ORNEC Projects > ORNEC Research Projects - Technology Cluster

Web Services and Collaborative Environments

1- Personalized Privacy-Preserved Collaborative eCommerce Environments

Principal Investigator:

• Dr. Shervin Shirmohammadi, Assistant Professor, School of Information Technology and Engineering (SITE), University of Ottawa

Co-Investigators:

• Dr. Nicolas Georganas, Distinguished Professor, School of Information Technology and Engineering (SITE), University of Ottawa
• Dr. Ian Kerr, Professor and Canada Research Chair in Ethics, Law and Technology, Faculty of Law, University of Ottawa

Private Sector Partners

IBM Canada

Start and End Dates:

January 01, 2006 – December 15, 2007

Summary

Although on-line shopping and eCommerce systems have progressed over the past few years, they still lack important aspects such as building long-term trust relationships with customers and facilitating an environment that encourages buyers to buy more. The actual execution of eCommerce today is too different from its real-life counterpart, and for the most part it is based on a “Web page” with listing of items and prices and lacks social aspect such as personalization, collaboration, and interactivity.

Today the software industry has acknowledged these limitations, and is now seriously looking at products that support collaborative eCommerce and on-line shopping. For example, WebSphere Commerce Business Edition from IBM provides features of real-time collaboration among a group of buyers or sellers such that they could share documents, discuss a contract and negotiate terms in a private electronic workspace. Although an important step, this is still far from the real-world experience, due to the limitations of interacting in a 2D environment. Considering the innovations in 3D Virtual Presence technology, it would not be long before customers would find online malls of the future more like their offline counterparts.

Shoppers would “cruise” the virtual mall using their “avatars” and controlling their moves by simple voice commands or by traditional pointing devices, browsing and purchasing items of interest in the navigation process. They can also manipulate the items, such as magnification or viewing items from different angles, compare different items side by side, and, with the help of haptic devices, even “touch” and “feel” an item. As a more attractive and natural user interface, the multi-faceted dynamic virtual reality environment allows merchants to implement stronger marketing and branding initiatives than what is available on a "flat" web page. Also, merchants will be able to offer features that are lacking in most of today's eCommerce stores, by utilizing the unprecedented interactivity provided by this new technology. For example, the virtual mall makes it easy for storeowners to provide real-time customer support, sales assistance, cross-selling, virtual “try before buy”, promotion and individualized care that have traditionally been proven to increase sales. The fact that virtual presence technology can have a significant impact on eCommerce has been noticed by the industry. For example, one of the projects investigated by the eCommerce research group at IBM is “Virtual Reality Commerce”. With the creation of a virtual shopping mall, simulations of the actual shopping environments and user interactions can be achieved to a great extent. In addition to collaboration, which brings the social aspect into eCommerce, and Virtual Presence, which enables the online buyers and sellers with near-real-world interaction capabilities, personalization is another dominant business model in today’s eCommerce. It is the key to establishing long-term and beneficial relationships between buyer and sellers.

Many successful eCommerce sites use personalization to reach the goal of creating a strong working relationship with their clients and end-users. Intelligent agent technology can be used to collect customers’ shopping behaviors in the proposed 3D collaborative virtual mall. The family of DB2 Intelligent Miner of IBM provides a comprehensive solution to discover hidden relationships in data without exporting data to a special data mining computer or resorting to small samples of data. This technology can be used to develop user models from the collected information and to map it to appropriate content/context in order to provide personalized shopping environments. However, in such environments, a huge amount of information about people will inevitably be available, causing great concern for the privacy of user information. Privacy management is therefore a crucial component of an eCommerce system. We believe that privacy management should not be added as an after-thought; rather it should be integrated into the system’s design. To support this, research will be conducted on how intelligent agent systems could be designed in a value-centered process so that important policy and legal values are preserved; recognizing that respecting end-user privacy in fact makes good business sense.

