• 藍色版面
  • 綠色版面
  • 橘色版面
  • 粉紅色版面
  • 棕色版面
帳號:guest(120.119.126.29)          離開系統
字體大小: 字級放大   字級縮小   預設字形  

詳目顯示

研究生: 武興海
研究生(外文): Vu Hung Hai
論文名稱: 應用數位簽章至電子化學習系統:以越南國立經濟大學為例
論文名稱(外文): Applying Digital Signatures to E-learning System:The Case of National Economics University, Viet Nam
指導教授: 張鐸
指導教授(外文): Chang To
學位類別: 碩士
校院名稱: 樹德科技大學
系所名稱: 資訊管理研究所
論文出版年: 2007
畢業學年度: 95
語文別: 英文
論文頁數: 118
中文關鍵詞: 電子化學習數位簽章驗証安全模式
外文關鍵詞: E-learningdigital signaturePKIauthenticationsecure model
相關次數:
  • 被引用:0
  • 點閱:19
  • 評分:*****
  • 下載:0
  • 書目收藏:0
本文指出在為e化學習決定,並找出安全問題與解決方案時必須考量的要素,並涉及了學習流程與系統管理。本文特注重在應用數位簽章技術到e化學習系統上,並以越南國立經濟大學為例(以下簡稱NEU)。 本文從安全與隱私的議題與它們在線上學習環境中的運用,來分析e化學習系統的各種弱點以及對e化學習的安全攻擊。為了保護系統,本文提出一種基於數位簽章技術的安全模式,以改進e化學習系統的安全性能並且符合大學目標的需求。本文所提出的一種數位簽章解決方案結合了大學的安全管理,並建議一種應用此模式的構想以廣泛運用到校園內其他獨立的資訊系統。
This thesis identifies the issues to be considered in the determination, finding the secure problems and solutions for an e-learning system, regarding both the learning process and the system management. This thesis focuses particularly on the applying digital signature technology to e-learning system, with the specific case of National Economics University in Vietnam (hereafter NEU). The thesis analyzes the vulnerabilities of e-learning system and security attacks to e-learning along with security and privacy issues and their implications to online learning environment. In order to protect the system, a secure model based on digital signature technology is suggested to improve e-learning system security performance and to meet the need of the university business goals. This thesis put forward a digital signature solution associated with the secure management of the university and recommends a concept for applying such model to other independent information systems at the campus.
Abstract  i
Acknowledgements  ii
Table of Contents  iii
List of Tables  vi
List of Figures  vi
Abbreviations  vii
Abbreviations  vii
Chapter 1: Introduction  1
1.1 Relevance of the Study  1
1.2 Scope of Research  3
1.3 Purpose  3
1.4 Research Methodology  4
1.5 Thesis Structure  5
Chapter 2: Literature Review  6
2.1 Pillars of Security  6
2.2 Vulnerabilities and Risk Analysis in E-learning  8
2.2.1 Types of Threats and Attacks  8
2.2.2 E-learning Risks Analysis  9
2.3 Dependability and Security in E-learning  12
2.3.1 Security Issues in E-learning  13
2.3.2 Security Requirements for Learning  16
2.3.3 Security Requirements for Administrator  18
2.3.4 Security Requirements for Students  21
2.4 Related study  21
Chapter 3: E-learning Environment at NEU  26
3.1 General Concepts of E-learning  26
3.1.1 Introduction  26
3.1.2 Inside E-learning  27
3.2 E-learning in Vietnam  30
3.2.1 E-learning Policies and Measures  31
3.2.2 E-learning Policy  31
3.2.3 The Fact of E-learning in Vietnam  32
3.3 NEU E-learning Environment  33
A.  The University  33
B.  E-learning Project  34
3.3.1 Objectives  34
3.3.2 E-learning Infrastructures  34
3.3.3 E-learning Construction and Development Plan at NEU  39
Chapter 4: Essential Technologies for E-learning  43
4.1 Private and Public Key Encryption  43
4.1.1 Symmetric (Private) Key System  43
4.1.2 Public (Asymmetric) Key Cryptography  45
4.2 Digital Signatures  46
4.3 Public Key Infrastructure  48
4.3.1 Industry Standards  49
4.3.2 Digital Certificates and Certification Authorities  52
Chapter 5: Deploying Public Key Infrastructure at NEU  56
5.1 Legal Framework  56
5.2 Deploying Public Key Infrastructure at NEU  57
5.2.1 Implementation Alternatives  57
5.2.2 NEUPKI Applications  58
5.2.3 Products and Services  62
5.2.4 Implementation  64
5.3 NEUPKI Elements  67
5.3.1 Overview  67
5.3.2 Participating Entities, Roles and Responsibilities  67
5.3.3 Certificate Policy and Certificate Practice Statement  71
5.3.4 Infrastructure Services  72
5.3.5 Processes  73
Chapter 6: Secure Model Based on Digital Signature  80
6.1 The Need in Applying Digital Signature Technology  80
6.1.1 Password-Protected System  80
6.1.2 Digital Signature Solution  81
6.2 Structural View of NEU E-learning System  82
6.2.1 The Server Side:  83
6.2.2 The Client Side:  83
6.3 Secure Model Based on Digital Signature  84
6.3.1 E-learning Interactions Analysis  84
6.3.2 Considerations in Applying Digital Signature  87
6.4 Security of NEU E-learning Environment  92
Chapter 7: Conclusions and Implications  95
7.1 Necessity to Build a Secure and Trusted E-learning System at NEU  95
7.2 Implications  95
7.2.1 Increasing NEU’s Awareness of Security Issues  95
7.2.2 Implications for NEU E-learning Project  96
7.2.3 Why Digital Signature  97
7.2.4 Managerial Recommendations – Safe Hacking  99
7.3 Conclusion  100
References  101
Appendix A: NEU Certification Policy Statement  105
Appendix B: Key Backup and Recovery  108
Alan G. Konheim, 2007, Computer Security and Cryptography, John Wiley & Sons.
