Health Support System for Elderly and … · Functional Requirements ... Support System for Elderly...

i

Health Support System for Elderly and

Miners/Construction Workers (HSSEMW)

Yitbarek, Rahel Abraham

Zegeye, Emnetu Araya

Master Thesis 30 hp + 30 hp

Supervisor: Helena Lindgren

Examiner: Frank Drewes

April 20, 2013

Umeå University

ii

Abstract

The main aim of this thesis is to develop web based application which has a tailored

access to information through a semantic web. It begins by analyzing the problems of

privacy and security implications of healthcare technologies, Semantic Web, Resources

Description Framework, Web Ontology Language, Health Information Security and

Social media Security by following a method of literature review to grasp a better

technological backbone for developing web based health support system to two

communities of users (older adults and miners/construction workers). As a result we

propose a secured architecture and implement a prototype which is compatible to

different devices including smart phone.

The reason behind this thesis work is to address security and privacy of semantic web

users in general, older adults and miners/construction workers in particular. The need

for security in web applications has become evident with the fast growth of internet

technology. The transaction of information in the internet has raise major issues like

authentication, authorization, data integrity, confidentiality and access control. Hence,

the application will address the above issues by authenticating users to access resources

based on their assigned role. It also provides authentication service using Simple Object

Access Protocol (SOAP) web service technology. Every user has some level of security to

use the application. This ensures the privacy and security issues at some level.

iii

Acknowledgement

Foremost our deepest gratitude goes to the almighty God for giving us the strength and

knowledge to pursue our studies.

We would also like to deeply appreciate our supervisor Helena Lindgren for providing

us with continuous support and advice needed for our thesis. Her guidance helped us

throughout our thesis work. Besides our advisor, we would like to thank the members

of research group of ACKTUS specially Chunli Yan for responding to our questions

without hesitations.

Finally, our sincere thanks are for our family and friends for all the support they gave us

in every step of the way.

iv

Contents

1. Introduction ..................................................................................................................................... 1

1.1. Thesis Outline ............................................................................................................................. 2

1.2. Distribution of work ................................................................................................................... 2

2. Methodology ................................................................................................................................... 4

3. Semantic Web ................................................................................................................................. 5

3.1. Overview of the Semantic Web ............................................................................................. 5

3.2. Information Retrieval with Semantic Web ............................................................................ 6

3.3. Semantic web service ............................................................................................................ 7

3.4. Semantic Web Tools and Languages ................................................................................... 7

3.5. RDF (Resource Description Framework) ................................................................................ 8

3.6. RDF Statement ....................................................................................................................... 9

3.7. RDF Schema ......................................................................................................................... 10

3.8. OWL (Ontology Web Language) ........................................................................................... 12

3.9. Types of OWL ....................................................................................................................... 13

4. Security .......................................................................................................................................... 15

4.1. Web Threats ......................................................................................................................... 16

4.2. Existing Security Methods .................................................................................................... 17

4.3. Semantic web Security ......................................................................................................... 19

4.3.1. XML Security ........................................................................................................................ 20

4.3.2. RDF Security ......................................................................................................................... 21

4.4. Healthcare Information Security .......................................................................................... 22

4.5. Privacy and Security on Social media ................................................................................... 24

5. ACKTUS .......................................................................................................................................... 26

5.1. Purpose of ACKTUS .............................................................................................................. 26

5.2. The Technology of ACKTUS .................................................................................................. 27

5.3. ACKTUS Architecture ............................................................................................................ 27

6. Architecture Development ............................................................................................................ 29

6.1. UseCase of the System ......................................................................................................... 29

6.2. Functional Requirements ..................................................................................................... 32

6.3. Non-Functional Requirement .............................................................................................. 33

6.4. Architecture and technology ............................................................................................... 33

6.5. Ontology Development ........................................................................................................ 35

v

7. Designing Generic GUI ................................................................................................................... 41

7.1. Technology ........................................................................................................................... 41

7.2. Log in page ........................................................................................................................... 42

7.3. Administrator prototype ...................................................................................................... 43

7.4. Users .................................................................................................................................... 44

7.5. Security ................................................................................................................................ 47

7.5.1. Secure registration and Authentication .......................................................................... 47

7.5.2. Access control and data storage ...................................................................................... 48

7.6. Authentication service ......................................................................................................... 48

7.7. Mobile version of the web app ............................................................................................ 49

8. Discussion ...................................................................................................................................... 50

8.1. Technology ........................................................................................................................... 50

8.2. Authentication ..................................................................................................................... 50

8.3. Authentication Service ......................................................................................................... 51

8.4. Resources Security ............................................................................................................... 51

8.5. Graphical User Interface ...................................................................................................... 51

9. Conclusion ..................................................................................................................................... 53

10. Future Work ............................................................................................................................. 54

References ............................................................................................................................................. 55

Sample Prototype Snapshots ................................................................................................................ 61

vi

Table of Figures

Figure 1 RDF Triple Structure ___________________________________________________ 8

Figure 2 RDF Statement _______________________________________________________ 9

Figure 3 RDF Statement example ______________________________________________ 10

Figure 4 RDF example extension diagram _______________________________________ 10

Figure 5 RDFS Example ______________________________________________________ 11

Figure 6 OWL sublanguages __________________________________________________ 14

Figure 7 Web Security Threats ________________________________________________ 17

Figure 8 Semantic Web Layers ________________________________________________ 20

Figure 9 ACKTUS architecture[23] ______________________________________________ 28

Figure 10 Use Case for Older Adult _____________________________________________ 30

Figure 11 Use Case for New User ______________________________________________ 30

Figure 12 Use Case for Older Adult Expert and Miners/construction workers ___________ 31

Figure 13 Use Case for Miners/construction workers ______________________________ 31

Figure 14 Architecture of the web application ____________________________________ 34

Figure 15 Ontology Diagram for Older Adult people _______________________________ 36

Figure 16 Main Ontology Diagram for Older Adult _________________________________ 37

Figure 17 Ontology Diagram for older Adult Disease _______________________________ 38

Figure 18 Ontology Diagram for Miners/construction workers ______________________ 38

Figure 19 Main Ontology Diagram for Miners/construction workers __________________ 39

Figure 20 Ontology Diagram for Miners/construction workers Disease ________________ 40

Figure 21 Over View of the web application ______________________________________ 42

Figur 22 Login Page _________________________________________________________ 43

Figur 23 Administrator Page __________________________________________________ 43

Figur 24 Default page _______________________________________________________ 44

Figure 25 Older Adult Home page _____________________________________________ 45

Figure 26 Miners/construction workers Home page _______________________________ 46

Figure 27 Authentication service ______________________________________________ 48

Figure 28 GUI for Smart Phone ________________________________________________ 49

Figure 29 Home Page _______________________________________________________ 61

Figure 30 Older Adults Home Page _____________________________________________ 61

Figure 31 Older Adult Profile Page _____________________________________________ 62

Figure 32 Older Adult Personal Information Page _________________________________ 62

Figure 34 Password Changing Page ____________________________________________ 63

Figure 35 Registration Page __________________________________________________ 63

vii

Acronym

ACKTUS

Activity-Centered Modeling of knowledge and Interaction Tailored to

Users

AD Alzheimer Diseases

EKFV6 Efterfrågestyrd Kunskapsutveckling med Forskningsgrund Version 6

GUI Grapical User Interface

HTML HyperText Markup Language

HTTP Hypertext Transfer Protocol

IDE Integrated Development Environment

I-Node Information Node

IT Information Tecnology

JDBC Java-Based Data Access

JSF JavaServer Faces

JSP JavaServer Page

HSSEMW Health Support System for Elderly and Miners/construction workers

MD5 Message-Digest Algorithm

OWL Ontology Web Language

PC Personal Computer

PN Peripheral Neuropath

RDF Resource Description Framework

RDFS Resource Description Framework Schema

RDF M&S RDF Model and Syntax

SOAP Simple Object Access Protocol

SPARQL SPARQL Protocol and RDF Query Language

SQL Structured Query Language

URI Uniform Resource Identifier

W3C World Wide Web Consortium

WSMF Web Service Modeling Freamwork

XML Extensible Markup Language

Yitbarek & Zegeye 20april 2013

Health Support System for Elderly and Miners/Construction Workers (HSSEMW) Page 1

1. Introduction

Today User modeling and personalization have wide spread use in many applications

and systems [7]. The systems contain information about users to provide personalized

access. User modeling is an integral part of any personalized information retrieval

system. The user model should be adaptable in order to capture the change in

information needs of the users [36].

Personalization attempts to increase attention or motivation of the users, explicitly or

implicitly, that the communication is designed specifically for ‘you’ [43]. As the scale of

online content grows, the ability to tailor information to the tastes and preferences of

individual users is becoming critical for maintaining a positive user experience [29].

Providing a healthcare with personalized service has been a goal when developing IT

solutions. There are various IT services which are already available and can support e.g.,

elders. However, most of them are designed without considering the individual

preferences, needs and situations of care-receivers. Services designed for the ’general’

user may not be suitable for real users. This is particularly true for both elderly and

miners/construction workers, since they may be subjected to different body and mental

limitations with respect to using services. This calls for the provisioning of personalized

services, according to the individual needs of each user.

While this personalization technology is critical for helping the user to combat the

overload of information we come across with, in many cases, we may not even realize

that the system that we use in our daily life are being tailored to our personal tastes and

preferences because of the way of the outcome delivered system [29]. So in this work,

we seek to address these challenges by making personalization more transparent.

ACKTUS (Activity-Centered Modeling of knowledge and Interaction Tailored to Users) is

a prototype system that is designed for aiding the knowledge assessment of medical and

health related knowledge in the process of decision support system development. The

objective of ACKTUS is to support collaborative knowledge building and personalization

through the use of system, and to provide tailored support for reasoning and learning

through the use of end-user applications. ACKTUS is a research project directed by the

Department of Computing Science at Umeå University. Our system will be integrated

with ACKTUS and will communicate using web service technology [1].

This thesis is carried out as part of research project, ACKTUS. It investigates the ACKTUS

user and activity model to reuse and extend, to address the problem of privacy and

security implications of healthcare technologies provide to two communities of users

(older adults and miners/construction workers).



Failure to get access to accurate healthcare information system often causes these two

communities of users (older adults and miners/construction workers) to be

unnecessarily admitted to the hospital and create unnecessary psychological tension.

Alternative channels of communication could improve precaution measures need to be

addressed before or after any kind of medical situations.

In addition to the above problem, the need for privacy and security implications of

healthcare technologies provide to the two communities of users become necessary. So

we will work towards the aim of balancing privacy and security concerns to minimize

the danger of compromising the security and privacy of these users.

The primary goal of this master thesis project is to provide a tailored access to the

secure health related information primarily to the elderly and miners/construction

workers. The purpose is to improve the authentication functionality of ACKTUS

applications, addressing security and personalization issues. Another goal is to develop

a graphical user interface for “smart phone”, which mediates authentication

functionality and when authenticated, the ACKTUS application contents associated to

the particular user.

1.1. Thesis Outline

This thesis covers the work of Yibarek Rahel and Zegey Ementu during the fall/winter of

2012-2013.The thesis is divided into the following chapters. In Chapter 1 the overview

of the project with its goals and problem description, thesis outline and distribution of

work are included. In Chapter 2 the methodology carried out for this work is covered.

Chapter 3 describes the components and technologies of Semantic Web. In Chapter 4

Security of web application, semantic web, healthcare and social network are addressed.

Chapter 5 describes an analysis of ACKTUS. In Chapter 6 architecture development,

functional requirement and non functional requirement are addressed. Chapter 7

describes the implementation of prototype generated for the web application. Chapter

8, Chapter 9 and Chapter 10 covers discussions, conclusion and future work

respectively.

1.2. Distribution of work

To create a common point of view, we have outlined and worked on the background,

scope, problem description and methodology of the thesis together to evade any

possible confusion between us. When we began the analysis phases which are chapter 3

& 4, we planned to divide the upcoming work like semantic web and RDF from chapter 3

and health information security and social media security in chapter 4. The distribution



of tasks from chapter 3 were assigned in such a way that Emnetu took the

responsibility to work on section 3.1 to 3.4 and Rahel took section 3.5 to 3.7 where the

rest of the section; ontology web language(OWL) and types of OWL for this chapter was

done collaboratively.

