Abstract
Allowing students to use their own devices for electronic assessments allows institutions of higher education to reduce their expenses for specialized computer labs. There are, however, concerns about the security of these kind of examinations if the devices are not fully controlled by the examining institution. In addition to these concerns, several other issues have to be taken into account for electronic assessment: equality of treatment, student identification and proof of authorship need to be ensured by an electronic assessment software framework. In this paper, we present our approach to such a framework. Using a client-server model, the proposed assessment framework meets the previously mentioned issues by establishing a trusted platform on students’ devices and uses digital signatures and asymmetric encryption to identify the students. A remote attestation protocol allows on-line verification of the integrity of the software platform on the students’ devices during an assessment. Therefore, our framework, thus provides the means to conduct practically secure electronic examinations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
This may also be the reason why there is to our knowledge no lockdown software for Linux systems.
References
ETH Zurich, Educational Development and Technology: Safe Exam Browser. http://safeexambrowser.org/news_en.html
Biella, D., Engert, S., Huth, D.: Design and delivery of an e-assessment solution at the University of Duisburg-Essen. In: Proceedings EUNIS 2009. EUNIS Proceedings (2009)
Bücking, J.: eKlausuren im Testcenter der Universität Bremen: Ein Praxisbericht (2010)
Dahlstrom, E., Brooks, C., Grajek, S., Reeves, J.: Undergraduate Students and IT (2015)
Poll, H.: Student Mobile Device Survey 2015: National Report: College Students (2015)
Willige, J.: Auslandsmobilität und digitale Medien: Arbeitspapier Nr. 23 (2016)
Schneider, D.R., Halbherr, T.: E-Assessment Challenges: How to Conduct Secure E-Assessments with Open-Source Solutions and BYOD, Talk at EDUCAUSE 2013 (2013)
Søgaard, T.M.: Mitigation of cheating threats in digital BYOD exams, Master’s Thesis (2016)
Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. ACM SIGOPS Oper. Syst. Rev. 39(5), 1–16 (2005)
Garay, J.A., Huelsbergen, L.: Software integrity protection using timed executable agents. In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 189–200 (2006)
Eldefrawy, K., Rattanavipanon, N., Tsudik, G.: HYDRA: HYbrid Design for Remote Attestation (Using a Formally Verified Microkernel) (2017)
Hoffman, N.: VM Checking and Detecting (2014). http://securitykitten.github.io/vm-checking-and-detecting/
Merkle, R.C.: A digital signature based on a conventional encryption function. In: Advances in Cryptology - CRYPTO 1987: Proceedings, pp. 369–378 (1988)
Namiot, D., Sneps-Sneppe, M.: On Micro-services Architecture. Int. J. Open Inf. Technol. 2(9), 24–27 (2014)
Politze, M., Decker, B., Eifert, T.: pSTAIX - a process-aware architecture to support research processes. In: Eibl, M., Gaedke, M. (eds.) INFORMATIK 2017: Digitale Kulturen. Beitrage der 47. Jahrestagung der Gesellschaft fr Informatik e.V. (GI). Köllen (GI Edition Lecture Notes in Informatics Proceedings (LNI)), Bonn (2017)
Küppers, B., Politze, M., Schroeder, U.: Reliable e-assessment with GIT: practical considerations and implementation (2017). https://doi.org/10.17879/21299722960
Microsoft: How TLS/SSL Works: Logon and Authentication (2003). https://technet.microsoft.com/en-us/library/cc783349(v=ws.10).aspx
Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (Im)possibility of obfuscating programs. In: Advances in Cryptology - CRYPTO 2001, Proceedings, pp. 1–18 (2001)
Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Technical Report 148, Department of Computer Science, University of Auckland (1997)
Collberg, C., Thomborson, C.: Watermarking, tamper-proofing, and obfuscation tools for software protection. Technical Report TR00-03, The Department of Computer Science, University of Arizona (2000)
Doherty, E.P.: Digital Forensics for Handheld Devices, 1st edn. (2012). ISBN 9781439898772
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Küppers, B., Politze, M., Zameitat, R., Kerber, F., Schroeder, U. (2019). Practical Security for Electronic Examinations on Students’ Devices. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Intelligent Computing. SAI 2018. Advances in Intelligent Systems and Computing, vol 857. Springer, Cham. https://doi.org/10.1007/978-3-030-01177-2_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-01177-2_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01176-5
Online ISBN: 978-3-030-01177-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)