons.

By the word `presentation' in the title we mean the general process of information disclosure, exchange and use. It poses problems to the user like those just mentioned, and puts serious and contradicting demands on the service providers in order to circumvent them. The user wants easily accessible information structured for her purposes and tailored for presentation in an available format. The information provider must also ensure that the information content makes sense, no matter on what platform or in what form it is presented, and that information is only disclosed to authorized users.

This broad goal is treated more concretely in two subprojects of SHIP, one on the document format `XML' and one on reasoning systems for `Agents'. The techniques and ideas developed in these subprojects will be tested in an e-learning system deployed by the Department of Informatics, University of Bergen.

XML

The questions and problems posed in the first section have to some extent been addressed by a document format called XML. XML has the last ten years become popular for information presentation on the Internet, and has also become the basis of several important technologies.

A major force of XML is that it can quite easily be used to define new document formats. To specify a new format using XML, you effectively specify a subset of all XML documents that are `valid'. `XML Schema' is one of several methods for specifying this. During creation of the presentation system one creates such a schema, and then a program can check that the XML documents used are valid. During use, though, there often come up issues that make it necessary to change the XML Schema. Maybe it turns out to be necessary to include more information, or information of another kind. It is then mandatory that all XML documents are checked with the new schema before being used. One of the concrete goals of this project is to ease this process by finding some reasonably fast check or comparison between the new and the old schema, that should pass if and only if all XML documents that were valid according to the old schema also will be valid according to the new one. Investigations during the first half year have shown that it is possible to do this comparison with a clever algorithm in reasonably short time, provided certain restrictions on the XML Schemas are imposed.

Agents

Questions and problems connected to the presentation aspect have been studied extensively since the early 1990's in the form of so-called Agent-Logics. Typically, this line of research is interested in matters concerning authentication of user identity and safe communication between networked users by verifying correctness of a security protocol. However, many of the proposed solutions address quite specific problems related to quite specific situations.

The bewildering variety underlying the problems addressed by the SHIP project calls for a more generic approach. It is a goal of the SHIP project to develop a logical framework for agents. Here 'agents' refer to any party in a networked communication situation, man or machine. In the initial phase of the SHIP project we have developed a language for the specification and verification of protocols which is entirely generic with respect to capabilities of the agents and the properties of the protocol.

Activities

SHIP seminar, June 3rd 2009

Wednesday, June 3, the project SHIP, Secure Heterogeneous Information Presentation, organizes a seminar in room 3137, the old lunch-room, in Høyteknologisenteret.

All are welcome.

Program

10.00-12.00 :: Lars-Helge Nettland and Andre Klingsheim from NWG: Risk analysis
12.30-13.00 :: Håvard Raddum: Cookies and Web Security
13.00-13.30 :: Paul Simon Svanberg: Common knowledge - Two approaches
13.30-14.00 :: Adrian Rutle: A Diagrammatic Formalisation of MOF-Based Modelling Languages
14.00.14.15 :: Break
14.15-14.45 :: Alessandro Rossini: Formalisation of Version Control in MDE
14.45-15.15 :: Federico Mancini: Input Validation
15.15-15.30 :: Break
15.30-16.00 :: Dag Hovland: Annotations and Input Validation in Java

Content

University of Bergen
OVERVIEW
XML
AGENTS
ACTIVITIES

 

Research Staff

Prof. Marc Bezem. Project leader

Prof. Magne Haveraaen

Assoc. Prof. Khalid Mughal

Assoc. Prof. Michal Walicki

Assoc. Prof. Uwe Wolter

 

Post Doc Fellows

Federico Mancini (Mobile security)

Anya Bagge (Program security)

Håvard Raddum (Security)

 

PhD Fellows

Dag Hovland (XML)

Paul Simon Svanberg (Agents)

 

Documents

Sluttrapport 2012 [.pdf]

Framdriftsrapport 2011 [.pdf]

Framdriftsrapport 2010 [.pdf]

Framdriftsrapport 2009 [.pdf]

Framdriftsrapport 2008 [.pdf]

Framdriftsrapport 2007 [.pdf]

Project Description [.pdf]

Project presentation [.ppt]

 

Related Activities

Assoc. Prof. Thomas Ågotnes

Diagram Predicate Framework

OWASP Content Validation using Java Annotations Project

 

Software

The SHIP Validator: Input validation in JAVA

facgrep is a grep-like program for searching in text

Implementation of a syntax-based algorithm for the inclusion problem for regular expressions.

 

What?

The SHIP-project is funded by the Norwegian Research Council and is researched at the Programming Technology Group in the Department of Informatics at the University of Bergen. The project was initiated January 2007 and will run till approximately 2010.

 

Publications

For publications related to the SHIP project, see list of publications from the Programming Theory group, or search specific author names in Frida or in Bora.

 

Last updated: March 5th 2012
Validate XHTML Validate CSS