Health Support System for Elderly and … · Functional Requirements ... Support System for Elderly...
Transcript of Health Support System for Elderly and … · Functional Requirements ... Support System for Elderly...
i
Health Support System for Elderly and
Miners/Construction Workers (HSSEMW)
Yitbarek, Rahel Abraham
Zegeye, Emnetu Araya
Master Thesis 30 hp + 30 hp
Supervisor: Helena Lindgren
Examiner: Frank Drewes
April 20, 2013
Umeå University
ii
Abstract
The main aim of this thesis is to develop web based application which has a tailored
access to information through a semantic web. It begins by analyzing the problems of
privacy and security implications of healthcare technologies, Semantic Web, Resources
Description Framework, Web Ontology Language, Health Information Security and
Social media Security by following a method of literature review to grasp a better
technological backbone for developing web based health support system to two
communities of users (older adults and miners/construction workers). As a result we
propose a secured architecture and implement a prototype which is compatible to
different devices including smart phone.
The reason behind this thesis work is to address security and privacy of semantic web
users in general, older adults and miners/construction workers in particular. The need
for security in web applications has become evident with the fast growth of internet
technology. The transaction of information in the internet has raise major issues like
authentication, authorization, data integrity, confidentiality and access control. Hence,
the application will address the above issues by authenticating users to access resources
based on their assigned role. It also provides authentication service using Simple Object
Access Protocol (SOAP) web service technology. Every user has some level of security to
use the application. This ensures the privacy and security issues at some level.
iii
Acknowledgement
Foremost our deepest gratitude goes to the almighty God for giving us the strength and
knowledge to pursue our studies.
We would also like to deeply appreciate our supervisor Helena Lindgren for providing
us with continuous support and advice needed for our thesis. Her guidance helped us
throughout our thesis work. Besides our advisor, we would like to thank the members
of research group of ACKTUS specially Chunli Yan for responding to our questions
without hesitations.
Finally, our sincere thanks are for our family and friends for all the support they gave us
in every step of the way.
iv
Contents
1. Introduction ..................................................................................................................................... 1
1.1. Thesis Outline ............................................................................................................................. 2
1.2. Distribution of work ................................................................................................................... 2
2. Methodology ................................................................................................................................... 4
3. Semantic Web ................................................................................................................................. 5
3.1. Overview of the Semantic Web ............................................................................................. 5
3.2. Information Retrieval with Semantic Web ............................................................................ 6
3.3. Semantic web service ............................................................................................................ 7
3.4. Semantic Web Tools and Languages ................................................................................... 7
3.5. RDF (Resource Description Framework) ................................................................................ 8
3.6. RDF Statement ....................................................................................................................... 9
3.7. RDF Schema ......................................................................................................................... 10
3.8. OWL (Ontology Web Language) ........................................................................................... 12
3.9. Types of OWL ....................................................................................................................... 13
4. Security .......................................................................................................................................... 15
4.1. Web Threats ......................................................................................................................... 16
4.2. Existing Security Methods .................................................................................................... 17
4.3. Semantic web Security ......................................................................................................... 19
4.3.1. XML Security ........................................................................................................................ 20
4.3.2. RDF Security ......................................................................................................................... 21
4.4. Healthcare Information Security .......................................................................................... 22
4.5. Privacy and Security on Social media ................................................................................... 24
5. ACKTUS .......................................................................................................................................... 26
5.1. Purpose of ACKTUS .............................................................................................................. 26
5.2. The Technology of ACKTUS .................................................................................................. 27
5.3. ACKTUS Architecture ............................................................................................................ 27
6. Architecture Development ............................................................................................................ 29
6.1. UseCase of the System ......................................................................................................... 29
6.2. Functional Requirements ..................................................................................................... 32
6.3. Non-Functional Requirement .............................................................................................. 33
6.4. Architecture and technology ............................................................................................... 33
6.5. Ontology Development ........................................................................................................ 35
v
7. Designing Generic GUI ................................................................................................................... 41
7.1. Technology ........................................................................................................................... 41
7.2. Log in page ........................................................................................................................... 42
7.3. Administrator prototype ...................................................................................................... 43
7.4. Users .................................................................................................................................... 44
7.5. Security ................................................................................................................................ 47
7.5.1. Secure registration and Authentication .......................................................................... 47
7.5.2. Access control and data storage ...................................................................................... 48
7.6. Authentication service ......................................................................................................... 48
7.7. Mobile version of the web app ............................................................................................ 49
8. Discussion ...................................................................................................................................... 50
8.1. Technology ........................................................................................................................... 50
8.2. Authentication ..................................................................................................................... 50
8.3. Authentication Service ......................................................................................................... 51
8.4. Resources Security ............................................................................................................... 51
8.5. Graphical User Interface ...................................................................................................... 51
9. Conclusion ..................................................................................................................................... 53
10. Future Work ............................................................................................................................. 54
References ............................................................................................................................................. 55
Sample Prototype Snapshots ................................................................................................................ 61
vi
Table of Figures
Figure 1 RDF Triple Structure ___________________________________________________ 8
Figure 2 RDF Statement _______________________________________________________ 9
Figure 3 RDF Statement example ______________________________________________ 10
Figure 4 RDF example extension diagram _______________________________________ 10
Figure 5 RDFS Example ______________________________________________________ 11
Figure 6 OWL sublanguages __________________________________________________ 14
Figure 7 Web Security Threats ________________________________________________ 17
Figure 8 Semantic Web Layers ________________________________________________ 20
Figure 9 ACKTUS architecture[23] ______________________________________________ 28
Figure 10 Use Case for Older Adult _____________________________________________ 30
Figure 11 Use Case for New User ______________________________________________ 30
Figure 12 Use Case for Older Adult Expert and Miners/construction workers ___________ 31
Figure 13 Use Case for Miners/construction workers ______________________________ 31
Figure 14 Architecture of the web application ____________________________________ 34
Figure 15 Ontology Diagram for Older Adult people _______________________________ 36
Figure 16 Main Ontology Diagram for Older Adult _________________________________ 37
Figure 17 Ontology Diagram for older Adult Disease _______________________________ 38
Figure 18 Ontology Diagram for Miners/construction workers ______________________ 38
Figure 19 Main Ontology Diagram for Miners/construction workers __________________ 39
Figure 20 Ontology Diagram for Miners/construction workers Disease ________________ 40
Figure 21 Over View of the web application ______________________________________ 42
Figur 22 Login Page _________________________________________________________ 43
Figur 23 Administrator Page __________________________________________________ 43
Figur 24 Default page _______________________________________________________ 44
Figure 25 Older Adult Home page _____________________________________________ 45
Figure 26 Miners/construction workers Home page _______________________________ 46
Figure 27 Authentication service ______________________________________________ 48
Figure 28 GUI for Smart Phone ________________________________________________ 49
Figure 29 Home Page _______________________________________________________ 61
Figure 30 Older Adults Home Page _____________________________________________ 61
Figure 31 Older Adult Profile Page _____________________________________________ 62
Figure 32 Older Adult Personal Information Page _________________________________ 62
Figure 34 Password Changing Page ____________________________________________ 63
Figure 35 Registration Page __________________________________________________ 63
vii
Acronym
ACKTUS
Activity-Centered Modeling of knowledge and Interaction Tailored to
Users
AD Alzheimer Diseases
EKFV6 Efterfrågestyrd Kunskapsutveckling med Forskningsgrund Version 6
GUI Grapical User Interface
HTML HyperText Markup Language
HTTP Hypertext Transfer Protocol
IDE Integrated Development Environment
I-Node Information Node
IT Information Tecnology
JDBC Java-Based Data Access
JSF JavaServer Faces
JSP JavaServer Page
HSSEMW Health Support System for Elderly and Miners/construction workers
MD5 Message-Digest Algorithm
OWL Ontology Web Language
PC Personal Computer
PN Peripheral Neuropath
RDF Resource Description Framework
RDFS Resource Description Framework Schema
RDF M&S RDF Model and Syntax
SOAP Simple Object Access Protocol
SPARQL SPARQL Protocol and RDF Query Language
SQL Structured Query Language
URI Uniform Resource Identifier
W3C World Wide Web Consortium
WSMF Web Service Modeling Freamwork
XML Extensible Markup Language
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 1
1. Introduction
Today User modeling and personalization have wide spread use in many applications
and systems [7]. The systems contain information about users to provide personalized
access. User modeling is an integral part of any personalized information retrieval
system. The user model should be adaptable in order to capture the change in
information needs of the users [36].
Personalization attempts to increase attention or motivation of the users, explicitly or
implicitly, that the communication is designed specifically for ‘you’ [43]. As the scale of
online content grows, the ability to tailor information to the tastes and preferences of
individual users is becoming critical for maintaining a positive user experience [29].
Providing a healthcare with personalized service has been a goal when developing IT
solutions. There are various IT services which are already available and can support e.g.,
elders. However, most of them are designed without considering the individual
preferences, needs and situations of care-receivers. Services designed for the ’general’
user may not be suitable for real users. This is particularly true for both elderly and
miners/construction workers, since they may be subjected to different body and mental
limitations with respect to using services. This calls for the provisioning of personalized
services, according to the individual needs of each user.
While this personalization technology is critical for helping the user to combat the
overload of information we come across with, in many cases, we may not even realize
that the system that we use in our daily life are being tailored to our personal tastes and
preferences because of the way of the outcome delivered system [29]. So in this work,
we seek to address these challenges by making personalization more transparent.
ACKTUS (Activity-Centered Modeling of knowledge and Interaction Tailored to Users) is
a prototype system that is designed for aiding the knowledge assessment of medical and
health related knowledge in the process of decision support system development. The
objective of ACKTUS is to support collaborative knowledge building and personalization
through the use of system, and to provide tailored support for reasoning and learning
through the use of end-user applications. ACKTUS is a research project directed by the
Department of Computing Science at Umeå University. Our system will be integrated
with ACKTUS and will communicate using web service technology [1].
This thesis is carried out as part of research project, ACKTUS. It investigates the ACKTUS
user and activity model to reuse and extend, to address the problem of privacy and
security implications of healthcare technologies provide to two communities of users
(older adults and miners/construction workers).
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 2
Failure to get access to accurate healthcare information system often causes these two
communities of users (older adults and miners/construction workers) to be
unnecessarily admitted to the hospital and create unnecessary psychological tension.
Alternative channels of communication could improve precaution measures need to be
addressed before or after any kind of medical situations.
In addition to the above problem, the need for privacy and security implications of
healthcare technologies provide to the two communities of users become necessary. So
we will work towards the aim of balancing privacy and security concerns to minimize
the danger of compromising the security and privacy of these users.
The primary goal of this master thesis project is to provide a tailored access to the
secure health related information primarily to the elderly and miners/construction
workers. The purpose is to improve the authentication functionality of ACKTUS
applications, addressing security and personalization issues. Another goal is to develop
a graphical user interface for “smart phone”, which mediates authentication
functionality and when authenticated, the ACKTUS application contents associated to
the particular user.
1.1. Thesis Outline
This thesis covers the work of Yibarek Rahel and Zegey Ementu during the fall/winter of
2012-2013.The thesis is divided into the following chapters. In Chapter 1 the overview
of the project with its goals and problem description, thesis outline and distribution of
work are included. In Chapter 2 the methodology carried out for this work is covered.
Chapter 3 describes the components and technologies of Semantic Web. In Chapter 4
Security of web application, semantic web, healthcare and social network are addressed.
Chapter 5 describes an analysis of ACKTUS. In Chapter 6 architecture development,
functional requirement and non functional requirement are addressed. Chapter 7
describes the implementation of prototype generated for the web application. Chapter
8, Chapter 9 and Chapter 10 covers discussions, conclusion and future work
respectively.
