Abstract
The design and implementation of a security plug-in for Learning Management Systems is presented. The plug-in (called IBS) can help in protecting a Leaning Management System from a varied selection of threats, carried on by malicious users via internet. Nowadays it is quite likely that the installer and/or administrator of a system are interested teachers, rather than skilled technicians. This is not a problem from the point of view of user friendliness and ease of use of the systems functionalities; those are actually features that motivate the widespread adoption of both proprietary and open source web-based learning systems. Yet, as any other web application, learning systems are subject to seamless discovery and publication of security weaknesses buried into their code. Accordingly, such systems present their administrators with apparent needs for continuous system upgrade and patches installation, which may turn out to became quite a burden for teachers. The integration of IBS in a system allows easing the above mentioned needs and can help the teachers to focus their work more on the pedagogical issues than on the technical ones. We report on the present integration of IBS in two well established open source Learning Management Systems (Moodle and Docebo), allowing for a reasonably standing protection from the threats comprised in five well known classes of “attacks”. Besides describing the plug-in definition and functionalities, we focus in particular on the specification of a whole protocol, devised to guide the adaptation and installation of IBS in any other php-based learning system, which makes the applicability of the plug-in sufficiently wide.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Hope, P., Walther, B.: Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast. O’Really, Sebastopol (2008)
Kurose, R.: Computer networking: a top-down approach. Addison-Wesley, Reading (2009)
OWASP. A Guide to Building Secure Web Applications and Web Services, http://www.owasp.org/index.php/Category:OWASP_Guide_Project
ModSecurity apache module, main reference, http://www.modsecurity.org
php-ids apache module, main reference, http://php-ids.org
Braga, G., Sterbini, A., Temperini, M.: A threats blocking plug-in for open source learning management systems. In: Lytras, M.D., Ordonez De Pablos, P., Avison, D., Sipior, J., Jin, Q., Leal, W., Uden, L., Thomas, M., Cervai, S., Horner, D. (eds.) ECH-EDUCATION 2010. Communications in Computer and Information Science, vol. 73, pp. 551–557. Springer, Heidelberg (2010)
Moodle Learning Management System, main reference, http://www.moodle.org
Docebo Learning Management System, main reference, http://www.docebo.org
Wapity web security scanner, http://wapiti.sourceforge.net
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Conti, A., Sterbini, A., Temperini, M. (2011). IBS: Intrusion Block System a General Security Module for elearning Systems. In: Cherifi, H., Zain, J.M., El-Qawasmeh, E. (eds) Digital Information and Communication Technology and Its Applications. DICTAP 2011. Communications in Computer and Information Science, vol 167. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22027-2_41
Download citation
DOI: https://doi.org/10.1007/978-3-642-22027-2_41
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22026-5
Online ISBN: 978-3-642-22027-2
eBook Packages: Computer ScienceComputer Science (R0)