Abstract
E-learning system is a web-based system which is exposed to computer threats. Services or asset of the e-learning system must be protected from any computer threats to ensure the users have peace of mind when using it. It is important to identify and understand the threats to the system in order develop a secure system. The main objectives of this paper are to discuss the computer security threats towards the e-learning system assets and to study the six categories of computer security threats to the e-learning assets. The activities which involve the e-learning assets will be analyzed and evaluated using the STRIDE model. The results show that the e-learning system assets are exposed to threats on availability, integrity and confidentiality .Our findings also show that the high risk assets are assessment and students’ assessment marks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Tastle, W., White, B., Shackleton, P.: E-Learning in Higher Education: The Challenge, Effort, and Return on Investment. International Journal on E-Learning 4, 241–251 (2005)
Singh, B.: Network Security and Management, vol. 1. Prentice-Hall of India Pvt. Ltd., New Delhi (2007)
Gehling, B., Stankard, D.: Ecommerce Security. In: Information Security Curriculum Development (Infoseccd) Conference Kennesaw, GA,USA, pp. 32–37 (2005)
Peltier, T.: Information Security Risk Analysis. CRC Press, Boca Raton (2005)
Myagmar, S., Lee, A.J., Yurcik, W.: Threat Modeling as a Basis for Security Requirements. In: Proceedings of the Symposium on Requirements Engineering for Information Security (SREIS 2005), Paris (2005)
Weippl, E., Tjoa, A.: Privacy in E-Learning: Anonymity, Pseudonyms and Authenticated Usage. International Journal of Interactive Technology and Smart Education (ITSE) 2, 247–256 (2005)
Klobu Ar, T., Jenabi, M., Kaibel, A., Karapidis, A.: Security and Privacy Issues in Technology-Enhanced Learning. In: Cunningham, P., Cunningham, M. (eds.) Expanding the Knowledge Economy: Issues, Applications, Case Studies. IOS Press, Amsterdam (2007)
Sun, L., Wang, H., Li, Y.: Protecting Disseminative Information in E-Learning. In: Advances in Web Based Learning, ICWL 2007, pp. 554–565 (2008)
Graf, F.: Providing Security for elearning. Computers and Graphics (Pergamon) 26, 355–365 (2002)
Asha, S., Chellappan, C.: Authentication of E-Learners Using Multimodal Biometric Technology. In: International Symposium on Biometrics and Technology, Islamabad (2008)
Agulla, E., Castro, L., Mateo, J.: Is My Student at the Other Side? Applying Biometric Web Authentication to E-Learning Environments. In: Proceedings of Eighth IEEE International Conference on Advanced Learning Technologies (ICALT 2008), pp. 551–553, (2008)
Inaba, R., Watanabe, E., Kodate, K.: Security Applications of Optical Face Recognition System: Access Control in E-Learning. Optical Review 10, 255–261 (2003)
Marais, E., Argles, D., Von Solms, B.: Security Issues Specific to E-Assessments. The International Journal for Infonomics Special issue: ‘e-Learning Security’ (2006)
Levy, Y., Ramim, M.: A Theoretical Approach for Biometrics Authentication of E-Exams. In: The 2007 Chais Conference on Instructional Technologies Research (2007)
Apampa, K., Wills, G., Argles, D., Marais, E.: Electronic Integrity Issues in E-Assessment Security. In: Eighth IEEE International Conference on Advanced Learning Technologies, pp. 394–395 (2008)
Weippl, E.: On the Use of Test Centers in E-Assessment, E-Learning Reports. Vienna University of Technology (2006)
Hernández, J., Ortiz, A., Andaverde, J., Burlak, G.: Biometrics in Online Assessments: A Study Case in High School Students. In: Proceedings of the 18th International Conference on Electronics, Communications and Computers (Conielecomp 2008), pp. 111–116 (2008)
Nickolova, M., Nickolov, E.: Threat Model for User Security in E-Learning Systems. International Journal Of Information Technologies and Knowledge, 341–347 (2007)
Yong, J.: Security Modelling for E-Learning. In: Proceedings of the 2007 1st International Symposium on Information Technologies & Applications in Education (ISITAE 2007), Kunming, pp. 1–5 (2007)
Ostyn, C.: In the Eye of the SCORM: An Introduction to SCORM 2004 for Content Developers (2007) (retrieved)
Weippl, E.: Security in E-Learning (Advances in Information Security). Springer, New York (2005)
Olzak, T.: A Practical Approach to Threat Modeling, http://adventuresinsecurity.com/blog/wp-content/uploads/2006/03/A_Practical_Approach_to_Threat_Modeling.pdf
The UM-Miller School of Medicine’s Department of Information Technology, http://it.med.miami.edu/x1297.xml
M.U. Information Services and Technology, http://ist.mit.edu/security/data_classification
Prasath, V.: Modeling the Evaluation Criteria for Security Patterns in Web Service Discovery. International Journal of Computer Applications IJCA 1, 53–60 (2010)
Desmet, L., Jacobs, B., Piessens, F., Joosen, W.: Threat Modeling for Web Services Based Web Applications. DistriNet Research Group, Katholieke Universiteit Leuven (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zamzuri, Z.F., Manaf, M., Ahmad, A., Yunus, Y. (2011). Computer Security Threats Towards the E-Learning System Assets. In: Zain, J.M., Wan Mohd, W.M.b., El-Qawasmeh, E. (eds) Software Engineering and Computer Systems. ICSECS 2011. Communications in Computer and Information Science, vol 180. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22191-0_30
Download citation
DOI: https://doi.org/10.1007/978-3-642-22191-0_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22190-3
Online ISBN: 978-3-642-22191-0
eBook Packages: Computer ScienceComputer Science (R0)