1.2. Distribution of work
To create a common point of view, we have outlined and worked on the background,
scope, problem description and methodology of the thesis together to evade any
possible confusion between us. When we began the analysis phases which are chapter 3
& 4, we planned to divide the upcoming work like semantic web and RDF from chapter 3
and health information security and social media security in chapter 4. The distribution
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 3
of tasks from chapter 3 were assigned in such a way that Emnetu took the
responsibility to work on section 3.1 to 3.4 and Rahel took section 3.5 to 3.7 where the
rest of the section; ontology web language(OWL) and types of OWL for this chapter was
done collaboratively.
In chapter 4 most of the section was carried out together. But section 4.4 health
information securities was written by Rahel and section 4.5 privacy and security in
social media was done by Emnetu. The rest of the chapters were carried out by both of
us in which issues concerning our target users (elderly and miners/construction
workers) was divided as miners/construction workers and elderly people. Emnetu
focused on things related to miners/construction workers and Rahel emphasized on
elderly people.
In order to avoid further technology compatibility problems we choose technologies for
the design and implementation of the application together and then we worked
individually in producing the sketch of the design for the web application. After
commenting in each of the proposed design, we made a design solution for the web
application collaboratively. At last we decided to implement separately each modules;
elderly people module and miners/construction worker module. So, based on the
discussion we had, Emnetu go through with the module of Miners/Construction worker
and Rahel has implemented the elderly people module.
Finally, the java project that was developed individually was then reevaluated by us and
we have integrated each module into one java project. The combined final java project is
at last deployed in the computer science department server (https://itchy.cs.umu.se).
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 4
2. Methodology
In this project work, a combination of methods has been used because of the nature of
our investigation requires multiple methods to get them answered. Combining methods
offers a great promise on flexibility of the research and draw strengths from multiple
methods [13].
The methodology behind deriving the final output architecture begins by outlining the
theory underlying the issues of personalization, user modeling and security provided to
older adult and miners/construction workers, review the backbone technology and
study of related existing architecture. The main intention is to know what kinds of
application are delivered to these two comminute of users and to identify technological
or application limitation so that we can develop architecture that resolve these issues.
In order to create bare for development, previous works related to personalization and
security issues was reviewed. Existing applications and comparison of improvements
on the existing applications and ACKTUS was done in order to propose suitable software
architecture. This was done by literature study of related work. In addition, we reuse
and extend ACKTUS activity models to include useful information for security purposes.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 5
3. Semantic Web
As the tremendous growth of Internet, leading the web to be more essential than ever
with its new web applications and sites appearing with surprising reliability letting
humans directly cooperate and communicate with each other. The computer became
only a communication environment without “understanding” the knowledge people
shared about real life through web pages that could be easily accessed from anywhere.
The result was an amount of knowledge stored in a hectic and unstructured way [45].
The machines are “unschooled”; they don’t know what to do with all the data. So most of
the information’s remain unusable; they do not know how to distinguish an image from
a video file or to make connections between data. This is when the questions like, how
reality can be modeled from the perspective of computer and web expansion? And how
knowledge can be represented in way that computers can also “understand” it? came to
picture [45]. As result to these critical questions the concept of Semantic Web came to
existence. In which the idea was propagate by the World Wide Web Consortium (W3C),
an international standardization body for the Web.
The Semantic Web is” an extension of the current Web in which information is given well-
defined meaning, better enabling computers and people to work in cooperation[6, pp36]".
It is also highly intelligent and sophisticated web technology that needs less human
intervention to perform tasks such as scheduling appointment, coordinating activities,
searching for complex documents as well as integrating disparate databases and
information system. While going through these developments of semantic web, current
technologies such as ontology matching, intelligent agents and markup languages are
making contributions [33].
Semantic web has brought benefits to the current web technology by using machine
understandable language. “it is the idea of having data on the web defined and linked in a
way that it can be used for more effective discovery, automation , integration and reuse
across various applications …,data can be share and processed by automated tools as well
as by people ”[47, pp1][56].
3.1. Overview of the Semantic Web
The reason for the development of semantic web technology is to make the machines
achieve understanding the semantics of the information presented on the Web so that
the machines are able to “read” and “understand” the resources on the Web as a human
being does. The precise representation of the semantics underlying resources, programs
and all type of information related Web resources will enable a knowledge-based Web
that provides a qualitatively new intensity of service and a new technique of processing
resources. As a result, it will have greater impact for computing systems and
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 6
computerized services to improve in their ability and capability to assist humans in
achieving their goals by “Understanding” more of the information presented on the Web,
and thus providing more accurate filtering, categorizing, and searching of these
information sources available on the Web.
This development process will ultimately lead to an extremely knowledgeable system
that can be summarized as Lee stated; “The first step is putting data on the Web in a form
that machines can naturally understand, or converting it to that form. This creates what I
call a Semantic Web - a Web of data that can be processed directly or indirectly by
machines”[21,pp9].
To make sure that different mediator have a common understanding of resources on the
web, we need ontologies in which resources are described, and thus create a mutual
terminology between the mediators. Basically, Web ontology is a collection of definitions
of concepts and the shared understanding that all mediators interpret the concepts with
respect to the same ontology. The resources represented using onologies are not
interpreted for a specific system; however the representation relies on some shared
standards which make it possible to be recognized by different computer systems or
humans beings in the same way [21].
3.2. Information Retrieval with Semantic Web
Information Retrieval studies the problem of finding a set of documents that are
relevant for a specific information need of a user [53]. It has been central to the success
of the Web. Nowadays, there are different information retrieval technologies in the web.
For example Google and other companies’ web based indexing and search systems have
profoundly changed the way of retrieval of information from the web [51]. One of the
premises of the Semantic Web is that it provides the means to use metadata that help
determining which documents are relevant. In order to retrieve information for
semantic document or text documents that have semantic web annotations, the
semantic web technologies have to be compatible with web search engines and
information retrieval technology [53].
Semantic search has been one of the major foreseen benefits of the Semantic Web.
Various approaches to search associated with the area of Semantic Web exist. Diverse
techniques are employed addressing a variety of problems. However, the notion of
information retrieval in the context of Semantic Web seems to be rather diffuse [53].
One way to view a semantic search engine is as a tool that gets formal ontology-based
queries from a client, executes them against a knowledge base, and returns values that
satisfy the query [51].
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 7
The semantic web is much like the current web, but the documents in semantic web are
full of annotation which is in a machine understandable markup. These annotations will
provide metadata about the documents. The annotations also provide machine
interpretable statements which captures some of the document’s content [51].
3.3. Semantic web service
Web Services technologies are technologies working towards an environment where
organizations can make some other abilities accessible via the Internet. Semantic Web
Service is like a conventional web services which is used for machine-to-machine
interaction via the World Wide Web. Semantic services are one component of the
semantic web as they use markup which is suitable to be read by machine. Semantic
Web services merge Web services communication technology with the intelligent
processing of ontology-based metadata to attain highly integrated enterprise application
integration scenarios, for service look-up, schema matching, or protocol negotiation
[12]. When we compare with human-readable HTML, which is not understood by
computer program, this markup makes data-readable in a detailed and sophisticated
way.
One goal of Semantic Web Services is to bring about a computational machine readable
representation of the service, in terms of the value it provides. This is referred to as the
service description. Usually, a service description will describe an abstract service, in
which case it can be referred to as an abstract service description [12] .Semantic web
services are used for combining data and services from different sources without losing
their meaning.
3.4. Semantic Web Tools and Languages
Semantic Web languages such as extended markup language (XML), resources
description language (RDF), RDF schema (RDFS), ontology web language (OWL) [8] are
languages created by World Wide Web Consortium (W3C) which are used to organize,
integrate and navigate the Web and allow resources to be linked and grouped in a logical
and relevant manner. All of these languages are oriented to create Semantic Web. They
are also structured languages where with this feature they can carry on meaning as well
as providing structure to the documents. Even though they have different characteristics
compared to each other, the main aim behind them is to advance and sustain the
Semantic Web model.
Semantic web languages need to be convenient not only for human but also for the
machines. That is these kinds of languages must describe meaning in a machine readable
format. Therefore, the languages should include the ability to formally define the
vocabulary in addition to the ability to specify a vocabulary so that it can be used in
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 8
automated reasoning [28]. For this reason, Semantic web languages are highly
influenced by Artificial Intelligence which is knowledge representation. However, the
syntaxes of Semantic Web languages are based on the current standards such as HTML
or XML unlike the knowledge representation in order to meet the requirement of the
web. Thus the integration with other web technologies is possible [28]. The other main
difference from the knowledge representation is the semantic web language must allow
for the definition of various, and potentially conflicting vocabularies since the web is
widely decentralized.
3.5. RDF (Resource Description Framework)
RDF Is a framework for describing resources stored in various locations designed to be
read and understood by computers, not necessarily by people. It basically uses XML
syntax but has support to express semantics [8]. The intention of RDF is to give a
standard way of specifying data "about" something. It has a benefit of giving a structured
approach to design an XML documents, facilitate a quickly recognition of the flaw and
inconsistencies of non-RDF-compliant XML designs, enhanced understanding of our data
and placement of this data for the Semantic Web [20]. RDF has received widespread
acceptance as its documents are built using XML [8].
RDF is used as an essential data model with a basic building block of an object-attribute-
value triple, called a statement (Figure 1 RDF Triple Structure). Every RDF statement
(Figure 2 RDF Statement) is described in terms of these triples (subject, predicate, and
object). As most other resources on the Web, all components of a statement are uniquely
identified using a uniform resource identifier (URI).
Figure 1 RDF Triple Structure
Resources could be an HTML or XML documents that are accessible by an URI on the
web and can be described using RDF statements.
A property defines a relation between resource and an atomic value.
A value can be either a simple character or a resource.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 9
In general RDF statement specifies a value for a property of a resource [29], [20].
Figure 2 RDF Statement
In addition, RDF also lets users express resources using their own vocabularies. It does
not make assumptions about any particular application domain, nor does it define the
semantics of any domain. Is it up to the user to do so in RDF Schema (RDFS).RDFS is an
extension of RDF that defines the vocabulary used in RDF data models. In RDFS we can
define the vocabulary, specify which properties apply to which kinds of objects and what
values they can take, and describe the relationships between objects [20].
The most commonly used query language for RDF is SPARQL. SPARQL is based on graph
pattern matching. A pattern basically is a graph template formulated by using variables
in subject, predicate or objects positions. The values obtained during graph pattern
matching can be used again to create valid RDF which may but needs not be different
from the input graph. Hence, SPARQL is a powerful mechanism for information
extraction and reuse [42].
3.6. RDF Statement
In order to represent metadata in XML, RDF provides a standard form called Statement
as it was described in the previous section. The RDF data model consists of three triple
object types; resources, properties and values. These three individual parts of a
statement are called the subject, the predicate, and the object of that statement
respectively [39]:
Resources: All things being described by RDF expressions are called resources.
A resource could be an entire web document, large collection of web
documents or a part of a Web page.
Properties: is a specific facet, characteristic, attribute, or relation used to
describe a resource. Each property has a specific meaning, defines its
permitted values, the types of resources it can describe, and its relationship
with other properties.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 10
Values: is a specific resource jointly with a named property and the value of
that property for that resource is defined as an RDF value.
In RDF, resources are represented in URIs. The subject of RDF statements should be a
resource so that any statement written in English could be returned into an RDF. For
example if we have a statement “This article is authorized by Hailu”. This is called a
statement in RDF and has three parts: a subject (this article), and predicate (is
authorized by) and an object (Hailu).
