Conference PaperPDF Available

A secure e-exam management system

Authors:

Abstract and Figures

Secure electronic exams are one of the most difficult challenges in e-learning security. The relevance of the examination process for any academic institution implies that different security mechanisms must be applied in order to preserve some security properties during different examination stages. In this paper, we present a secure e-exam management system where all exam related information is in digital format. We propose a cryptographic scheme that has to be executed in order to achieve the desired security levels at every exam stage.
Content may be subject to copyright.
A Secure E-Exam Management System
Jordi Castell
`
a-Roca
,Jordi Herrera-Joancomarti
and Aleix Dorca-Josa
§
Rovira i Virgili University of Tarragona, Dept. of Computer Engineering and Maths,
Av. Paisos Catalans, 26, E-43007 Tarragona, Catalonia
Universitat Oberta de Catalunya, Av. Tibidabo 39, 08035 Barcelona
§ Universitat d’Andorra, Plac¸a de la Germandat, 7, AD600 Sant Juli
`
adeL
`
oria, Principat d’Andorra
E-mail:
jordi.castella@urv.net,
jordiherrera@uoc.edu,
§
adorca@uda.ad
Abstract
Secure electronic exams are one of the most difficult
challenges in e-learning security. The relevance of the
examination process for any academic institution implies
that different security mechanisms must be applied in order
to preserve some security properties during different exam-
ination stages. In this paper, we present a secure e-exam
management system where all exam related information is
in digital format. We propose a cryptographic scheme that
has to be executed in order to achieve the desired security
levels at every exam stage.
Keys words: e-learning security, electronic exams (e-
exam), cryptographic protocols.
1 Introduction
In e-learning environments, students and teachers use In-
ternet on a regular basis in order to follow/receive lectures,
ask/answer questions and send/receive assessments. How-
ever, e-learning (or in general distance learning) universities
rely on an examination process in which students hold a face
to face exam in a physical place determined by the univer-
sity under supervised conditions. Such conditions ensure
the correctness of the exam, a difficult task to achieve in a
virtual exam model. Face to face exams allow to check stu-
dents identity and ensure exam authoring using traditional
means (checking an identity card and ensuring no one helps
the student during the exam).
Ensure student identity and authoring in a virtual or dis-
tance exam has been pointed out as a hard problem in the lit-
erature [14] with a difficult solution. Then, e-learning insti-
tutions still need face to face exams. However, face to face
exams represent an important effort for e-learning institu-
tions. Typically, e-learning universities do not have enough
physical facilities for all students so they have to rent build-
ings in order to allow students to hold their exams. Fur-
thermore, exam management becomes more complex since
such external examination centers must be provided with
all management mechanism to ensure that students will be
able to perform their exam in a desired location and later
on, all exam answers will be properly collected and sent to
the teachers that have to correct them. For all those reasons,
improving exam management systems has clear advantages
for distance learning institutions.
In order to simplify exam management it is desirable that
all exam stages can be performed electronically, so exams
are turned into e-exams. Notice that we use the term e-
exams to refer to exams (in fact, all exam stages) that can
be performed by electronic means. However, we do not as-
sume that e-exams are distance or virtual exams, since such
property implies different security concerns. In this paper,
we assume that students hold the exam in a supervised en-
vironment, but electronically, that means the student uses a
computer to take the exam.
Intrinsically, exam management needs to achieve a good
security level, since the correctness of this process ensures
somehow the quality of the university. For that reason, the
design an electronic management system for exams should
take a special care of security.
Security in e-learning environments has been addressed
in different literature works. A high level overview of this
topic can be found in [6, 5, 3, 14]. All these works share
the main ideas regarding the way to achieve better secu-
rity levels in e-learning environments. Public key infras-
tructures (PKI) are identified as an adequate technology in
order to provide confidentiality, authenticity, integrity and
non-repudiation, in e-learning environments. According to
these ideas, a PKI approach for an e-learning environment
has been proposed recently in [9] showing that PKI solu-
tions deliver flexibility and scalability to an e-learning envi-
ronment.
Focusing on electronic exam management, to our best
Proceedings of the First International Conference on Availability, Reliability and Security (ARES’06)
0-7695-2567-9/06 $20.00 © 2006
IEEE
knowledge, the only published work on this topic is due to
Chadwick [1]. However, the project did not cover all stages
of an exam detailed in [14], it only addresses the setting up
stage where the examination questions are transferred be-
tween teachers using secure electronic mail based on a PKI.
On the other hand, two commercial solutions for on-line ex-
aminations are available [12, 4]. However, these proposals
do not describe their security measures so it is difficult to
evaluate their suitability and security level.
In this paper we present a secure e-exam management
system. Such system is based on different cryptographic
protocols that offer a high security level for all exam stages.
This scheme has been implemented in a Master Thesis [2].
