Abstract
One of the outcomes of the EU-funded iTEC project is the design and the development of a complete eLearning ecosystem, from the design of pedagogical scenarios to their concrete implementation in a Learning Management System, through instantiation of required technical artefacts. The proposed architecture is loosely-coupled and relies on W3C widgets, mashup platforms and other autonomous components, which raise several security issues. This paper reports about the solution that has been implemented to manage user authentication and authorization in such a highly distributed environment, through the combination of various open standards. The proposed approach is based on a survey ran among european teachers about their practices in terms of user credentials usage and sharing.
The work presented in this paper is partially supported by the European Commission’s FP7 programme –project iTEC: Innovative Technologies for an Engaging Classroom (Grant agreement N\(^{\circ }\) 257566). The content of this paper is the sole responsibility of the authors and it does not represent the opinion of the European Commission and the Commission is not responsible for any use that might be made of information contained herein.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
References
Aghaee, S., Pautasso, C.: An evaluation of mashup tools based on support for heterogeneous mashup components. In: Harth, A., Koch, N. (eds.) ICWE 2011. LNCS, vol. 7059, pp. 1–12. Springer, Heidelberg (2012)
Colin, J.-N., Simon, B.: D7.2: Second generation of iTEC shells and composer. iTEC Project deliverable 7.2. University of Namur (2012)
Crocker, D. (ed.): Augmented BNF for Syntax Specifications: ABNF. RFC 5234 (2008). http://tools.ietf.org/html/rfc5234
De Keukelaere, F., Bhola, S., Steiner, M., Chari, S., and Yoshihama, S.: Smash: secure component model for cross-domain mashups on unmodified browsers. In: Proceedings of the 17th international conference on World Wide Web, pp. 535–544. ACM Press, New York (2008)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. 4(3), 224–274 (2001)
OpenID Foundation: Openid authentication 2.0 (2007). http://openid.net/developers/specs/
Govaerts, S., et al.: Towards responsive open learning environments: the ROLE interoperability framework. In: Kloos, C.D., Gillet, D., García, R.M.C., Wild, F., Wolpers, M. (eds.) Towards Ubiquitous Learning. LNCS, vol. 6964, pp. 125–138. Springer, Heidelberg (2011)
Hardt, D. (ed.): The OAuth 2.0 Authorization Framework. RFC 6749 (2012). http://tools.ietf.org/html/rfc6749
Saltzer, J., Schroeder, M.: The protection of information in computer systems. Proc. IEEE 63(9), 1278–1308 (1975)
Apache Shiro reference documentation (2013). http://shiro.apache.org/reference.html
Wilson, S., Sharples, P., Griffiths, D., Popat, K.: Augmenting the VLE using widget technologies. Int. J. Technol. Enhanc. Learn. 3(1), 4–20 (2011)
Zibuschka, J., Herbert, M., Roßnage, H.: Towards privacy-enhancing identity management in mashup-providing platforms. In: Foresti, S., Jajodia, S. (eds.) Data and Applications Security and Privacy XXIV. LNCS, vol. 6166, pp. 273–286. Springer, Heidelberg (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Colin, JN., Tien, H.M. (2015). Securing a Loosely-Coupled Web-Based eLearning Ecosystem Combining Open Standards. In: Monfort, V., Krempels, KH. (eds) Web Information Systems and Technologies. WEBIST 2014. Lecture Notes in Business Information Processing, vol 226. Springer, Cham. https://doi.org/10.1007/978-3-319-27030-2_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-27030-2_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-27029-6
Online ISBN: 978-3-319-27030-2
eBook Packages: Computer ScienceComputer Science (R0)