Figure 3 RDF Statement example
Figure 3 RDF Statement shows the common graph representation of RDF statements,
introduced in the RDF Model and Syntax 1.0 Recommendation (RDF M&S). Note that the
object is a string: "Hailu. This is called a literal in RDF, but an object could also be a
resource [52]. Take a look at Figure 4 RDF example extension diagram:
Figure 4 RDF example extension diagram
Figure 4 RDF example extension diagram depicts several RDF statements combined into
a single diagram. RDF defines a directed graph of statements that describe Web-based
resources. As in the diagram the literal or Object (Hailu), in the original statement is
replaced with a URI representing this person, which in turn is the subject of several
more statements. Such a collection of RDF statements is called a model in RDF. The
ability of extension a graph makes RDF simple and powerful and the graph is effective in
representing information. RDF allows many basic statements to be integrated so that
machine agents can apply the well-tested graph traversal techniques to glean data. The
back ends of such triples have been shown to be scalable to several triples [52].
3.7. RDF Schema
RDF Schema is abbreviated as RDFS, RDF(S), RDF-S or RDF/S is a set of classes with
certain properties using the RDF extensible knowledge representation language and
provides basic elements for the description of ontologies. It also extends definitions for
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 11
some of the elements of RDF. Using the RDFs vocabulary we can set the domain and
range of properties and relates the RDF classes and properties into taxonomies [52]
[20].
RDFS is a language layered on top of the RDF language. This layered approach has been
described by the W3C organization and Tim Berners-Lee as the “Semantic Web Stack” of
layers of different languages or concepts all related to each other [52]. The base layer of
RDFS is the theory of URI and a universal character set (Unicode). On top of those
theories, the XML Syntax is covered and namespaces to evade vocabulary conflicts. The
layers above XML are the triple-based assertions of the RDF model and syntax discussed
in the previous section. If a triple statement is used to signify a resources, property, and
value, it will be promising to create resource hierarchies for the categorization and
explanation of different resources. Which explain the main aim of RDF Schema [20].
As we described above, RDF is a way of describing information on the web and RDFS
adds information in the form of classes and subclasses. It also shows the relationship
between the classes. Let us take an example of RDF and RDFS layers [14].
Statement: Adam stays in Umea.
The schema for this statement will contain the following classes and properties
Figure 5 RDFS Example
In the Figure 5 RDFS Exampleabove the statement is mapped to a schema which contains
different classes such as “Citizen” and “Country”. The classes have their own subclasses.
For example, “Voting citizen” and “non-voting citizen” are subclass of Citizen and the
class Country has subclasses “states” which in turn has subclass “City” and “Town”. The
rectangle in the diagram represents properties; ellipse in the RDFS layer and RDF layer
represents classes and instances respectively.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 12
So from the above diagram, we can see that Adam is a type of voting citizen and Umea is
a type of a city. One can infer that relationship between the subject (Adam) and object
(Umea) is “resides in”. That is, Adam resides in Umea. Thus, RDFS expresses vocabulary
in the form of classes and properties.
3.8. OWL (Ontology Web Language)
OWL is standardize ontology language designed for distributing, broaden and sharing
ontologies through the Semantic Web and used to capture the knowledge in a machine
understandable way. It is developed as a vocabulary extension of the formerly
developed RDF [19] [29]. OWL makes an open world assumption [19], that is,
descriptions of resources are not bounded to a single file or scope. While a resource may
be defined initially in the ontology, it can also be extended in other ontologies. The
consequences of these additional schemes about this resource are not reversible.
OWL has a purpose of developing ontologies that are compatible with the World Wide
Web. OWL builds on RDF and RDF Schema, and uses RDF's XML syntax. It gathers
information into ontologies, from normally stored Web documents written in RDF/XML.
It supports expressive statements in a manner that allow scalability [19].
Since OWL is the latest Ontology language, it should be compatible with previous
features of ontology language. There was already several ontology languages designed
for use in the web by the time OWL appear. OWL has various desirable features while
still retaining sufficient compatibility with the existing ontology languages [29]. In
particular, OWL has a capability to unambiguously represent the exact semantics of
classes within some domain and the relationships between those classes and/or
instances. Because OWL expected to provide structured vocabularies that clarify the
relationship among different objects or individuals, allowing machine and humans to
interpret their meaning without unambiguity [29].
Ontology and ontology- based mark-up language could be used in e-commerce where
they can facilitate communication by providing common vocabularies, web and grid
service. They can also help to get rich service description in order to locate suitable
services and search engine where they can help to obtain semantically the same page
even though they are different syntactically. To be able to have these features, OWL
needs to use and extend RDF and others previous technologies in an important ways
[29]. OWL has more services for expressing meaning and semantics than XML, RDF, and
RDF-S, and thus OWL goes beyond these languages in its capability to represent machine
interpretable content on the Web [19].
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 13
3.9. Types of OWL
OWL has three different sublanguages; OWL Lite, OWL DL and OWL Full, each move
toward fulfilling different aspects of requirements (Figure 3).These three sublanguages
are described based on their ability of expressiveness increasingly designed for different
users in specific communities [19]:
OWL Lite: is a sublanguage which is both easier to grasp and implement with
more restricted expressivity limits than OWL DL. OWL Lite is targeted for users
only those who need simple constraint features and classification hierarchies. For
example, even though OWL Lite supports cardinality constraints the cardinality
values are restricted. For such constraints only the values 0 and 1 is allowed. It is
much simpler to provide tool support for OWL Lite than it is for its more
expressive relatives. This will allow easy migration to OWL Lite from different
ontology languages.
OWL DL: is a sublanguage of OWL Full which limits the way in which the
constructors from OWL and RDF can be used. It has a benefit of allowing efficient
reasoning support even if it loses full compatibility with RDF. OWL DL supports
users who want a maximum expressiveness without the lack of computational
completeness and decidability of reasoning systems. OWL DL includes all OWL
language constructs with restrictions such as type separation enabling to create
distinct definitions. It is named as OWL DL because of its correspondence to
Description Logic, a field of research that has studied a decidable fragment of first
order logic. OWL DL was designed so that it has desirable computational
properties for reasoning systems.
OWL FULL: is the entire language with an advantage of fully upward compatible
with RDF, both syntactically and semantically. Any legal RDF document is also a
legal OWL Full document, and any valid RDF/RDF Schema conclusion is also a
valid OWL Full conclusion. OWL Full is targeted for users who want maximum
expressiveness and the syntactic freedom of RDF with no computational
guarantees. Decidability and completeness properties have not been restricted as
it is in OWL DL. Type separation is not as strict as it is in OWL DL.OWL Full allows
an ontology to incorporate the meaning of a pre-defined (RDF or OWL)
vocabulary. It is unlikely that any reasoning software will be able to support
every feature supported by OWL Full.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 14
Figure 6 OWL sublanguages
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 15
4. Security
Nowadays the development of information system technologies has resulted in
automating several applications in various health areas. The surface of health care is
changing as many technologies are currently being adopted and being incorporated into
the existing infrastructure. The combination of these technologies will improve the
quality of health care by making it more personalized and reduces medical errors.
While there are benefits to technologies, related privacy and security issues need to be
analyzed in order to endorse and maintain fundamental medical ethical principles and
social expectations [34]. Information has become an essential resource in many
organization especially data in health areas are very sensitive. Therefore, it is very
important to efficiently access, share the data and extract information from the data [8].
These issues include access rights to data, how and when data is stored, security of data
transfer, data analysis rights, and the governing policies. While there are current
regulations for medical data, these must be reevaluated as an adoption of new
technology changes how health care delivery is done.
As described above, even if making use of information has become very significant,
extracting secured information in the form of pattern and trends has also become
important. Security and privacy are more than just user privileges and password
enforcement. It is a multidimensional business authoritative; especially for platforms
that are responsible for user’s data [44].
One of our main focuses on this paper is security, concerning the semantic web. While
the current ACKTUS system facilitates the integration of information from the syntactic
point of view using the current web technologies, there is still a lot to be done to
integrate various issues and security. That is, the current ACKTUS system is accessible
through the web where players in different domain contribute with their experience,
knowledge and skill [1]. In the meantime the system architecture that we are going to
develop will have a communication with ACKTUS data source, sesame repository.
However, it is also very important that ACKTUS is secure. Since our main technology will
be the semantic web, we are going to investigate and research on the components that
constitute the semantic web. The components include, XML, RDF and Ontologies. The
components have to be integrated securely. To do all this, we critically need standards
for securing the semantic web such as specification for secure XML, secure RDF and
secure interoperability [8].
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 16
4.1. Web Threats
Over the last few years, the web has transformed from being a compilation of pages
containing static information to a dynamic and fully interactive platform. A Web
application is an application that is defined theoretically as a series of dynamic web
documents in a standard format which is accessed over the internet communication
protocol and built using web technologies. The web application environment has been
very successful in providing prosperous interfaces and performance. However the
Internet and Web Browsers have faced tremendous web threats.
Information security while communicating in the intranet is crucial because of several
factors, including the massive interconnection of heterogeneous system, the availability
of various sensitive information while communicating across different enterprises and
easy distribution of automated malicious software. It is easy to commit crime from any
geographic boundaries on the web and the lack of forensic evidence in computer crime
makes the detection of the criminals extremely difficult [26].
Phishing: One of the web threats is phishing, which attempts to acquire information
such as user name, password and credit card information by hiding trustworthy entity
while performing communication in the web. This threat is usually sent infected email
link with malware [18]. The term refers to attacks where the victim is led to believe that
he/she is on a legitimate website. The attack relies on the fact that anyone can create a
website and anyone can provide a copy of the real one. This type of threats has been
attacking different company’s information system like in banks transactions. Phishing is
also known in targeting to attack companies email websites (Webmail), public email
website like Yahoo and popular website provider like eBay, amazon and Tradera [18].
Phishing is typically attacks while we are communicating through instant message or
email spoofing. So there are various ways of prevention methods to this attack. Users
can identify phishing website by looking at the URL and never follow links by email but
type them in or use bookmark. These methods make it harder for the attacker even if it
is not a complete solution [18].
Web browser exploits: Web browsers are the mediator applications between a user
and the World Wide Web (www) that are used to deliver information to the
users. With their wide usage and growing recognition of web browsers, it has become
one of the major targets for exploitation for the unauthorized users. Understanding of
browser vulnerability requires the knowledge of architectural design of browsers. Web
browser exploits lets cybercriminals to set up websites that exploit security holes in the
web browser. This threats permits cybercriminals to gain access without the casualty
acquaintance and also allow individuals to remotely compromise that user account,
access to private emails, sensitive documents and anything else that the user operating
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 17
the web browser has access to. Bandwidth monitoring is used as basic methods used to
detect Web browser exploits and unwanted web traffics [18].
There are also multiple threats related with a web like Downloads, Third party add-ons
and Hybrid attack web threats. Third party add-ons are web threat that attacks users
while they are using web browser. The majority of websites requires Adobe Flash player
and Acrobat Reader from a third party add-ons. These products are widely used by users
at the same time they become a favorite target of cybercriminals. Many people forget to
update third party add-ons like the Flash player. As a result of this a number of malware
exploit the PDF file format, Adobe Acrobat, Flash and the users are pushed to other
website that have been compromised. Hybrid attack is a threat occurs while using the
net. This type of web threats are a combinations of multiply threats and the risk that the
user becomes a willing prey is very high. In addition to this some attackers still rely on
end users while downloading executable files. The attackers used a variety of techniques
to exploit user’s tendency to trust content based on reputation and the user convince to
visit wrong sits, search results and download executable files[18].