In chapter 4 most of the section was carried out together. But section 4.4 health

information securities was written by Rahel and section 4.5 privacy and security in

social media was done by Emnetu. The rest of the chapters were carried out by both of

us in which issues concerning our target users (elderly and miners/construction

workers) was divided as miners/construction workers and elderly people. Emnetu

focused on things related to miners/construction workers and Rahel emphasized on

elderly people.

In order to avoid further technology compatibility problems we choose technologies for

the design and implementation of the application together and then we worked

individually in producing the sketch of the design for the web application. After

commenting in each of the proposed design, we made a design solution for the web

application collaboratively. At last we decided to implement separately each modules;

elderly people module and miners/construction worker module. So, based on the

discussion we had, Emnetu go through with the module of Miners/Construction worker

and Rahel has implemented the elderly people module.

Finally, the java project that was developed individually was then reevaluated by us and

we have integrated each module into one java project. The combined final java project is

at last deployed in the computer science department server (https://itchy.cs.umu.se).



2. Methodology

In this project work, a combination of methods has been used because of the nature of

our investigation requires multiple methods to get them answered. Combining methods

offers a great promise on flexibility of the research and draw strengths from multiple

methods [13].

The methodology behind deriving the final output architecture begins by outlining the

theory underlying the issues of personalization, user modeling and security provided to

older adult and miners/construction workers, review the backbone technology and

study of related existing architecture. The main intention is to know what kinds of

application are delivered to these two comminute of users and to identify technological

or application limitation so that we can develop architecture that resolve these issues.

In order to create bare for development, previous works related to personalization and

security issues was reviewed. Existing applications and comparison of improvements

on the existing applications and ACKTUS was done in order to propose suitable software

architecture. This was done by literature study of related work. In addition, we reuse

and extend ACKTUS activity models to include useful information for security purposes.



3. Semantic Web

As the tremendous growth of Internet, leading the web to be more essential than ever

with its new web applications and sites appearing with surprising reliability letting

humans directly cooperate and communicate with each other. The computer became

only a communication environment without “understanding” the knowledge people

shared about real life through web pages that could be easily accessed from anywhere.

The result was an amount of knowledge stored in a hectic and unstructured way [45].

The machines are “unschooled”; they don’t know what to do with all the data. So most of

the information’s remain unusable; they do not know how to distinguish an image from

a video file or to make connections between data. This is when the questions like, how

reality can be modeled from the perspective of computer and web expansion? And how

knowledge can be represented in way that computers can also “understand” it? came to

picture [45]. As result to these critical questions the concept of Semantic Web came to

existence. In which the idea was propagate by the World Wide Web Consortium (W3C),

an international standardization body for the Web.

The Semantic Web is” an extension of the current Web in which information is given well-

defined meaning, better enabling computers and people to work in cooperation[6, pp36]".

It is also highly intelligent and sophisticated web technology that needs less human

intervention to perform tasks such as scheduling appointment, coordinating activities,

searching for complex documents as well as integrating disparate databases and

information system. While going through these developments of semantic web, current

technologies such as ontology matching, intelligent agents and markup languages are

making contributions [33].

Semantic web has brought benefits to the current web technology by using machine

understandable language. “it is the idea of having data on the web defined and linked in a

way that it can be used for more effective discovery, automation , integration and reuse

across various applications …,data can be share and processed by automated tools as well

as by people ”[47, pp1][56].

3.1. Overview of the Semantic Web

The reason for the development of semantic web technology is to make the machines

achieve understanding the semantics of the information presented on the Web so that

the machines are able to “read” and “understand” the resources on the Web as a human

being does. The precise representation of the semantics underlying resources, programs

and all type of information related Web resources will enable a knowledge-based Web

that provides a qualitatively new intensity of service and a new technique of processing

resources. As a result, it will have greater impact for computing systems and



computerized services to improve in their ability and capability to assist humans in

achieving their goals by “Understanding” more of the information presented on the Web,

and thus providing more accurate filtering, categorizing, and searching of these

information sources available on the Web.

This development process will ultimately lead to an extremely knowledgeable system

that can be summarized as Lee stated; “The first step is putting data on the Web in a form

that machines can naturally understand, or converting it to that form. This creates what I

call a Semantic Web - a Web of data that can be processed directly or indirectly by

machines”[21,pp9].

To make sure that different mediator have a common understanding of resources on the

web, we need ontologies in which resources are described, and thus create a mutual

terminology between the mediators. Basically, Web ontology is a collection of definitions

of concepts and the shared understanding that all mediators interpret the concepts with

respect to the same ontology. The resources represented using onologies are not

interpreted for a specific system; however the representation relies on some shared

standards which make it possible to be recognized by different computer systems or

humans beings in the same way [21].

3.2. Information Retrieval with Semantic Web

Information Retrieval studies the problem of finding a set of documents that are

relevant for a specific information need of a user [53]. It has been central to the success

of the Web. Nowadays, there are different information retrieval technologies in the web.

For example Google and other companies’ web based indexing and search systems have

profoundly changed the way of retrieval of information from the web [51]. One of the

premises of the Semantic Web is that it provides the means to use metadata that help

determining which documents are relevant. In order to retrieve information for

semantic document or text documents that have semantic web annotations, the

semantic web technologies have to be compatible with web search engines and

information retrieval technology [53].

Semantic search has been one of the major foreseen benefits of the Semantic Web.

Various approaches to search associated with the area of Semantic Web exist. Diverse

techniques are employed addressing a variety of problems. However, the notion of

information retrieval in the context of Semantic Web seems to be rather diffuse [53].

One way to view a semantic search engine is as a tool that gets formal ontology-based

queries from a client, executes them against a knowledge base, and returns values that

satisfy the query [51].



The semantic web is much like the current web, but the documents in semantic web are

full of annotation which is in a machine understandable markup. These annotations will

provide metadata about the documents. The annotations also provide machine

interpretable statements which captures some of the document’s content [51].

3.3. Semantic web service

Web Services technologies are technologies working towards an environment where

organizations can make some other abilities accessible via the Internet. Semantic Web

Service is like a conventional web services which is used for machine-to-machine

interaction via the World Wide Web. Semantic services are one component of the

semantic web as they use markup which is suitable to be read by machine. Semantic

Web services merge Web services communication technology with the intelligent

processing of ontology-based metadata to attain highly integrated enterprise application

integration scenarios, for service look-up, schema matching, or protocol negotiation

[12]. When we compare with human-readable HTML, which is not understood by

computer program, this markup makes data-readable in a detailed and sophisticated

way.

One goal of Semantic Web Services is to bring about a computational machine readable

representation of the service, in terms of the value it provides. This is referred to as the

service description. Usually, a service description will describe an abstract service, in

which case it can be referred to as an abstract service description [12] .Semantic web

services are used for combining data and services from different sources without losing

their meaning.

3.4. Semantic Web Tools and Languages

Semantic Web languages such as extended markup language (XML), resources

description language (RDF), RDF schema (RDFS), ontology web language (OWL) [8] are

languages created by World Wide Web Consortium (W3C) which are used to organize,

integrate and navigate the Web and allow resources to be linked and grouped in a logical

and relevant manner. All of these languages are oriented to create Semantic Web. They

are also structured languages where with this feature they can carry on meaning as well

as providing structure to the documents. Even though they have different characteristics

compared to each other, the main aim behind them is to advance and sustain the

Semantic Web model.

Semantic web languages need to be convenient not only for human but also for the

machines. That is these kinds of languages must describe meaning in a machine readable

format. Therefore, the languages should include the ability to formally define the

vocabulary in addition to the ability to specify a vocabulary so that it can be used in



automated reasoning [28]. For this reason, Semantic web languages are highly

influenced by Artificial Intelligence which is knowledge representation. However, the

syntaxes of Semantic Web languages are based on the current standards such as HTML

or XML unlike the knowledge representation in order to meet the requirement of the

web. Thus the integration with other web technologies is possible [28]. The other main

difference from the knowledge representation is the semantic web language must allow

for the definition of various, and potentially conflicting vocabularies since the web is

widely decentralized.

3.5. RDF (Resource Description Framework)

RDF Is a framework for describing resources stored in various locations designed to be

read and understood by computers, not necessarily by people. It basically uses XML

syntax but has support to express semantics [8]. The intention of RDF is to give a

standard way of specifying data "about" something. It has a benefit of giving a structured

approach to design an XML documents, facilitate a quickly recognition of the flaw and

inconsistencies of non-RDF-compliant XML designs, enhanced understanding of our data

and placement of this data for the Semantic Web [20]. RDF has received widespread

acceptance as its documents are built using XML [8].

RDF is used as an essential data model with a basic building block of an object-attribute-

value triple, called a statement (Figure 1 RDF Triple Structure). Every RDF statement

(Figure 2 RDF Statement) is described in terms of these triples (subject, predicate, and

object). As most other resources on the Web, all components of a statement are uniquely

identified using a uniform resource identifier (URI).

Figure 1 RDF Triple Structure

Resources could be an HTML or XML documents that are accessible by an URI on the

web and can be described using RDF statements.

A property defines a relation between resource and an atomic value.

A value can be either a simple character or a resource.



In general RDF statement specifies a value for a property of a resource [29], [20].

Figure 2 RDF Statement

In addition, RDF also lets users express resources using their own vocabularies. It does

not make assumptions about any particular application domain, nor does it define the

semantics of any domain. Is it up to the user to do so in RDF Schema (RDFS).RDFS is an

extension of RDF that defines the vocabulary used in RDF data models. In RDFS we can

define the vocabulary, specify which properties apply to which kinds of objects and what

values they can take, and describe the relationships between objects [20].

The most commonly used query language for RDF is SPARQL. SPARQL is based on graph

pattern matching. A pattern basically is a graph template formulated by using variables

in subject, predicate or objects positions. The values obtained during graph pattern

matching can be used again to create valid RDF which may but needs not be different

from the input graph. Hence, SPARQL is a powerful mechanism for information

extraction and reuse [42].

3.6. RDF Statement

In order to represent metadata in XML, RDF provides a standard form called Statement

as it was described in the previous section. The RDF data model consists of three triple

object types; resources, properties and values. These three individual parts of a

statement are called the subject, the predicate, and the object of that statement

respectively [39]:

Resources: All things being described by RDF expressions are called resources.

A resource could be an entire web document, large collection of web

documents or a part of a Web page.

Properties: is a specific facet, characteristic, attribute, or relation used to

describe a resource. Each property has a specific meaning, defines its

permitted values, the types of resources it can describe, and its relationship

with other properties.



Values: is a specific resource jointly with a named property and the value of

that property for that resource is defined as an RDF value.

In RDF, resources are represented in URIs. The subject of RDF statements should be a

resource so that any statement written in English could be returned into an RDF. For

example if we have a statement “This article is authorized by Hailu”. This is called a

statement in RDF and has three parts: a subject (this article), and predicate (is

authorized by) and an object (Hailu).

Figure 3 RDF Statement example

Figure 3 RDF Statement shows the common graph representation of RDF statements,

introduced in the RDF Model and Syntax 1.0 Recommendation (RDF M&S). Note that the

object is a string: "Hailu. This is called a literal in RDF, but an object could also be a

resource [52]. Take a look at Figure 4 RDF example extension diagram:

Figure 4 RDF example extension diagram

Figure 4 RDF example extension diagram depicts several RDF statements combined into

a single diagram. RDF defines a directed graph of statements that describe Web-based

resources. As in the diagram the literal or Object (Hailu), in the original statement is

replaced with a URI representing this person, which in turn is the subject of several

more statements. Such a collection of RDF statements is called a model in RDF. The

ability of extension a graph makes RDF simple and powerful and the graph is effective in

representing information. RDF allows many basic statements to be integrated so that

machine agents can apply the well-tested graph traversal techniques to glean data. The

back ends of such triples have been shown to be scalable to several triples [52].

