Towards Security Goals in Summative E-Assessment Security

The general security goals of a computer system are known to include confidentiality, integrity and availability (C-I-A) which prevent critical assets from potential threats. The C-I-A security goals are well researched areas; however they may be insufficient to address all the needs of the summative e-assessment. In this paper, we do not discard the fundamental C-I-A security goals; rather we define security goals which are specific to summative e-assessment security

Transparent authentication methodology in electronic education

In the context of on-line assessment in e-learning, a problem arises when a student taking an exam may wish to cheat by handing over personal credentials to someone else to take their place in an exam, Another problem is that there is no method for signing digital content as it is being produced in a computerized environment. Our proposed solution is to digitally sign the participant’s work by embedding voice samples in the transcript paper at regular intervals. In this investigation, we have demonstrated that a transparent stenographic methodology will provide an innovative and practical solution for achieving continuous authentication in an online educational environment by successful insertion and extraction of audio digital signatures

Applying New Strategy with Key Features to Enhance Students Performance Using E-Assessment Methods Secure Data

With the recent rapid development and growth in information technology, the profile of student learners has changed [1], and the teachers need to improve their quality of teaching and learning to synchronize with the developing growth in technology. In this research paper, confidentiality, integrity and availability (c-i-a) model was used to secure the information of students as well as teachers. Using c-i-a model, the main emphasis was on the security goals which are precise to online summative and formative assessment methods, authorization of students and receiving the feedback in a confidential way respecting the privacy of the individual. Also, the teacher needs to secure the data and enhance the student performance as a part of improvement in the progress evaluation methods relevant to the associated disciplines, thus providing students more skills and values.nbsp The new teaching strategy evolves around ensuring that adequate academic and/or professional standards are achieved by students through implementing appropriate e-assessment methods, namely formative and summative assessments. In this research paper, the online feedback obtained from the formative assessment is found to enhance the studentsrsquo performance in the summative assessment with security techniques for marking, grading and assessment of their knowledge, abilities and skills in privacy. The conclusions that when used online environment after applying the c-i-a concepts its increate the security level for the data and from unauthorized students. nbsp In addition, the studentsrsquo enhanced positively their performance after design and implementing the new strategy techniques and adding new key features. as well as increased their performance to achieve the cilorsquos satisfying the pilorsquos respectively.nbsp Also, the author recommended finding the new appropriate features to enhance their performance

Heading for the Clouds? Implications for Cloud Computing Adopters

Cloud computing projects have many implications, including issues such as security, compliance, funding, cohesion with existing systems, operational resource requirements, and number of employees involved. In order to gain a better understanding of why businesses are interested in adopting cloud services in spite of these potential difficulties, we interviewed senior IT personnel at five different organizations about their processes related to “cloud” decisions, their thoughts before and during the process, and the outcome of their endeavor. Our results provide insights from their perspectives into the similarities and differences among the organizations and the implications of “going into the cloud”. We conclude with a list of recommended questions and areas to consider for use by other organizations looking into adopting cloud services. The ultimate goal is to help businesses considering a cloud computing project by providing advice from other organizations based on their experience

Proctoring to improve teaching practice

Universities organise digital summative assessments in special assessment computer rooms and they conduct strong restrictions on the resources. This policy assures safety and security of assessments but obstructs authentic problem solving where open resources are needed. A digital assessment room is also not a proper solution when students for some reason cannot attend the assessment on campus. We present three scenarios from the science and mathematics teaching practice at the University of Amsterdam in which we have used proctoring to create the flexibility of online exams that was needed. Online remote proctoring of computer screens on the campus and/or students at home enabled (1) more authentic exams by allowing open resources, (2) use of own laptops (BYOD) in a regular lecture room, (3) off campus online exams as a part of an online programme, for example, at home anywhere in the world. We have shown that proctoring is not just a different way to control students using computers, but that it enabled improvement of the quality of learning processes in which summative assessments are an integral part

Security and Usability of Authentication by Challenge Questions in Online Examination