Figure 7 Web Security Threats
4.2. Existing Security Methods
As described in the previous section the growths of the web raise tremendous threats
with the aspect of security. Thus, web applications face a variety of new and unique
threats and become more exposed to un-trusted user. One method for preventing these
types of attacks is web application security methods. There are several techniques for
solving security challenges and vulnerabilities exist within each component of web
based architecture. These techniques attempts to implement web application security
methods, both implicitly and explicitly where these methods specify the behavior or
structure of the web application. Some of the existing techniques such as public-key
infrastructure (PKIs) provide encryption mechanism for ensuring information
Web Security Threats
Phishing
Web browser exploits
Third party add-ons,
Downloads, Hybrid attack
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 18
confidentiality, digital signature techniques for authentication and data integrity [14]
[26] and Message-Digest Algorithm (MD5). MD5 is a cryptographic function technology
that is used to encrypt some sensitive profile information of the user in the Postgre SQL
database [46].In this section we describe digital signature and MD5 security method
impact on the web further.
Digital signature is collection of sequences of zeroes and ones in which the signature
must be a bit pattern that depends on the message being signed. The signature uses
some information that is unique to the sender to prevent unauthorized accesses to the
information [14]. To verify that the received document is certainly from the valid
sender and that the contents have not been misused, several procedures, called
authentication techniques, have been developed. However, message authentication
techniques cannot be directly used as digital signatures due to inadequacies of
authentication techniques. Digital signatures are performed based on the documents
that need to be signed and on some private information held only by the sender. The
main purpose of using digital signature is to provide authenticity that is the signee is the
genuine creator of the document, integrity and non-repudiation (the person who signed
will not claim). Thus digital signature guarantees content of a message will not be
altered during the process [14].
MD5 is cryptographic hash function that takes a message of arbitrary length as input
and produces as output a 128 bit fingerprint or message digest of the input message. it
is mostly used in a variety of security applications and commonly used to check data
integrity and message digest in digital signature scheme [40].It is proposed where a
large file must be compresses in a secure manner before being encrypted with a private
key under a public-key cryptosystem and for verification that data have not been altered
since the signature was published. In MD5 it is computationally infeasible to produces
two messages having the same message digest. The MD5 algorithm is designed to be
quite fast on 32-bit machines [46] [40].
MD5 algorithm can be used as a one-way encryption which has a greater advantage for
securing databases. The most important properties of the MD5 algorithm for database
is that it is difficult to revert back an encrypted data to the initial, plain-text input which
are stored in the database and any given input always maps to the same encrypted
value. This ensures that the data stored on the database cannot be interpreted by
anyone. This way, even if an attacker gains reading permission to the database, since the
data on the database are encrypted it will not be useful for the attacker. The furthermost
benefit of MD5 is its speed and ease of use. But still MD5 does have some flaws in a way
that when it is used as security method for protecting password, the password have to
be strong, if not a brute force attack can still reveal the password even if it is encrypted
using MD5 [46].
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 19
4.3. Semantic web Security
In this section we first explain an overview of security for the semantic web, show the architecture of semantic web layers diagram as it was specified by Tim Berners Lee and then discuss security issues on the components of the secured semantic web. For the semantic web to be secure we need to ensure that all layers of the semantic web are also secure. We have chosen to describe here some of the layers from the architecture like XML/XML schema and RDF/RDF schema.
Resources and services on the web need to be secured from unauthorized access and
software agents accessing online resources in place of a user. So a wide range of security
related issues, such as authentication, access control, confidentiality, data integrity and
privacy are important for secured web resource access. Currently, low level security,
digital signature mechanism and others provide security infrastructure for web-based
interactions [29]. However, there is still a big security hole on securing the semantic web
using these mechanisms. We need to do more other than these security methods so that
the information on the web can be managed, integrated and exchanged securely.
Security for the semantic web is securing RDF and OWL which are components of the
semantic web. RDF is the foundation of semantic web [8] and with it we need to ensure
that security is preserved at the semantic level. We know that XML is the best in
exchanging information through the web but it only provides a limited interoperability.
Information is everywhere on the web and are essentially data that makes sense.
Ontologies are playing a major role in information integration on the web. OWL is
suitable for semantic web because it describes ontologies and provides interoperability
across applications [30]. That is, ontologies may have security levels attached to them as
certain parts of the ontologies could be secret while the other parts may be unclassified
or not. Ontologies include not just a fixed property, role but any properties and
constraints expressed in semantic language [8].
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 20
Figure 8 Semantic Web Layers
4.3.1. XML Security
Tim Berners Lee has specified different layers for the semantic web. One of the layers is
XML. XML is a language used for representing data in a structural way in which it
describes what is in the document, not what the documents looks like, while XML
Schema provides syntax for legal XML documents and essentially describe the structure
of the XML documents which have graph structures [8]. XML is a markup language that
pursues certain rules and if all documents are marked-up using XML then there is
uniform illustration and appearance of documents. Without some form of common
representation of documents, it is unfeasible to have any type of meaningful
communication on the web. Both XML and XML schemas are the invention of Tim
Berners Lee and the W3C [8].
As we describe in the above paragraph, for the semantic web to be secure we need to
secure all the layers including the XML layer. Mainly the security standards presented
for XML data security utilize the syntax and structure of the XML data to provide diverse
security services, such as access control, encryption and define security policies. Access
control security standard in XML document specify that the author of a document can
specify which user is authorized to perform what action on what resource.
it also specify conditions and obligations that have to be followed for accessing that
resources[30] There have been also some efforts in adapting data exchange formats and
protocols related to security in semantic web like XML digital signatures. These are used
for authentication of users while they are trying to access for a specific resources.
Even if XML is the best exchange format on the web, it only provides limited
interoperability and scalability when we compare with the other semantic web language
such as RDF, RDF-S and OWL. These semantic languages have better interoperability
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 21
across web applications. XML focuses only on documents which have different
interpretation at different sites and this is a major issue for integrating information on
the web. To overcome this W3c provide other language like RDF which will be discussed
on next section [8].
4.3.2. RDF Security
The semantic layer next to XML and XML schema is the RDF and RDF schema layer. As
we described in chapter 3, RDF is a method for representing, exchanging and reusing of
resources [20]. RDF uses URIs to identify web resources and uses a graph model to
describe the relationship between resources. RDF Schema is a simple mock-up language
that pioneer classes of resources, properties and relations among them [20].RDF is the
foundations of the semantics, while XML is limited in providing machine understandable
documents. RDF has a support to express semantic than XML by providing semantic
information in a standard way on notations and syntax of XML. Thus, RDF handles the
XML limitation by providing better interoperability as well as searching and cataloging
[20] [9].
In order to make the semantic web secure, we need to ensure that the RDF documents
are secured. This could include securing XML from a syntactic point of view since RDF
uses XML syntax. However with RDF we also need to confirm that the security is
preserved at the semantic level. This issue includes the security implication of RDF
statement (resource, properties and value or object). That is, how an access control is
ensured and protects the RDF statement. We need to see that how one can provide
access control at finer grain of granularity [9].
Security policies in RDF are articulated in the form of RDF policy patterns which plot to
groups of RDF data. Security labels are generated for mapped RDF triples from the
patterns to generate a secure materialized view of RDF data. The labels are also
consistent and complete such that each RDF data item is assigned one and only one
security label. Utilizing these mappings, the RDF authorizations then can be used to
generate access control permissions for the mapped XML resources [4].
Policy based access control model is also one of the security method for RDF. The
method provides control over the different action modes possible on the RDF like
inserting a set of triples, deleting a triple, and querying. Even though this security
method is useful it also have drawbacks like, the security policy consists of RDF patterns
defining the RDF triples which can be accessed and also it does not scale to large RDF
datasets since the number of security rules becomes quickly unnecessary and this
method also don’t include an administration mode specifying how the security policy
can be updated [4].
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 22
After securing XML and RDF, next thing is to examine security for ontology and
interoperation. That implies, security levels may have been attached to the web ontology
language. According to the W3C, OWL is a language for defining structured Web-based
ontologies that enable richer integration and interoperability of data across application
boundaries [19].
4.4. Healthcare Information Security
The emergence of internet technologies has transformed the health care sectors to
experience an architectural shift in the enablement of healthcare services through
internet and mobile technologies. For example, remote health monitoring, online
consultation, e-prescription, e-clinical trials, patient information access and asset
tracking among others. In the healthcare sector, it is often necessary to share data across
organizational boundaries to support the larger interests of multiple stakeholders as
well as agencies involved with public health. However, such web-enabled and mobile-
based services open an intact scale of security risks and complex privacy problem.
Privacy is viewed as a key leading principle of the patient–physician relationship.
Patients are required to share information with their physicians to facilitate correct
diagnosis and treatment, and to avoid undesirable drug prescription. Over time, a
patient’s medical records build up significant personal information including
identification, history of medical diagnosis, medical images, treatments, medication
history, nutritional habits, genetic information, psychological profiles, employment
history, income and physicians’ subjective assessments of personality and mental state.
As personal health information is digitized, transmitted and quarried for effective care
stipulation, new threats to patients’ privacy are becoming obvious [35].
Current healthcare systems are enormous networked systems managing patient data
with a massive amount of users accessing health data for various contextual purposes
within and across organizational boundaries. Managing information security risks for
this complex healthcare system process will require investments in organizational
resources and multipronged approaches. Recent policy-based studies generally classify
privacy threats, or source of information security, into two areas [2]:
Organizational Threats are threats arise from either from an unauthorized
accesses of data by employee or an outside attacker (hacker) that break into an
organization’s information infrastructure to steal data or take advantage of a
vulnerability of the information systems.
Systemic threats are threats arise from people who are in the information flow
chain and are authorized to access patient information. These threats occur
while patient private information been used beyond its intended use.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 23
According to these recent policy based studies organizational threats has been again
broadly categorized into five levels, listed in increasing order of sophistication [2]
Accidental disclosure: accidental reveal of patient’s information by healthcare
personnel to others (“e.g., e-mail message sent to wrong address or inadvertent
web-posting of sensitive data”).
Insider curiosity: reveling of patient’s private information by authorized
personnel out of inquisitiveness or personal purpose (“e.g., nurse accessing
information about a fellow employee to determine possibility of a sexually
transmitted disease or medical personnel accessing potentially embarrassing
health information about a celebrity and transmitting it to the media”).
Data breach by insider: access of patient information by personnel with the
aim of passing on the information to outsider for financial purpose or
vengeance.
Data breach by outsider with physical intrusion: receiving of private patient
information by outsider going to the facility and forcing to gain access to the
system.
Unauthorized intrusion of network system: Intruding of organization’s
network either by the outsider or previous employees, patients, or hackers to
achieve access to patient information.
Access to medical data is vital to many stakeholders within the healthcare domain to
perform their employment in everyday circumstances, but heavily raises the potential of
having privacy and security at risk. For that reason different security measures to secure
both organizational threats and systematic security threats have been suggested and
exercised in different organization currently. Regarding of controlling the access to
private patients healthcare information, security solution like RSA security, hierarchical
roles, individuals delegation of permission and resources [50] are being used.
RSA security “is a security solution that helps organizations detect and investigate threats
that are often missed by other security tools. By combining, big data security collection,
management, and analytics capabilities with full network, log-based visibility and
automated threat [50]” this type of security solution is used to provide organizations
with the situational knowledge required to deal with their most critical security issues.
This security solution support to avoid organizational threats by making a contribution
on showing enterprise-wide visibility into network traffic and log event data, which lead
the organization to have an inclusive view of their IT environment, enabling to
prioritize threats quickly, investigate them, make quick decisions to pass security
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 24
protection action[11]. On the other hand hierarchical role security solution is used to
address the delegation of role base security right or denial by grouping the users [2].