Avizienis, Laprie, and Randell, 2001, “Fundamental Concepts of Computer System Dependability”, Workshop on Robot Dependability: Technological Challenge of Dependable Robots in Human Environments, Seoul, Korea, 2001.
Babu Sarat Chandra, 2001, “e-Learning Standards”, Proceedings of ELELTECH India National Seminar on “E-learning & E-learning Technologies”, August 7-8, 2001.
Boaz Gelbord, 2003, “On the Use of PKI Technologies for Secure and Private e-learning Environments”, International Conference on Computer Systems and Technologies-CompSysTech, 2003.
Bruce Scheier, 2003, Beyond Fear: Thinking Sensibly about Security in an Uncertain World. Springer-Verlag New York, Inc.
Chang To, Quang Minh Doan, Hung Hai Vu, 2006, “Implementing ISO 17799 in Information System at National Economics University, Vietnam”, Proceedings of the 2006 Symposium on Applications of Information, (SAICT'2006), Shu-Te University, Kaohsiung, Taiwan.
Christian et al., 2006, “A Framework for Evaluating the Information Security of E-learning Systems”, Research Group Didactics of Informatics and E-Learning, University of Siegen, Germany, 2006.
Dat Tran Tho, 2006, “Xay dung va Phat trien Dao tao dien tu tai Dai hoc Kinh te Quoc dan” (Building and Developing E-learning at the National Economic University), Translated by Quynh-Lan Vu, Hanoi, Vietnam, 2007.
Demurjian P. S. A., 1999, “Security, authorization and authentication for entreprise computing”, CSE Technical Report TR-03-99, Dept. of Computer Science and Engineering, University of Connecticut, 1999.
ELearners Glossary, http://www.elearners.com/services/faq/glossary.htm
Gelboard, B., 2000, “Signing Your 011001010: The Problems of Digital Signature”, Communications of the ACM, Vol.43, No. 12:27-28, December 2000.
Gollmann, D., 2006, Computer Security, 2nd Edition, John Wiley & Sons.
Gonzáles-Tablas et al., “EVAWEB v2: enhancing a web-based assessment system,” FORMATEX, 2006.
IDC, 2001, “The Learning Content Management System: A New eLearning Market Segment Emerges”, An IDC White Paper, 2001.
URL: http://www.lcmscouncil.org/idcwhitepaper.pdf
ISO 7498-2: 1989, “Information Processing Systems - Open Systems Interconnection - Basic Reference Model”, Part 2: Security Architecture, International Organization for Standardization (ISO), Geneva.
ISO/IEC 13888-3, “Information technology - Security techniques - Non-repudiation”, Part 3: Mechanisms using asymmetric techniques, 1997.
James X. Dempsey, 2003, “Creating the Legal Framework for Information and Communications Technology Development: The Example of E-Signature Legislation in Emerging Market Economies”, 2003.
Jordi Roca et al., 2006, “A Secure E-Exam Management System”, Proceedings of the First International Conference on Availability, Reliability and Security (ARES’06), pp. 864-871, IEEE Computer Society Washington, DC, USA, 2006.
Justin Bennett et al., 2006, E-Learning Concepts and Techniques, Institute for Interactive Technologies, Bloomsburg University of Pennsylvania, USA.
Khalil El-Khatib et al., 2006, “Privacy and Security in E-learning”, published in the Future Directions in Distance Learning and Communication Technologies. Shih, T. and Hung, J. (Editors), Idea Group, Inc.. NRC 48120, 2006.