For this project, we propose to investigate, design, and implement extensions to current eCommerce systems to include collaboration between buyers and/or vendors, near-real-world interactivity such as item manipulation using 3D and Virtual Presence technology including “touching” using haptics, and personalization using intelligent agents to collect shoppers’ behavior for customization. Such environments obviously contain huge amount of information about people. Hence, relevant privacy policies must be adhered to. Privacy management will therefore be integrated as a crucial component of the system, and research will be conducted on how a value-centered design process can be created so that important policy and legal values are preserved; recognizing that respecting end-user privacy in fact makes good business sense. The following is a summary of the research objectives:

Collaborative eCommerce

• Collaboration protocols for multi-agent interactions in the context eCommerce
• Voice-enable “helper” agent with emotive behaviors using IBM ViaVoice technology
• Context-based dynamic grammar generation using VoiceXML
• 3D and advanced media virtual eCommerce extension to IBM Websphere

Personalization and Customization

• Collection of customers’ behavior using intelligent agents roaming the “shopping mall”
• Modeling customers’ knowledge, goals, behaviour, and other social aspects
• Mapping the user model to appropriate content/context for personalized shopping
• Adaptive and personalized web interaction

Privacy Management

• Application of F.I.P.s (Fair Information Practices)
• Collaborative design using OECD guidelines, PIPEDA (Personal Information Protection and Electronic Documents Act) and other ethical/legal standards
• Designing into agent behavior and protocols compliance with national and international consumer protection, and privacy and data protection legislation

2- Secure Service-Oriented Collaborative eCommerce Environments

Principal Investigator:

• Dr. Abdulmotaleb El Saddik, Associate Professor, School of Information Technology and Engineering (SITE), University of Ottawa

Co-Investigators:

• Dr. Dominique J. Ferrand, Associate professor, School of Management, University of Ottawa
• Dr. Amiya Nayak, Associate Professor, School of Information Technology and Engineering (SITE), University of Ottawa

Private Sector Partners

Cistech Limited

Start and End Dates:

April 01, 2006 – December 15, 2007

Summary

This Research Project addresses secure collaborative eCommerce environments which can be used in many current and future applications such as event broadcasting (sports/concert), eLearning and eHealth. It will help train more students on an interdisciplinary research program that significantly impacts the Canadian economy. The students’ research work will generally fortify their solid theoretical background and offer them extensive experience. Along with that research experience, the skills that they will gain will allow them to land high-level research and development positions in both the industry and the government. Among those new skills to be gained are: Service-Oriented Architecture (SOA), Object-oriented programming, XML and related technologies (Styles, Parsers, etc.), working in an interdisciplinary team and with a business partner and learning business skills and needs, learning about technology transfer and publishing in the research literature and contributing to the realm of knowledge.

The aim of this project is to design tools capable of: receiving multimedia content, including real-time media from various sources in different formats, automatically categorizing the media, pre-filtering media according to preferences and device capabilities, discarding information deemed to be of no particular value to a specific user, and distributing valuable information in personalized formats to the end-users. For communications, we will use SOAP. The approach to be taken in the project is of collaborative nature, where a number of intermediate services will be used, each providing a number of transcoding operations. The main challenge with using this solution is finding the best route through the transcoder services in order to obtain the format required by the client that can maximize her/his satisfaction with the delivered multimedia content.

For users of the collaborative environment, different payment entitles each of them to have different privileges, such as play or copy, on the content. An access control policy language suitable for such networks will be investigated.

3- Modeling Consumer Products for Low-end Haptic Displays

Principal Investigator:

• Dr. Jochen Lang, Assistant Professor, School of Information Technology and Engineering (SITE), University of Ottawa

Co-Investigators:

 

Private Sector Partners

Point Grey Research Inc.

Start and End Dates:

January 01, 2006 – April 30, 2007

Summary

In haptic environments users can interact with objects through their visual as well as tactile sense. 
Unfortunately, the average consumer can not afford the expensive equipment required for high-fidelity haptic modelling and display.  Low-end haptic devices, as well as novel and simple haptic modelling approaches will enable new applications. This project explores how to employ low-end haptic devices for the rendition of consumer products in on-line retailing and how to model these products. 

Research for this project is concerned with haptic parameter acquisition, generalization of haptic parameters for object modelling and display of consumer products for e-commerce web applications. These three main aspects are described below.