3.7. RDF Schema

RDF Schema is abbreviated as RDFS, RDF(S), RDF-S or RDF/S is a set of classes with

certain properties using the RDF extensible knowledge representation language and

provides basic elements for the description of ontologies. It also extends definitions for



some of the elements of RDF. Using the RDFs vocabulary we can set the domain and

range of properties and relates the RDF classes and properties into taxonomies [52]

[20].

RDFS is a language layered on top of the RDF language. This layered approach has been

described by the W3C organization and Tim Berners-Lee as the “Semantic Web Stack” of

layers of different languages or concepts all related to each other [52]. The base layer of

RDFS is the theory of URI and a universal character set (Unicode). On top of those

theories, the XML Syntax is covered and namespaces to evade vocabulary conflicts. The

layers above XML are the triple-based assertions of the RDF model and syntax discussed

in the previous section. If a triple statement is used to signify a resources, property, and

value, it will be promising to create resource hierarchies for the categorization and

explanation of different resources. Which explain the main aim of RDF Schema [20].

As we described above, RDF is a way of describing information on the web and RDFS

adds information in the form of classes and subclasses. It also shows the relationship

between the classes. Let us take an example of RDF and RDFS layers [14].

Statement: Adam stays in Umea.

The schema for this statement will contain the following classes and properties

Figure 5 RDFS Example

In the Figure 5 RDFS Exampleabove the statement is mapped to a schema which contains

different classes such as “Citizen” and “Country”. The classes have their own subclasses.

For example, “Voting citizen” and “non-voting citizen” are subclass of Citizen and the

class Country has subclasses “states” which in turn has subclass “City” and “Town”. The

rectangle in the diagram represents properties; ellipse in the RDFS layer and RDF layer

represents classes and instances respectively.



So from the above diagram, we can see that Adam is a type of voting citizen and Umea is

a type of a city. One can infer that relationship between the subject (Adam) and object

(Umea) is “resides in”. That is, Adam resides in Umea. Thus, RDFS expresses vocabulary

in the form of classes and properties.

3.8. OWL (Ontology Web Language)

OWL is standardize ontology language designed for distributing, broaden and sharing

ontologies through the Semantic Web and used to capture the knowledge in a machine

understandable way. It is developed as a vocabulary extension of the formerly

developed RDF [19] [29]. OWL makes an open world assumption [19], that is,

descriptions of resources are not bounded to a single file or scope. While a resource may

be defined initially in the ontology, it can also be extended in other ontologies. The

consequences of these additional schemes about this resource are not reversible.

OWL has a purpose of developing ontologies that are compatible with the World Wide

Web. OWL builds on RDF and RDF Schema, and uses RDF's XML syntax. It gathers

information into ontologies, from normally stored Web documents written in RDF/XML.

It supports expressive statements in a manner that allow scalability [19].

Since OWL is the latest Ontology language, it should be compatible with previous

features of ontology language. There was already several ontology languages designed

for use in the web by the time OWL appear. OWL has various desirable features while

still retaining sufficient compatibility with the existing ontology languages [29]. In

particular, OWL has a capability to unambiguously represent the exact semantics of

classes within some domain and the relationships between those classes and/or

instances. Because OWL expected to provide structured vocabularies that clarify the

relationship among different objects or individuals, allowing machine and humans to

interpret their meaning without unambiguity [29].

Ontology and ontology- based mark-up language could be used in e-commerce where

they can facilitate communication by providing common vocabularies, web and grid

service. They can also help to get rich service description in order to locate suitable

services and search engine where they can help to obtain semantically the same page

even though they are different syntactically. To be able to have these features, OWL

needs to use and extend RDF and others previous technologies in an important ways

[29]. OWL has more services for expressing meaning and semantics than XML, RDF, and

RDF-S, and thus OWL goes beyond these languages in its capability to represent machine

interpretable content on the Web [19].

http://www.webopedia.com/TERM/S/semantics.html

http://www.webopedia.com/TERM/X/XML.html

http://www.webopedia.com/TERM/R/RDF.html

http://www.webopedia.com/TERM/W/Web.html



3.9. Types of OWL

OWL has three different sublanguages; OWL Lite, OWL DL and OWL Full, each move

toward fulfilling different aspects of requirements (Figure 3).These three sublanguages

are described based on their ability of expressiveness increasingly designed for different

users in specific communities [19]:

OWL Lite: is a sublanguage which is both easier to grasp and implement with

more restricted expressivity limits than OWL DL. OWL Lite is targeted for users

only those who need simple constraint features and classification hierarchies. For

example, even though OWL Lite supports cardinality constraints the cardinality

values are restricted. For such constraints only the values 0 and 1 is allowed. It is

much simpler to provide tool support for OWL Lite than it is for its more

expressive relatives. This will allow easy migration to OWL Lite from different

ontology languages.

OWL DL: is a sublanguage of OWL Full which limits the way in which the

constructors from OWL and RDF can be used. It has a benefit of allowing efficient

reasoning support even if it loses full compatibility with RDF. OWL DL supports

users who want a maximum expressiveness without the lack of computational

completeness and decidability of reasoning systems. OWL DL includes all OWL

language constructs with restrictions such as type separation enabling to create

distinct definitions. It is named as OWL DL because of its correspondence to

Description Logic, a field of research that has studied a decidable fragment of first

order logic. OWL DL was designed so that it has desirable computational

properties for reasoning systems.

OWL FULL: is the entire language with an advantage of fully upward compatible

with RDF, both syntactically and semantically. Any legal RDF document is also a

legal OWL Full document, and any valid RDF/RDF Schema conclusion is also a

valid OWL Full conclusion. OWL Full is targeted for users who want maximum

expressiveness and the syntactic freedom of RDF with no computational

guarantees. Decidability and completeness properties have not been restricted as

it is in OWL DL. Type separation is not as strict as it is in OWL DL.OWL Full allows

an ontology to incorporate the meaning of a pre-defined (RDF or OWL)

vocabulary. It is unlikely that any reasoning software will be able to support

every feature supported by OWL Full.



Figure 6 OWL sublanguages



4. Security

Nowadays the development of information system technologies has resulted in

automating several applications in various health areas. The surface of health care is

changing as many technologies are currently being adopted and being incorporated into

the existing infrastructure. The combination of these technologies will improve the

quality of health care by making it more personalized and reduces medical errors.

While there are benefits to technologies, related privacy and security issues need to be

analyzed in order to endorse and maintain fundamental medical ethical principles and

social expectations [34]. Information has become an essential resource in many

organization especially data in health areas are very sensitive. Therefore, it is very

important to efficiently access, share the data and extract information from the data [8].

These issues include access rights to data, how and when data is stored, security of data

transfer, data analysis rights, and the governing policies. While there are current

regulations for medical data, these must be reevaluated as an adoption of new

technology changes how health care delivery is done.

As described above, even if making use of information has become very significant,

extracting secured information in the form of pattern and trends has also become

important. Security and privacy are more than just user privileges and password

enforcement. It is a multidimensional business authoritative; especially for platforms

that are responsible for user’s data [44].

One of our main focuses on this paper is security, concerning the semantic web. While

the current ACKTUS system facilitates the integration of information from the syntactic

point of view using the current web technologies, there is still a lot to be done to

integrate various issues and security. That is, the current ACKTUS system is accessible

through the web where players in different domain contribute with their experience,

knowledge and skill [1]. In the meantime the system architecture that we are going to

develop will have a communication with ACKTUS data source, sesame repository.

However, it is also very important that ACKTUS is secure. Since our main technology will

be the semantic web, we are going to investigate and research on the components that

constitute the semantic web. The components include, XML, RDF and Ontologies. The

components have to be integrated securely. To do all this, we critically need standards

for securing the semantic web such as specification for secure XML, secure RDF and

secure interoperability [8].



4.1. Web Threats

Over the last few years, the web has transformed from being a compilation of pages

containing static information to a dynamic and fully interactive platform. A Web

application is an application that is defined theoretically as a series of dynamic web

documents in a standard format which is accessed over the internet communication

protocol and built using web technologies. The web application environment has been

very successful in providing prosperous interfaces and performance. However the

Internet and Web Browsers have faced tremendous web threats.

Information security while communicating in the intranet is crucial because of several

factors, including the massive interconnection of heterogeneous system, the availability

of various sensitive information while communicating across different enterprises and

easy distribution of automated malicious software. It is easy to commit crime from any

geographic boundaries on the web and the lack of forensic evidence in computer crime

makes the detection of the criminals extremely difficult [26].

Phishing: One of the web threats is phishing, which attempts to acquire information

such as user name, password and credit card information by hiding trustworthy entity

while performing communication in the web. This threat is usually sent infected email

link with malware [18]. The term refers to attacks where the victim is led to believe that

he/she is on a legitimate website. The attack relies on the fact that anyone can create a

website and anyone can provide a copy of the real one. This type of threats has been

attacking different company’s information system like in banks transactions. Phishing is

also known in targeting to attack companies email websites (Webmail), public email

website like Yahoo and popular website provider like eBay, amazon and Tradera [18].

Phishing is typically attacks while we are communicating through instant message or

email spoofing. So there are various ways of prevention methods to this attack. Users

can identify phishing website by looking at the URL and never follow links by email but

type them in or use bookmark. These methods make it harder for the attacker even if it

is not a complete solution [18].

Web browser exploits: Web browsers are the mediator applications between a user

and the World Wide Web (www) that are used to deliver information to the

users. With their wide usage and growing recognition of web browsers, it has become

one of the major targets for exploitation for the unauthorized users. Understanding of

browser vulnerability requires the knowledge of architectural design of browsers. Web

browser exploits lets cybercriminals to set up websites that exploit security holes in the

web browser. This threats permits cybercriminals to gain access without the casualty

acquaintance and also allow individuals to remotely compromise that user account,

access to private emails, sensitive documents and anything else that the user operating



the web browser has access to. Bandwidth monitoring is used as basic methods used to

detect Web browser exploits and unwanted web traffics [18].

There are also multiple threats related with a web like Downloads, Third party add-ons

and Hybrid attack web threats. Third party add-ons are web threat that attacks users

while they are using web browser. The majority of websites requires Adobe Flash player

and Acrobat Reader from a third party add-ons. These products are widely used by users

at the same time they become a favorite target of cybercriminals. Many people forget to

update third party add-ons like the Flash player. As a result of this a number of malware

exploit the PDF file format, Adobe Acrobat, Flash and the users are pushed to other

website that have been compromised. Hybrid attack is a threat occurs while using the

net. This type of web threats are a combinations of multiply threats and the risk that the

user becomes a willing prey is very high. In addition to this some attackers still rely on

end users while downloading executable files. The attackers used a variety of techniques

to exploit user’s tendency to trust content based on reputation and the user convince to

visit wrong sits, search results and download executable files[18].

Figure 7 Web Security Threats

4.2. Existing Security Methods

As described in the previous section the growths of the web raise tremendous threats

with the aspect of security. Thus, web applications face a variety of new and unique

threats and become more exposed to un-trusted user. One method for preventing these

types of attacks is web application security methods. There are several techniques for

solving security challenges and vulnerabilities exist within each component of web

based architecture. These techniques attempts to implement web application security

methods, both implicitly and explicitly where these methods specify the behavior or

structure of the web application. Some of the existing techniques such as public-key

infrastructure (PKIs) provide encryption mechanism for ensuring information

Web Security Threats

Phishing

Web browser exploits

Third party add-ons,

Downloads, Hybrid attack



confidentiality, digital signature techniques for authentication and data integrity [14]

[26] and Message-Digest Algorithm (MD5). MD5 is a cryptographic function technology

that is used to encrypt some sensitive profile information of the user in the Postgre SQL

database [46].In this section we describe digital signature and MD5 security method

impact on the web further.

Digital signature is collection of sequences of zeroes and ones in which the signature

must be a bit pattern that depends on the message being signed. The signature uses

some information that is unique to the sender to prevent unauthorized accesses to the

information [14]. To verify that the received document is certainly from the valid

sender and that the contents have not been misused, several procedures, called

authentication techniques, have been developed. However, message authentication

techniques cannot be directly used as digital signatures due to inadequacies of

authentication techniques. Digital signatures are performed based on the documents

that need to be signed and on some private information held only by the sender. The

main purpose of using digital signature is to provide authenticity that is the signee is the

genuine creator of the document, integrity and non-repudiation (the person who signed

will not claim). Thus digital signature guarantees content of a message will not be

altered during the process [14].