Online examinations are an integral component of many online learning environments and a high-stake process for students, teachers and educational institutions. They are the target of many security threats, including intrusion by hackers and collusion. Collu-sion happens when a student invites a third party to impersonate him/her in an online test, or to abet with the exam questions. This research proposed a profile-based chal-lenge question approach to create and consolidate a student’s profile during the learning process, to be used for authentication in the examination process. The pro-posed method was investigated in six research studies using a usability test method and a risk-based security assessment method, in order to investigate usability attributes and security threats. The findings of the studies revealed that text-based questions are prone to usability issues such as ambiguity, syntactic variation, and spelling mistakes. The results of a usability analysis suggested that image-based questions are more usable than text-based questions (p < 0.01). The findings identified that dynamic profile questions are more efficient and effective than text-based and image-based questions (p < 0.01). Since text-based questions are associated with an individual’s personal information, they are prone to being shared with impersonators. An increase in the numbers of chal-lenge questions being shared showed a significant linear trend (p < 0.01) and increased the success of an impersonation attack. An increase in the database size decreased the success of an impersonation attack with a significant linear trend (p < 0.01). The security analysis of dynamic profile questions revealed that an impersonation attack was not successful when a student shared credentials using email asynchronously. However, a similar attack was successful when a student and impersonator shared information in real time using mobile phones. The response time in this attack was significantly different when a genuine student responded to his challenge questions (p < 0.01). The security analysis revealed that the use of dynamic profile questions in a proctored exam can influence impersonation and abetting. This view was supported by online programme tutors in a focus group study

E-INVIGILATION OF E-ASSESSMENTS

E-learning and particularly distance-based learning is becoming an increasingly important mechanism for education. A leading Virtual Learning Environment (VLE) reports a user base of 70 million students and 1.2 million teachers across 7.5 million courses. Whilst e-learning has introduced flexibility and remote/distance-based learning, there are still aspects of course delivery that rely upon traditional approaches. The most significant of these is examinations. The lack of being able to provide invigilation in a remote-mode has restricted the types of assessments, with exams or in-class test assessments proving difficult to validate. Students are still required to attend physical testing centres in order to ensure strict examination conditions are applied. Whilst research has begun to propose solutions in this respect, they fundamentally fail to provide the integrity required. This thesis seeks to research and develop an e-invigilator that will provide continuous and transparent invigilation of the individual undertaking an electronic based exam or test. The analysis of the e-invigilation solutions has shown that the suggested approaches to minimise cheating behaviours during the online test have varied. They have suffered from a wide range of weaknesses and lacked an implementation achieving continuous and transparent authentication with appropriate security restrictions. To this end, the most transparent biometric approaches are identified to be incorporated in an appropriate solution whilst maintaining security beyond the point-of-entry. Given the existing issues of intrusiveness and point-of-entry user authentication, a complete architecture has been developed based upon maintaining student convenience but providing effective identity verification throughout the test, rather than merely at the beginning. It also provides continuous system-level monitoring to prevent cheating, as well as a variety of management-level functionalities for creating and managing assessments including a prioritised and usable interface in order to enable the academics to quickly verify and check cases of possible cheating. The research includes a detailed discussion of the architecture requirements, components, and complete design to be the core of the system which captures, processes, and monitors students in a completely controlled e-test environment. In order to highlight the ease of use and lightweight nature of the system, a prototype was developed. Employing student face recognition as the most transparent multimodal (2D and 3D modes) biometrics, and novel security features through eye tracking, head movements, speech recognition, and multiple faces detection in order to enable a robust and flexible e-invigilation approach. Therefore, an experiment (Experiment 1) has been conducted utilising the developed prototype involving 51 participants. In this experiment, the focus has been mainly upon the usability of the system under normal use. The FRR of those 51 legitimate participants was 0 for every participant in the 2D mode; however, it was 0 for 45 of them and less than 0.096 for the rest 6 in the 3D mode. Consequently, for all the 51 participants of this experiment, on average, the FRR was 0 in 2D facial recognition mode, however, in 3D facial recognition mode, it was 0.048. Furthermore, in order to evaluate the robustness of the approach against targeted misuse 3 participants were tasked with a series of scenarios that map to typical misuse (Experiment 2). The FAR was 0.038 in the 2D mode and 0 in the 3D mode. The results of both experiments support the feasibility, security, and applicability of the suggested system. Finally, a series of scenario-based evaluations, involving the three separate stakeholders namely: Experts, Academics (qualitative-based surveys) and Students (a quantitative-based and qualitative-based survey) have also been utilised to provide a comprehensive evaluation into the effectiveness of the proposed approach. The vast majority of the interview/feedback outcomes can be considered as positive, constructive and valuable. The respondents agree with the idea of continuous and transparent authentication in e-assessments as it is vital for ensuring solid and convenient security beyond the point-of-entry. The outcomes have also supported the feasibility and practicality of the approach, as well as the efficiency of the system management via well-designed and smart interfaces.The Higher Committee for Education Development in Iraq (HCED