Computer Security in E-Learning

Abstract

Although the roots of e-learning date back to 19th century’s correspondence-based learning, e-learning currently receives an unprecedented impetus by the fact that industry and universities alike strive to streamline the teaching process. Just-in-time (JIT) principles have already been adopted by many corporate training programs; some even advocate the term “just-enough” to consider the specific needs of individual learners in a corporate setting. Considering the enormous costs involved in creating and maintaining courses, it is surprising that security and dependability are not yet considered an important issue by most people involved including teachers and students. Unlike traditional security research, which has largely been driven by military requirements to enforce secrecy, in e-learning it is not the information itself that has to be protected but the way it is presented. Moreover, the privacy of communication between teachers and students. For a long time students and faculty had few concerns about security, mainly because users in academic areas tended not to be malicious. Today, however, campus IT-security is vital. Nearly all institutions install firewalls and anti-virus software to protect campus resources. Even the most common security safeguards have drawbacks that people often fail to see. In Stanford the residential computing office selected an anti-virus program. However, the program can be set to collect data that possibly violates students’ privacy expectations; therefore many students declined using it (Herbert, 2004). Whenever servers that store personal data are not well protected, they are a tempting target for hackers. Social security numbers and credit card information are valuable assets used in identity theft. Such attacks were successful, for instance, at the University of Colorado (Crecente, 2004). A similar incident happened at the University of Texas; the student who committed the crime was later indicted in hacking (Associated Press, 2004). The etymological roots of secure can be found in se which means “without”, or “apart from”, and cura, that is, “to care for”, or “to be concerned about” (Landwehr, 2001). Consequently, secure in our context means that in a secure teaching environment users need not be concerned about threats specific to e-learning platforms and to electronic communication in general. A secure learning platform should incorporate all aspects of security and dependability and make most technical details transparent to the teacher and student. However, rendering a system “totally secure” is too ambitious a goal since no system can ever be totally secure and still remain usable at the same time. The contribution of this chapter is to • Define and identify relevant security and dependability issues. • Provide an overview of assets, threats, risks, and counter measures that are relevant to e-learning. • Point to publications that address the issues in greater detail.