Confidentiality, Integrity And Accessibility In The Distance Education System

Abstract

At the present time, there is no doubt and practically confirmed that distance education is presently topical and top-requested mode of study in completely unexpected situations. The necessity to establish a self-isolation regime has led to the need for a large number of training sessions in the distance learning mode. The experience of distance training application revealed critical moments and challenges in the system of organization and management of the distance education process. In particular, problems appeared in the field of security of distance education in the broad sense of the term. In this work, we will consider the main problems and possible solutions to the main aspects of the distance education security. In particular, the possibilities of cryptographic transformations and protocols application to ensure reliable students' authentication as well as integrity and accessibility of educational and test materials and blockchain technology use to provide the safety of assignments, presence at lecture courses, participation in practical exercises information are considered.

Keywords: Distance educationmanagementsecurity

Introduction

The distance learning system contains two fundamentally different types of training:

  • The so-called on-line education when teacher plays an active role throughout the lesson, lecture, practical training, laboratory workshop, etc. This type of training implies, for the most part, an active teacher-student, student-student dialogue, and in this sense it turns out to be the closest to ordinary face-to-face education. Such education is characterized by a maximum teaching load on the one hand and the ability to control the audience and educational material from the teacher side on the other.

  • Particularly electronic education when student is provided with some pre-prepared training material and a set of complex and adaptable to the student’s knowledge trajectory tests that student must pass through. Then demonstrate the knowledge gained while listening pre-prepared material that also could be issued to him in accordance with the level of student’s knowledge. Using this type of distance learning, education process can be controlled by the teacher in accordance with the tests results demonstrated by student. At the same time teacher cannot control the learning process (and in some cases simply does not have such an opportunity).

When creating and implementing distance education systems (DES), the following components are used:

external interface, for example, web application designed to provide remote access for teachers and students to the training course components. These components can be presentations, multimedia materials, tests and systems for active interaction with the teacher and between students. Moreover, in many cases, it implies the possibility of confidential communication between teacher-student and student-student;

  • information database with training courses content, multimedia demonstration materials, additional educational materials (books electronic copies, textbooks and articles suitably matched to the course material);

  • test materials database for providing students’ knowledge evaluation;

  • electronic journals (statements) with academic performance;

  • server of distance education system, which is the core of the system and provides its basic functionality;

  • devices (stationary and mobile) of various configurations and performance used by students in the process of educational material mastering.

The main users of distance education system are:

  • teachers of educational institution (school, university);

  • specialists of Curriculum & Instruction Departments;

  • system administrators, programmers, web designers, information security specialists of the educational institution;

  • students.

Problem Statement

In accordance with the above mentioned elements and participants of the distance education system, the standard process of information processing can be represented as follows:

  • user’s connection to the website of the distance education system by his personal electronic device (currently it is more often mobile device, such as a tablet or smartphone) using an open communication channel;

  • identification and authentication procedure ( Belk et al., 2017; Takamizawa & Kaijiri, 2006; Walters, 2016) to enter student’s personal account or to use the distance learning resource. At the same time, the user is required to provide personal registration data (in many cases - multifactor authentication (Ometov et al., 2018; Ometov et al., 2017; Ometov et al., 2019), that may contains even biometric characteristics ( Bandara et al., 2015; Bartlett et al., 2012; Biometrics and Authentication in Elearning wiki, 2007);

  • distance education server user’s authorization. At the same time, depending on the user’ status or/and group affiliation the rights to the appropriate level access issue.

  • request to the DES server for providing information, courses resources access and subsystems of DES. Such request fulfillment or non-fulfillment depends on the level of user’s access;

  • input, modification or output of information of open and / or limited access;

  • user’s disconnection from the DES resources.

Certainly, all the listed work stages in the distance education system are fragile from the information security point of view, and, therefore, require appropriate protection measures ( Report Positive Research, 2016). Such measures should be specified already at the stage of DES development and be constantly improved in the process of its use. Let us further consider how the information security triad could be implemented in this case.

Research Questions

Confidentiality in distance education

Information confidentiality in DES is a necessary and essential requirement while developing a database of test assignments and test cases for students. Indeed, premature disclosure of questions and correct answers is unacceptable. Thus, students should not be able to “snoop” this information until testing begins. At the same time, such participants of the system application as administrators and teachers should have access in order to verify, correct and update information. All these requirements can be met using standard means of access control and critical information encryption ( Merkle, 1980). Since, obviously, the system has a multi-level access structure, it becomes necessary to use hierarchical or multi-level systems of key distribution among users ( Bezzateev, 2010). In addition, authentication in the system is necessary when student connects to the distance learning system from his personal device. Currently, this problem is being solved using various methods of user’s multi-factor authentication ( Ometov et al., 2018; Ometov et al., 2017; Ometov et al., 2019) using various authentication information:

Such authentication becomes especially topical in the case when it is necessary to conduct permanent ongoing monitoring, ensuring verification of participation in the educational process or during testing of a particular student ( Levey & Jeff Maynard, 2011; Oladko et al., 2017). Of course, in addition to authentication, the system should keep an audit trail, entries which should be protected from possible intentional distortions, additions or deletions. Currently, blockchain technology ( Dorri et al., 2017; Gorbunova et al., 2020) can be effectively used for these purposes. Taking distance education as a case. blockchain technology ( Ponikarova et al., 2018; Raval, 2017; Stukova, 2019) is seen as especially effective due to the distributed nature of DES, its high dynamism and large number of users connecting and leaving the system at random times ( Haberand & Stornetta, 1990).

Integrity in distance education

The integrity of the teaching materials used in the distance learning process is important for both student and teacher. Any change to these materials may occur only with the consent of teacher and author-developer. Digital signature can be used to prevent unauthorized changes in the content. Both individual (specific author-developer) and coalition (ring), confirming the authorship or responsibility of some team. In this case, it is also possible to use various threshold schemes ( Kaya & Selçuk, 2007) that allow authorized change of information content in the training course with the consent of the author or/and part of the team responsible for this course.

In addition, in many cases, preservation and protection of authorship of course developers is important factor in distance education. Various text analysis systems (type “anti-plagiarism”) use has proven itself to prevent the theft of original text materials, but unfortunately for now, graphic and illustrative material cannot be protected in this way. It is necessary to use special digital watermark systems to protect media information and prevent the unauthorized use of someone’s illustrations. In addition, the digital watermark method allows you to detect illegally changes on copyright illustrations.

Accessibility in distance education

Accessibility in the distance education system implies:

  • Students’ ability to connect to training course at any time or in accordance with predetermined timetable;

  • teachers, methodologists of the educational institution ability to access the material of the educational course to for making changes, additions and adjustments;

  • students and teachers ability to access test tasks, giving access to the correct answers only to teachers;

  • teacher or system administrator ability to disconnect a particular student from the distance learning system (in case of incorrect behavior) at any time.

Obviously, to provide DES protection against unauthorized access, various authentication systems listed above can be used.

Purpose of the Study

The purpose of the study was to determine the main cryptographic algorithms and protocols that are necessary and possible to use in distance education systems to ensure an acceptable level of security for the main components of such systems:

  • database of test materials;

  • electronic journal (statements);

  • distance education system servers;

  • devices (stationary and mobile) used by students in the process of mastering educational material.

And also directly participants of distance education systems themselves:

  • teachers of educational institutions (schools, universities);

  • students.

Research Methods

The main research method in this work is an analytical review of existing cryptographic methods and possibility of its use consideration for solving the triad of information security tasks in distance education. At the same time, we considered both long-known and well-established methods of protection against unauthorized access (encryption and authentication), integrity (hash functions and digital signatures) and new, relatively recently appeared and actively used in various applications cryptographic protocols (blockchain technologies) ( Ponikarova et al., 2018; Raval, 2017; Report Positive Research, 2016).

At the same time, blockchain technologies use in distance education systems not only ensures the integrity of information, which can certainly be achieved with the help of traditional and well-proven digital signature technologies, but also make integrity protection open and transparent for all users of the system, which certainly significantly increases students’ trust to the distance learning system.

Findings

The general approaches proposed in this paper for information security problems solution certainly do not determine all possible solutions, but can be used as a kind of “skeleton” to create a more complete, comprehensive information protection system in open education structures. In this work, we have listed the main cryptographic functions and protocols that have proven themselves in information security systems and some new algorithms that can significantly improve the quality and effectiveness of distance education security and make it more attractive for all user groups.

Conclusion

The paper considers various security problems of distance education systems. Methods are proposed for most frequently arising information protection tasks solution. The possibilities and necessity of using modern cryptographic methods and protocols to ensure reliable and safe operation of distance education systems are identified.

References

Copyright information

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

About this article

Publication Date

21 October 2020

eBook ISBN

978-1-80296-089-1

Publisher

European Publisher

Volume

90

Print ISBN (optional)

-

Edition Number

1st Edition

Pages

1-1677

Subjects

Economics, social trends, sustainability, modern society, behavioural sciences, education

Cite this article as:

Antokhina, J., Ovodenko, A., Novikova, O., & Bezzateev, S. (2020). Confidentiality, Integrity And Accessibility In The Distance Education System. In I. V. Kovalev, A. A. Voroshilova, G. Herwig, U. Umbetov, A. S. Budagov, & Y. Y. Bocharova (Eds.), Economic and Social Trends for Sustainability of Modern Society, vol 90. European Proceedings of Social and Behavioural Sciences (pp. 1095-1101). European Publisher. https://doi.org/10.15405/epsbs.2020.10.03.126