4.5. Privacy and Security on Social media
Social networking sites on the web introduce mediated-communications into
relationships development process among people [48]. It is a set of relationship that
organizes social websites to exchange interpersonal information and connect individual
together over the web. Today we have different controlling mechanisms for the
exchange of interpersonal information on the social networking sites such as text
messaging, instant message programs, online role playing -game, computer-supported
collaborative work and online education.
These applications enable individuals to communicate with one another but current
known social networks limits themselves only to relationships with account on a single
site. This shows us the current social web needs to extend across the entire web. Just as
people can call without boundaries irrespective of which telephone provider belong to,
one can send email irrespective of his/her email provider. So people should create
networks of relationship using social web while preserving their privacy and data [55].
The question here is how these security issues will be handled in the social media.
One of the major problems in social media experience by end user is lack of privacy.
There is no full right for individuals to control what information stay inside privately
and what leaks to the outside [48]. A user cannot manage how their information is
viewed by others in different context on various social applications or even on the same
social networking sites [55].This raises privacy issues. People want to have a means of
controlling over their data and to communicate in a way they want.
Privacy can be viewed from different perspectives and it is a complex topic. We can
consider privacy as control over accessibility of social information in general.
Individuals sharing information and fraternity pledging photo with their friends on
social network sites probably do not expect these posted information are used as
evidence to reprimand to the individual behavior [48]. Most users are not aware of their
privacy in social network sites, they do not stop data leaking which may give users data
to other companies or even for governments without permission of the user. Public key
encryption could be one solution to keep data private [55].
There are also challenges in the health care setting while using social networking sites
like FaceBook and Twitter. Health care organization requires to specify what types of
personal information must be kept private. Today more employees are using social
network sites, at the same time the danger of confidential information becoming public
increases. For example, if an employee posts some patient record in social network sites,
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 25
it will lead to the violation of Health care privacy of data rules. Employees using social
networking sites are vulnerable to identity theft as well as to possibility of security
violation via inference to the patient private records.
Attributes of personal information such as a person’s social security number, street
address, phone number, financial information or confidential information is not
recommended to be published online for security purpose. Posting sensitive data in the
social network could lead to an organization’s breach of confidentiality or an individual’s
breach of privacy. Any social network user should not share confidential information.
He/she should only post information that he/she is comfortable with [48].
In addition, HTTPS Encryption is used as a mechanism of protecting private information
in the social media. It is stated to be one of the social security solutions which are used
by many social networking sites such as Google+ and Twitter. This method is used to
guarantee that communications between individuals or entities remain secure and
invisible to unwanted third parties [49].
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 26
5. ACKTUS
Web-based applications have users with different education level, learning styles,
interests, surroundings and preferences regarding information presentation over the
Internet [27]. This has been the reason to research on interfaces that can be designed to
recognize the motives and uniqueness of the user and adapt accordingly. In order to
achieve adaptability of personalized information, it is important to observe the user’s
behavior, and make predictions based on those observations. The information
pertaining to individual user obtained from such observations is known as a user model
[27]. Application for healthcare domain service with customized environment according
to the user’s preference is fundamental.
In this paper we will utilize and extend the ACKTUS user and activity model for tailoring
and develop an architecture to provide personalized infromation for two communities
of users (older adults and miners/construction workers) stored as RDF- database
(Sesame repository) which is part of ACKTUS[1].
The common user model is implemented as an RDF/OWL ontology functioning as part of
ACKTUS, a knowledge and interaction modeling prototype application for the health
domain. The knowledge and interaction is primarily modeled by domain experts.
Consequently, focus has been on their explicitly defined user scenarios where they adapt
the knowledge to different characteristics by using simple rules. However, there is a
need to extend the tailored support by supplementing the adaptability of ACKTUS
applications with adaptive functionality [27].
5.1. Purpose of ACKTUS
ACKTUS is a collaborative knowledge modeling environment that designed to allow
domain experts who are unfamiliar with knowledge engineering to create, maintain and
model the knowledge content, and design knowledge-based applications interaction. Its
main provision is to provide tailored support for reasoning and learning through the use
of end-user application for medical and health related areas in decision support system
[23]. The system is used for developing knowledge based support system:
Provide personalized knowledge systems in the domains of dementia,
rehabilitation of older adults and occupational health [1].
Provide adaptive communication interface between user and computer,
with a low-tech profile, while encouraging its use by providing a simple
and friendly interface,
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 27
Develop interactive medium that allows people with the same incapacity
or experience, common interest, and concerns to share information,
experiences and advice.
Help users such as elderly and miners/construction workers to monitor
and take precaution measures in their health.
5.2. The Technology of ACKTUS
ACKTUS is a growing semantic web application which is built on the activity-theory
based ACTclin framework. ACKTUS consists of a service-oriented architecture, which
includes RDF/OWL ontology, Sesame repositories and dedicated user interfaces [23].
The original version of RDF/OWL ontology produced for ACKTUS was build using
Protégé1 which is based on structured language like XML or RDF for initiating the
distribution and reusing of knowledge. In ACKTUS, each domain repository have
individual Case repository for storing information, reasoning and increasing querying
capability.
ACKTUS has a web interface application for the user to interact with it which is built on
java. This knowledge provided to the users are structured in a Scalable vector graphics
(SVG) that uses Graphviz2 package technology which is embedded in XHTML.
5.3. ACKTUS Architecture
Ontology is used to manage knowledge about some specific domain in a structured
system of concept, properties and their relationship. ACKTUS consists of a devoted core
ontology which provides a semantic model for data structure, reasoning and interaction
design. Each domain within ACKTUS uses this core ontology with some specific
extension for each of them.
The knowledge building in ACKTUS is performed in a collaborative way such that an
expert in a specific domain can add knowledge in the system which is also can be viewed
and altered by other expert users of the system.
The schematic architecture of ACKTUS structure is shown in Figure 9 ACKTUS architecture.
The figure focuses on the general structure of ACKTUS, its services, core ontologies and
RDF repository. ACKTUS architecture allows expert users with a specified
1 Protégé is a free, open source ontology editor and knowledge-base framework.
2 Graphviz is open source graph visualization software.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 28
authentication to write application that can access and manipulate the information using
readily available internet technologies like HTTP. The data on the semantic web or from
the browser is modeled and represented in RDF. The server used in the ACKTUS system
performs mapping of the data to the database content, and allows RDF to be browsed
and searched after requests have been made from the web/browser.
The ACKTUS architecture allows navigating through the sesame repository content and
gives the end users RDF data in human readable format. The repository is used to store
and retrieve information as well as provides querying capabilities to a user. Since
ACKTUS is increasingly used and distributed over an increasing number of user
categories, a scalable solution is needed for handling security and authentication. This is
the main motivation of this project.
Figure 9 ACKTUS architecture[23]
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 29
6. Architecture Development
This section describes the architecture of health support system for elderly and
miners/construction workers (HSSEMW) web application. It begins with identification
of the system users (older adult, miners/construction workers) and move to the
modeling of usecases for these users. Then we have listed both functional and non-
functional requirements to provide more detailed functionalities that are used for
designing the web application. The final section shows the architecture that is designed
which illustrates the usage of the architecture and its components from a more practical
perspective.
The server-side architecture showed in this section is implementation-independent, in
other word, it makes no assumptions or requisites on what technologies are used to
implement the system. In our design, we have also considered the service oriented
architecture design. Service Oriented Architecture is “a set of principles and
methodologies for designing and developing software in the form of interoperable service
[25, pp4]” and this time it attracts several organizations and companies by providing
flexible services and cost effective to re-use functionalities captured in loosely coupled
services. Semantic web service researchers are recognizing the potential of combining
SOA and semantic web. The combination of OWL-S and web service modeling
framework (WSMF) are aimed to provide an extensive ontology- based description
framework [33].
In our work we analyzed the combination of ontology’s and SOA so that we incorporate
the concept of service oriented in the development of the architecture. The system will
be built up on a semantic data model and will be implemented using RDF/OWL
ontologies. These technologies enable to share knowledge and reuse information. The
architecture allows older adult, miners workers and domain specific experts to access
and manipulate information in the form of http.
6.1. UseCase of the System
The overall structure of the main actors of the system is presented in the form of use
cases in the below figures.
UseCase for Older adults: (Figure 10 Use Case for Older Adult) in this UseCase
the actor (older adult) interact with the functionalities mentioned in the
diagram. The main functions are, Authentication, view information from the
data resources and search for health information.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 30
Figure 10 Use Case for Older Adult
UseCase for a new user: (Figure 11 Use Case for New User) a new user to the
application must first have a valid user name and password to log in to the
system. So in order to have this access, he/she must apply and get register to
be a user of the application
Figure 11 Use Case for New User
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 31
UseCase for an expert of both older adult and miners/construction workers:
(Figure 12 Use Case for Older Adult Expert and ) an expert interacts with
system to model knowledge resources and manage health related contents
which are displayed in the user interfaces.
Figure 12 Use Case for Older Adult Expert and Miners/construction workers
UseCase for miners/construction workers: (Figure 13 Use Case for ) represent
those users who have access to view work related health information after
he/she successfully logged in to the system.
Figure 13 Use Case for miners/construction workers
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 32
6.2. Functional Requirements
In this section we describe the requirements needed for the development of our system.
For each requirement a brief description is given.
Personalizing content and layout own preference
The system allows the registered users to display personalized content
displacement. That is a user can choose the way they want to view the
retrieved content from the repository in different format like text or
vocal. The users of the system can define and save a personalized
composition of content, including only the content they would like to access.
For example, a user may prefer having access to only the news about
dementia.
Login Functionality
The system shall require users to login to access all the functions. The user
information is stored in the system and based on the stored information; a
user can get access, retrieve and view information.
a) Existing users have to login to the system in order to get access from
the system.
b) To be able to login the users need to provide their username (email),
password and domain. There are three type of domain; admin, user
and guest.
c) The system will verify the given username, password and domain.
d) If the user provides wrong username, password and/or domain, the
system will prompt out an error message telling the user to re-enter
their authentication information again.
Assure users privacy protection: The system will avoid identity disclosure,
unauthorized user information usage and unauthorized user access control.
Authentication content restriction from the system: The system will allow the
users to read and search health related information depending on the access
right they have on the system.
Reasoning service: The system will allow the user to do assessment related to
health, which are analyzed by the system and used as base for providing the
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 33
user tailored advices, prepositions, conclusions or new assessment to be
done.
Collected Data: The system will let the user save and view the test result they
took during their browsing time on the system.
6.3. Non-Functional Requirement
The system must also conform to the following non-functional requirements.
Ease of Use: This requirement is particularly relevant to users who are
seniors or have limited knowledge of computer technology.
Backend Customization: Administrators of a system can customize the source
of services provided by the system using a content management system, and
such modification should be transparent to the users.
Web services: The system must able to seamlessly integrate heterogeneous
medical services implemented on different platforms and with different
technologies. Such implementation details should be transparent to users of
the system.
6.4. Architecture and technology
As the diagram in Figure 14 Architecture of the web application indicates, the web application
architecture has several subcomponents. The main components of this architecture are
Postgre SQL database which is used for authentication part of the system, sesame
repository for storing the knowledge resource and mapping of data in RDF format,
security manager and the interface. Even though it is scalable, the Sesame contains three
separate repositories, one for older adult, the other one for miners/construction
workers and care repository which is used by all users.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 34
Figure 14 Architecture of the web application
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 35
The detailed descriptions of the main users of the system are listed below.
