Identity management and e-learning standards for promoting the sharing of contents and services in higher education

In this paper, we present the status of identity management systems and e-learning standards across Europe, in order to promote the mobility and the sharing of contents and services in higher education institutions. With new requirements for authentication, authorization and identity management for Web applications, most higher education institutions implement several solutions to address these issues. At the first level, the adoption of directory Servers like LDAP, Active Directory and others, solve some problems of having multiple logins and passwords for authentication. The growing of Web applications like Learning management Systems, portals, Blogs, Wikis, and others, need a more effective way of identity management, providing security and accessibility. Web Single Sign-On (SSO) resolves some of these issues of identity management, because the authentication is managed centrally and the user can navigate through different Web applications using the same session. One example of a Web SSO system is the Central Authentication Systems (CAS). SSO systems provide an effective way to manage authentication and authorization inside institutions, but are restricted to the administrative domain of each institution. With the implementation of Bologna Process more students, lecturers and staff will be on mobility programs within European higher education institutions. The creation of identity management federations is mandatory to provide the mobility of users and to permit the exchange of contents and services between institutions. The creation of identities federations across Europe is been in discussion by TERENA (Trans-European Research and Education Networking Association) to provide a service federation like the EDUROAM WI-FI network that permits the mobility across Europe. This paper reports on some of the issues highlighted in the light of recent developments. To share contents and services within Europe, the adoption of standards is mandatory. IEEE LTSC (Learning Technology Standards Committee), IMS (IMS Global Learning, Inc) and ADL (Advanced Distributed Learning) are standards organizations that publish a set of standards to promote the interoperability, reusability and integration of e-learning contents and services. The most important standards that promote the sharing of contents and services across Europe are Sharable Content Object Reference Model (SCORM), IMS Digital Repositories Interoperability and IMS Learning Design. This paper presents the main features of e-learning standards and how it can be used in conjunction with identity management systems to create collaborative learning objects repositories to promote a more effective learning experience and a more competitive European space for higher education, with respect to the requirements of knowledge based societies

D3.1 Validation of technical specifications of ECO modules

The objective of this document is to list the most important technical specifications of each MOOC platform that will be integrated in the overall ECO architecture. The objective of this particular task is to carry out analysis of all the technical specifications of each of the modules/platforms that are to be integrated in the global ECO platform. Once integration will be done, an Open Data exposure solution will be implemented by means of integrating an Open Data Catalog platform such as CKAN.ICT Policy Support Programme as part of the Competitiveness and Innovation framework Programme (CIP) - grant number 62112

Towards secure web services: Performance analysis, decision making and steganography approaches

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.Web services provide a platform neutral and programming language independent technology that supports interoperable machine-to-machine interaction over a network. Clients and other systems interact with Web services using a standardised XML messaging system, such as the Simple Object Access Protocol (SOAP), typically conveyed using HTTP with an XML serialisation in conjunction with other related Web standards. Nevertheless, the idea of applications from different parties communicating together raises a security threat. The challenge of Web services security is to understand and consider the risks of securing a Web-based service depending on the existing security techniques and simultaneously follow evolving standards in order to fill the gap in Web services security. However, the performance of the security mechanisms is fraught with concerns due to additional security contents in SOAP messages, the higher number of message exchanges to establish trust, as well as the extra CPU time to process these additions. As the interaction between service providers and requesters occurs via XML-based SOAP messages, securing Web services tends to make these messages longer than they would be otherwise and consequently requires interpretation by XML parsers on both sides, which reduces the performance of Web services. The work described in this thesis can be broadly divided into three parts, the first of which is studying and comparing the performance of various security profiles applied on a Web service tested with different initial message sizes. The second part proposes a multi-criteria decision making framework to aid Web services developers and architects in selecting the best suited security profile that satisfies the different requirements of a given application during the development process in a systematic, manageable, and effective way. The proposed framework, based on the Analytical Hierarchy Process (AHP) approach, incorporates not only the security requirements, but also the performance considerations as well as the configuration constraints of these security profiles. The framework is then validated and evaluated using a scenario-driven approach to demonstrate situations where the decision making framework is used to make informed decisions to rank various security profiles in order to select the most suitable one for each scenario. Finally, the last part of this thesis develops a novel steganography method to be used for SOAP messages within Web services environments. This method is based on changing the order of XML elements according to a secret message. This method has a high imperceptibility; it leaves almost no trail because it uses the communication protocol as a cover medium, and keeps the structure and size of the SOAP message intact. The method is empirically validated using a feasible scenario so as to indicate its utility and value

