Abstract
E-learning is a new method of learning which depends on the Internet in its execution. Nowday’s e-learning’s popularity is increasing as more and more people are taking online courses. It becomes the need of the hour, since it is being used as a big platform for enhancing and upgrading knowledge by increasing flexibility in various fields and providing ways to make learning easier. However E-learning has several challenges, one of these major challenges is Information Security. The security aspect is even more important for controlling access to information resources intended to specific users depending on several predefined contexts. Defining such access control is directly related to the appliance of a control access policy, responsible of securing learning sessions in an e-learning platform.
The purpose of this paper is to propose how to adapt ORBAC (organization role based access control) model which is considered as one of the most developed access control security models, to improve the highest degree of security in a concrete e-learning scenario for educational purpose, and to prove how the expressive power and flexibility of this model work. The proposed approach is implemented and evaluated by simulation using “MotOrbac” tool in order to define its validity context and limitations for a large and extended deployment.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
El-Khatib, K., Korba, L., Xu, Y., Yee, G.: Privacy and Security in E-Learning. International Journal of Distance Education, Institute for Information Technology, National Research Council Canada, vol. 1, Number 4 (2003)
Kumar, S., Kamlesh, D.: Investigation on Security in LMS Moodle. Proceedings of International Journal of Information Technology and Knowledge Management, 233–238 (2011). Kurukshetra University, Kurukshetra, India
Lampson, B.: Protection. In: 5th Princeton Symposium on Information Sciences and Systems, Mars, pp. 437–443 (1971)
Bell, D., La Padula, L., et al.: Secure computer systems: Unified exposition and multics interpretation. Technical Report ESD TR73-306, The MITRE Corporation, Mars (1976)
Sandhu, R., Coyne, E., Feinstein, H., Youman, C.E.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)
Thomas, R.: TMAC: a primitive for applying RBAC in collaborative environment. In: 2nd ACM, Workshop on RBAC, Fairfax, Virginia, USA, pp. 13–19, November 1997
Thomas, R., Sandhu, R., et al.: Task-based authorization controls (TBAC): a family of models for active and enterprise-oriented authorization management. In: 11th IFIP Working Conference on Database Security, Lake Tahoe, California, USA, pp. 166–181 (1997)
Bousmah, M., Elkamoun, N., Berraissoul, A.: Conception et réalisation d’un environnement virtuel d’apprentissage collaboratif, orienté métaphore spatiale, couplé avec un système observateur d’usage. In: Proceedings of the 6th IEEE International Conference on Advanced Learning Technologies, July 2006. IEEE Computer Society, Kerkrade (2006)
Abou El Kalam, A., El Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miege, A., Saurel, C., Trouessin, G.: Organization based access control. In: Proceedings of IEEE 4th International Workshop on Policies for Distributed Systems and Networks (POLICY 2003), Lake Como, Italy, June 2003
Cuppens, F., Cuppens-Boulahia, N.: Modeling Contextual Security Policies. International Journal of Information Security 7(4), 285–305 (2007)
Autrel, F., Cuppens, F., Cuppens-Boulahia, N., Coma, C.: MotOrBAC 2: a security policytool. In: 3rd Conference on Security in Network Architectures and Information Systems (SAR-SSI 2008), Loctudy, France, pp. 273–288 (2008)
El Kalam, A., Deswarte, Y., Baina, A., Kaaniche, M., et al.: Access control for collaborative systems: a web services based approach. In: IEEE International Conference on Web Services (ICWS 2007), pp. 1064–1071 (2007)
Baina, A.: Contrôle d’Accès pour les Grandes Infrastructures Critiques: Application au réseau d’énergie électrique. Thèse de doctorat, Université de Toulouse, Septembre 29, 2009
Madani, M.A., Erradi, M.: Network Security and Systems (JNS2), 2012 Networking and Distributed Systems Research Group, SIME Lab University Mohammed V-Souissi, ENSIA
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer Science+Business Media Singapore
About this paper
Cite this paper
Kassid, A., El Kamoun, N. (2016). Evaluation of a Security Policy Based on OrBAC Model Using MotOrBAC: Application E-learning. In: Sabir, E., Medromi, H., Sadik, M. (eds) Advances in Ubiquitous Networking. UNet 2015. Lecture Notes in Electrical Engineering, vol 366. Springer, Singapore. https://doi.org/10.1007/978-981-287-990-5_11
Download citation
DOI: https://doi.org/10.1007/978-981-287-990-5_11
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-287-989-9
Online ISBN: 978-981-287-990-5
eBook Packages: EngineeringEngineering (R0)