Secure Heterogeneous Information Presentation
Secure Heterogeneous Information Presentation (SHIP) is a NFR funded research project initiated by the University of Bergen in January 2007.
Our networked society is dependent on the access to and use of information through computer networks. Their multitude and heterogeneity, one of the great advantages of these networks, also poses many technical problems and challenges. There is a growing multitude of formats and platforms, of demands and expectations, of user types and information content, of communication channels and security requirements.
This project addresses the problem of tailoring content (text, sound, images or video) to the possibilities and limitations of various platforms (terminals, PDA, mobile telephone, laptop computer, home video installation) and the preferences of the user (mute, large font or even braille, black-and-white, only the headlines, etc.). A particular concern is the situation where the information is not organized in a way matching the needs of someone seeking the information. Anyone browsing the internet will have tried to use documents that are in a “document format” that your computer does not handle properly, or in a graphical format which does not suit you or the machine you are using. The latter is often a problem for the increasing number of computers with small screens, such as mobile phones. It could also be that you are not authorized to access the information you want, typically, for some security reasons.
By the word “presentation” in the title we mean the general process of information disclosure, exchange and use. It poses problems to the user like those just mentioned, and puts serious and contradicting demands on the service providers in order to circumvent them. The user wants easily accessible information structured for her purposes and tailored for presentation in an available format. The information provider must also ensure that the information content makes sense, no matter on what platform or in what form it is presented, and that information is only disclosed to authorized users.
This broad goal is treated more concretely in two subprojects of Secure Heterogeneous Information Presentation (SHIP), one on the document format “XML” and one on reasoning systems for “Agents”. The techniques and ideas developed in these subprojects will be tested in an e-learning system deployed by the Department of Informatics, University of Bergen.
The questions and problems posed in the first section have to some extent been addressed by a document format called XML. XML has the last ten years become popular for information presentation on the Internet, and has also become the basis of several important technologies.
A major force of XML is that it can quite easily be used to define new document formats. To specify a new format using XML, you effectively specify a subset of all XML documents that are “valid”. “XML Schema” is one of several methods for specifying this. During creation of the presentation system one creates such a schema, and then a program can check that the XML documents used are valid. During use, though, there often come up issues that make it necessary to change the XML Schema. Maybe it turns out to be necessary to include more information, or information of another kind. It is then mandatory that all XML documents are checked with the new schema before being used. One of the concrete goals of this project is to ease this process by finding some reasonably fast check or comparison between the new and the old schema, that should pass if and only if all XML documents that were valid according to the old schema also will be valid according to the new one. Investigations during the first half year have shown that it is possible to do this comparison with a clever algorithm in reasonably short time, provided certain restrictions on the XML Schemas are imposed.
Questions and problems connected to the presentation aspect have been studied extensively since the early 1990's in the form of so-called Agent-Logics. Typically, this line of research is interested in matters concerning authentication of user identity and safe communication between networked users by verifying correctness of a security protocol. However, many of the proposed solutions address quite specific problems related to quite specific situations.
The bewildering variety underlying the problems addressed by the SHIP project calls for a more generic approach. It is a goal of the SHIP project to develop a logical framework for agents. Here “agents” refer to any party in a networked communication situation, man or machine. In the initial phase of the SHIP project we have developed a language for the specification and verification of protocols which is entirely generic with respect to capabilities of the agents and the properties of the protocol.