Integration of Multiple Data Sources for predicting the Engagement of Students in Practical Activities

This work presents the integration of an automatic assessment system for virtual/remote laboratories and the institutional Learning Management System (LMS), in order to analyze the students’ progress and their collaborative learning in virtual/remote laboratories. As a result of this integration, it is feasible to extract useful information for the characterization of the students’ learning process and detecting the students’ engagement with the practical activities of our subjects. From this integration, a dashboard has been created to graphically present to lecturers the analyzed results. Thanks to this, faculty can use the analyzed information in order to guide the learning/teaching process of each student. As an example, a subject focused on the configuration of network services has been chosen to implement our proposal

Hispanic Medieval Tagger (HisMeTag): una aplicación web para el etiquetado de entidades en textos medievales

El resumen presenta la herramienta de etiquetado de entidades nombradas en textos medievales en español. Este trabajo se enmarca dentro de los proyectos de investigación, proyecto europeo ERC-2015-STG-679528 POSTDATA

EVI-LINHD, un Entorno Virtual de Investigación para la edición digital académica.

EVI-LINHD, un Entorno Virtual de Investigación para la edición digital académica

Smart Contracts for Managing the Chain-of-Custody of Digital Evidence: A Practical Case of Study

The digital revolution is renewing many aspects of our lives, which is also a challenge in judicial processes, such as the Chain-of-Custody (CoC) process of any electronic evidence. A CoC management system must be designed to guarantee them to maintain its integrity in court. This issue is essential for digital evidence’s admissibility and probative value. This work has built and validated a real prototype to manage the CoC process of any digital evidence. Our technological solution follows a process model that separates the evidence registry and any evidence itself for scalability purposes. It includes the development of an open-source smart contract under Quorum, a version of Ethereum oriented to private business environments. The significant findings of our analysis have been: (1) Blockchain networks can become a solution, where integrity, privacy and traceability must be guaranteed between untrustworthy parties; and (2) the necessity of promoting the standardization of CoC smart contracts with a secure, simple process logic. Consequently, these contracts should be deployed in consortium environments, where reliable, independent third parties validate the transactions without having to know their content

Formal Analysis of SAML 2.0 Web Browser Single Sign-On: Breaking the SAML-based Single Sign-On for Google Apps

Single-Sign-On (SSO) protocols enable companies to establish a federated environment in which clients sign in the system once and yet are able to access to services offered by different companies. The OASIS Security Assertion Markup Language (SAML) 2.0 Web Browser SSO Profile is the emerging standard in this context. In this paper we provide formal models of the protocol corresponding to one of the most applied use case scenario (the SP-Initiated SSO with Redirect/POST Bindings) and of a variant of the protocol implemented by Google and currently in use by Google’s customers (the SAML-based SSO for Google Applications). We have mechanically analysed these formal models with SATMC, a state-of-the-art model checker for security protocols. SATMC has revealed a severe security flaw in the protocol used by Google that allows a dishonest service provider to impersonate a user at another service provider. We have also reproduced this attack in an actual deployment of the SAML-based SSO for Google Applications. This security flaw of the SAML-based SSO for Google Applications was previously unknown

A Cloud Game-Based Educative Platform Architecture: The CyberScratch Project

The employment of modern technologies is widespread in our society, so the inclusion of practical activities for education has become essential and useful at the same time. These activities are more noticeable in Engineering, in areas such as cybersecurity, data science, artificial intelligence, etc. Additionally, these activities acquire even more relevance with a distance education methodology, as our case is. The inclusion of these practical activities has clear advantages, such as (1) promoting critical thinking and (2) improving students’ abilities and skills for their professional careers. There are several options, such as the use of remote and virtual laboratories, virtual reality and game-based platforms, among others. This work addresses the development of a new cloud game-based educational platform, which defines a modular and flexible architecture (using light containers). This architecture provides interactive and monitoring services and data storage in a transparent way. The platform uses gamification to integrate the game as part of the instructional process. The CyberScratch project is a particular implementation of this architecture focused on cybersecurity game-based activities. The data privacy management is a critical issue for these kinds of platforms, so the architecture is designed with this feature integrated in the platform components. To achieve this goal, we first focus on all the privacy aspects for the data generated by our cloud game-based platform, by considering the European legal context for data privacy following GDPR and ISO/IEC TR 20748-1:2016 recommendations for Learning Analytics (LA). Our second objective is to provide implementation guidelines for efficient data privacy management for our cloud game-based educative platform. All these contributions are not found in current related works. The CyberScratch project, which was approved by UNED for the year 2020, considers using the xAPI standard for data handling and services for the game editor, game engine and game monitor modules of CyberScratch. Therefore, apart from considering GDPR privacy and LA recommendations, our cloud game-based architecture covers all phases from game creation to the final users’ interactions with the game

A Cloud Game-Based Educative Platform Architecture: The CyberScratch Project

The employment of modern technologies is widespread in our society, so the inclusion of practical activities for education has become essential and useful at the same time. These activities are more noticeable in Engineering, in areas such as cybersecurity, data science, artificial intelligence, etc. Additionally, these activities acquire even more relevance with a distance education methodology, as our case is. The inclusion of these practical activities has clear advantages, such as (1) promoting critical thinking and (2) improving students’ abilities and skills for their professional careers. There are several options, such as the use of remote and virtual laboratories, virtual reality and game-based platforms, among others. This work addresses the development of a new cloud game-based educational platform, which defines a modular and flexible architecture (using light containers). This architecture provides interactive and monitoring services and data storage in a transparent way. The platform uses gamification to integrate the game as part of the instructional process. The CyberScratch project is a particular implementation of this architecture focused on cybersecurity game-based activities. The data privacy management is a critical issue for these kinds of platforms, so the architecture is designed with this feature integrated in the platform components. To achieve this goal, we first focus on all the privacy aspects for the data generated by our cloud game-based platform, by considering the European legal context for data privacy following GDPR and ISO/IEC TR 20748-1:2016 recommendations for Learning Analytics (LA). Our second objective is to provide implementation guidelines for efficient data privacy management for our cloud game-based educative platform. All these contributions are not found in current related works. The CyberScratch project, which was approved by UNED for the year 2020, considers using the xAPI standard for data handling and services for the game editor, game engine and game monitor modules of CyberScratch. Therefore, apart from considering GDPR privacy and LA recommendations, our cloud game-based architecture covers all phases from game creation to the final users’ interactions with the game

Forensic Analysis Laboratory for Sport Devices: A Practical Use Case

At present, the mobile device sector is experiencing significant growth. In particular, wearable devices have become a common element in society. This fact implies that users unconsciously accept the constant dynamic collection of private data about their habits and behaviours. Therefore, this work focuses on highlighting and analysing some of the main issues that forensic analysts face in this sector, such as the lack of standard procedures for analysis and the common use of private protocols for data communication. Thus, it is almost impossible for a digital forensic specialist to fully specialize in the context of wearables, such as smartwatches for sports activities. With the aim of highlighting these problems, a complete forensic analysis laboratory for such sports devices is described in this paper. We selected a smartwatch belonging to the Garmin Forerunner Series, due to its great popularity. Through an analysis, its strengths and weaknesses in terms of data protection are described. We also analyse how companies are increasingly taking personal data privacy into consideration, in order to minimize unwanted information leaks. Finally, a set of initial security recommendations for the use of these kinds of devices are provided to the reader