LineZine, URL: http://www.linezine.com/elearning.htm, Last visited Sep. 2, 2006.
Lisa Neal, 2004, “Expectations of Privacy”, eLearn Magazine.
Mohan Atreya, RSA Security Inc., URL:
http://www.rsasecurity.com/products/bsafe/overview/IntroToPKCSstandards.pdf
NEU-NCB, 2006, “Higher Education Project”, Biding document, Credit 3126-VN, World Bank Group, January 2006.
NIS, National Information Systems Security (INFOSEC) Glossary (1992), Federal Standard 1037C, NSTISSI No. 4009, June 5, 1992.
Noble David E., 2001, “Digital Diploma Mills: The Automation of Higher Education. The Art of Computer Programming”, Monthly Review Press.
Núria Talavera et al., 2001, “Capturing Requirements for e-learning systems design”, Proceedings of International Conference on Computer-Aided Ergonomics and Safety, Hawaii, Aug, 2001.
Richard E. Smith, 1997, Basic Glossary from Internet Cryptography, Addison Wesley. Last update: 10/9/2003, http://www.smat.us/crypto/inet-crypto/index.html
Roberto Gómez, Erika Mata, 2004, “Security Challenges of Distributed e-Learning Systems”, Fourth IEEE International Symposium and School on Advance Distributed Systems, ISSADS 2004, January 28-30 Guadalajara, Jalisco, México.
Schneier, B., 1996, Applied Cryptography, John Wiley & Sons.
Silanis, 2005, “How Much Security Is Enough? Security in Electronic Documents and Signatures”, Silanis Technology Inc. Whitepaper, 2005. URL: http://www.silanis.com/site/_media/static/Security_In_Electronic_Documents_And_Signatures.pdf
Shiralkar and Vijayaraman, 2003, “Digital Signature: Application Development Trends In E-Business”, Journal of Electronic Commerce Research, VOL. 4, NO. 3, 2003.
Susan Nash, Leadership and the e-Learning Organization, Texture Press, May 2006.
The orange book. Department of defense (DoD) trusted computer system evaluation criteria (tcsec), DoD 5200.28-STD, 1985. GPO: 008-000-00461-7.
Tulu et al., 2004, “Design and Implementation of a Digital Signature Solution for a Healthcare Enterprise”, Proceedings of the Tenth Americas Conference on Information Systems, New York, August 2004.
Turban Efraim et al., 2006, Electronic Commerce 2006. A Managerial Perspective, Pearson Education, Inc., Upper Saddle River, New Jersey 07458.
Vinoth K Anandan, 2005, “Public key Infrastructure”,
URL: http://www.securitydocs.com/library/3244
Voydock, V.L., Kent, S.T., 1983, “Security Mechanisms in High-Level Network Protocols”, ACM Computing Surveys, Vol. 15, No. 2, Jun 1983, pp. 135-171.
Weill, P., and Vitale, M.R., 2001, Place to Space: Migrating to eBusiness Models, Harvard Business School Press, Boston, MA.
Weippl et al., 2001, “Content-based Management of Document Access Control”, The Proceedings of the 14th International Conference on Applications of Prolog, pp. 78-86, INAP 2001.
Weippl Edgar, 2001a, “Countermeasures against Security Breaches in Web-based Training Environments”, Proceedings of EDMEDIA, ISBN 1-880094-42-8, AACE, Tampere, Finland, pp. 2019-2024.
Weippl Edgar, 2001b, “An Approach to Secure Distribution of Web-Based Training Courses” Australasian Computer Science Conference 2001, Michael Oudshoorn (ed), Vol. 23, Number 1, IEEE Press, Jan 2001.
Weippl Edgar, 2001c, “An Approach to Role-Based Access Control for Digital Content”, Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC), Current Trends in Multimedia Communications and Computing, IEEE Computer Society Press, pp.290-295, Las Vegas, NV, April 2 - 4, 2001.
Weippl Edgar, 2004, “Improving Security in Mobile E-Learning”, Proceedings of EDMEDIA, pp. 2034-2039, Lugano, Switzerland, June 2004.
Weippl Edgar, 2005a, Security in E-Learning, Springer Science + Business Media, Inc.
Weippl Edgar, 2005b, “Security in E-Learning”, eLearn Magazine, Association for Computing Machinery (ACM), article from 16/03/05, URL: http://elearnmag.org
Weippl Edgar, 2005c, “On the Use of Test Centers in e-Assessment”, eLearning Reports, 2005. URL: http://www.elearningreports.com/news.php?id=74
Zhou J., Non-repudiation in Electronic Commerce, Artech House Publishers, Norwood, MA, USA, 2001.
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊
 
* *