Haptic parameter acquisition: Today, the measurement of haptic properties typically involves expensive and complex robotic measurement equipment. In order for haptic technology to become accepted in industry, a simple and efficient means to obtain relevant haptic information about a product is required. This project uses only a simple hand-held touch probe and a commercial stereo-vision system contributed by its’ industrial partner. Stereo-vision is a technology for the acquisition of the 3D shape of an object. Haptic object models require shape information. In fact, an object’s shape including its fine surface texture is all what is required for rigid objects which do not deform by the touch of a consumer. Our industrial partner is a world leader in the design and manufacturing of stereo-vision systems.

Measurement generalization and modelling: Probing of an object produces a local response to the applied force at the probing location. An efficient modelling system must be able to generalize measurements from one location to other locations. Additionally, most consumer products are complex: they consist of several different materials, each material exhibits variation in its properties, and often they are not elastic but visco-elastic or even elasto-plastic. Exact modelling of these material variations and properties is not suitable for use in haptic simulation for e-commerce webpages. This project’s aim is to develop suitable approximations which lead to models that can be displayed on consumer e-commerce websites.

Display of consumer products for e-commerce web applications: The goal of this project is the haptic display of an e-commerce application with a consumer-level haptic device. These kind of haptic devices are currently emerging while today’s consumer video cards can easily display the 3D shape of objects. As a result, the transmission of models and the computational capabilities of the client are the key challenges in displaying haptic content for consumers through a website.

Expected results: The project represents a training opportunity for graduate students enabling them to gain marketable skills in haptics, multi-media and software development. The graduate students in the project will be the messengers to bring this novel technology to the Canadian industry. It is expected that the project results in a competitive advantage for its’ industrial partner but that it also generates business opportunities for companies in the area of haptics, e-commerce and communications in Ontario and Canada.  

Transactions and Security

1- Online Knowledge Management and Data Mining for eBusiness Applications

Principal Investigator:

• Dr. Bijan Raahemi, Assistant Professor, School of Management, University of Ottawa

Co-Investigators:

• Dr. Ali Miri, Associate Professor, School of Information Technology and Engineering (SITE), University of Ottawa

Private Sector Partners

Alcatel Canada

Start and End Dates:

January 01, 2006 – December 15, 2007

Summary

Knowledge management and data mining is defined as the process of extracting and managing useful hidden information from large amounts of data using mathematical and statistical methods. A multidisciplinary science with links in statistics, machine learning, artificial intelligence, data base systems, computer programming and visualization, data mining spans a wide range of e-business applications from marketing, e-commerce, decision support systems, to fraud detection and risk analysis. It also has applications in other related areas including intrusion detection in computer networks, and health care administration.
Stream (or on-line) data mining represent an important class of data-intensive applications where data flows dynamically in large volumes, often demanding fast and real-time responses. There are many applications that require handling data in the form of a stream including stock tickers, dynamic tracing of stock fluctuation, point-of-sales systems, web data flow analysis, and network intrusion detection.
While knowledge management and data mining has made impressive progress during the past decade, it also faces many challenges and opportunities. Many of the established data mining algorithms perform well on static data (data collected on disks). However, unlike data processing methods for stored datasets, methods for analyzing streaming data require fast and memory efficient techniques. Furthermore, applications such as network management and stock analysis require real-time processing of the most recent information. 

The objective of this project is to study stream data mining algorithms, develop efficient and scalable methods for mining data streams, and implement a system prototype for online stream data mining applications. The methods developed in this project can be applied to a wide range of eCommerce applications.

2- Novel Schemes for Detecting Attack Packets during DDoS Attacks

Principal Investigator:

• Dr. Amiya Nayak, Associate Professor, School of Information Technology and Engineering (SITE), University of Ottawa

Co-Investigators:

• Dr. Abdulmotaleb El Saddik, Associate Professor, School of Information Technology and Engineering (SITE), University of Ottawa

Private Sector Partners

Cistel Technologies Inc..

Start and End Dates:

January 01, 2006 – December 15, 2007

Summary

In this project, we will study more efficient means of defense against Distributed Denial of Service (DDoS) attacks to stop the flow of attack traffic without slowing down the legitimate traffic flow. Any viable protection mechanism for dealing with DDoS attacks has to rely on some form of packet filtering, either at the individual computers, or at the gateway of the ISP, or at the intermediate routers which forward the packets. Many of current packet filtering techniques that have been proposed rely on scanning every packet for signs of DDoS attack and selectively dropping suspicious packets. However, such a strategy requires a lot of computations at the filtering node and thus considerably slowing down normal traffic flows.