MD5 is cryptographic hash function that takes a message of arbitrary length as input

and produces as output a 128 bit fingerprint or message digest of the input message. it

is mostly used in a variety of security applications and commonly used to check data

integrity and message digest in digital signature scheme [40].It is proposed where a

large file must be compresses in a secure manner before being encrypted with a private

key under a public-key cryptosystem and for verification that data have not been altered

since the signature was published. In MD5 it is computationally infeasible to produces

two messages having the same message digest. The MD5 algorithm is designed to be

quite fast on 32-bit machines [46] [40].

MD5 algorithm can be used as a one-way encryption which has a greater advantage for

securing databases. The most important properties of the MD5 algorithm for database

is that it is difficult to revert back an encrypted data to the initial, plain-text input which

are stored in the database and any given input always maps to the same encrypted

value. This ensures that the data stored on the database cannot be interpreted by

anyone. This way, even if an attacker gains reading permission to the database, since the

data on the database are encrypted it will not be useful for the attacker. The furthermost

benefit of MD5 is its speed and ease of use. But still MD5 does have some flaws in a way

that when it is used as security method for protecting password, the password have to

be strong, if not a brute force attack can still reveal the password even if it is encrypted

using MD5 [46].



4.3. Semantic web Security

In this section we first explain an overview of security for the semantic web, show the architecture of semantic web layers diagram as it was specified by Tim Berners Lee and then discuss security issues on the components of the secured semantic web. For the semantic web to be secure we need to ensure that all layers of the semantic web are also secure. We have chosen to describe here some of the layers from the architecture like XML/XML schema and RDF/RDF schema.

Resources and services on the web need to be secured from unauthorized access and

software agents accessing online resources in place of a user. So a wide range of security

related issues, such as authentication, access control, confidentiality, data integrity and

privacy are important for secured web resource access. Currently, low level security,

digital signature mechanism and others provide security infrastructure for web-based

interactions [29]. However, there is still a big security hole on securing the semantic web

using these mechanisms. We need to do more other than these security methods so that

the information on the web can be managed, integrated and exchanged securely.

Security for the semantic web is securing RDF and OWL which are components of the

semantic web. RDF is the foundation of semantic web [8] and with it we need to ensure

that security is preserved at the semantic level. We know that XML is the best in

exchanging information through the web but it only provides a limited interoperability.

Information is everywhere on the web and are essentially data that makes sense.

Ontologies are playing a major role in information integration on the web. OWL is

suitable for semantic web because it describes ontologies and provides interoperability

across applications [30]. That is, ontologies may have security levels attached to them as

certain parts of the ontologies could be secret while the other parts may be unclassified

or not. Ontologies include not just a fixed property, role but any properties and

constraints expressed in semantic language [8].



Figure 8 Semantic Web Layers

4.3.1. XML Security

Tim Berners Lee has specified different layers for the semantic web. One of the layers is

XML. XML is a language used for representing data in a structural way in which it

describes what is in the document, not what the documents looks like, while XML

Schema provides syntax for legal XML documents and essentially describe the structure

of the XML documents which have graph structures [8]. XML is a markup language that

pursues certain rules and if all documents are marked-up using XML then there is

uniform illustration and appearance of documents. Without some form of common

representation of documents, it is unfeasible to have any type of meaningful

communication on the web. Both XML and XML schemas are the invention of Tim

Berners Lee and the W3C [8].

As we describe in the above paragraph, for the semantic web to be secure we need to

secure all the layers including the XML layer. Mainly the security standards presented

for XML data security utilize the syntax and structure of the XML data to provide diverse

security services, such as access control, encryption and define security policies. Access

control security standard in XML document specify that the author of a document can

specify which user is authorized to perform what action on what resource.

it also specify conditions and obligations that have to be followed for accessing that

resources[30] There have been also some efforts in adapting data exchange formats and

protocols related to security in semantic web like XML digital signatures. These are used

for authentication of users while they are trying to access for a specific resources.

Even if XML is the best exchange format on the web, it only provides limited

interoperability and scalability when we compare with the other semantic web language

such as RDF, RDF-S and OWL. These semantic languages have better interoperability



across web applications. XML focuses only on documents which have different

interpretation at different sites and this is a major issue for integrating information on

the web. To overcome this W3c provide other language like RDF which will be discussed

on next section [8].

4.3.2. RDF Security

The semantic layer next to XML and XML schema is the RDF and RDF schema layer. As

we described in chapter 3, RDF is a method for representing, exchanging and reusing of

resources [20]. RDF uses URIs to identify web resources and uses a graph model to

describe the relationship between resources. RDF Schema is a simple mock-up language

that pioneer classes of resources, properties and relations among them [20].RDF is the

foundations of the semantics, while XML is limited in providing machine understandable

documents. RDF has a support to express semantic than XML by providing semantic

information in a standard way on notations and syntax of XML. Thus, RDF handles the

XML limitation by providing better interoperability as well as searching and cataloging

[20] [9].

In order to make the semantic web secure, we need to ensure that the RDF documents

are secured. This could include securing XML from a syntactic point of view since RDF

uses XML syntax. However with RDF we also need to confirm that the security is

preserved at the semantic level. This issue includes the security implication of RDF

statement (resource, properties and value or object). That is, how an access control is

ensured and protects the RDF statement. We need to see that how one can provide

access control at finer grain of granularity [9].

Security policies in RDF are articulated in the form of RDF policy patterns which plot to

groups of RDF data. Security labels are generated for mapped RDF triples from the

patterns to generate a secure materialized view of RDF data. The labels are also

consistent and complete such that each RDF data item is assigned one and only one

security label. Utilizing these mappings, the RDF authorizations then can be used to

generate access control permissions for the mapped XML resources [4].

Policy based access control model is also one of the security method for RDF. The

method provides control over the different action modes possible on the RDF like

inserting a set of triples, deleting a triple, and querying. Even though this security

method is useful it also have drawbacks like, the security policy consists of RDF patterns

defining the RDF triples which can be accessed and also it does not scale to large RDF

datasets since the number of security rules becomes quickly unnecessary and this

method also don’t include an administration mode specifying how the security policy

can be updated [4].



After securing XML and RDF, next thing is to examine security for ontology and

interoperation. That implies, security levels may have been attached to the web ontology

language. According to the W3C, OWL is a language for defining structured Web-based

ontologies that enable richer integration and interoperability of data across application

boundaries [19].

4.4. Healthcare Information Security

The emergence of internet technologies has transformed the health care sectors to

experience an architectural shift in the enablement of healthcare services through

internet and mobile technologies. For example, remote health monitoring, online

consultation, e-prescription, e-clinical trials, patient information access and asset

tracking among others. In the healthcare sector, it is often necessary to share data across

organizational boundaries to support the larger interests of multiple stakeholders as

well as agencies involved with public health. However, such web-enabled and mobile-

based services open an intact scale of security risks and complex privacy problem.

Privacy is viewed as a key leading principle of the patient–physician relationship.

Patients are required to share information with their physicians to facilitate correct

diagnosis and treatment, and to avoid undesirable drug prescription. Over time, a

patient’s medical records build up significant personal information including

identification, history of medical diagnosis, medical images, treatments, medication

history, nutritional habits, genetic information, psychological profiles, employment

history, income and physicians’ subjective assessments of personality and mental state.

As personal health information is digitized, transmitted and quarried for effective care

stipulation, new threats to patients’ privacy are becoming obvious [35].

Current healthcare systems are enormous networked systems managing patient data

with a massive amount of users accessing health data for various contextual purposes

within and across organizational boundaries. Managing information security risks for

this complex healthcare system process will require investments in organizational

resources and multipronged approaches. Recent policy-based studies generally classify

privacy threats, or source of information security, into two areas [2]:

Organizational Threats are threats arise from either from an unauthorized

accesses of data by employee or an outside attacker (hacker) that break into an

organization’s information infrastructure to steal data or take advantage of a

vulnerability of the information systems.

Systemic threats are threats arise from people who are in the information flow

chain and are authorized to access patient information. These threats occur

while patient private information been used beyond its intended use.



According to these recent policy based studies organizational threats has been again

broadly categorized into five levels, listed in increasing order of sophistication [2]

Accidental disclosure: accidental reveal of patient’s information by healthcare

personnel to others (“e.g., e-mail message sent to wrong address or inadvertent

web-posting of sensitive data”).

Insider curiosity: reveling of patient’s private information by authorized

personnel out of inquisitiveness or personal purpose (“e.g., nurse accessing

information about a fellow employee to determine possibility of a sexually

transmitted disease or medical personnel accessing potentially embarrassing

health information about a celebrity and transmitting it to the media”).

Data breach by insider: access of patient information by personnel with the

aim of passing on the information to outsider for financial purpose or

vengeance.

Data breach by outsider with physical intrusion: receiving of private patient

information by outsider going to the facility and forcing to gain access to the

system.

Unauthorized intrusion of network system: Intruding of organization’s

network either by the outsider or previous employees, patients, or hackers to

achieve access to patient information.

Access to medical data is vital to many stakeholders within the healthcare domain to

perform their employment in everyday circumstances, but heavily raises the potential of

having privacy and security at risk. For that reason different security measures to secure

both organizational threats and systematic security threats have been suggested and

exercised in different organization currently. Regarding of controlling the access to

private patients healthcare information, security solution like RSA security, hierarchical

roles, individuals delegation of permission and resources [50] are being used.

RSA security “is a security solution that helps organizations detect and investigate threats

that are often missed by other security tools. By combining, big data security collection,

management, and analytics capabilities with full network, log-based visibility and

automated threat [50]” this type of security solution is used to provide organizations

with the situational knowledge required to deal with their most critical security issues.

This security solution support to avoid organizational threats by making a contribution

on showing enterprise-wide visibility into network traffic and log event data, which lead

the organization to have an inclusive view of their IT environment, enabling to

prioritize threats quickly, investigate them, make quick decisions to pass security



protection action[11]. On the other hand hierarchical role security solution is used to

address the delegation of role base security right or denial by grouping the users [2].

4.5. Privacy and Security on Social media

Social networking sites on the web introduce mediated-communications into

relationships development process among people [48]. It is a set of relationship that

organizes social websites to exchange interpersonal information and connect individual

together over the web. Today we have different controlling mechanisms for the

exchange of interpersonal information on the social networking sites such as text

messaging, instant message programs, online role playing -game, computer-supported

collaborative work and online education.

These applications enable individuals to communicate with one another but current

known social networks limits themselves only to relationships with account on a single

site. This shows us the current social web needs to extend across the entire web. Just as

people can call without boundaries irrespective of which telephone provider belong to,

one can send email irrespective of his/her email provider. So people should create

networks of relationship using social web while preserving their privacy and data [55].

The question here is how these security issues will be handled in the social media.

One of the major problems in social media experience by end user is lack of privacy.

There is no full right for individuals to control what information stay inside privately

and what leaks to the outside [48]. A user cannot manage how their information is

viewed by others in different context on various social applications or even on the same

social networking sites [55].This raises privacy issues. People want to have a means of

controlling over their data and to communicate in a way they want.

Privacy can be viewed from different perspectives and it is a complex topic. We can

consider privacy as control over accessibility of social information in general.

Individuals sharing information and fraternity pledging photo with their friends on

social network sites probably do not expect these posted information are used as

evidence to reprimand to the individual behavior [48]. Most users are not aware of their

privacy in social network sites, they do not stop data leaking which may give users data

to other companies or even for governments without permission of the user. Public key

encryption could be one solution to keep data private [55].

There are also challenges in the health care setting while using social networking sites

like FaceBook and Twitter. Health care organization requires to specify what types of

personal information must be kept private. Today more employees are using social

network sites, at the same time the danger of confidential information becoming public

increases. For example, if an employee posts some patient record in social network sites,



it will lead to the violation of Health care privacy of data rules. Employees using social

networking sites are vulnerable to identity theft as well as to possibility of security

violation via inference to the patient private records.