Older adult: Older adults interact with the web application built on top of
Java. The web interface provided for the older adult is used as a component
which provides the communication between them and the developed web
application. The web application built on the web interface will enable the
older adult to access the data on the repositories in the form of RDF and
display health related data to the users.
Miners/construction workers: Is also end user of the system who interacts
with the user interface to retrieve health related information from their
respective repositories. The information accessed by this type of user is
specific to the work related information. In this case, the working
environments are construction and mining industries. So, the interface will
display information based on the input gathered from the user in the form of
quiz which will be finally used to provide additional information to the user
as an advice or recommendation.
Domain expert: Tailoring activities can be defined in different ways; they
include customization, end-user modification, extension, personalization. For
maintaining and making sure that the system being developed
provides tailored activity, we included the presence of Domain experts. The
domain expert will be able to add or modify, maintain, upgrade and
personalize knowledge to the users.
6.5. Ontology Development
We have used Ontology diagram to model and show the relationship of our conceptual
classes. We chose ontologies because it provides the critical semantic foundation and are
focused on web-based knowledge representation. At the same time the repositories we
are accessing are built on Sesame RDF technology which is suitable for semantic web.
The design schema of the database of the repository is based on ontologies. This is more
declarative and beyond the human-to-human communication model.
Class is one of the most fundamental concepts of Ontology. Each class is characterized by
a name, a list of its attributes, a list of relationships linking this class with other classes.
If a class has no superclass, it is considered subclass of the superclass object. There is a
built-in class named ‘Thing’ that is considered as superclass object which is the class of
all individuals and is a superclass of all OWL classes [56] .Property must be able to
represent relationships between Resources (Classes, Datatypes, etc), which a Class alone
is not able to do. If we look at the definition of a Property it accomplishes representation
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 36
of relations through its range and domain. Ontology defines two types of Property;
ObjectProperty and Datatype Property. Object properties connect pairs of class’s
instances. Datatype properties are entities that refer to sets of data values. Thus, the
object property differs from the Data type property, in the sense that the latter have data
typed RDF literal values, as opposed to full objects. Datatypes proprieties are a kind of
data range, which allows them to be used in restrictions [31]. In the entire ontology
diagram below, classes are represented by the ellipses and the arrows indicate the
relationship between them.
An ontology diagram for older adult is shown Figure 15 Ontology Diagram for Older Adult
people. It illustrates that one of the actor of the system is a person and he/she has role
which could be user, older adult or health domain expert. In addition the older adult has
a property to access disease information.
Figure 15 Ontology Diagram for Older Adult people
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 37
Figure 16 Main Ontology Diagram for Older Adult is the extension of Figure 15 Ontology Diagram for Older Adult people. It also shows the
example users instance Tom and John for the class older adult and health domain expert respectively. Tom and John have properties
such as full name, user name, password and etc. The other section of this diagram shows the communication of this application with
ACKTUS and Social Network. This application consumes some services from external application. For examples it consumes
reasoning services from ACKTUS as well as store resources in the case repository.
Figure 16 Main Ontology Diagram for Older Adult
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 38
Ontology diagram for older adult disease: (Figure 17 Ontology Diagram for older Adult Disease)
it shows the mapping of resource in the triple format for reasoning service. For example,
it shows how one class of resource (Dementia) is linked to others class of resources
(mental disease, Alzheimer) for conforming of a conclusion or premises of having that
disease or not.
Figure 17 Ontology Diagram for older Adult Disease
Ontology design of miners/construction workers: (Figure 18 Ontology Diagram for ) it
shows the overall view. The diagram show the flow of accessing work related health
information provide to these user by the web application. In addition it demonstrates
that an actor of the application will have a role as miners, miner’s health experts and/or
user.
Figure 18 Ontology Diagram for Miners/construction workers
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 39
Figure 19 Main Ontology Diagram for illustrates the detailed information of Figure 18 Ontology Diagram for . It shows retrieval paths of resource
and attributes of the miners/construction workers. It shows also how the web application designed for this user consume ACKTUS
reasoning service, social network and store information in the ACKTUS Case repository.
Figure 19 Main Ontology Diagram for Miners/construction workers
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 40
Ontology Diagram for miners/construction workers disease: (Figure 20 Ontology
Diagram for Miners/construction workers Disease) the set of triplet in this figure defines, the
class describing the types of diseases and injuries in work environment. One of the
injuries in miners/construction workers environment is Vibration. In this diagram, the
handling of vibration is illustrated if it occurs in work place.
Figure 20 Ontology Diagram for Miners/construction workers Disease
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 41
7. Designing Generic GUI
The web is a repository for various documents, photos and videos and used for sharing
information like news, research, and personal information and be a part of social
media.
RDF is designed to be read and understood by machines. However, most current
Semantic Web contains humans as creators of data, programmers and last but not least
as end user. As this overload of information we come across with increase the
essentiality and convenience of Graphical User Interface (GUI) to maintain simplicity,
good design and features for displaying and browsing these resources become vital.
We have developed a generic GUI for older adult as well as an end user interface for the
miners/construction workers. By generic interface we mean an interface which can be
accessed with both mobile and computers. It also provides uniform interface that will
serve as a template for different web applications. Here, the interface is used for elders
and Miners including construction workers. When we want to use this interface for
other web application like educational system, it should be customized with less effort.
The buttons, Menus and link in the interfaces are generic. That is, they are clear and
common for different types of users. Our GUI is designed to be easy to navigate, simple
to look at, and easy for administrators to modify.
7.1. Technology
We have built the web application using 3-tier architecture in which the client, server
and database constitute the main elements. In our web application, we built our
interface using myeclipse 10 IDE by using Java Server Faces components. We chose this
technology as it provides a better web interface building components such as icefaces,
jsf, html, and etc. The JSP pages in myeclipse are the front-ends of our application. We
have also used Postgre SQL and sesame repository at the back end of the web
application for storage and retrieval of system data.
In addition to these technologies, the web application was developed under Tomcat on a
Linux server and java programming language. Java stack works with a variety of
databases and is particularly well-tuned to mainstream of databases. It also works with
myeclipse development environment that is making it better to write applications.
During the development of the architectural process strong emphasis was placed on the
consistency of the three layers. In the beginning prototype of the user interface(JSP
Pages) was created that consisted of HTML mock-up pages then developing of
the Java classes was made based on the database tables and the JSP pages. The
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 42
developed web application using the above listed technologies has an overall view of the
web as shown in the below diagram (Figure 21 Over View of the web application).
Figure 21 Over View of the web application
7.2. Log in page
The first page a user encounters when using the HSSEMW system is the login page. This
page can be seen in Figur 22 Login Page. In the prototype developed for the web application
we have prepared 3 types of domain where every user is assigned only one of the
domain type (Admin, user, guest).
However people have several users’ roles, for example older adult, miners and expert on
miners/construction workers or older adult where they can have the accesses to be
redirected to different application depending on the role they chose. Here the user may
choose to either log in to the system as one of the 3 types of domain choices. If the user
chooses to log in to the system he/she must use a valid username, password and domain
type in order to pass the authentication process.
A new user is created by filling out a form consisting of some personal information
such as name, address, telephone number and also identify question on the desired
username(email address ) ,user type and user role . After all the fields in the form have
been validated the user will send a registration request to the administrator where this
information will be stored on the Postgre SQL database and be visible in the
administrator page. However administrator must authenticate and generate temporary
password to the new user before it can be used to log in to the system.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 43
Figur 22 Login Page
7.3. Administrator prototype
Administrator user type assigned to person who are working with the project of ACKTUS
and involved in the administration projects work. The Administrator is responsible
adding, deleting and updating user privileges to the system. The administration pages
and the user pages were clearly separated to avoid difficulties with respect to security of
the internal Web pages.
Figur 23 Administrator Page
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 44
7.4. Users
The target users in these web applications are older adults and miners. These users
have to fill the registration form to be able to get access to HSSEMW. After they receive
their account information from the admin via email, they can log to the main page of the
system where the system end users can accesses and manipulate information in the
form of http. The resources displayed in this page are stored in the form of RDF in
Rehab, EKFV6 and case repositories which are allowed to be accessible to all types of
users.
This page is also used by the end user to choose the user role to access the specific
applications. Users are grouped into a role and their access rights are based on that role.
For users who have multiple user roles once they are logged to the system they can
switch from one application to the other application without providing username and
password again.
Figur 24 Default page
Older adult: Older adults interact with the system and access information
which are stored in the rehab repositories and access the data on the
repositories in the form of RDF and display health related data to the user.
The default page of the Older Adult contains compilation of the tasks specific
users have to perform in the system. For an older adult, this page will show
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 45
both personal and health related information which is retrieved from the
rehab repository. To view their profile and modify account information, the
older has to press “Profile” button. Under the Profile button there several
task that the older adult can perform like see their personal information,
change their password, access external links which directs them to other
application and join the social network.
And also when an Older Adult pressed My Stuff button, they will have sub
tasks they can perform like take a precaution exam related to the doubt they
have to their health, view health related information and check their
previous concerns they have stored under history.
Figure 25 Older Adult Home page
Miners/construction workers: Is also end user of the system who interacts
with the user interface to retrieve work related health information from EKF
(V6) repositories. The information accessed by this type of user is specific to
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 46
health related information of the miners/construction workers environment.
Once a user logged in as a miners/construction workers user, he/she can get
access the following service from the repositories
o Profile: In this part the user can view his/her profile details. We
designed user friendly interface that enable the user to get an access
to the repository and display basic personal information. There are
also functionalities that enables the users to modify his/her account
information. In addition to these, in this section there are external
links which directs the user to other application.
o My stuff: In this section, miners/construction workers may want to
read some tips about their work related health information. So, here
they can view information about their health while they are in work,
how to avoid injuries, what precaution to take in case of accident and
other important information. This page is also interactive by
providing a kind of exam to the users and display some
recommendation based on the input of the users.
o Social Network: here the users view and interact with their friends.
Figure 26 Miners/construction workers Home page
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 47
7.5. Security
The usage of computers for sensitive tasks leads to an emergent need of computer
security. The overall goal of this thesis was to design web application with appropriate
security functionality by structuring a security policy that protects the contents from
unauthorized disclosure and authentication control.
The security of a web application framework is not only the consciousness of the
application, but also the underlying platform and the various technologies that have
been used. So we implemented application-layer security measures to protect the web
application as well as the underlying servers and databases that support them. This
requires restricting access based on a username/password and domain combination,
protecting the bean from unauthorized access and limiting a user to access only to
certain functionalities.
The combinations of the above three security measures are used for securing our web
application.
Restricting access: It checks to ensure that the user name, password and domain
were contained in the database was granted access to all functionalities within the
system without further verification.
Protecting the Bean: the application authorized the user to executed restricting
methods on the bean.
Access to certain functionalities: with this security measure the user with the same
role type are provided to have a different privilege to accesses to resources in the
same repository.
7.5.1. Secure registration and Authentication
Our web application ensures that users register their personal details (e.g. email
address) in a secure way during the request to get a privilege for either the Older Adult
or miners/construction workers web application. During this registration request the
profiles of the user are stored in our Postgre SQL database which includes security
concept of MD5.
The login authentication implemented on our web application authenticates the users
registered and receive the approved authentication information when accessing the web
application. The web application displays the name of the authenticated user. In addition
to this users are able to change their password whenever they want to.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 48
7.5.2. Access control and data storage
All files and data stored in our Postgre SQL database are protected from reading by any
account other than the super account. Therefore, a user must possess the proper
clearances to gain access to resources.