We will investigate possible techniques that can be used to trace back the DDoS attack to their sources. Our focus will be on various probabilistic packet marking techniques that can be used to track the source of DDoS attacks both accurately and efficiently. Firewalls will be developed that would selectively filter out the attack packets. Such a firewall can be implemented either at the external gateway for a local network, or at the host machine itself. We will carry out an in-depth study of the recent solutions to perceive and discriminate traffic that relate to a DDoS from any normal traffic flow. We will establish a real testbed environment that could be configured into attacker and defender domains. The testbed will be an effective tool in developing policies and procedures to trace back the origin of a potential attack and be ready for a vigorous defense to combat it.

An analysis of the major DDoS attacks reported to date shows that the majority of such attacks use spoofed source IP addresses in order to conceal the location of the attack source. In fact, some of the most difficult to control attacks such as the reflection attack rely on IP address spoofing for their success. Thus, a major focus of our research is put on detection and filtering of IP packets with spoofed source addresses, we propose to study defense strategies against spoofed DDoS attacks and propose novel solutions that will use existing internet infrastructure and can be  easily implemented with minimal overhead in terms of the consumption of resources or time. We also plan to have mechanisms for detecting and controlling non-spoofed DDoS attacks, to make our solution protocol effective against every type of attack. We also intend to investigate possible techniques that can be used to trace back the DDoS attack to their sources. The simplest way to track the source of an attack is to insert route information on every packet as it passes through the intermediate routers. However, this would be very inefficient and uneconomical to implement. So, our focus will be on various probabilistic marking techniques that can be used to track the source of DDoS attacks both accurately and efficiently.

3- Preserving eData over a Very Long Period of Time

Principal Investigator:

• Dr. Herna Viktor, Assistant Professor, School of Information Technology and Engineering (SITE), University of Ottawa

Co-Investigators:

• Dr. Wojtek Michalowski, Professor, School of Management, University of Ottawa
• Dr. Eric Paquet, Senior Research Officer, Institute for Information Technology, National Research Council

Private Sector Partners

IBM Canada

Start and End Dates:

January 01, 2006 – December 15, 2007

Summary

The recent introduction of web-enabled data warehouses (so-called data webhouses) has provided us with a centralized, time-variant repository which can be used as an information-rich communication tool. Such data webhouses have many applications in the eSociety, including the eHealth, eGovernment and eBusiness domains. For example, a data webhouse containing data collected over numerous years, regarding a medical condition such as cancer or HIV, comes to mind. Typically, a data webhouse contains not only relational data, but also multimedia, including images, three-dimensional objects, and audio. Through the use of advanced data mining technologies, this centralized web-enabled repository offers us the ability to access and analyze vast repositories of data while utilizing the web’s inherently multimedia environment. The long-term analysis of trends has strategic decision making value for many organizations. However, to date, the long-term preservation (50 years or more) of such data has been widely overlooked. This may lead to the creation of a “Digital Rosetta Stone”, where our data webhouses become “data morgues”, containing data which are in formats that cannot be interpreted by present and future generations. Similarly, the fast evolution of websites’ multimedia content may render older information unusable. In this way, our digital heritage is in danger to be lost forever though the “silent obsolescence” of data, software and hardware. Organizations may not be able to access their history, thus leading to poor decision making and associated loss of revenue or opportunity. The objective of this research is to address this issue by studying the long-term preservation of software-dependent data (so-called e-data) through emulation, detachment, migration and trend analysis. That is, the project aims to investigate effective ways to store, maintain and analyze e-data, as contained in a data webhouse, over a very long period of time, within the context of the eSociety.

4- Securing eEnvironment: WaterWeb Services and Multimedia Content

Principal Investigator:

• Dr. Jiying Zhao, Associate Professor, School of Information Technology and Engineering (SITE), University of Ottawa

Co-Investigators:

Private Sector Partners

Platform Computing Inc
DC Canada International Corporation (DCCI)

Start and End Dates:

January 01, 2006 – December 15, 2007

Summary

Online delivery of digital media, such as MP3 audio and video, is very popular today and is increasingly becoming an important part of eCommerce. However, a major obstacle for digital media distribution and associated business is copyright protection which can potentially be violated through possible unlimited consecutive copying in the digital domain.