Attributes of personal information such as a person’s social security number, street

address, phone number, financial information or confidential information is not

recommended to be published online for security purpose. Posting sensitive data in the

social network could lead to an organization’s breach of confidentiality or an individual’s

breach of privacy. Any social network user should not share confidential information.

He/she should only post information that he/she is comfortable with [48].

In addition, HTTPS Encryption is used as a mechanism of protecting private information

in the social media. It is stated to be one of the social security solutions which are used

by many social networking sites such as Google+ and Twitter. This method is used to

guarantee that communications between individuals or entities remain secure and

invisible to unwanted third parties [49].



5. ACKTUS

Web-based applications have users with different education level, learning styles,

interests, surroundings and preferences regarding information presentation over the

Internet [27]. This has been the reason to research on interfaces that can be designed to

recognize the motives and uniqueness of the user and adapt accordingly. In order to

achieve adaptability of personalized information, it is important to observe the user’s

behavior, and make predictions based on those observations. The information

pertaining to individual user obtained from such observations is known as a user model

[27]. Application for healthcare domain service with customized environment according

to the user’s preference is fundamental.

In this paper we will utilize and extend the ACKTUS user and activity model for tailoring

and develop an architecture to provide personalized infromation for two communities

of users (older adults and miners/construction workers) stored as RDF- database

(Sesame repository) which is part of ACKTUS[1].

The common user model is implemented as an RDF/OWL ontology functioning as part of

ACKTUS, a knowledge and interaction modeling prototype application for the health

domain. The knowledge and interaction is primarily modeled by domain experts.

Consequently, focus has been on their explicitly defined user scenarios where they adapt

the knowledge to different characteristics by using simple rules. However, there is a

need to extend the tailored support by supplementing the adaptability of ACKTUS

applications with adaptive functionality [27].

5.1. Purpose of ACKTUS

ACKTUS is a collaborative knowledge modeling environment that designed to allow

domain experts who are unfamiliar with knowledge engineering to create, maintain and

model the knowledge content, and design knowledge-based applications interaction. Its

main provision is to provide tailored support for reasoning and learning through the use

of end-user application for medical and health related areas in decision support system

[23]. The system is used for developing knowledge based support system:

Provide personalized knowledge systems in the domains of dementia,

rehabilitation of older adults and occupational health [1].

Provide adaptive communication interface between user and computer,

with a low-tech profile, while encouraging its use by providing a simple

and friendly interface,



Develop interactive medium that allows people with the same incapacity

or experience, common interest, and concerns to share information,

experiences and advice.

Help users such as elderly and miners/construction workers to monitor

and take precaution measures in their health.

5.2. The Technology of ACKTUS

ACKTUS is a growing semantic web application which is built on the activity-theory

based ACTclin framework. ACKTUS consists of a service-oriented architecture, which

includes RDF/OWL ontology, Sesame repositories and dedicated user interfaces [23].

The original version of RDF/OWL ontology produced for ACKTUS was build using

Protégé1 which is based on structured language like XML or RDF for initiating the

distribution and reusing of knowledge. In ACKTUS, each domain repository have

individual Case repository for storing information, reasoning and increasing querying

capability.

ACKTUS has a web interface application for the user to interact with it which is built on

java. This knowledge provided to the users are structured in a Scalable vector graphics

(SVG) that uses Graphviz2 package technology which is embedded in XHTML.

5.3. ACKTUS Architecture

Ontology is used to manage knowledge about some specific domain in a structured

system of concept, properties and their relationship. ACKTUS consists of a devoted core

ontology which provides a semantic model for data structure, reasoning and interaction

design. Each domain within ACKTUS uses this core ontology with some specific

extension for each of them.

The knowledge building in ACKTUS is performed in a collaborative way such that an

expert in a specific domain can add knowledge in the system which is also can be viewed

and altered by other expert users of the system.

The schematic architecture of ACKTUS structure is shown in Figure 9 ACKTUS architecture.

The figure focuses on the general structure of ACKTUS, its services, core ontologies and

RDF repository. ACKTUS architecture allows expert users with a specified

1 Protégé is a free, open source ontology editor and knowledge-base framework.

2 Graphviz is open source graph visualization software.

http://protege.stanford.edu/download/download.html

http://www.mozilla.org/MPL/MPL-1.1.html



authentication to write application that can access and manipulate the information using

readily available internet technologies like HTTP. The data on the semantic web or from

the browser is modeled and represented in RDF. The server used in the ACKTUS system

performs mapping of the data to the database content, and allows RDF to be browsed

and searched after requests have been made from the web/browser.

The ACKTUS architecture allows navigating through the sesame repository content and

gives the end users RDF data in human readable format. The repository is used to store

and retrieve information as well as provides querying capabilities to a user. Since

ACKTUS is increasingly used and distributed over an increasing number of user

categories, a scalable solution is needed for handling security and authentication. This is

the main motivation of this project.

Figure 9 ACKTUS architecture[23]



6. Architecture Development

This section describes the architecture of health support system for elderly and

miners/construction workers (HSSEMW) web application. It begins with identification

of the system users (older adult, miners/construction workers) and move to the

modeling of usecases for these users. Then we have listed both functional and non-

functional requirements to provide more detailed functionalities that are used for

designing the web application. The final section shows the architecture that is designed

which illustrates the usage of the architecture and its components from a more practical

perspective.

The server-side architecture showed in this section is implementation-independent, in

other word, it makes no assumptions or requisites on what technologies are used to

implement the system. In our design, we have also considered the service oriented

architecture design. Service Oriented Architecture is “a set of principles and

methodologies for designing and developing software in the form of interoperable service

[25, pp4]” and this time it attracts several organizations and companies by providing

flexible services and cost effective to re-use functionalities captured in loosely coupled

services. Semantic web service researchers are recognizing the potential of combining

SOA and semantic web. The combination of OWL-S and web service modeling

framework (WSMF) are aimed to provide an extensive ontology- based description

framework [33].

In our work we analyzed the combination of ontology’s and SOA so that we incorporate

the concept of service oriented in the development of the architecture. The system will

be built up on a semantic data model and will be implemented using RDF/OWL

ontologies. These technologies enable to share knowledge and reuse information. The

architecture allows older adult, miners workers and domain specific experts to access

and manipulate information in the form of http.

6.1. UseCase of the System

The overall structure of the main actors of the system is presented in the form of use

cases in the below figures.

UseCase for Older adults: (Figure 10 Use Case for Older Adult) in this UseCase

the actor (older adult) interact with the functionalities mentioned in the

diagram. The main functions are, Authentication, view information from the

data resources and search for health information.



Figure 10 Use Case for Older Adult

UseCase for a new user: (Figure 11 Use Case for New User) a new user to the

application must first have a valid user name and password to log in to the

system. So in order to have this access, he/she must apply and get register to

be a user of the application

Figure 11 Use Case for New User



UseCase for an expert of both older adult and miners/construction workers:

(Figure 12 Use Case for Older Adult Expert and ) an expert interacts with

system to model knowledge resources and manage health related contents

which are displayed in the user interfaces.

Figure 12 Use Case for Older Adult Expert and Miners/construction workers

UseCase for miners/construction workers: (Figure 13 Use Case for ) represent

those users who have access to view work related health information after

he/she successfully logged in to the system.

Figure 13 Use Case for miners/construction workers



6.2. Functional Requirements

In this section we describe the requirements needed for the development of our system.

For each requirement a brief description is given.

Personalizing content and layout own preference

The system allows the registered users to display personalized content

displacement. That is a user can choose the way they want to view the

retrieved content from the repository in different format like text or

vocal. The users of the system can define and save a personalized

composition of content, including only the content they would like to access.

For example, a user may prefer having access to only the news about

dementia.

Login Functionality

The system shall require users to login to access all the functions. The user

information is stored in the system and based on the stored information; a

user can get access, retrieve and view information.

a) Existing users have to login to the system in order to get access from

the system.

b) To be able to login the users need to provide their username (email),

password and domain. There are three type of domain; admin, user

and guest.

c) The system will verify the given username, password and domain.

d) If the user provides wrong username, password and/or domain, the

system will prompt out an error message telling the user to re-enter

their authentication information again.

Assure users privacy protection: The system will avoid identity disclosure,

unauthorized user information usage and unauthorized user access control.

Authentication content restriction from the system: The system will allow the

users to read and search health related information depending on the access

right they have on the system.

Reasoning service: The system will allow the user to do assessment related to

health, which are analyzed by the system and used as base for providing the



user tailored advices, prepositions, conclusions or new assessment to be

done.

Collected Data: The system will let the user save and view the test result they

took during their browsing time on the system.

6.3. Non-Functional Requirement

The system must also conform to the following non-functional requirements.

Ease of Use: This requirement is particularly relevant to users who are

seniors or have limited knowledge of computer technology.

Backend Customization: Administrators of a system can customize the source

of services provided by the system using a content management system, and

such modification should be transparent to the users.

Web services: The system must able to seamlessly integrate heterogeneous

medical services implemented on different platforms and with different

technologies. Such implementation details should be transparent to users of

the system.

6.4. Architecture and technology

As the diagram in Figure 14 Architecture of the web application indicates, the web application

architecture has several subcomponents. The main components of this architecture are

Postgre SQL database which is used for authentication part of the system, sesame

repository for storing the knowledge resource and mapping of data in RDF format,

security manager and the interface. Even though it is scalable, the Sesame contains three

separate repositories, one for older adult, the other one for miners/construction

workers and care repository which is used by all users.



Figure 14 Architecture of the web application



The detailed descriptions of the main users of the system are listed below.

Older adult: Older adults interact with the web application built on top of

Java. The web interface provided for the older adult is used as a component

which provides the communication between them and the developed web

application. The web application built on the web interface will enable the

older adult to access the data on the repositories in the form of RDF and

display health related data to the users.

Miners/construction workers: Is also end user of the system who interacts

with the user interface to retrieve health related information from their

respective repositories. The information accessed by this type of user is

specific to the work related information. In this case, the working

environments are construction and mining industries. So, the interface will

display information based on the input gathered from the user in the form of

quiz which will be finally used to provide additional information to the user

as an advice or recommendation.

Domain expert: Tailoring activities can be defined in different ways; they

include customization, end-user modification, extension, personalization. For

maintaining and making sure that the system being developed

provides tailored activity, we included the presence of Domain experts. The

domain expert will be able to add or modify, maintain, upgrade and

personalize knowledge to the users.

6.5. Ontology Development

We have used Ontology diagram to model and show the relationship of our conceptual

classes. We chose ontologies because it provides the critical semantic foundation and are

focused on web-based knowledge representation. At the same time the repositories we

are accessing are built on Sesame RDF technology which is suitable for semantic web.

The design schema of the database of the repository is based on ontologies. This is more

declarative and beyond the human-to-human communication model.

Class is one of the most fundamental concepts of Ontology. Each class is characterized by

a name, a list of its attributes, a list of relationships linking this class with other classes.

If a class has no superclass, it is considered subclass of the superclass object. There is a

built-in class named ‘Thing’ that is considered as superclass object which is the class of

all individuals and is a superclass of all OWL classes [56] .Property must be able to

represent relationships between Resources (Classes, Datatypes, etc), which a Class alone

is not able to do. If we look at the definition of a Property it accomplishes representation



of relations through its range and domain. Ontology defines two types of Property;

ObjectProperty and Datatype Property. Object properties connect pairs of class’s

instances. Datatype properties are entities that refer to sets of data values. Thus, the

object property differs from the Data type property, in the sense that the latter have data

typed RDF literal values, as opposed to full objects. Datatypes proprieties are a kind of

data range, which allows them to be used in restrictions [31]. In the entire ontology

diagram below, classes are represented by the ellipses and the arrows indicate the

relationship between them.

An ontology diagram for older adult is shown Figure 15 Ontology Diagram for Older Adult

people. It illustrates that one of the actor of the system is a person and he/she has role

which could be user, older adult or health domain expert. In addition the older adult has

a property to access disease information.

