Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy provision in e-learning standardized systems: status and improvements 指導教授:溫嘉榮教授 暑資碩三:吳清淵 M9253309.

Published byIris Brown Modified over 8 years ago

Similar presentations

Presentation on theme: "Privacy provision in e-learning standardized systems: status and improvements 指導教授:溫嘉榮教授 暑資碩三:吳清淵 M9253309."— Presentation transcript:

1 Privacy provision in e-learning standardized systems: status and improvements 指導教授:溫嘉榮教授 暑資碩三:吳清淵 M9253309

2 Introduction What is standards? documented agreements containing technical specifications, precise criteria used as rules, guidelines to ensure that materials, products and service fit their purpose

3 E-learning standards consists of (1) a bdata modelQ (2) one or more bbindingSQ (3) Application Programming Interface (API)

4 The function of Learners Administration (1) provides learners with support for management of administrative information. (2) provides the business logic for learner registration and enrollment.

5 What is privacy? Freedom from intrusion into the private life or affairs of an individual when that intrusion results form undue or illegal gathering and use of data about the individual

6 2. Privacy and security provision in e-learning systems

7 2.1 Privacy threats (1) Identity disclosure (2) Likeability and observability of data (3) Location disclosure in mobile network (4) Data disclosure (5) The HTTP cookie

8 What is HTTP Cookie? Definition: a file mechanism that creates more automated interaction between a web server and a client Function: (1) provides the remote server with a dmemory T of a user’s identity. (2) store e-customers’ personal ID, recent activities at a website,etc. Privacy threats: (1) security failure (2) Monitoring (3) data disclosure (4) limited control (5) collection data

9 2.2 Requirements for privacy and data protection and relevant technologies (1) Learners’ personal data must be protected. (2) Learners’ personal environment must be appropriately controlled in the internal processing of data (3) Learners must be able to formulate their privacy demands and wishes

10 Requirements for privacy and data protection and relevant technologies (4) The service provider should prevent unauthorized accesses to the e-learning environment (5) Learners’ personal environment, where learners’ personal data is stored must be able to distinguish between the public and private data (6) The e-learning service provider must have its privacy policy declared.

11 3. E-learning standardization

12 E-learning standardization Various kinds of efforts are contributing to e- learning standardization ex: (1) IEEE’s Learning Technology Standardization Consortium (LTSC) (2) the IMS Global Learning Consortium

13 These standardization efforts can be identified into two levels: Level 1 information models involved; intended to be used by different vendors in order to produce learning objects and other relevant components of the e-learning system Level 2 the architectures, software components and provided interfaces; the expected behavior of software componets responsible for managing learning objects in online environments

14 4. Privacy and security attributes in e-learner

15 User profile can be modelled by three data types: (1) User data: information about personal characteristic of the user. ex: demographic data, user interests, etc. (2) Usage data: user’s interactive behavior ex: selective user actions, temporal viewing behavior. (3) Environment data: user’s software and hardware and the characteristics fo the user’s current locale or origin. ex: usage frequency, information about the locale of the user.

16 4.1 IMS (1) learner Information in IMS Learner Information Package (LIP) is a collection of information about a learner or a producer of learning content, characteristic of a learner. (2) IMS LIP focuses on the interoperability of internet-based learner information systems with other systems that support the Internet based learning environment

17 Typical sorts of learner information which are supported in LIP (1) education record (2) training log (3) the record of professional development activities.

18 4.1.2 Privacy and security attributes In this tree structure, each node and leaf have an associated set of privacy information which is used to describe the level of privacy

19 4.2 The IEEE LTSC Public and Private Information (PAPI) A multipart standard that specifies the semantics and syntax of information about learners. Defines references elements for recording descriptive information about knowledge acquisition, personal contact information, learner preference and styles,etc. A data interchange specification, used for communication among cooperating systems The logical division that seperates security and the administration of several types of learner information

20 4.2.2 Privacy and security attributes Session-View Security Model (1) Each security session is initiated by an accessor. (2) The accessor provides security credentials that authenticate the accessor, authorize the accessor, or both.