The rest of the paper is organized as follows: Section 2
describes every examination stage and its security require-
ments. Section 3 presents our scheme for secure electronic
exam management. Section 4 evaluates the security of the
proposed scheme regarding the security requirements iden-
tified in Section 2. Section 5 describes the implementation
of the prototype developed in the Master Thesis [2]. Finally,
our conclusions are presented in Section 6.
2 Examination stages and security properties
An examination process consists of different stages. In
this section we describe each examination stage and its se-
curity requirements based on our experience and on the con-
tributions made in the literature papers [6, 5, 3, 14]. This ac-
curate description has guided the design of a cryptographic
protocol for each stage.
The examination process can be divided in the following
stages:
Setting up an exam: the first stage is the preparation of
the examination questions which is performed by the
teacher.
Beginning, holding and submitting of the exam: in the
second stage, when the exam begins, the student
obtains the exam questions, she writes down the
answers and finally she submits her answers. This
stage must be performed within a fixed amount of
time.
Grading of exams: After the student has delivered the
exam, the teacher grades it.
Obtaining the score of the exam answer: Once the exam
has been graded, the student obtains the result.
Revising of exams Finally, if the student does not agree
with the obtained grade, she can apply for an exam
revision.
Regarding the stages described above, we have identified
the following security requirements, although some of them
have already been pointed out in previous works [6, 5, 3,
14].
Authenticity: The student must be sure that the exam
questions and the exam grade have been pro-
posed by the teacher.
The teacher must be sure that the exam answer
belongs to a valid student.
Privacy: The exam score process should be blind in
order to obtain a maximum impartiality. Then,
the teacher should not know the student identity
of an exam answer. However, the teacher must
be convinced that the answer belongs to a valid
student.
Correction: The exam questions can not be modified
once the exam has started, that means that the
integrity of the questions must be preserved.
Once the examination time has finished, no an-
swers can be submitted.
Once an answer has been submitted it must not
be possible to alter it.
It should not be able to deliver more than one
exam per student.
The deletion of one exam should be avoided or at
least detected.
Secrecy: Exam questions must be kept secret, so the
exam can only be obtained by valid students dur-
ing the time of the exam.
The exam solution must be kept secret until the
exam grades are published.
The students’ answers must be kept secret, only
the teachers can have access to them.
The exam grade should only be sent to the stu-
dent who did the exam.
Receipt: The student must obtain a receipt as a proof that
she has did and sent her exam answer.
Copy detection: The student should do the exam alone, so
cheating must be avoided.
3 The proposed scheme
In this section we propose a secure scheme for electronic
exam management. We rely on the fact that there is no so-
lution to obtain the copy detection property if the students
take the exam at home [6, 5, 14]. Therefore in our proposal,
the exam takes place in a supervised environment.
Proceedings of the First International Conference on Availability, Reliability and Security (ARES’06)
0-7695-2567-9/06 $20.00 © 2006
IEEE
In our proposal, we face interactions between three kinds
of parties or actors, namely:
Student: We use the term student to refer to both a per-
son taking part in the exam, and the software used to
that end, since cryptographic operations must be per-
formed.
Teacher: The teacher is the one that proposes the exam
questions and grade the answers. Also in this case, we
refer to both the person and the software used to that
end.
Manager: The manager is the central authority that con-
trols the exams. It manages the exam questions, an-
swers, solutions and grades.
For each stage enumerated in section 2 we propose a dif-
ferent cryptographic protocol.
3.1 Notation
The following notation is used in order to describe the
protocols presented.
(P
entity
,S
entity
): Asymmetric key pair of entity,
where P
entity
is the public key and S
entity
is the pri-
vate key.
s
entity,i
= S
entity
(m): Digital signature s of mes-
sage m signed by entity, where digital signature
means computing the hash value of message m using
a collision-free one-way hash function and encrypting
this hash value with S
entity
. Subindex i identifies the
signature value in the protocol description.
c
entity,j
= P
entity
(m): Encryption c of message m
under the public key of entity. Subindex j identifies
the encrypted value in the protocol description.
3.2 System set-up
The proposed scheme requires that students, teachers
and the manager have a key pair of a public key cryptosys-
tem.
(P
T
,S
T
) teachers key pair.
(P
S
,S
S
) students key pair.
(P
M
,S
M
) managers key pair.
Each key pair must be certified, we assume the use of a
Public Key Infrastructure (PKI), as it is proposed in [9].
3.3 Setting up an exam
The teacher and the manager do the following steps to
set up an exam.
Protocol 1
1. The teacher performs the following actions:
(a) Compute a unique examination identifier, Id,
composed by the following data:
•S: subject name.
•Sc: Subject code.
•Q: Semester
•D: Exam date.
•T: Fixed time to answer the exam.
•N: Exam serial number.
(b) Propose the exam questions, E.
(c) Compute the digital signature of Id and E with
S
T
, s
T,1
= S
T
(Id, E).
(d) Encrypt Id, E and s
T,1
using the managers’ pub-
lic key P
M
, c
M,1
= P
M
(Id, E,s
T,1
).