Figure 15 Ontology Diagram for Older Adult people



Figure 16 Main Ontology Diagram for Older Adult is the extension of Figure 15 Ontology Diagram for Older Adult people. It also shows the

example users instance Tom and John for the class older adult and health domain expert respectively. Tom and John have properties

such as full name, user name, password and etc. The other section of this diagram shows the communication of this application with

ACKTUS and Social Network. This application consumes some services from external application. For examples it consumes

reasoning services from ACKTUS as well as store resources in the case repository.

Figure 16 Main Ontology Diagram for Older Adult



Ontology diagram for older adult disease: (Figure 17 Ontology Diagram for older Adult Disease)

it shows the mapping of resource in the triple format for reasoning service. For example,

it shows how one class of resource (Dementia) is linked to others class of resources

(mental disease, Alzheimer) for conforming of a conclusion or premises of having that

disease or not.

Figure 17 Ontology Diagram for older Adult Disease

Ontology design of miners/construction workers: (Figure 18 Ontology Diagram for ) it

shows the overall view. The diagram show the flow of accessing work related health

information provide to these user by the web application. In addition it demonstrates

that an actor of the application will have a role as miners, miner’s health experts and/or

user.

Figure 18 Ontology Diagram for Miners/construction workers



Figure 19 Main Ontology Diagram for illustrates the detailed information of Figure 18 Ontology Diagram for . It shows retrieval paths of resource

and attributes of the miners/construction workers. It shows also how the web application designed for this user consume ACKTUS

reasoning service, social network and store information in the ACKTUS Case repository.

Figure 19 Main Ontology Diagram for Miners/construction workers



Ontology Diagram for miners/construction workers disease: (Figure 20 Ontology

Diagram for Miners/construction workers Disease) the set of triplet in this figure defines, the

class describing the types of diseases and injuries in work environment. One of the

injuries in miners/construction workers environment is Vibration. In this diagram, the

handling of vibration is illustrated if it occurs in work place.

Figure 20 Ontology Diagram for Miners/construction workers Disease



7. Designing Generic GUI

The web is a repository for various documents, photos and videos and used for sharing

information like news, research, and personal information and be a part of social

media.

RDF is designed to be read and understood by machines. However, most current

Semantic Web contains humans as creators of data, programmers and last but not least

as end user. As this overload of information we come across with increase the

essentiality and convenience of Graphical User Interface (GUI) to maintain simplicity,

good design and features for displaying and browsing these resources become vital.

We have developed a generic GUI for older adult as well as an end user interface for the

miners/construction workers. By generic interface we mean an interface which can be

accessed with both mobile and computers. It also provides uniform interface that will

serve as a template for different web applications. Here, the interface is used for elders

and Miners including construction workers. When we want to use this interface for

other web application like educational system, it should be customized with less effort.

The buttons, Menus and link in the interfaces are generic. That is, they are clear and

common for different types of users. Our GUI is designed to be easy to navigate, simple

to look at, and easy for administrators to modify.

7.1. Technology

We have built the web application using 3-tier architecture in which the client, server

and database constitute the main elements. In our web application, we built our

interface using myeclipse 10 IDE by using Java Server Faces components. We chose this

technology as it provides a better web interface building components such as icefaces,

jsf, html, and etc. The JSP pages in myeclipse are the front-ends of our application. We

have also used Postgre SQL and sesame repository at the back end of the web

application for storage and retrieval of system data.

In addition to these technologies, the web application was developed under Tomcat on a

Linux server and java programming language. Java stack works with a variety of

databases and is particularly well-tuned to mainstream of databases. It also works with

myeclipse development environment that is making it better to write applications.

During the development of the architectural process strong emphasis was placed on the

consistency of the three layers. In the beginning prototype of the user interface(JSP

Pages) was created that consisted of HTML mock-up pages then developing of

the Java classes was made based on the database tables and the JSP pages. The



developed web application using the above listed technologies has an overall view of the

web as shown in the below diagram (Figure 21 Over View of the web application).

Figure 21 Over View of the web application

7.2. Log in page

The first page a user encounters when using the HSSEMW system is the login page. This

page can be seen in Figur 22 Login Page. In the prototype developed for the web application

we have prepared 3 types of domain where every user is assigned only one of the

domain type (Admin, user, guest).

However people have several users’ roles, for example older adult, miners and expert on

miners/construction workers or older adult where they can have the accesses to be

redirected to different application depending on the role they chose. Here the user may

choose to either log in to the system as one of the 3 types of domain choices. If the user

chooses to log in to the system he/she must use a valid username, password and domain

type in order to pass the authentication process.

A new user is created by filling out a form consisting of some personal information

such as name, address, telephone number and also identify question on the desired

username(email address ) ,user type and user role . After all the fields in the form have

been validated the user will send a registration request to the administrator where this

information will be stored on the Postgre SQL database and be visible in the

administrator page. However administrator must authenticate and generate temporary

password to the new user before it can be used to log in to the system.



Figur 22 Login Page

7.3. Administrator prototype

Administrator user type assigned to person who are working with the project of ACKTUS

and involved in the administration projects work. The Administrator is responsible

adding, deleting and updating user privileges to the system. The administration pages

and the user pages were clearly separated to avoid difficulties with respect to security of

the internal Web pages.

Figur 23 Administrator Page



7.4. Users

The target users in these web applications are older adults and miners. These users

have to fill the registration form to be able to get access to HSSEMW. After they receive

their account information from the admin via email, they can log to the main page of the

system where the system end users can accesses and manipulate information in the

form of http. The resources displayed in this page are stored in the form of RDF in

Rehab, EKFV6 and case repositories which are allowed to be accessible to all types of

users.

This page is also used by the end user to choose the user role to access the specific

applications. Users are grouped into a role and their access rights are based on that role.

For users who have multiple user roles once they are logged to the system they can

switch from one application to the other application without providing username and

password again.

Figur 24 Default page

Older adult: Older adults interact with the system and access information

which are stored in the rehab repositories and access the data on the

repositories in the form of RDF and display health related data to the user.

The default page of the Older Adult contains compilation of the tasks specific

users have to perform in the system. For an older adult, this page will show



both personal and health related information which is retrieved from the

rehab repository. To view their profile and modify account information, the

older has to press “Profile” button. Under the Profile button there several

task that the older adult can perform like see their personal information,

change their password, access external links which directs them to other

application and join the social network.

And also when an Older Adult pressed My Stuff button, they will have sub

tasks they can perform like take a precaution exam related to the doubt they

have to their health, view health related information and check their

previous concerns they have stored under history.

Figure 25 Older Adult Home page

Miners/construction workers: Is also end user of the system who interacts

with the user interface to retrieve work related health information from EKF

(V6) repositories. The information accessed by this type of user is specific to



health related information of the miners/construction workers environment.

Once a user logged in as a miners/construction workers user, he/she can get

access the following service from the repositories

o Profile: In this part the user can view his/her profile details. We

designed user friendly interface that enable the user to get an access

to the repository and display basic personal information. There are

also functionalities that enables the users to modify his/her account

information. In addition to these, in this section there are external

links which directs the user to other application.

o My stuff: In this section, miners/construction workers may want to

read some tips about their work related health information. So, here

they can view information about their health while they are in work,

how to avoid injuries, what precaution to take in case of accident and

other important information. This page is also interactive by

providing a kind of exam to the users and display some

recommendation based on the input of the users.

o Social Network: here the users view and interact with their friends.

Figure 26 Miners/construction workers Home page



7.5. Security

The usage of computers for sensitive tasks leads to an emergent need of computer

security. The overall goal of this thesis was to design web application with appropriate

security functionality by structuring a security policy that protects the contents from

unauthorized disclosure and authentication control.

The security of a web application framework is not only the consciousness of the

application, but also the underlying platform and the various technologies that have

been used. So we implemented application-layer security measures to protect the web

application as well as the underlying servers and databases that support them. This

requires restricting access based on a username/password and domain combination,

protecting the bean from unauthorized access and limiting a user to access only to

certain functionalities.

The combinations of the above three security measures are used for securing our web

application.

Restricting access: It checks to ensure that the user name, password and domain

were contained in the database was granted access to all functionalities within the

system without further verification.

Protecting the Bean: the application authorized the user to executed restricting

methods on the bean.

Access to certain functionalities: with this security measure the user with the same

role type are provided to have a different privilege to accesses to resources in the

same repository.

7.5.1. Secure registration and Authentication

Our web application ensures that users register their personal details (e.g. email

address) in a secure way during the request to get a privilege for either the Older Adult

or miners/construction workers web application. During this registration request the

profiles of the user are stored in our Postgre SQL database which includes security

concept of MD5.

The login authentication implemented on our web application authenticates the users

registered and receive the approved authentication information when accessing the web

application. The web application displays the name of the authenticated user. In addition

to this users are able to change their password whenever they want to.



7.5.2. Access control and data storage

All files and data stored in our Postgre SQL database are protected from reading by any

account other than the super account. Therefore, a user must possess the proper

clearances to gain access to resources.

The connection from the developed Web application to the Postgre SQL database or to

the sesame repository is done with a JDBC driver. The JDBC driver provides the middle

tier from Java classes to the database and sesame repository. The JDBC driver serves to

translate the Java SQL statement format that the user request to access an application to

the database-specific format, so that it checks the authentication of the user to the

application that they are requesting for to returns the desired application page

7.6. Authentication service

The authentication service we propose aims at providing secure authentication for

different application to consume. With this feature, we assume that anyone can consume

our authentication services, is able to obtain and login with the correct authentication

privilege.

The Provision of authentication service for consumers of our web application is

performed by invoking Simple Object Access Protocol (SOAP) messages over the

internet using the HTTP protocol. It is the standard protocol that has an XML-based

documents format. This protocol enables to exchange information without having to

know any detail about the sender and receiver. The client sends a SOAP request to the

server and then the web service sends a SOAP response back to the client.

The below diagram (Figure 27 Authentication service) shows the operations provided as a

services and client application that consumes this authentication services.

Figure 27 Authentication service



7.7. Mobile version of the web app

We have implemented an HTML-enable web pages that is accessible though PC and also

extend the possibilities to use mobile devices for browsing. It should be noted that

technical development of hardware components and browsers’ preferable feature is

excluded from the focus of the study, although technical aspects do have an impact on

the usability of mobile web applications we much more focused on providing the web

application through the mobile device addressing the below aspects :

Navigation by this aspect we were making sure that the web application will

let the users to go from home page to getting useful work done.

Usability: the communication of the user and the mobile device is prepared to

be easy to use.

Figure 28 GUI for Smart Phone



8. Discussion

This section mentions the main problems facing on the two communities of users and

how the proposed solutions look like. Furthermore some of the major benefits and

limitation of the whole implementation are discussed.

8.1. Technology

As it has been stated in the previous chapters we have used Myeclipe IDE, Apache

Tomcat, Postgres SQL and sesame repository for different tasks. Choosing of this

technologies are not arbitrary. We have chosen Myeclipse IDE as it provides better GUI

building components. It is also fairly common and reasonable setup both for developers

and production environments to use Apache Tomcat with Myeclipse IDE. The selection

of Postgres SQL came with the attribute like reliability, data integrity, and correctness it

provides and also as it is one of the world most advanced open source database.

The drawback that we faced while working with Myeclipe IDE was that the visual web

designers are only available for windows 32 bit platforms. The Myeclipe visual designer

has exhibited stability problems on some systems in Mac and Linux platforms. There are

also some sorts of compatibility and installation difficulties while using Myeclipse IDE as

it is not open source software.

8.2. Authentication

There are several different undying approaches for making a web application secured

from unwanted access of users. In our case, a role based authentication approach is

considered. When users wish to login to the application, they have to pass 2 level of

authentication layer so that they can access a specific resource from the data sources.

Once the users pass through the first login verification process, they will be forwarded

to the default page where the second level of authentication is performed. In this level of

authentication they have to choose their role. As a result, users will be directed to their

respective pages based on the selected user role.