21 4.2.2 Privacy and security attributes Security Parameter Negotiation Model (1) The participants can negotiate security parameters, before, during and after each session. Security Extension Model (1) The participants can use additional security features besides the ones specified in the current model.

22 4.2.2 Privacy and security attributes Access Control Model (1) Accessors can read and write data elements and create new data elements

23 4.3 The Educause-InternetQ Eduperson The eduperson specification is an auxiliary object class for campus LDAP directories that includes widely used person attributes in higher education.

24 4.3.2 privacy and security attributes beduPerson-Principle Name Q (1) Contains person’s bNetIDQ in the form of user@univ.edu. user@univ.edu (2) The user can authenticate with this identifier, using locally operated service.

25 4.3.2 privacy and security attributes eduPerson Scoped Affiliation (1) Specifies the person’s affiliation within a particular security domain in broad categories, such as student, faculty, etc. (2) Used to represent a long-term account linking relationship between an identity provider and a service provider.

26 4.4 Other approaches Universal Learning Format (ULF) (1) Used to capture and exchange various tyeps of e- learning data, ex:online learning content (2) Borrows from various industry standards for exchanging learning data in web environment and incorporate these standards into one solution. (3) Compatible with its constituent standards and provides a two-way path for conversion and reconversion.

27 4.4 Other approaches The OASIS specification Extensible Customer Information Language (ECIL) (1) Defines information associated with a person or organization (2) Supports different customer data elements.Ex: name, birth.

28 4.4 Other approaches The customer Profile Eschagne specification (CP Exchange) (1)Defines a data format for disclosing customer data from one party to another (2) Enables the specification of privacy meta- information as one option

29 5.Assessment and propose improvements

30 General findings (1) the lack of comparabiltiy between the approaches (2) These standards do not address privacy issue sufficiently

31 Suggested Improvements The ELENA Solution (1) The privacy preference in ELENA learner profile are specified in the Privacy Info attribute that is attached to each element. (2) Classifies personal data as high sensitive. (3) The learner can decide which data to be revealed or protected (4) The system can category the data according to the learner’s selected preference.

Download ppt "Privacy provision in e-learning standardized systems: status and improvements 指導教授:溫嘉榮教授 暑資碩三:吳清淵 M9253309."

Similar presentations

Privacy By Design Sample Use Case

Privacy By Design Sample Use Case
Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
UDDI v3.0 (Universal Description, Discovery and Integration)

UDDI v3.0 (Universal Description, Discovery and Integration)
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Understanding the IEC 61850 Standard 101598047 李嘉凱 指導教授:柯開維.

Understanding the IEC Standard 李嘉凱 指導教授:柯開維.
Towards a Semantic Modeling of Learners for Social Networks Asma Ounnas, ILaria Liccardi, Hugh Davis, David Millard, and Su White Learning Technology Group.

Towards a Semantic Modeling of Learners for Social Networks Asma Ounnas, ILaria Liccardi, Hugh Davis, David Millard, and Su White Learning Technology Group.
Requirements Engineering n Elicit requirements from customer  Information and control needs, product function and behavior, overall product performance,

Requirements Engineering n Elicit requirements from customer  Information and control needs, product function and behavior, overall product performance,
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Security Controls – What Works

Security Controls – What Works
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1 Adaptive Management Portal April 2000. 2 3 4.

1 Adaptive Management Portal April
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Architecture & Data Management of XML-Based Digital Video Library System Jacky C.K. Ma Michael R. Lyu.

Architecture & Data Management of XML-Based Digital Video Library System Jacky C.K. Ma Michael R. Lyu.
Data Management I DBMS Relational Systems. Overview u Introduction u DBMS –components –types u Relational Model –characteristics –implementation u Physical.

Data Management I DBMS Relational Systems. Overview u Introduction u DBMS –components –types u Relational Model –characteristics –implementation u Physical.
A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Systems Architecture, Fourth Edition1 Internet and Distributed Application Services Chapter 13.

Systems Architecture, Fourth Edition1 Internet and Distributed Application Services Chapter 13.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google