(e) Authenticate himself to the manager using his key
pair (P
T
,S
T
).
(f) Send c
M,1
to the manager
2. The manager performs the following actions:
(a) Decrypt c
M,1
using S
M
and obtain Id, E and
s
T,1
.
(b) Verify the digital signature s
T,1
using the
teachers public key P
T
.
(c) Store c
M,1
in a secure way, bound to the exam
Id.
3.4 Beginning, holding and submitting
the exam
The student, teacher and manger use the Protocol 2 in
order to perform an exam.
Protocol 2
1. The teacher publishes the exam identifier, Id.
2. The student authenticates herself using her key pair
(P
S
,S
S
).
3. The student asks for the exam Id to the manager.
4. The manager performs the following steps:
Proceedings of the First International Conference on Availability, Reliability and Security (ARES’06)
0-7695-2567-9/06 $20.00 © 2006
IEEE
(a) Verify if the student is registered in the subject
S. Each subject in one semester has n students
registered. This information is stored by the man-
ager.
(b) Check if the current date D
and time T
are in
the fixed time to answer the exam D and T (D
and T are in the Id).
(c) If the previous verifications succeed:
i. Decrypt c
M,1
using S
M
and obtain Id, E
and s
T,1
.
ii. Encrypt Id, E and s
T,1
using P
S
, c
S,2
=
P
S
(Id, E,s
T,1
).
iii. Send c
S,2
to the student.
(d) Otherwise, return an error code to the student.
5. The student obtains and verifies the exam questions,
solves it and submits the exam answer in the following
way:
(a) Decrypt c
S,2
using S
S
and obtain Id, the exam
questions E, and s
T,1
.
(b) Verify the digital signature s
T,1
using P
M
.
(c) Write down the exam answer, A.
(d) Obtain at random an answer identifier, Ia.
(e) Compute the digital signature of s
T,1
, Ia and A
using S
S
, s
S,2
= S
S
(s
T,1
,Ia,A).
(f) Encrypt Id, E, s
T,1
, Ia, A and s
S,2
using P
M
,
c
M,3
= P
M
(E,Id,s
T,1
,Ia,A,s
S,2
).
(g) Send c
M,3
to the manager.
6. The manager performs the following steps:
(a) Decrypt c
M,3
using S
M
and obtain E, Id, s
T,1
,
Ia, A, and s
S,2
.
(b) Check if the current date D

and time T

are in
the fixed time to answer the exam D and T .
(c) Verify if the student has submitted an exam an-
swer previously.
(d) If the previous verifications succeed:
i. Verify the digital signatures s
T,1
and s
S,2
using P
T
and P
S
respectively.
ii. Obtain the current time t.
iii. Compute the digital signature of Id, Ia and
t using S
M
, s
M,3
= S
M
(Id, Ia, t). s
M,3
is
the exam answer receipt, the proof that stu-
dent has delivered her answer.
iv. Send Id, Ia, t and s
M,3
to the student.
v. Obtain at random a masked-answer identi-
fier, Ia
.
vi. Compute the digital signature of s
T,1
, Ia
and A using S
M
, s
M,4
= S
M
(s
T,1
,Ia
, A).
vii. Encrypt E, Id, s
T,1
, A, Ia
and s
M,4
using
P
T
, c
T,4
= P
T
(E,Id,s
T,1
, A,Ia
,s
M,4
).
viii. Store securely, c
M,3
, s
M,3
, Ia, Ia
, t and
c
T,4
as one answer of the exam Id. Each
exam answer is linked to the student who has
sent it.
(e) Otherwise, return an error code to the student
7. The student does the following steps:
(a) Verify the digital signature s
M,3
using P
M
.
(b) Store Id, Ia, t and s
M,3
as the examination re-
ceipt.
3.5 Grading of exams
The teacher and the manager use Protocol 3 in order to
grade one exam answer.
Protocol 3
1. The teacher performs the following steps:
(a) Authenticate himself to the manager using his key
pair (P
T
,S
T
).
(b) Request for one answer of a given exam Id.
2. The manager does the following steps:
(a) Obtain one exam answer that has not been
graded previously, c
T,4
.
(b) Send c
T,4
to the teacher.
3. The teacher does the following steps:
(a) Decrypt c
T,4
using S
T
and obtain E, Id, s
T,1
,
A, Ia
and s
M,4
.
(b) Verify the digital signature s
M,4
with P
M
.
(c) Grade the answer A with a value G.
(d) Compute the digital signature of E, Id,
s
T,1
, A, Ia
and G using S
T
, s
T,5
=
S
T
(E,Id,s
T,1
, A,Ia
, G).
(e) Encrypt Id, E, s
T,1
, A, Ia
, s
M,4
,
G and s
T,5
using P
M
, c
M,5
=
P
M
(E,Id,s
T,1
, A,Ia
,s
M,4
, G,s
T,5
).