Web service applications to prevent digital copying have been used but unfortunately most are intrusion prone as they are mostly written in Java and are deployed in the client's sever, where they may be reverse-engineered by malicious clients. Therefore, Digital Rights Management (DRM) systems are required to protect rights and business. Watermarking can be the key technology for DRM. Digital watermarking is the science of imperceptibly and robustly embedding additional information into audio-visual content, software, or other media, and it is the best way of protecting intellectual property from illicit copying. In recent years, the research community has seen much activity in the area of digital watermarking and many watermarking algorithms have been proposed. Nevertheless, the most important requirements – robustness, imperceptibility, and capacity – have not been well met, and no research has been reported on web services and applications watermarking except for our group’s work.

Web services are implemented using standardized web-based applications employing XML, SOAP, WSDL and UDDI open standards over an internet protocol backbone (e.g. TCP/IP and HTTP). This means very limited channels for transferring data between servers and clients and further these channels are easy to monitor by attackers. Development of software watermarking techniques for web services and applications is therefore a challenging research topic. In this research project we will plan to develop practical and advanced web services and applications watermarking algorithms with obfuscation and tamper-proof functionalities which can be used for content authentication, copyright protection and tracking. The objectives of the proposed research project are:

• To research and develop practical and advanced web services and applications watermarking algorithms with code obfuscation and tamper-proof capabilities
• To research and develop advanced and “best-possible” watermarking methods and systems for the copyright protection of e-commerce multimedia data, such as image, video, audio
• To research and develop advanced and reliable watermarking methods and systems for content authentication of eCommerce multimedia data, such as image, video, audio; and

5- Fusion of Multi-modial Biometrics for Enhanced Authentication in eCommerce Applications

Principal Investigator:

• Dr. Jiying Zhao, Associate Professor, School of Information Technology and Engineering (SITE), University of Ottawa

Co-Investigators:

• Dr. Zheng Liu, Research Officer, Institute for Aerospace Research, National Research Council
• Anton Marincak, Technical Officer, Institute for Aerospace Research, National Research Council

Private Sector Partners

Liska Biometry Inc

Start and End Dates:

April 01, 2006 – December 15, 2007

Summary

In eCommerce applications online buyers and sellers need to exchange reliable authentication information. The ability to verify the identity of a specific individual is of critical importance in reducing acts of fraud and increasing security.

Currently passwords are the most widely used tools for authentication. However, forgotten passwords led to extra costs for password administration at the IT department. In addition, a misplaced or a stolen password is a constant threat to the security system. Developers working on eCommerce technologies are exploring the use of biometrics and smart cards to more accurately verify a trading party’s identity. For example, many banks are interested in this combination to better authenticate customers and ensure no repudiation of online banking, trading, and purchasing transactions. The only way to prove a person is the claimed one, not someone who knows the password or uses a stolen card, is the biometric information. Biometrics can be used to verify identity, which means using a physical characteristic such as face, voice or fingerprints to authenticate an individual’s claimed identity. Fingerprint matching is by far the most successful biometric technology because of its ease of use, non-intrusiveness and relative reliability (IBM has added finger-match sensor to ThinkPad notebook for swiping user's fingerprint). Regular optical-based fingerprint system is suitable for certain ethnic and demographic subgroups of the general population, but is subject to the humidity and condition of a finger. Most seriously, it can be spoofed by artificial fingers. The use of multiple biometrics emerges to be one of the most promising technologies to improve the accuracy and reliability in identification. However, to our best knowledge, none of these has been available in eCommerce applications.

This proposed interdisciplinary research project will involve optical system design, image processing, feature extraction, pattern matching and coding. An advanced multi-modal biometric system will be expected and it can be widely used in E-Commerce applications. The proposed research will be based on the existing optical fingerprint device and the patented EOL technique (EOL is the Edge of Light Technique invented by Anton Marincak of the Institute for Aerospace Research at the NRC). The EOL technique can be used in the detection of aircraft pillowing deformation and forensic applications. However it has not been used in fingerprint matching. To the best knowledge of the investigators, there is no similar research project reported. We will investigate how the regular optical fingerprint device and the needed EOL device can be integrated and wok seamlessly together to provide us the advanced and feasible authentication functionalities with high enrollability, usability and accuracy.