The problem here is the first level of login verification process only checks whether the

account information (user name, password and domain type) given by the user is

available in the Postgres SQL database. But this is not enough to secure the whole web

application. In order to solve this, we used a role based approach that enables the user

to redirect them to their specific personal page and content. Users have to select a valid

role assigned to them as their identification for accessing a particular resource from the

repositories.

Beside to the system users, the application has a guest and an administrator

account. The guest account would be used for a new user of the application. In this case



instead of blocking access to the resources, the new user could be treated as guest, very

similar to administrator where they can access restricted resources. The guest access is

a convenient way to grant access to some basic function until they become a user of the

application.

8.3. Authentication Service

We put up a few operations as web services for clients of our web application, which

returned some sensitive data. We needed a simple way to authenticate the users of this

web service. We started using web services technologies in the application we are

developing; in most cases the information passed from client is suitable for the public

domain so we need to look in to different secured authentication methods. This should

be simple for the client application while it is trying to consume services that are

provided by our application. It is fairly easy for the client to use SOAP headers to pass

user name, password information. As we have explained in the previous chapter, SOAP

web service is used to provide some operation in the authentication part of the

application as a service to clients. Even though we provide some functionality of our web

application as a service to clients further works would be performed to fulfill the

requirement of the consumers. In addition we have not developed a client project that

consumes the provided service but we have tested the provided services using

Myeclipse IDE to ensure the web service is working as needed.

8.4. Resources Security

One of the main concerns of users in health information systems is privacy. We

addressed these issues by restricting the accessibility of resources stored in the sesame

repository. Theses recourses are retrieved and accessed by only authorized users based

on their assigned role.

The private profile data or any kinds of the user’s information that are provided from

the user to system during the registration are stored in a secured way. To be able to

provide this privacy we have been working with a technology called MD5 where the

implementation is not fully completed. The aim of selecting this hashing algorithm is to

keep sensitive data in an encrypted way.

In addition, MD5 make sure that the authentication information of the users are stored

in the Postgres SQL database are encrypted. So the database administrator cannot even

see this information. As a result, the web application will provide some sort of comfort

to our system users by preserving their privacy information at some level.

8.5. Graphical User Interface

Some key attribute were considered in the design of the web application. It is an

application that can be accessed by the users through a web browser. The browser



creates HTTP requests for specific URLs that map to resources on the web server. When

we design the GUI, we include a key design consideration such as performance, security,

deployment and the key patterns of technology which are compatible with both mobile

and personal computers.

Mobile devices become more and more important nowadays. Users want to have an

access to web application through mobile and desktop computers. Because of this users

demand, developing a generic user interface have become an essential part in the web

applications development. However, developing a generic (mobile and PC) web

application are far more complex as the usage of these devices are different in a sense

that mobile devices for users (miners/construction workers) usually are in difficult and

hectic work places. So providing mobile compatible web application for this community

of users is very important.

The main challenge is to design the user interface in such a simple manner, that the user

can completely concentrate on his/her task. For that reason availability for the

developed web application framework for PC and mobile devices was considered. When

we design the front end of the application, we tried to minimize the complexity by

categorizing tasks in to different areas of concern while designing a secure, high

performance, user friendly web application. For this, we logically partition our

application in to presentation, Business (Entity) and data access layer which plays a

significant role to monitor and scaling our application.



9. Conclusion

This thesis set out to propose and build web based application for two communities

(older Adults and miners/construction workers) of users. We started off by analyzing

web based health support systems available, identifying technology components that are

the back bone of the system and security related issues. During the analysis phase we

have observed that most of the web applications provided have a security hole. In

addition we have perceived issues concerning personalization, authentication and

authorizations and privacy.

To solve this problem, we designed an architecture and developed a web based

application which includes the following parts: 1. how a personalization is implemented

to full fill the requirement of a user which fulfill users need to see personalized content

and view health information. 2. Authentication of users while they are trying to access

resources from repositories. 3. The privacy issue which ensures security of users’

profile is considered. 4. Authentication services to other applications.

In conclusion it can be said that our proposed web based application provides

protection against unauthorized users and preserve private information by using a role

based access of different pages. These enable users to navigate through their personal or

publicly accessible pages. Authorized users passed by verifying valid account

information to the main application home page where they are supposed to select a role.

The selected role takes the user either to a common (public) page or to their private

pages.



10. Future Work

The aim of this project was to create a secured web based application that is used for

older adults and miners/construction workers. Though the security of the application is

done by implementing authentication of users, there are some issues need to be done

further. The authentication service mentioned in the discussion section has a lot of

remaining tasks to do such as testing with client application and providing more

services to its consumers.

Another possible future work is concerning social network sites and their security. We

have been adapting the concept on how the social media security and privacy is

implemented. We analyzed the concept and it is included in our design, but it is not

implemented yet. One of the benefits of the social network to the users of the application

is interaction and sharing health information among themselves. So implementing the

social network to the developed application will add the quality of the application.

In addition to the above issues, developing separate mobile version of the developed

web application shall be considered. As the mobile resolution and capability is different

than PC’s, building a more mobile friendly web application will encourage and facilitate

the end users to interact with the system.

Keyword searching on the user interface could be very useful. Nevertheless for

implementing this operation better support for abbreviations and synonyms in the

ontology should be developed. Further user testing needs to be done with a larger

number of users and domain experts for better improvement of the web application.



References

1. ACKTUS. (2013) Activity-Centered Modeling of Knowledge and Interaction Tailored to

User, [Online], Available: http://acktus.cs.umu.se/?page_id=117. [6 apr -2013]

2. Ajit Appari and M. Eric Johnson, (2010), Information security and privacy in

healthcare: current state of research. Int. J. Internet and Enterprise Management, Vol. 6,

No. 4, 2010. [Online], Available http://www.ists.dartmouth.edu/library/416.pdf [6apr-

2013].

3. Alexander Lorenz, Hans-Werner. (2006) Tailoring UML Activities to Use Case Modeling

for Web Application development, CASCON ,Hagen, Germany [Online], Available:

http://pdf.aminer.org/000/077/338/tailoring_uml_activities_to_use_case_modeling_f

or_web_application.pdf [6 apr -2013]

4. Amit Jain and Csilla Farkas. (2006) Secure Resource Description Framework: an Access

Control Model, [online], Available:

http://voutsadakis.com/RESEARCH/PROJECTS/PPREASON/JainFarkas2006.pdfn

[14May-2013]

5. Bernardo Cuenca Grau. (2010) Privacy in ontology-based information systems: A

pending matter, Semantic Web 1, 137–141 137 DOI 10.3233/SW-2010-0009, IOS Press.

6. Berners-Lee, T., Hendler, J. & Lassila, O., 2001, "The semantic web", Scientific

American, May pp36.http://www.cs.umd.edu/~golbeck/LBSC690/SemanticWeb.html

7. Bhaskar, Mehta, Claudia Niederee, Avare Stewart, Marco Degemmis, Pasquale Lops,

and Giovanni Semeraro.(2005) Ontologically-Enriched Unified User Modeling for Cross-

System Personalization, UM 2005, LNAI 3538, pp. 119–123, Springer-Verlag Berlin

Heidelberg, IST-2003-507173,Project VIKEF , [Online], Available:

http://www.springerlink.com/content/8r3n3neud8pcd69j/fulltext.pdf [6 Apr 2013]

8. Bhavani Thuraisingham, Arlington, VA (2003) Security Issues for the Semantic Web.

Proceedings of the 27th Annual International Computer Software and Applications

Conference (COMPSAC’03) 0730-3157/03 © 2003 IEEE. [Online],

Available:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1245408 [6apr-

2013].

9. Bhavani Thuraisingham. (2007) Secure Semantic Web Services, [Online], Available :

http://www.utdallas.edu/~bxt043000/Publications/Technical-Reports/UTDCS-34-

07.pdf [16 May-2013]

http://acktus.cs.umu.se/?page_id=117

http://www.ists.dartmouth.edu/library/416.pdf

http://pdf.aminer.org/000/077/338/tailoring_uml_activities_to_use_case_modeling_for_web_application.pdf



http://www.cs.umd.edu/~golbeck/LBSC690/SemanticWeb.html

http://www.springerlink.com/content/8r3n3neud8pcd69j/fulltext.pdf

http://www.utdallas.edu/~bxt043000/Publications/Technical-Reports/UTDCS-34-07.pdf

http://www.utdallas.edu/~bxt043000/Publications/Technical-Reports/UTDCS-34-07.pdf



10. Biplav Srivastava and Jana Koehler, (2003) Web Service Composition - Current

Solutions and Open Problems. Proceedings of ICAPS 2003 (2003) Key: citeulike:1233294

[Online], Available:http://winslab.cnu.ac.kr/resource/LabSeminar/Seminar2004/icaps-

ws.pdf [6apr-2013]

11. Brian Girardi, David Martin, Jonathan Nguyen-Duy, Mario Santana, Eddie Schwartz

and Dean Weber. (2012)Transforming Traditional Security Strategy Into An Early

Warning System for Advanced Threats. [Online], Available:

http://www.emc.com/collateral/software/solution-overview/h11031-transforming-

traditional-security-strategies-so.pdf [6 Apr 2013].

12. Chris Preist. (2007) Goals and Vision Combining Web Services with Semantic Web

Technology.

13. Creswell.JW, (2003) Research Design: Qualitative, Quantitative, and Mixed Methods

Approaches. Thousand Oaks,California: Sage Publications, 2003.

14. Dmitrij Lagutin. (2010) Securing the internet with Digital. Aalto University, [Online],

Available: http://lib.tkk.fi/Diss/2010/isbn9789526034652/isbn9789526034652.pdf

[12May-2013]

15. Dumitru Roma, Uwe Kelle, Holger Lausen, Jos de Bruijn, Ruben Lara, Michael

Stollberg, Axel Polleres, Cristina Feier, Cristoph Bussler, and Dieter Fensel. (2005) ‘Web

Service Modeling Ontology.’ Applied Ontology 1 (2005) 77–106 77 IOS Press:, [Online],

Available: http://www.michael-stollberg.de/publications/wsmo-appliedOntologyJournal.pdf

[6apr-2013]

16. Fabian Abel. (2011) User Modeling and Personalization on Twitters , Delft University

of Technology [Online],

Available: http://sdow.semanticweb.org/2011/pub/sdow2011_keynote_slides.pdf [6

Apr -2013].

17. Fiona C. Bull1, a, Matthew W. Kreuterb , Darcell P. Scharffb. (1999) Effects of tailored,

personalized and general health messages on physical activity .Patient Education and

Counseling 36181–192.PII:S0738-3991(98)001347, [Online], Available:

http://elkhealth.pbworks.com/f/bull,+kreuter+and+scharff.pdf [6 Apr -2013].

18. GFI White Paper. (2011) Web-based security threats: how attacks have shifted and

what to do about it, [Online], Available: http://www.gfi.com/whitepapers/GFI-

Web_Based_Threats_v2_Whitepaper.pdf [12May-2013]

http://winslab.cnu.ac.kr/resource/LabSeminar/Seminar2004/icaps-ws.pdf

http://winslab.cnu.ac.kr/resource/LabSeminar/Seminar2004/icaps-ws.pdf

http://www.emc.com/collateral/software/solution-overview/h11031-transforming-traditional-security-strategies-so.pdf

http://www.emc.com/collateral/software/solution-overview/h11031-transforming-traditional-security-strategies-so.pdf

http://lib.tkk.fi/Diss/2010/isbn9789526034652/isbn9789526034652.pdf

http://www.michael-stollberg.de/publications/wsmo-appliedOntologyJournal.pdf

http://sdow.semanticweb.org/2011/pub/sdow2011_keynote_slides.pdf

http://elkhealth.pbworks.com/f/bull,+kreuter+and+scharff.pdf

http://www.gfi.com/whitepapers/GFI-Web_Based_Threats_v2_Whitepaper.pdf

http://www.gfi.com/whitepapers/GFI-Web_Based_Threats_v2_Whitepaper.pdf



19. Grigoris Antoniou and Frank van Harmelen. (2003)Web Ontology Language: OWL.

[Online], Available

http://www.cs.vu.nl/~frankh/postscript/OntoHandbook03OWL.pdf [6apr-2013]

20. Grigoris Antoniou and Frank van Harmelen,(2008). ’A Semantic Web Primer.2nd

edition’. The MIT Press Cambridge, Massachusetts London, England

21. Guler Kalem. (2005) Semantic Web Application: Ontology-Driven Recipe Querying.

Atilim University.

