Ken Nakayama

Java Bytecode Dependence Analysis for Secure Information Flow

Java programs can be transmitted and executed on another host in bytecode format, thus the sensitive information of the host may be leaked via these assembly-like programs. Information flow policy can ensure data confidentiality, however, conventional information flow analysis mainly focused on the programs written in high-level programming languages and is generally performed by type checking approach, which assigns security classes to the variables then verifies information flow policy in program executing order. These approaches are inadequate to address the information flow in bytecode and the type systems verification method is imprecise. This paper presents a method to disclose java bytecode information flow by dependence analysis, in which the information flow analysis is separated to two phases to improve precision. First is determining information dependence relationship among the variables in the bytecode then is verifying the security based on security class. A prototype tool has been developed, by which the bytecode information flow of object or class files can be analyzed.

A Context Sharing Message Broker Architecture to Enhance Interoperability in Changeable Environments

With the growing number of mobile devices connected to the network, demand for appropriate services according to the situational contexts of users is increasing. However, building such context-aware applications is costly because both the environments of users in the real world and available services on the network are dynamically changing. In this paper, we propose a Context Sharing Message Broker Architecture which supports applications in changeable environments which cooperate with each other. The message broker provides a common context model which applications can share. A context model works not only as a common interface to the real world context, but also as a common interface to the applications which share the context model. Applications only access the context model, and they do not directly communicate with each other. This approach has three advantages; this architecture reduces the complexity of distributed context-aware systems; the architecture keeps applications independent from each other; applications can maintain their common context model cooperatively. These advantages enable applications to cooperate, and yet keep applications independent from each other.

Mobile code security by Java bytecode dependence analysis

Security of mobile code is important because the code is transmitted and remotely executed. Existing protection mechanisms have not fully addressed the security problem. Current approaches tend to prevent the host from potential attacks by confining the mobile code, which leads to impair the function of mobile code. Java is widely used in mobile code systems. We propose a method that does less restriction to the Java mobile code while protecting the host. The approach is to analyze the Java bytecode security-relevant behavior prior to its execution, thus to ensure two major aspects of host security ntegrity and confidentiality. We extend bytecode dependence analysis technique to adapt information flow analysis. A prototype implementation is under development. This tool will be used to analyze Java class file, applet and mobile agent.

Simple augmented reality system for 3D ultrasonic image by see-through HMD and single camera and marker combination

Thanks to the rapid progress of ICT, significant progress has been made in both the “generation” and “display” of the advanced medical information. However, serious problems still remain in both the “generation” and “display”. Therefore, we propose a simple augmented reality system that can display an ultrasonic image of exactly the same plane in the body of the patient that a doctor is looking at. The key idea is to utilize the fact that an ultrasonic probe moves inside the doctors field of view and within the accessible range of the arm in order to simplify the augmented reality system. The prototype has been developed using only a see-through HMD and single camera and marker combination. Three simple interaction methods compensate for the limitations in 3D position sensing. We worked with a medical doctor to test the prototype system and found it to be effective.

Considering events and processes within GIS: an event-based spatiotemporal data model

The development of a spatiotemporal data model adapted to temporal GIS applications is still a challenging research issue. The paper presents a new definition of events and processes to describe and model spatiotemporal phenomena within GIS, based on which, and on an extended concept of object version, an event-based conceptual spatiotemporal data model is produced.

Verification for Host Confidentiality by Abstract Interpretation in Mobile Code Systems

To resolve the security problems of Java mobile programs, we adapted the technique of type-level abstract interpretation usually applied to verify the bytecode correctness to check the mobile program statically whether it impairs the host confidentiality. Instead of data types, our approach abstractly executes the mobile program at the level of security-level. Based on maintaining a distribution map of security-levels of the data in the mobile programs data containers, our approach detects data-leaking caused by the mobile program just before it tries to send sensitive data out of the host. By this way our approach could make fewer misjudgments that verifies secure mobile programs as malicious ones and be more efficient than the works in R. Barbuti et al., (2002), C. Bernardeschi et al. (2002), and M. Avvenuti et al. (2003)

ONTOMO: Development of Ontology Building Service

In the research area of web technologies, ontologies are recently widely used. By using ontologies, we can share common understanding of the structure of information among people or software agents and enable reuse of domain knowledge. However, the difficulties in building ontologies have been pointed out and its costs are raising problems currently. To build an ontology, we must determine the domain that the ontology will cover, and define taxonomy, properties, instances of the ontology. It is very difficult and time consuming to build them without any tools. In this paper, we propose ONTOMO that enables Internet users to take part in building ontologies as a part of collective intelligence. In particular, we present an instance recommendation mechanism based on the editing history of multiple users together with experimental evaluations.

The Design of e-Learning Environment Oriented for Personalized Adaptability

A design of e-Learning environment is described for personalized adaptability. At first, we explain the whole system of our learning management system, WebClass RAPSODY, which has been developed to stand up to use by whole students in a university In this topic, there are two points, 1) infrastructure construction/maintenance in university, 2) improvement of LMS to use it for official lecture of university. Then, new developing function is explained including unit for learning mode to monitor and analyze learners learning status and unit for contents to search and analyze contents status. After learning a content, this system indicates next suitable content, with data mining of learners status and contents status by genetic algorithm (GA). This function could support learner to sustain e-learning with well- understanding of contents and highly-motivation to learning.

Resident Participating GIS- Based Tsunami Disaster Control Systems for Local Communities

We propose and experiment a social networking service (SNS) for local communities for tsunami disaster control. It is an easy-to-use GIS-based system with powerful GIS analysis capabilities. One of the features of the system is resident participation. The GIS layer structure proposed in this paper nicely supports this user participation. The system architecture and the use of the system for tsunami disaster control are discussed. We report ongoing developments in Hachinohe-City, Japan

A Development of Learning Management System for the Practice of E-Learning in Higher Education

From 2004 to 2007 our university has a three-year project called ‘GP Project’ which is part of a national project named “Selected Efforts of the Distinctive University Education Support Program” (Good Practice Project, abbreviated as GP Project), with the support of the ministry of Education, Culture, Sports, Science and Technology of the Japanese Government. In this project we are challenged to replace more than 30 existing courses with e-Learning. The courses must be seamlessly integrated to a course grade information system which has been already in use for years in the educational affairs section. For this integration we introduced a new Learning Management System which is easy to customize so that it can integrates course grade information and e-Learning information. We developed a Learning Management System (LMS) by modifying a commercial LMS WebClass with which is easy to add new functions-The first phase system has been started to work and now we are preparing to integrate the course grade information into the LMS. This paper describes our currently running three year university-wide project and then explains the functions of the newly developed Learning Management System.