In summary the purpose of the project is to develop a multi-modal biometric system for enhanced authentication in eCommerce applications. The new system will be based on the fusion of two optical fingerprint techniques and will be able to provide a more precise and reliable solution for E-Commerce authentication. The objectives of the proposed research project encompass:

• Developing a fingerprint scanner prototype, which integrates the two optical techniques
• Developing image processing, feature extraction, matching and coding algorithms;
• Developing data/information fusion algorithm for decision making;
• Investigating the reliability of the multi-modal biometrics system; and
• Optimizing the whole scanning system.

6- Secure Content Routing for Web Services in B2B Interaction

Principal Investigator:

• Dr. Dan Ionesco, Professor, School of Information Technology and Engineering (SITE), University of Ottawa

Co-Investigators:

• Dr. Martin Litoiu, IBM Center for Advanced Studies, Toronto Laboratory

Private Sector Partners

Telecom Ottawa

Start and End Dates:

January 01, 2006 – December 15, 2007

Summary

A Business to Business (B2B) must be qualified before it can be used, the following points summarize the main characteristics it must have:

• Use universally defined interfaces
• Have a mechanism to register these interfaces with a universally accepted broker;
• Support tamper-proof security mechanisms for protection of offered services
• Be enabled over web communication protocols and mechanisms in order to be routed in a special, fast, and predictable way over the Internet

Among the organizations involved in issuing new protocols and standards for Internet applications, OASIS (www.oasis-open.org) and W3C (www.w3c.org)  aim at defining a set of protocols for coordinating the outcome of distributed application actions in order to conduct secure, reliable transactions using protocols rather than a dependence on shared technology. The advent of web services allowed application designers, to build applications which rely on a certain number of services which can exists independently of the other. This allows individual pieces of the application to be modified without impacting unrelated areas. A critical requirement for such a design called Service Oriented Architecture (SOA) enables provision of web services through established standards that define services and how they interoperate. Although series of theoretical works and specifications have been developed in order to let the application communicate and execute on collaborative protocols, there is still work to be done in the area of secure transactions and secure content routing of web services as related to eCommerce and B2B applications. There is currently an open process to refine and finalize a set of specifications based on three initial contributions, Web Services Coordination, Atomic Transaction and Business Activity Framework. Little has been done and proposed in the area of standardizing the secure XML interfaces of web services and their registration process in view of secure content routing. The integration of PKI and digital certificates with applications has led to the creation of the open XKMS (XML Key Management Specification) specification. Developers can take advantage of XKMS to integrate authentication, digital signature, and encryption services, such as certificate processing and revocation status checking, into applications without the constraints and complications associated with proprietary PKI software toolkits.

Research in this project focuses on the study of new mechanisms, protocols and algorithms used for secure content routing in the context of web services which today are the vehicles for B2B applications.

The NCIT*net2 will be used as a test-bed to support this research project as illustrated in the Figure below. As shown, three Content Routers, preferably from Foundry, as their product ServerIron is widely used by the industry and three web service servers will be placed in the three POPs of the NCIT*net2 namely:

• The University of Ottawa POP (in the NCCT Research Laboratory)
• Carleton University POP
• The CRC POP (on Carling Avenue)

With this infrastructure in place the architecture for secure content routing will be gradually developed over the next two years. We claim that at present a general secure content routing mechanism is not yet in place and has to be developed in correlation with all the four features mentioned above. In other words, the objective of this research will be:

• To investigate existing standardizations for the definition, creation, activation, and registration of web services and their blending with existing security XML standard
• To investigate the necessary protocols for the secure content routing in the context of a securely registered web service through abstract modeling techniques as applied to the above mechanisms and through investigation of their state space transition
• To design and implement secure content routing techniques and methodologies in the context of NCIT*net2
• To design and implement secure content routing prototype for a proof of concept web-based B2B application.