Advertisement

Development and Application of a Proxy Server for Transparently, Digitally Signing E-Learning Content

  • Christian J. Eibl
  • S H Basie von Solms
  • Sigrid Schubert
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 232)

Abstract

Integrity as minimal requirement for successful protection of the learning process is neglected by most learning management systems. To implement integrity protection independent of existing e-learning systems we present the concept of a proxy server that digitally signs outgoing messages to the learning management systems and verifies the signature of incoming messages accordingly. We illustrate the architectural design and give specification details. Realization deliberations are outlined with respect to the hypertext transfer protocol. Finally, we discuss the approaches on the case study of the open-source learning management system MOODLE.

Keywords

Digital Signature Smart Card Security Requirement Learn Management System Proxy Server 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Becher M, Dornseif M, Klein CN (2005) FireWire — all your memory are belong to us. CanSecWest Conference, Vancouver, Canada, http://www.cansecwest.com/core05/2005-firewire-cansecwest.pdf [02-02-2007].
  2. 2.
    Department of Defense (USA) (1985) Trusted Computer System Evaluation Criteria. Report DoD 5200.28-STD (“orange book”).Google Scholar
  3. 3.
    Eibl CJ, von Solms BSH, Schubert S (2006) A Framework for Evaluating the Information Security of E-Learning Systems. Proc. of the 2nd International Conference on Informatics in Secondary Schools Evolution and Perspectives (ISSEP), Vilnius, Lithuania.Google Scholar
  4. 4.
    Fielding R, Gettys J, Mogul J, Frystyk H, Masinter L, Leach P, Berners-Lee T (1999) Hypertext Transfer Protocol — HTTP/1.1, Request for Comments (RFC) 2616.Google Scholar
  5. 5.
    Geuer CH (1998) Entwurf, Realisierung und Verifikation eines Signatursystems für das Word-Wide-Web. Diploma thesis (German), University of Siegen.Google Scholar
  6. 6.
    Graf F (2002) Lernspezifische Sicherheitsmechanismen in Lernumgebungen mit modularem Lernmaterial. Doctoral dissertation (German), University of Darmstadt.Google Scholar
  7. 7.
    Grobler CP (2003) A Model to assess the Information Security status of an organization with special reference to the Policy Dimension. Magister Thesis, Rand Afrikaans University.Google Scholar
  8. 8.
    Integriertes Lern-, Informations-und Arbeitskooperationssystem (Ilias), online resource: http://www.ilias.de/ios/index-e.html [31-10-2006]
  9. 9.
    ISO/IEC 7498-1 (1996) Information Technology — Open Systems Interconnection — Basic Reference Model: The Basic Model. International Standard, corrected and reprinted version, Geneva, Switzerland.Google Scholar
  10. 10.
    Modular Object-Oriented Dynamic Learning Environment (Moodle), online resource: http://www.moodle.org [31-10-2006]
  11. 11.
    Schneier B (1996) Applied Cryptography: Protocols, Algorithms, and Source Code in C. Second Edition, Wiley.Google Scholar
  12. 12.
    Swanson M (2001) Security Self-Assessment Guide for Information Technology Systems. National Institute of Standards and Technology (NIST), Special Publication 800-26.Google Scholar
  13. 14.
    Weippl ER (2005) Security in E-Learning. Springer, New York.Google Scholar
  14. 15.
    Xenitellis S (2000) The Open-source PKI Book, online, last modified: 23-07-2000, URL: http://www.ospkibook.sourceforge.net [17-03-2006]

Copyright information

© International Federation for Information Processing 2007

Authors and Affiliations

  • Christian J. Eibl
    • 1
  • S H Basie von Solms
    • 2
  • Sigrid Schubert
    • 1
  1. 1.Didactics of Informatics and E-LearningUniversity of SiegenGermany
  2. 2.Academy for Information TechnologyUniversity of JohannesburgSouth Africa

Personalised recommendations