(f) Send c
M,5
to the manager.
4. The manager does the following steps:
(a) Decrypt c
M,5
using S
M
obtaining E, Id, s
T,1
,
A, Ia
, s
M,4
, G and s
T,5
.
Proceedings of the First International Conference on Availability, Reliability and Security (ARES’06)
0-7695-2567-9/06 $20.00 © 2006
IEEE
(b) Verify the digital signatures s
T,1
, s
M,4
and s
T,5
with P
T
, P
M
and P
T
respectively.
(c) Obtain the c
M,3
that corresponds to c
T,4
. The
manager has stored c
M,3
and Ia
, so using Ia
can find the c
M,3
linked to c
T,4
, i.e. the student’s
answer.
(d) Decrypt c
M,3
using S
M
, and obtain E, Id, s
T,1
,
Ia, A and s
S,2
.
(e) Encrypt E, Id, s
T,1
, Ia, A, G,
s
S,2
and s
T,5
using P
S
, c
S,6
=
P
S
(E,Id,s
T,1
,Ia,A, G,s
S,2
,s
T,5
).
(f) Store c
S,6
, Id and Ia in a secure way.
3.6 Obtaining the score of the exam an-
swer
The student obtains her exam score by running the Pro-
tocol 4 together with the manager.
Protocol 4
1. The student authenticates herself in front of the man-
ager using her key pair (P
S
,S
S
).
2. The student requests from the manager the score of the
answer Ia.
3. The manager performs the following steps:
(a) Verify if Ia belongs to the student that has been
authenticated.
(b) Obtain c
S,6
that had been stored;
(c) Send c
S,6
to the student.
4. The student obtains the grade G by following the next
steps:
(a) Decrypt c
S,6
using S
S
, and obtain E, Id, s
T,1
,
Ia, A, G, s
S,2
and s
T,5
.
(b) Verify the digital signatures s
T,1
, s
S,2
and s
T,5
using P
T
, P
S
and P
T
respectively.
3.7 Revising of exams
The student may apply for an exam grade revision by
running the Protocol 5 together with the manager.
Protocol 5
1. The student does the following steps:
(a) Authenticate herself in front of the manager us-
ing her key pair (P
S
,S
S
).
(b) Obtain at random one number that will be the
revision identifier, Ir.
(c) Compute a digital signature of Id, Ia, Ir using
S
S
, s
S,6
= S
S
(Id, Ia, Ir). s
S,6
is the request to
review the score of the answer Ia.
(d) Send Id, Ia, Ir and s
S,6
to the manager.
2. The manager does the following steps:
(a) Verify the digital signature s
S,6
using P
S
.
(b) Store Id, Ia, Ir and s
S,6
.
The teacher uses a modification of Protocol 3 in order to
review one exam.
4 Security analysis
We assume that the manager is honest, so our protocol is
based on a Trusted Third Party (TTP), that is the manager.
The manager is protected with conventional security mea-
sures (firewalls, VPN, IDS, etc...) described in [6, 5, 3, 14].
Authenticity: In Step 1c of Protocol 1 the teacher
digitally signs the exam. The student verifies this
signature in Step 5b of Protocol 2, and then she
gets sure that the exam questions have been pro-
posed by the teacher.
In Step 3d of Protocol 3 the teacher digitally
signs the grade. The student verifies the digi-
tal signature in Step 4b of Protocol 4, so she is
convinced that grade has been proposed by the
teacher.
In Step 5e of Protocol 2 the student digitally signs
the exam answer. The manager verifies the stu-
dent’s signature in Step 6(d)i of Protocol 2 and
computes a digital signature of exam answer in
Step 6(d)vi. The teacher verifies the manager’s
digital signature in Step 3b of Protocol 3. Assum-
ing manager honesty, the teacher has no doubt
the answer has been written by a valid student.
Privacy: In Step 3a of Protocol 3 the teacher receives
an exam answer c
T,4
, and he decrypts it obtaining
E, Id, s
T,1
, A and s
M,4
. This information does
not reveal the student identity. However, the dig-
ital signature s
M,4
convinces the teacher that A
belongs to a valid student.
Correction: In Step 1c of Protocol 1 the teacher dig-
itally signs the exam obtaining s
T,1
. The student
computes the digital signature of s
T,1
, Ia and A
in Step 5e of Protocol 2 obtaining s
S,2
. The dig-
ital signatures s
T,1
and s
S,2
grant that the exam
questions have not been modified once the exam
has started.
Proceedings of the First International Conference on Availability, Reliability and Security (ARES’06)
0-7695-2567-9/06 $20.00 © 2006
IEEE
In Step 6b of Protocol 2 the manager verifies
whether the examination time has finished, re-
jecting any exam answer submission once the
time has expired.
The student digitally signs the exam answer in
Step 5e of Protocol 2. So, if the answer is modi-
fied the digital signature verification will fail.
