Proceedings of the 5th IASTED International Multi-Conference Computers and Advanced Technology in Education (CATE 2002), May 20-22, 2002., Cancun, Mexico
security and reliability; internet based educational and training systems; secure socket layer; web server; systèmes de formation et d'apprentissage fondés sur Internet; SSL; serveur Web
This paper presents an interface for secure data transfer between a web server and a client. It uses Secure Socket Layer (SSL) protocol to encrypt/decrypt the data that travel through the networks. The system administrators can select the cipher suites so that they can impose different security policy for different users. There is a cryptographic module in the web server of an application system. The web server maintains a database of users with users' passwords and security levels. The access control policies composite restrictions for users to access the database, and different users have different priority and expiration dates of its accessibility. The application of this programmable secure data transfer system in management of course records is also exploited in this paper. The management system allows students submit projects and view their records online on a timely base, and different policy will be used for different data, in accord with their security levels. The presented work is fundamental and can be extended to provide a framework for security and privacy control in e-Learning environments.