The connection from the developed Web application to the Postgre SQL database or to
the sesame repository is done with a JDBC driver. The JDBC driver provides the middle
tier from Java classes to the database and sesame repository. The JDBC driver serves to
translate the Java SQL statement format that the user request to access an application to
the database-specific format, so that it checks the authentication of the user to the
application that they are requesting for to returns the desired application page
7.6. Authentication service
The authentication service we propose aims at providing secure authentication for
different application to consume. With this feature, we assume that anyone can consume
our authentication services, is able to obtain and login with the correct authentication
privilege.
The Provision of authentication service for consumers of our web application is
performed by invoking Simple Object Access Protocol (SOAP) messages over the
internet using the HTTP protocol. It is the standard protocol that has an XML-based
documents format. This protocol enables to exchange information without having to
know any detail about the sender and receiver. The client sends a SOAP request to the
server and then the web service sends a SOAP response back to the client.
The below diagram (Figure 27 Authentication service) shows the operations provided as a
services and client application that consumes this authentication services.
Figure 27 Authentication service
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 49
7.7. Mobile version of the web app
We have implemented an HTML-enable web pages that is accessible though PC and also
extend the possibilities to use mobile devices for browsing. It should be noted that
technical development of hardware components and browsers’ preferable feature is
excluded from the focus of the study, although technical aspects do have an impact on
the usability of mobile web applications we much more focused on providing the web
application through the mobile device addressing the below aspects :
Navigation by this aspect we were making sure that the web application will
let the users to go from home page to getting useful work done.
Usability: the communication of the user and the mobile device is prepared to
be easy to use.
Figure 28 GUI for Smart Phone
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 50
8. Discussion
This section mentions the main problems facing on the two communities of users and
how the proposed solutions look like. Furthermore some of the major benefits and
limitation of the whole implementation are discussed.
8.1. Technology
As it has been stated in the previous chapters we have used Myeclipe IDE, Apache
Tomcat, Postgres SQL and sesame repository for different tasks. Choosing of this
technologies are not arbitrary. We have chosen Myeclipse IDE as it provides better GUI
building components. It is also fairly common and reasonable setup both for developers
and production environments to use Apache Tomcat with Myeclipse IDE. The selection
of Postgres SQL came with the attribute like reliability, data integrity, and correctness it
provides and also as it is one of the world most advanced open source database.
The drawback that we faced while working with Myeclipe IDE was that the visual web
designers are only available for windows 32 bit platforms. The Myeclipe visual designer
has exhibited stability problems on some systems in Mac and Linux platforms. There are
also some sorts of compatibility and installation difficulties while using Myeclipse IDE as
it is not open source software.
8.2. Authentication
There are several different undying approaches for making a web application secured
from unwanted access of users. In our case, a role based authentication approach is
considered. When users wish to login to the application, they have to pass 2 level of
authentication layer so that they can access a specific resource from the data sources.
Once the users pass through the first login verification process, they will be forwarded
to the default page where the second level of authentication is performed. In this level of
authentication they have to choose their role. As a result, users will be directed to their
respective pages based on the selected user role.
The problem here is the first level of login verification process only checks whether the
account information (user name, password and domain type) given by the user is
available in the Postgres SQL database. But this is not enough to secure the whole web
application. In order to solve this, we used a role based approach that enables the user
to redirect them to their specific personal page and content. Users have to select a valid
role assigned to them as their identification for accessing a particular resource from the
repositories.
Beside to the system users, the application has a guest and an administrator
account. The guest account would be used for a new user of the application. In this case
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 51
instead of blocking access to the resources, the new user could be treated as guest, very
similar to administrator where they can access restricted resources. The guest access is
a convenient way to grant access to some basic function until they become a user of the
application.
8.3. Authentication Service
We put up a few operations as web services for clients of our web application, which
returned some sensitive data. We needed a simple way to authenticate the users of this
web service. We started using web services technologies in the application we are
developing; in most cases the information passed from client is suitable for the public
domain so we need to look in to different secured authentication methods. This should
be simple for the client application while it is trying to consume services that are
provided by our application. It is fairly easy for the client to use SOAP headers to pass
user name, password information. As we have explained in the previous chapter, SOAP
web service is used to provide some operation in the authentication part of the
application as a service to clients. Even though we provide some functionality of our web
application as a service to clients further works would be performed to fulfill the
requirement of the consumers. In addition we have not developed a client project that
consumes the provided service but we have tested the provided services using
Myeclipse IDE to ensure the web service is working as needed.
8.4. Resources Security
One of the main concerns of users in health information systems is privacy. We
addressed these issues by restricting the accessibility of resources stored in the sesame
repository. Theses recourses are retrieved and accessed by only authorized users based
on their assigned role.
The private profile data or any kinds of the user’s information that are provided from
the user to system during the registration are stored in a secured way. To be able to
provide this privacy we have been working with a technology called MD5 where the
implementation is not fully completed. The aim of selecting this hashing algorithm is to
keep sensitive data in an encrypted way.
In addition, MD5 make sure that the authentication information of the users are stored
in the Postgres SQL database are encrypted. So the database administrator cannot even
see this information. As a result, the web application will provide some sort of comfort
to our system users by preserving their privacy information at some level.
8.5. Graphical User Interface
Some key attribute were considered in the design of the web application. It is an
application that can be accessed by the users through a web browser. The browser
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 52
creates HTTP requests for specific URLs that map to resources on the web server. When
we design the GUI, we include a key design consideration such as performance, security,
deployment and the key patterns of technology which are compatible with both mobile
and personal computers.
Mobile devices become more and more important nowadays. Users want to have an
access to web application through mobile and desktop computers. Because of this users
demand, developing a generic user interface have become an essential part in the web
applications development. However, developing a generic (mobile and PC) web
application are far more complex as the usage of these devices are different in a sense
that mobile devices for users (miners/construction workers) usually are in difficult and
hectic work places. So providing mobile compatible web application for this community
of users is very important.
The main challenge is to design the user interface in such a simple manner, that the user
can completely concentrate on his/her task. For that reason availability for the
developed web application framework for PC and mobile devices was considered. When
we design the front end of the application, we tried to minimize the complexity by
categorizing tasks in to different areas of concern while designing a secure, high
performance, user friendly web application. For this, we logically partition our
application in to presentation, Business (Entity) and data access layer which plays a
significant role to monitor and scaling our application.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 53
9. Conclusion
This thesis set out to propose and build web based application for two communities
(older Adults and miners/construction workers) of users. We started off by analyzing
web based health support systems available, identifying technology components that are
the back bone of the system and security related issues. During the analysis phase we
have observed that most of the web applications provided have a security hole. In
addition we have perceived issues concerning personalization, authentication and
authorizations and privacy.
To solve this problem, we designed an architecture and developed a web based
application which includes the following parts: 1. how a personalization is implemented
to full fill the requirement of a user which fulfill users need to see personalized content
and view health information. 2. Authentication of users while they are trying to access
resources from repositories. 3. The privacy issue which ensures security of users’
profile is considered. 4. Authentication services to other applications.
In conclusion it can be said that our proposed web based application provides
protection against unauthorized users and preserve private information by using a role
based access of different pages. These enable users to navigate through their personal or
publicly accessible pages. Authorized users passed by verifying valid account
information to the main application home page where they are supposed to select a role.
The selected role takes the user either to a common (public) page or to their private
pages.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 54
10. Future Work
The aim of this project was to create a secured web based application that is used for
older adults and miners/construction workers. Though the security of the application is
done by implementing authentication of users, there are some issues need to be done
further. The authentication service mentioned in the discussion section has a lot of
remaining tasks to do such as testing with client application and providing more
services to its consumers.
Another possible future work is concerning social network sites and their security. We
have been adapting the concept on how the social media security and privacy is
implemented. We analyzed the concept and it is included in our design, but it is not
implemented yet. One of the benefits of the social network to the users of the application
is interaction and sharing health information among themselves. So implementing the
social network to the developed application will add the quality of the application.
In addition to the above issues, developing separate mobile version of the developed
web application shall be considered. As the mobile resolution and capability is different
than PC’s, building a more mobile friendly web application will encourage and facilitate
the end users to interact with the system.
Keyword searching on the user interface could be very useful. Nevertheless for
implementing this operation better support for abbreviations and synonyms in the
ontology should be developed. Further user testing needs to be done with a larger
number of users and domain experts for better improvement of the web application.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 55
References
1. ACKTUS. (2013) Activity-Centered Modeling of Knowledge and Interaction Tailored to
User, [Online], Available: http://acktus.cs.umu.se/?page_id=117. [6 apr -2013]
2. Ajit Appari and M. Eric Johnson, (2010), Information security and privacy in
healthcare: current state of research. Int. J. Internet and Enterprise Management, Vol. 6,
No. 4, 2010. [Online], Available http://www.ists.dartmouth.edu/library/416.pdf [6apr-
2013].
3. Alexander Lorenz, Hans-Werner. (2006) Tailoring UML Activities to Use Case Modeling
for Web Application development, CASCON ,Hagen, Germany [Online], Available:
http://pdf.aminer.org/000/077/338/tailoring_uml_activities_to_use_case_modeling_f
or_web_application.pdf [6 apr -2013]
4. Amit Jain and Csilla Farkas. (2006) Secure Resource Description Framework: an Access
Control Model, [online], Available:
http://voutsadakis.com/RESEARCH/PROJECTS/PPREASON/JainFarkas2006.pdfn
[14May-2013]
5. Bernardo Cuenca Grau. (2010) Privacy in ontology-based information systems: A
pending matter, Semantic Web 1, 137–141 137 DOI 10.3233/SW-2010-0009, IOS Press.
6. Berners-Lee, T., Hendler, J. & Lassila, O., 2001, "The semantic web", Scientific
American, May pp36.http://www.cs.umd.edu/~golbeck/LBSC690/SemanticWeb.html
7. Bhaskar, Mehta, Claudia Niederee, Avare Stewart, Marco Degemmis, Pasquale Lops,
and Giovanni Semeraro.(2005) Ontologically-Enriched Unified User Modeling for Cross-
System Personalization, UM 2005, LNAI 3538, pp. 119–123, Springer-Verlag Berlin
Heidelberg, IST-2003-507173,Project VIKEF , [Online], Available:
http://www.springerlink.com/content/8r3n3neud8pcd69j/fulltext.pdf [6 Apr 2013]
8. Bhavani Thuraisingham, Arlington, VA (2003) Security Issues for the Semantic Web.
Proceedings of the 27th Annual International Computer Software and Applications
Conference (COMPSAC’03) 0730-3157/03 © 2003 IEEE. [Online],
Available:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1245408 [6apr-
2013].
9. Bhavani Thuraisingham. (2007) Secure Semantic Web Services, [Online], Available :
http://www.utdallas.edu/~bxt043000/Publications/Technical-Reports/UTDCS-34-
07.pdf [16 May-2013]
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 56
10. Biplav Srivastava and Jana Koehler, (2003) Web Service Composition - Current
Solutions and Open Problems. Proceedings of ICAPS 2003 (2003) Key: citeulike:1233294
[Online], Available:http://winslab.cnu.ac.kr/resource/LabSeminar/Seminar2004/icaps-
ws.pdf [6apr-2013]
11. Brian Girardi, David Martin, Jonathan Nguyen-Duy, Mario Santana, Eddie Schwartz
and Dean Weber. (2012)Transforming Traditional Security Strategy Into An Early
Warning System for Advanced Threats. [Online], Available:
http://www.emc.com/collateral/software/solution-overview/h11031-transforming-
traditional-security-strategies-so.pdf [6 Apr 2013].
12. Chris Preist. (2007) Goals and Vision Combining Web Services with Semantic Web
Technology.