Privacy considerations for secure identification in social wireless networks

This thesis focuses on privacy aspects of identification and key exchange schemes for mobile social networks. In particular, we consider identification schemes that combine wide area mobile communication with short range communication such as Bluetooth, WiFi. The goal of the thesis is to identify possible security threats to personal information of users and to define a framework of security and privacy requirements in the context of mobile social networking. The main focus of the work is on security in closed groups and the procedures of secure registration, identification and invitation of users in mobile social networks. The thesis includes an evaluation of the proposed identification and key exchange schemes and a proposal for a series of modifications that augments its privacy-preserving capabilities. The ultimate design provides secure and effective identity management in the context of, and in respect to, the protection of user identity privacy in mobile social networks

A policy-based security framework for ad-hoc networks

Imperial Users onl

An identity based framework for security and privacy in pervasive networks

Master'sMASTER OF ENGINEERIN

Security, Trust and Privacy (STP) Model for Federated Identity and Access Management (FIAM) Systems

The federated identity and access management systems facilitate the home domain organization users to access multiple resources (services) in the foreign domain organization by web single sign-on facility. In federated environment the user’s authentication is performed in the beginning of an authentication session and allowed to access multiple resources (services) until the current session is active. In current federated identity and access management systems the main security concerns are: (1) In home domain organization machine platforms bidirectional integrity measurement is not exist, (2) Integrated authentication (i.e., username/password and home domain machine platforms mutual attestation) is not present and (3) The resource (service) authorization in the foreign domain organization is not via the home domain machine platforms bidirectional attestation

Towards secure web services : performance analysis, decision making and steganography approaches

Web services provide a platform neutral and programming language independent technology that supports interoperable machine-to-machine interaction over a network. Clients and other systems interact with Web services using a standardised XML messaging system, such as the Simple Object Access Protocol (SOAP), typically conveyed using HTTP with an XML serialisation in conjunction with other related Web standards. Nevertheless, the idea of applications from different parties communicating together raises a security threat. The challenge of Web services security is to understand and consider the risks of securing a Web-based service depending on the existing security techniques and simultaneously follow evolving standards in order to fill the gap in Web services security. However, the performance of the security mechanisms is fraught with concerns due to additional security contents in SOAP messages, the higher number of message exchanges to establish trust, as well as the extra CPU time to process these additions. As the interaction between service providers and requesters occurs via XML-based SOAP messages, securing Web services tends to make these messages longer than they would be otherwise and consequently requires interpretation by XML parsers on both sides, which reduces the performance of Web services. The work described in this thesis can be broadly divided into three parts, the first of which is studying and comparing the performance of various security profiles applied on a Web service tested with different initial message sizes. The second part proposes a multi-criteria decision making framework to aid Web services developers and architects in selecting the best suited security profile that satisfies the different requirements of a given application during the development process in a systematic, manageable, and effective way. The proposed framework, based on the Analytical Hierarchy Process (AHP) approach, incorporates not only the security requirements, but also the performance considerations as well as the configuration constraints of these security profiles. The framework is then validated and evaluated using a scenario-driven approach to demonstrate situations where the decision making framework is used to make informed decisions to rank various security profiles in order to select the most suitable one for each scenario. Finally, the last part of this thesis develops a novel steganography method to be used for SOAP messages within Web services environments. This method is based on changing the order of XML elements according to a secret message. This method has a high imperceptibility; it leaves almost no trail because it uses the communication protocol as a cover medium, and keeps the structure and size of the SOAP message intact. The method is empirically validated using a feasible scenario so as to indicate its utility and value.EThOS - Electronic Theses Online ServiceGBUnited Kingdo