In Step 6c of Protocol 2 the manager verifies if
the student has previously delivered an exam an-
swer, and in this case, the exam answer is not
accepted.
If one exam is deleted there is one student that
will not obtain her grade, so the deletion is de-
tected. Moreover, the student can prove that she
has delivered the exam, because she can show the
examination receipt obtained in Step 7 of Proto-
col 2.
Secrecy: The teacher encrypts the exam questions in
Step 1d using the managers public key. The
managers private key is needed to obtain the
exam questions, and such key is restricted to the
manager. The manager sends the exam questions
to the student in Step 4(c)iii of Protocol 2, if the
student is registered in the exam subject and if
the current time and date are in the fixed time to
answer the exam, Steps 4a and 4b of the Proto-
col 2.
The teacher can deliver the exam solution to the
manager using a modification of Protocol 1, so
the solution is encrypted and only can be ob-
tained by the manager.
In Step 5f of Protocol 2 the student encrypts her
answer using the managers public key. At this
point, the exam answer only can be obtained by
the manager. Later on, the manager encrypts
the exam answer with the teachers public key in
Step 6(d)vii. The teacher obtains the encrypted
exam answer in Step 3. We conclude that stu-
dents’ answers are kept secret, so only the teacher
and the manager have access to them.
The manager authenticates the Student in Step 1
of Protocol 4 and verifies that she is the owner
of the answer Ia in Step 3a of Protocol 4. If the
above verification suceed the manager sends c
6
to the student. c
6
is the exam grade encrypted
using the students public key, so that only the
student can obtain her grade.
Receipt: The student obtains a receipt in Step 7 of Proto-
col 2 as a proof of exam delivery.
Figure 1. System overview
Copy detection is prevented: The exam takes place in a
supervised environment, so the copy detection is pre-
vented using traditional means.
5 Implementation
The secure e-exam management system described in
these previous sections has been implemented in a Master
Thesis [2]. The system has been developed using Java lan-
guage because it is platform independent and thus can be
deployed in any architecture. Also, Java language offers
several cryptographic APIs with the crypto-systems needed
in our system. We have used the IAIK [8] library because
it contains an implementation of the whole Java Cryptog-
raphy Extension (JCE) Framework, together with a great
documentation. The system is composed of five main com-
ponents: cryptographic scheme component, XML, RMI,
DataBase and finally the graphic interface. In figure 1 we
can see the system overview.
5.1 Cryptographic scheme component
The cryptographic scheme contains the implementation
of the cryptographic operations presented in Section 3.
Each of the clients, student and teacher, has its own appli-
cation. Each application has different classes that contain
the implementation of the necessary protocols to perform
the cryptographic operations.
5.2 XML component
The outputs of the cryptographic scheme component
are stored in an XML document using the XML compo-
nent. XML documents are exchanged between the actors,
i.e. manager, student and teacher. Once a document is
received, the cryptographic information is obtained using
Proceedings of the First International Conference on Availability, Reliability and Security (ARES’06)
0-7695-2567-9/06 $20.00 © 2006
IEEE
the XML component, and verified using the cryptographic
scheme component. If verifications hold the document is
stored.
The XML data format allows efficient data manage-
ment, and, additionally, the system becomes more flexible
in terms of updating or modification.
Our implementation uses the JDOM [7] API in the XML
component, because it is open source and provides a low-
cost entry point for using XML.
5.3 RMI component
To be able to create a distributed system, the Java Re-
mote Method Invocation (Java RMI) [13] technology has
been used. In this way, methods of remote Java Objects can
be invoked from other Java virtual machines on different
hosts. In this way, communication between the manager,
student and teacher is transparent and implementation be-
comes easier.
5.4 DataBase component
The exam questions, answers, grades, and reviews must
be stored in a persistent way. Moreover, we need to keep
information about teachers and students.
The system stores the above information in a
MySQL [10] DataBase server. Such database has been cho-
sen since it is open source, and there are implementations
available for the main architectures, Microsoft
c
Win32,
Linux, and MacOSX
c
.
The DataBase (DB) is not accessed directly. The
DataBase component is the middleware between the DB
and the other system components.
5.5 Graphic interface component
In this master thesis prototype a basic graphical interface
has been developed. This interface permits users to perform
the basic operations described in Section 2 in an intuitive
way.
We have used the Standard Widget Toolkit (SWT), be-
cause it is easy to use and is open source.
As pointed out previously, each user has a key pair. The
system stores such keys in a PKCS#12 [11] file. In the first
step, in any of the two applications (student or teacher),
the user must introduce her PKCS#12 file and the password
used to protect it. Figure 2 shows the dialog in which the
user enters the above information.
Figure 3 displays the teachers application. In the up-
per left side there is the exam identifier information. In the
upper right side there are the control buttons: create exam,
obtain answers, grade answer, and obtain revisions. The
<< and >> buttons allow to obtain the next exam answer
Figure 2. Users’ authentication dialog
or the next exam that must be reviewed. In the middle of the
application there are the exam questions, and below there is
the exam answer.