22. Helena Lindgren and Chunli Yan. ACKTUS - Collaborative Knowledge Building for

Personalized Support Systems in the Health Domain (Draft).

23. Helena Lindgren, Farahnaz Yekeh, Chunli Yan and Jayalakshmi Baskar,(2012).

’Agent-Supported Assessment for Personalized Ambient Assisted Living. Appears in:’

Proceedings of the 11th International Conference on Autonomous Agents and Multiagent

Systems (AAMAS 2012), Conitzer, Winikoff, Padgham, and van der Hoek (eds.),June, 4–8,

2012, Valencia, Spain. Copyrightc 2012, International Foundation for Autonomous

Agents and Multiagent Systems

24. Helena Lindgren, Patrik J, and Peter Winnberg. (2011) Domain Experts Tailoring

Interaction to Users – An Evaluation Study, P. Campos et al. (Eds.): INTERACT 2011, Part

III, LNCS 6948, pp. 644–661, 2011. IFIP International Federation for Information

Processing 2011.

25. Hyung-Jun Yim and Kyu-Chul Lee.A ,(2012) ‘Ubiquitous Web Services Framework

for Interoperability in Pervasive Environments’ International Journal of Multimedia and

Ubiquitous Engineering Vol. 7, No. 3, July, 2012. [Online],

Available:http://www.sersc.org/journals/IJMUE/vol7_no3_2012/6.pdf [6apr-2013].

26. James B.D. Joshi, Walid G. Aref, Arif Ghafoor,and Eugene H. Spafford (2001) Security

Models for Web-Based applications: Using traditional and emerging access control

approaches to develop secure applications for the Web(pp 38-39).

27. Jayalakshmi Baskar, Helena Lindgren, Dipak Surie, Chunli Yan and Farahnaz Yekeh

‘Personalization and User Models for Support in Daily Living’, Published by Linköping

University Electronic Press, [Online], Available:

http://www.ep.liu.se/ecp_home/index.en.aspx?issue=071. [6 apr-2013].

28. Jeff Heflin and James Hendler. (2004) A Portrait of the Semantic Web in Action,

University of Maryland.

http://www.cs.vu.nl/~frankh/postscript/OntoHandbook03OWL.pdf

http://www.sersc.org/journals/IJMUE/vol7_no3_2012/6.pdf

http://www.sersc.org/journals/IJMUE/vol7_no3_2012/6.pdf



29. Khalid El-Arini, Jurgen Van Gael, Ulrich Paquet, Ralf Herbrich, Blaise Agüera y Arcas.

(2012) Transparent User Models for Personalization, KDD’12, August 12–16, 2012,

Beijing, China.

30. Lalana, Kagal, Tim Finin, and Anupam Joshi. (2003), A Policy based Approach to

security for the Semantic web , University of MaryLand Baltimore County, Baltimore,

Maryland USA, [Online], Available:

http://www.csee.umbc.edu/courses/pub/finin/papers/papers/iswc03b.pdf [6apr-2013].

31. Liana Razmerita, Guy Gouardères. (2005) Ontology based User Modeling for

Personalization of Grid Learning Service, France.

32. Lora Aroyo and Geert-Jan Houben. (2010) User modeling and adaptive Semantic

Web, Semantic Web 1, 105–110.DOI 10.3233/SW-2010-0006, IOS Press.

33. Maksym Korotkiy and Jan Top (2006) ‘ OntoSOA: From Ontology-enabled SOA to

Service-enabled Ontologies’ Proceedings of the Advanced International Conference on

Telecommunications andInternational Conference on Internet and Web Applications and

Services (AICT/ICIW 2006)0-7695-2522-9/06 IEEE. [Online], Available

http://www.gartner.com/resources/114300/114358/114358.pdf [6apr-2013].

34. Marci Meingast, Tanya Roosta, Shankar Sastry. (2006) Security and Privacy Issues

with Health Care Information Technology, Proceedings of the 28th IEEE. EMBS Annual

International Conference, New York City, USA.

35. Mercuri, R.T. (2004) ‘The HIPAA-potamus in health care data security’,

Communications of the ACM, Vol. 47, No. 7, pp.25–28.

36. Michal Barla. (2010)Towards Social-based User Modeling and Personalization, FIIT-

10890-653, [Online], Available: http://acmbulletin.fiit.stuba.sk/theses/barla-thesis.pdf

[6 Apr 2013].

37. Mohammad Zarifi Eslami, Alireza Zarghami, Brahmananda Sapkota, Marten van

Sinderen. (2010) Service Tailoring: Towards Personalized Homecare Services. ACT4SOC

2010: 109-121, [Online], Available:

http://doc.utwente.nl/73920/1/ServiceTailoring_TowardsPersonlaizedHomecareSyste

ms.pdf [6 April -2013].

38. Nicola Henze and Eleco Herder. (2012) User Modeling and Personalization, [Online],

Available:

http://www.kbs.uni-annover.de/Lehre/pers12/slides/01_adaptive_hypermedia.pdf

[6 apr -2013].

http://www.csee.umbc.edu/courses/pub/finin/papers/papers/iswc03b.pdf

http://www.gartner.com/resources/114300/114358/114358.pdf

http://acmbulletin.fiit.stuba.sk/theses/barla-thesis.pdf

http://www.informatik.uni-trier.de/~ley/db/conf/icsoft/act4soc2010.html#EslamiZSS10

http://www.informatik.uni-trier.de/~ley/db/conf/icsoft/act4soc2010.html#EslamiZSS10

http://doc.utwente.nl/73920/1/ServiceTailoring_TowardsPersonlaizedHomecareSystems.pdf

http://doc.utwente.nl/73920/1/ServiceTailoring_TowardsPersonlaizedHomecareSystems.pdf

http://www.kbs.uni-annover.de/Lehre/pers12/slides/01_adaptive_hypermedia.pdf



39. Olivier Corby, Rose Dieng, Cedric Hebert (2004), A Conceptual Graph for W3C

Resource Description Framework, 06902 Sophia, Antipolis cedex, France.

40. Ondrej Mikle .(2004), Practical Attacks on Digital Signatures Using MD5 Message

Digest , [online], Available: http://eprint.iacr.org/2004/356.pdf

41. Peter Winnberg. (2009) Architecture for assessing and managing medical knowledge ,

UMNAD 812/09, Umeå University ,[Online], Available:

http://www8.cs.umu.se/education/examina/Rapporter/PeterWinnberg_kand.pdf [6

Apr 2013].

42. Prud’hommeaux.E, A. Seaborne (eds.). SPARQL Query Language for RDF.

[Online], Available, http://www.w3.org/TR/rdf-sparql-query/ [6apr-2013].

43. Robert P. Hawkins, Matthew Kreuter, Kenneth Resnicow, Martin Fishbein and Arie

Dijkstra. (2008) Understanding tailoring in communicating about health, health

education research. vol.23 no.3 2008, Pages 454–466. Advance Access publication 17

March.

44. Rui Zhang and Ling Liu. (2010) Security Models and Requirements for Healthcare

Application Clouds, E-ISBN: 978-0-7695-4130-3.Print ISBN: 978-1-4244-8207-8, Inspec ,

Accession Number: 11499455.

45. Simona Elena, Varlan. (2010) Advantage of Semantic Web Technologies in the

Knowledge Based Society ,[Online], Available:

http://anale.feaa.uaic.ro/anale/resurse/info5svarlan.pdf [6apr-2013]

46. Stevens.M.M.J (2007) ,On Collisions for MD5, Eindhoven University of Technology ,

Department of Mathematics and Computing Science, [Online], Available:

http://www.win.tue.nl/hashclash/On%20Collisions%20for%20MD5%20-

%20M.M.J.%20Stevens.pdf [6 Apr -2013].

47. Surabgi. Jolly, J.Sredevi (2006), The Semantic Web: AN Overview. Inflibnet center,

February 2,

pp1.http://ir.inflibnet.ac.in/bitstream/handle/1944/1118/68.pdf?sequence=1 [6 Apr -

2013].

48. Susan B. Barnes .(2006), A Privacy paradox: Social Networking in the United

States.[Online], Available

http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/1394/1312

[6apr-2013].

http://eprint.iacr.org/2004/356.pdf

http://www8.cs.umu.se/education/examina/Rapporter/PeterWinnberg_kand.pdf

http://www.w3.org/TR/rdf-sparql-query/

http://www.win.tue.nl/hashclash/On%20Collisions%20for%20MD5%20-%20M.M.J.%20Stevens.pdf

http://www.win.tue.nl/hashclash/On%20Collisions%20for%20MD5%20-%20M.M.J.%20Stevens.pdf

http://ir.inflibnet.ac.in/bitstream/handle/1944/1118/68.pdf?sequence=1






49. Ted Demopoulos. (2013) OUCH! The monthly security awareness Newsletter for

computer users, ‘Social Network Safety’, [Online], Available:

http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201303_en.pdf

[6 apr -2013].

50. Thomas Trojer, Basel Katt, FlorianWozak, and Thomas Schabetsberger(2010). ’An

Authoring Framework for Security Policies’: A Use-Case within the Healthcare Domain. E-

Health 2010, LNICST 69, pp. 1–9, 2011.

51. Tim Finin, James Mayfield, Anupam Joshi, R. Scott Cost and Clay Fink ,(

2005) Information Retrieval and the Semantic Web , [Online],

Available: http://aisl.umbc.edu/resources/121.pdf

52. Uche Ogbuji , (Dec, 2000) An introduction to RDF Exploring the standard for Web-

based metadata [Online] available

at: http://www.ibm.com/developerworks/library/w-rdf/ [10May-2013]

53. Umberto Straccia and Rapha el Troncy. (2006) Towards Distributed Information

Retrieval in the Semantic Web: Query Reformulation using the oMAP Framework, [Online],

Available: http://gaia.isti.cnr.it/straccia/software/oMap/oMap.pdf

54. Volker Wulf and Björn Golombek. (2001) Direct Activation: A Concept to Encourage

Tailoring Activities in Behaviour & Information Technology, Vol. 20, No. 4, 2001, pp. 249 –

263.

55. W3C Incubator Group Report 6th December (2010): A Standards-based, open and

Privacy-aware Social Web. [Online], Available

http://www.w3.org/2005/Incubator/socialweb/XGR-socialweb-20101206/ [6apr-

2013]

56. W3C Semantic Web Activity Group. Semantic Web Activity Statement,[Online],

Available , http://www.w3.org/2001/sw/Activity [6apr-2013]

57. Yuhong Yan, Harold Boley and Bruce Spencer.(2006) Tutorial on Service oriented

architecture, [Online], Available:

http://icec06.net/WorkshopsAndTutorials/SOATutorial/SOA-Tutorial.htm [6 Apr

2013]

http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201303_en.pdf

http://aisl.umbc.edu/resources/121.pdf

http://www.ibm.com/developerworks/library/w-rdf/

http://gaia.isti.cnr.it/straccia/software/oMap/oMap.pdf

http://www.w3.org/2005/Incubator/socialweb/XGR-socialweb-20101206/

%5bOnline%5d,%20Available%20,%20http:/www.w3.org/2001/sw/Activity

%5bOnline%5d,%20Available%20,%20http:/www.w3.org/2001/sw/Activity

http://icec06.net/WorkshopsAndTutorials/SOATutorial/SOA-Tutorial.htm



Sample Prototype Snapshots

Figure 29 Home Page

Figure 30 Older Adults Home Page



Figure 31 Older Adult Profile Page

Figure 32 Older Adult Personal Information Page



Figure 33 Password Changing Page

Figure 34 Registration Page



Figure 36 Miners and Construction workers home page

Figure 37 Profile page for Miner/construction workers user

Health Support System for Elderly and … · Functional Requirements ... Support System for Elderly...

Documents

Transcript of Health Support System for Elderly and … · Functional Requirements ... Support System for Elderly...