Encryption Techniques for Annotizer
Suhel ParekhOral Defence Date:
Tuesday, April 17, 2007 - 18:00Location:
Dr. Dragutin Petkovic, Dr. Ilmi Yoon
Annotizer is a San Francisco State University (SFSU) developed user-friendly WWW annotation and comment system used for collaboration in scientific research and educational environments. In this system, a verified user can add, modify, share and search comments associated with annotations on Web contents. One of the requirements discovered after use case analysis with biology users, who were the initial target end users for the system, was the need to keep private annotations (which are stored centrally) completely private i.e. readable only to the originator. The key objective of this work was to select the suitable encryption algorithm and develop a software (SW) system for the Annotizer that will ensure that private annotations are (readable only to their originators and not even to the database administrators. Other high level objectives were that the encryption algorithm chosen has to be very usable, and should seamlessly integrate with the current Annotizer architecture. Contributions of this work include development of a standalone system for encrypting the annotations as a proof of concept, which includes integration of an open source encryption SW; and mockup design of proposed seamless integration with the Annotizer UI. Encryption technologies in this project were chosen to ensure easy integration into Annotizer system in the future. We chose Blowfish, a symmetric type of cryptographic algorithm to perform the encryption process. Java APIs were used in implementing this algorithm to build the application prototype. The Software Engineering development process that we used for implementing this standalone system was Rational Unified Process (RUP) which consisted of 4 iterative phases in the following order: Inception, Elaboration, Construction, and Transition.