Figure 3. Teacher’s application
Figure 4 shows the students application. In the upper
left side, like in the teachers application, there is the exam
identifier information. The control buttons are in the upper
right side. The control buttons are the following: get exam,
get exam grade, send answer and ask for revision. The exam
questions and the space to introduce the exam answer are in
the same layout as in the teachers application.
Figure 4. Student’s application
Proceedings of the First International Conference on Availability, Reliability and Security (ARES’06)
0-7695-2567-9/06 $20.00 © 2006
IEEE
6. Conclusions
In this paper we have presented a secure e-exam man-
agement system. We have reviewed all exam stages and
we have identified the different security properties that ev-
ery exam stage must satisfy. Such information has allowed
us to define a system based on different cryptographic pro-
tocols that offer a high security level for all exam stages.
Moreover, the scheme has been implemented in [2], in or-
der to test its functionality and some implementation de-
tails have been presented. However, the proposed system
assumes that in the setting up stage, students hold the exam
in a supervised environment. Further research should be di-
rected to allow students to hold exams in a less restricted
environment.
Acknowledgements and disclaimer
This work is partially supported by the Spanish MCYT
and the FEDER funds under grant SEG2004-04352-C04-
04 PROPRIETAS-WIRELESS. The work described in this
paper has been supported in part by the European Commis-
sion through the IST Programme under Contract IST-2002-
507932 ECRYPT. The information in this document reflects
only the author’s views, is provided as is and no guarantee
or warranty is given that the information is fit for any par-
ticular purpose. The user thereof uses the information at its
sole risk and liability. The first author is partly supported by
the Catalan Government under grant 2005 SGR 00446, and
by the Spanish Ministry of Science and Education through
project SEG2004-04352-C04-01 “PROPRIETAS”.
References
[1] D. Chadwick, R. Tassabehji, and A. Young. Experiences
of using a public key infrastructure for the preparation of
examination papers. Computers & Education, 35(1):1–20,
august 2000. ISSN: 0360-1315.
[2] A. Dorca-Josa. Cryptographic scheme for secure e-exams.
Master’s thesis, Universitat Oberta de Catalunya, january
2005. Language: catalan.
[3] K. El-Khatib, L. Korba, Y. Xu, and G. Yee. Privacy and se-
curity in e-learning. International Journal of Distance Edu-
cation, 1(4), October-December 2003. ISSN: 1539-3100.
[4] Exon Gurukul Online, Learning Solutions, Online
Examinations
c
. http://www.gurukulonline.com, 2005.
[5] S. Furnell, U. Bleimann, J. Girsang, H. Rder, P. Sanders, and
I. Stengel. Security considerations in online distance learn-
ing. In W. Hahn, E. Walther-Klaus, and J. Knop, editors,
Proceedings of Euromedia 99, pages 31–135,, Munich, Ger-
many, 25-28 April 1999. ISBN 1-56555-169-9.
[6] S. Furnell, P. Onions, U. Bleimann, U. Gojny, M. Knahl,
H. Rder, and S. P. A security framework for online dis-
tance learning and training. Internet Research, 8(3):236–
242, 1998. ISSN: 1066-2243.
[7] J. Hunter and B. McLaughlin. The jdom xml api.
http://www.jdom.org/docs/apidocs/index.html.
[8] (IAIK-JCE). The iaik java cryptography extension.
http://jce.iaik.tugraz.at/sic/products/core
crypto toolkits/jca jce.
[9] G. Kambourakis, K. D-P.N., A. Rouskas, and S. Gritzalis.
A pki approach for deploying modern secure distributed e-
learning and m-learning environments. Computers & Edu-
cation, Article in press. ISSN: 0360-1315.
[10] MySQL. The mysql database server documentation.
http://www.mysql.com/documentation/index.html.
[11] PKCS#12. Personal information exchange syntax standard.
http://www.rsasecurity.com/rsalabs/node.asp?id=2138.
[12] Software Secure, Securexam
c
.
http://www.softwaresecure.com/, 2005.
[13] Sun-Microsystems. The java re-
mote method invocation documentation.
http://java.sun.com/products/jdk/rmi/reference/docs/index.html.
[14] E. Weippl. Security in E-Learning, volume 16 of Advances
in Information Security. Springer Science+Business Media,
Inc., 2005. ISBN: 0-387-24341-0.
Proceedings of the First International Conference on Availability, Reliability and Security (ARES’06)
0-7695-2567-9/06 $20.00 © 2006
IEEE
... In the state-of-the-art, we find not only works that describe properties for secure and private assessment, but also proposals for new security protocols for computer-assisted exams. (Castella-Roca et al., 2006) designs a protocol that meets authentication and privacy properties in the presence of a fully trusted exam manager. (Bella et al., 2014) proposes an e-exam, which considers a corrupted examiner, but assumes an honest-but-curious anonymiser. ...