13. Creswell.JW, (2003) Research Design: Qualitative, Quantitative, and Mixed Methods
Approaches. Thousand Oaks,California: Sage Publications, 2003.
14. Dmitrij Lagutin. (2010) Securing the internet with Digital. Aalto University, [Online],
Available: http://lib.tkk.fi/Diss/2010/isbn9789526034652/isbn9789526034652.pdf
[12May-2013]
15. Dumitru Roma, Uwe Kelle, Holger Lausen, Jos de Bruijn, Ruben Lara, Michael
Stollberg, Axel Polleres, Cristina Feier, Cristoph Bussler, and Dieter Fensel. (2005) ‘Web
Service Modeling Ontology.’ Applied Ontology 1 (2005) 77–106 77 IOS Press:, [Online],
Available: http://www.michael-stollberg.de/publications/wsmo-appliedOntologyJournal.pdf
[6apr-2013]
16. Fabian Abel. (2011) User Modeling and Personalization on Twitters , Delft University
of Technology [Online],
Available: http://sdow.semanticweb.org/2011/pub/sdow2011_keynote_slides.pdf [6
Apr -2013].
17. Fiona C. Bull1, a, Matthew W. Kreuterb , Darcell P. Scharffb. (1999) Effects of tailored,
personalized and general health messages on physical activity .Patient Education and
Counseling 36181–192.PII:S0738-3991(98)001347, [Online], Available:
http://elkhealth.pbworks.com/f/bull,+kreuter+and+scharff.pdf [6 Apr -2013].
18. GFI White Paper. (2011) Web-based security threats: how attacks have shifted and
what to do about it, [Online], Available: http://www.gfi.com/whitepapers/GFI-
Web_Based_Threats_v2_Whitepaper.pdf [12May-2013]
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 57
19. Grigoris Antoniou and Frank van Harmelen. (2003)Web Ontology Language: OWL.
[Online], Available
http://www.cs.vu.nl/~frankh/postscript/OntoHandbook03OWL.pdf [6apr-2013]
20. Grigoris Antoniou and Frank van Harmelen,(2008). ’A Semantic Web Primer.2nd
edition’. The MIT Press Cambridge, Massachusetts London, England
21. Guler Kalem. (2005) Semantic Web Application: Ontology-Driven Recipe Querying.
Atilim University.
22. Helena Lindgren and Chunli Yan. ACKTUS - Collaborative Knowledge Building for
Personalized Support Systems in the Health Domain (Draft).
23. Helena Lindgren, Farahnaz Yekeh, Chunli Yan and Jayalakshmi Baskar,(2012).
’Agent-Supported Assessment for Personalized Ambient Assisted Living. Appears in:’
Proceedings of the 11th International Conference on Autonomous Agents and Multiagent
Systems (AAMAS 2012), Conitzer, Winikoff, Padgham, and van der Hoek (eds.),June, 4–8,
2012, Valencia, Spain. Copyrightc 2012, International Foundation for Autonomous
Agents and Multiagent Systems
24. Helena Lindgren, Patrik J, and Peter Winnberg. (2011) Domain Experts Tailoring
Interaction to Users – An Evaluation Study, P. Campos et al. (Eds.): INTERACT 2011, Part
III, LNCS 6948, pp. 644–661, 2011. IFIP International Federation for Information
Processing 2011.
25. Hyung-Jun Yim and Kyu-Chul Lee.A ,(2012) ‘Ubiquitous Web Services Framework
for Interoperability in Pervasive Environments’ International Journal of Multimedia and
Ubiquitous Engineering Vol. 7, No. 3, July, 2012. [Online],
Available:http://www.sersc.org/journals/IJMUE/vol7_no3_2012/6.pdf [6apr-2013].
26. James B.D. Joshi, Walid G. Aref, Arif Ghafoor,and Eugene H. Spafford (2001) Security
Models for Web-Based applications: Using traditional and emerging access control
approaches to develop secure applications for the Web(pp 38-39).
27. Jayalakshmi Baskar, Helena Lindgren, Dipak Surie, Chunli Yan and Farahnaz Yekeh
‘Personalization and User Models for Support in Daily Living’, Published by Linköping
University Electronic Press, [Online], Available:
http://www.ep.liu.se/ecp_home/index.en.aspx?issue=071. [6 apr-2013].
28. Jeff Heflin and James Hendler. (2004) A Portrait of the Semantic Web in Action,
University of Maryland.
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 58
29. Khalid El-Arini, Jurgen Van Gael, Ulrich Paquet, Ralf Herbrich, Blaise Agüera y Arcas.
(2012) Transparent User Models for Personalization, KDD’12, August 12–16, 2012,
Beijing, China.
30. Lalana, Kagal, Tim Finin, and Anupam Joshi. (2003), A Policy based Approach to
security for the Semantic web , University of MaryLand Baltimore County, Baltimore,
Maryland USA, [Online], Available:
http://www.csee.umbc.edu/courses/pub/finin/papers/papers/iswc03b.pdf [6apr-2013].
31. Liana Razmerita, Guy Gouardères. (2005) Ontology based User Modeling for
Personalization of Grid Learning Service, France.
32. Lora Aroyo and Geert-Jan Houben. (2010) User modeling and adaptive Semantic
Web, Semantic Web 1, 105–110.DOI 10.3233/SW-2010-0006, IOS Press.
33. Maksym Korotkiy and Jan Top (2006) ‘ OntoSOA: From Ontology-enabled SOA to
Service-enabled Ontologies’ Proceedings of the Advanced International Conference on
Telecommunications andInternational Conference on Internet and Web Applications and
Services (AICT/ICIW 2006)0-7695-2522-9/06 IEEE. [Online], Available
http://www.gartner.com/resources/114300/114358/114358.pdf [6apr-2013].
34. Marci Meingast, Tanya Roosta, Shankar Sastry. (2006) Security and Privacy Issues
with Health Care Information Technology, Proceedings of the 28th IEEE. EMBS Annual
International Conference, New York City, USA.
35. Mercuri, R.T. (2004) ‘The HIPAA-potamus in health care data security’,
Communications of the ACM, Vol. 47, No. 7, pp.25–28.
36. Michal Barla. (2010)Towards Social-based User Modeling and Personalization, FIIT-
10890-653, [Online], Available: http://acmbulletin.fiit.stuba.sk/theses/barla-thesis.pdf
[6 Apr 2013].
37. Mohammad Zarifi Eslami, Alireza Zarghami, Brahmananda Sapkota, Marten van
Sinderen. (2010) Service Tailoring: Towards Personalized Homecare Services. ACT4SOC
2010: 109-121, [Online], Available:
http://doc.utwente.nl/73920/1/ServiceTailoring_TowardsPersonlaizedHomecareSyste
ms.pdf [6 April -2013].
38. Nicola Henze and Eleco Herder. (2012) User Modeling and Personalization, [Online],
Available:
http://www.kbs.uni-annover.de/Lehre/pers12/slides/01_adaptive_hypermedia.pdf
[6 apr -2013].
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 59
39. Olivier Corby, Rose Dieng, Cedric Hebert (2004), A Conceptual Graph for W3C
Resource Description Framework, 06902 Sophia, Antipolis cedex, France.
40. Ondrej Mikle .(2004), Practical Attacks on Digital Signatures Using MD5 Message
Digest , [online], Available: http://eprint.iacr.org/2004/356.pdf
41. Peter Winnberg. (2009) Architecture for assessing and managing medical knowledge ,
UMNAD 812/09, Umeå University ,[Online], Available:
http://www8.cs.umu.se/education/examina/Rapporter/PeterWinnberg_kand.pdf [6
Apr 2013].
42. Prud’hommeaux.E, A. Seaborne (eds.). SPARQL Query Language for RDF.
[Online], Available, http://www.w3.org/TR/rdf-sparql-query/ [6apr-2013].
43. Robert P. Hawkins, Matthew Kreuter, Kenneth Resnicow, Martin Fishbein and Arie
Dijkstra. (2008) Understanding tailoring in communicating about health, health
education research. vol.23 no.3 2008, Pages 454–466. Advance Access publication 17
March.
44. Rui Zhang and Ling Liu. (2010) Security Models and Requirements for Healthcare
Application Clouds, E-ISBN: 978-0-7695-4130-3.Print ISBN: 978-1-4244-8207-8, Inspec ,
Accession Number: 11499455.
45. Simona Elena, Varlan. (2010) Advantage of Semantic Web Technologies in the
Knowledge Based Society ,[Online], Available:
http://anale.feaa.uaic.ro/anale/resurse/info5svarlan.pdf [6apr-2013]
46. Stevens.M.M.J (2007) ,On Collisions for MD5, Eindhoven University of Technology ,
Department of Mathematics and Computing Science, [Online], Available:
http://www.win.tue.nl/hashclash/On%20Collisions%20for%20MD5%20-
%20M.M.J.%20Stevens.pdf [6 Apr -2013].
47. Surabgi. Jolly, J.Sredevi (2006), The Semantic Web: AN Overview. Inflibnet center,
February 2,
pp1.http://ir.inflibnet.ac.in/bitstream/handle/1944/1118/68.pdf?sequence=1 [6 Apr -
2013].
48. Susan B. Barnes .(2006), A Privacy paradox: Social Networking in the United
States.[Online], Available
http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/1394/1312
[6apr-2013].
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 60
49. Ted Demopoulos. (2013) OUCH! The monthly security awareness Newsletter for
computer users, ‘Social Network Safety’, [Online], Available:
http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201303_en.pdf
[6 apr -2013].
50. Thomas Trojer, Basel Katt, FlorianWozak, and Thomas Schabetsberger(2010). ’An
Authoring Framework for Security Policies’: A Use-Case within the Healthcare Domain. E-
Health 2010, LNICST 69, pp. 1–9, 2011.
51. Tim Finin, James Mayfield, Anupam Joshi, R. Scott Cost and Clay Fink ,(
2005) Information Retrieval and the Semantic Web , [Online],
Available: http://aisl.umbc.edu/resources/121.pdf
52. Uche Ogbuji , (Dec, 2000) An introduction to RDF Exploring the standard for Web-
based metadata [Online] available
at: http://www.ibm.com/developerworks/library/w-rdf/ [10May-2013]
53. Umberto Straccia and Rapha el Troncy. (2006) Towards Distributed Information
Retrieval in the Semantic Web: Query Reformulation using the oMAP Framework, [Online],
Available: http://gaia.isti.cnr.it/straccia/software/oMap/oMap.pdf
54. Volker Wulf and Björn Golombek. (2001) Direct Activation: A Concept to Encourage
Tailoring Activities in Behaviour & Information Technology, Vol. 20, No. 4, 2001, pp. 249 –
263.
55. W3C Incubator Group Report 6th December (2010): A Standards-based, open and
Privacy-aware Social Web. [Online], Available
http://www.w3.org/2005/Incubator/socialweb/XGR-socialweb-20101206/ [6apr-
2013]
56. W3C Semantic Web Activity Group. Semantic Web Activity Statement,[Online],
Available , http://www.w3.org/2001/sw/Activity [6apr-2013]
57. Yuhong Yan, Harold Boley and Bruce Spencer.(2006) Tutorial on Service oriented
architecture, [Online], Available:
http://icec06.net/WorkshopsAndTutorials/SOATutorial/SOA-Tutorial.htm [6 Apr
2013]
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 61
Sample Prototype Snapshots
Figure 29 Home Page
Figure 30 Older Adults Home Page
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 62
Figure 31 Older Adult Profile Page
Figure 32 Older Adult Personal Information Page
Yitbarek & Zegeye 20april 2013
Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 63
Figure 33 Password Changing Page
Figure 34 Registration Page