Preprint
We study coercion-resistance for online exams. We propose two properties, Anonymous Submission and Single-Blindness which, if hold, preserve the anonymity of the links between tests, test takers, and examiners even when the parties coerce one another into revealing secrets. The properties are relevant: not even Remark!, a secure exam protocol that satisfied anonymous marking and anonymous examiners results to be coercion resistant. Then, we propose a coercion-resistance protocol which satisfies, in addition to known anonymity properties, the two novel properties we have introduced. We prove our claims formally in ProVerif. The paper has also another contribution: it describes an attack (and a fix) to an exponentiation mixnet that Remark! uses to ensure unlinkability. We use the secure version of the mixnet in our new protocol.
... E-exam systems are quickly gaining acceptance in many higher educational institutions due to the fact that examination is a standard and long-accepted process for evaluating levels of knowledge acquired by students and e-exam systems provide great potentials to enhance the process (Adebayo & Abdulhamid, 2014). E-exam is significant because it eases exam management with considerable level of security (Catelloa-Roca, Herrera-Joancomarti & Dorca-Josa, 2006). Another valid point is that such systems allow minimizes amount of repeated preparing and marking of examinations by teachers, reduce examination operational expenses, and provide access to statistical analyses and results of data collected through the eexam system that provide much insight on students' progress (Modiri, Farahi & Ketabi, 2011). ...
Article
Full-text available
The deployment of electronic examination systems (e-exams) has been used worldwide for decades by educational testing institutions to assess students’ learning achievement levels and suitability for admission to subsequent higher levels of educations. However, the use of such systems for testing students within tertiary level education institutions is a more recent innovation usually necessitated by huge student intakes relative to limited teachers to instruct and examine them. This study investigated the behavioural intention of university students towards the use of e-exams for assessing their learning achievements in their programmes. The study collected data through a structured questionnaire survey of 318 undergraduate students in the University of Maiduguri, Borno State, Nigeria. The questionnaire items were based on a modified Unified Theory of Acceptance and Use of Technology (UTAUT), while structural equation modelling was used to to investigate the relative strengths of the UTAUT factors and moderators in accounting for the students’ behavioural intention to willingly accept and use e- exam systems in their programmes. Performance expectancy, effort expectancy, social influence and facilitating condition all had the expected effects on behavioural intention towards e-exam system as predicted by UTAUT. The paper discusses some key implications of the findings, as well as policy recommendations for university administrators regarding adoption and use of e-exam systems in the delivery of their programmes.
... The solution being formulated is the use of biometric fingerprint authentication that will recognize students taking encrypted examinations and ensure that questions remain unchanged after being submitted by the professor [37,38]. Recently study in certain Nigerian Universities indicated that psychological distress factors have been considered in preparing E-Exam [39]. ...
Article
Full-text available
Nowadays under COVID 2019, e-learning has become a potential prop approach of technology in education that provides contemporary learners with authentic knowledge acquisitions. As a practical contribution, electronic examination (e-exam) is a novel approach in e-learning designed to solve traditional examination issues. It is a combination of assorted questions designed by specialized software to detect an individual’s performance. Despite intensive research in this area, the performance of e-exams faces challenges such as authentication of the examinee’s identity and answered papers. This paper aims to present the experiences of educational organizations in e-exam and e-evaluation as an essential tool of e-learning in various countries. The paper recommends that under the global pandemic COVID 2019 evaluating students using intensive continuous evaluation, including e-exam supported by authentication methods, which may help detect and reduce or even prevent student violations. The results show that the most used LMS tools were the Moodle and proprietary solutions which were 75% both among many other LMS tools i.e., Blackboard and eFront. The least develop countries are prefer to use open source and proprietary due to the zero cost of these solutions. the internet speed, cost and authenticity were the most challenges faced e-exams centers, which were 99%, 82%, and 68%, respectively.
... Even thought, e-exam offers various advantages there are still some challenges related to reliability, quality of service and high availability requirements in the implementation of e-exam. Furthermore, it also needs institutional attention to various parameters related to scalability, performance and security of e-exam implementation [9,10]. ...
... In 2006, Jordi Castella-Roca et al. [4] proposed an e-test scheme, includes three main participants, the exam manager, teacher and student. The exam manager be in charge of an entire operations including administers questions, solutions and announce the scores. ...
Article
Full-text available
this article presents an encryption system which has many characteristics, like anonymity, originality, correctness, confidentiality, durability and confirmation as well as no need to any trusted authority. Besides that the submitted system gives an evidence of the successful submission by using anonymity property. Additional to use the anonymous return channel, also use the timed-based solution. The proposed system has been implemented and its results were measured. The preliminary findings in this paper seem very promising. Also, the results show that the system is applicable and will yield good results if applied to new generations of mobile phones. Furthermore, the results show that the method is more efficient and faster than the system already in place.
... Also, it helps institutions deal with the shortage of examination facilities [26]. Authenticity, privacy, secrecy and correction are some of the main requirements to implement a secure exam [27]. ...
... Jordi Castella-Roca et al. [11] proposed a secure e-exam management system where all exam related information is in digital format. A cryptographic scheme is proposed that has to be executed in order to achieve the desired security levels at every exam stage. ...
Conference Paper
Full-text available
As advancements in information and communication technology increases rapidly in our day to day life, the e-learning system has gained more attention in the educational institutions. Many educational institutions try to progress from pen-paper examination to online examination for many reasons, including personalized environment, secured system, and accurate evaluation. This research work focuses on a simple scheme for mutual authentication between the student and the server and secure delivery of question paper from the server. The experimental results shown in this research work are based on a set of survey questions given for students and instructors. The results are promising towards the use of the proposed system during the examination
... Jordi Castella-Roca et al. [11] proposed a secure e-exam management system where all exam related information is in digital format. A cryptographic scheme is proposed that has to be executed in order to achieve the desired security levels at every exam stage. ...
Chapter
Worldwide, increasing trends on distance learning provided by different educational and academic organizations require robust secure environments for carrying out the distance examinations. The security of online examinations is prone to many threats including the local cheaters and outside attackers. Several studies have been carried out in terms of technical, authentication algorithms, and environmental monitoring (supervised or unsupervised). None of these categories can satisfy the required security services to stop candidate cheating during the examination. A robust secure model will be needed to include all three categories in order to provide secure environments for examinees while no manual supervision is required by proctor or professors.
Article
Full-text available
Considers the requirement for information security within the domain of online distance learning. A generic module structure is presented which represents a high level abstraction of the different stages of the educational process. Discusses the main security issues that must be considered at each stage. These various requirements are being addressed in practice by the security framework being developed by the SDLearn research project, a collaborative initiative between higher academic establishments in the UK and Germany.
Article
Full-text available
For a variety of advantages, universities and other organizations are resorting to e-learning to provide instruction on-line. While many advances have been made in the mechanics of providing on-line instruction, the needs for privacy and security have to-date been largely ignored. This paper examines privacy and security issues associated with e-learning. It presents the basic principles behind privacy practices and legislation. It investigates the more popular e-learning standards to determine their provisions and limitations for privacy and security. Privacy requirements for e-learning systems are explored with respect to the “Privacy Principles.” The capabilities of a number of existing privacy enhancing technologies, including methods for network privacy, policy-based privacy/security management, and trust systems, are reviewed and assessed.
Article
While public key cryptography is continuously evolving and its installed base is growing significantly, recent research works examine its potential use in e-learning or m-learning environments. Public key infrastructure (PKI) and attribute certificates (ACs) can provide the appropriate framework to effectively support authentication and authorization services, offering mutual trust to both learners and service providers. Considering PKI requirements for online distance learning networks, this paper discusses the potential application of ACs in a proposed trust model. Typical e-learning trust interactions between e-learners and providers are presented, demonstrating that robust security mechanisms and effective trust control can be obtained and implemented. The application of ACs to support m-learning is also presented and evaluated through an experimental test-bed setup, using the general packet radio service network. The results showed that AC issuing is attainable in service times while simultaneously can deliver flexible and scalable solutions to both learners and e-learning providers.
Article
A project that piloted the secure electronic preparation of examination papers ran during the first semester of the academic year 1998/99 at the University of Salford. The examination papers were transferred between the participants (lecturers, administrators and external examiners) using secure electronic mail. Security was provided by a managed public key infrastructure. Users were profiled and interviewed in order to determine the likely success of further roll out within the institution, as well as the user friendliness of the existing paper-based and proposed electronic systems. The project found that, while the technology worked for some participants, others had severe problems with installation of the software and failed to grasp key concepts. There appear to be formidable obstacles to extending the system to cover the whole university, including compatibility of equipment and the reliability of the network infrastructure.
Security in E-Learning, volume 16 of Advances in Information Security ISBN: 0-387-24341-0. The jdom xml api. Securexam c ?. Thejavare-documentation
  • E Weippl
E. Weippl. Security in E-Learning, volume 16 of Advances in Information Security. Springer Science+Business Media, Inc., 2005. ISBN: 0-387-24341-0. The jdom xml api. Securexam c ?. Thejavare-documentation. Proceedings of the First International Conference on Availability, Reliability and Security (ARES’06) 0-7695-2567-9/06 $20.00 © 2006 IEEE
Learning Solutions, Online Examinations c
  • Exon Gurukul
Exon Gurukul Online, Learning Solutions, Online Examinations c. http://www.gurukulonline.com, 2005.
The mysql database server documentation
  • Mysql
Cryptographic scheme for secure e-exams. Master's thesis
  • A Dorca-Josa
The Java remote method invocation documentation
  • Sun-Microsystems
Security considerations in online distance learning
  • S Furnell
  • U Bleimann
  • J Girsang
  • H Rder
  • P Sanders
  • I Stengel