Browse ORBilu by Open Access
- What it is and what it isn't
- Green Road / Gold Road?
- Ready to Publish. Now What?
- How can I support the OA movement?
- Where can I learn more?
ORBilu is a project developed by
   Formal Security Analysis of Traditional and Electronic Exams; ; et al in Communications in Computer and Information Science (2015), 554 Nowadays, students can be assessed not only by means of pencil-and-paper tests but also by electronic exams which they take in examination centers or even from home. Electronic exams are appealing as they ... [more ▼] Nowadays, students can be assessed not only by means of pencil-and-paper tests but also by electronic exams which they take in examination centers or even from home. Electronic exams are appealing as they can reach larger audiences, but they are exposed to new threats that can potentially ruin the whole exam business. These threats are amplified by two issues: the lack of understanding of what security means for electronic exams (except the old concern about students cheating), and the absence of tools to verify whether an exam process is secure. This paper addresses both issues by introducing a formal description of several fundamental authentication and privacy properties, and by establishing the first theoretical framework for an automatic analysis of exam security. It uses the applied π-calculus as a framework and ProVerif as a tool. Three exam protocols are checked in depth: two Internet exam protocols of recent design, and the pencil-and-paper exam used by the University of Grenoble. The analysis highlights several weaknesses. Some invalidate authentication and privacy even when all parties are honest; others show that security depends on the honesty of parties, an often unjustified assumption in modern exams. [less ▲] Detailed reference viewed: 256 (11 UL) A Framework for Analyzing Verifiability in Traditional and Electronic Exams.; Giustolisi, Rosario  ; et alin Information Security Practice and Experience 11th International Conference, ISPEC 2015, Beijing, China, May 5-8, 2015 (2015) Detailed reference viewed: 171 (3 UL)Formal Analysis of Electronic Exams; Giustolisi, Rosario ; et alin SECRYPT 2014 - Proceedings of the 11th International Conference on Security and Cryptography, Vienna, Austria, 28-30 August, 2014 (2014) Detailed reference viewed: 328 (16 UL)On the verifiability of (electronic) exams; ; et al Report (2014) The main concern for institutions that organize exams is to detect when students cheat. Actually more frauds are possible and even authorities can be dishonest. If institutions wish to keep exams a ... [more ▼] The main concern for institutions that organize exams is to detect when students cheat. Actually more frauds are possible and even authorities can be dishonest. If institutions wish to keep exams a trustworthy business, anyone and not only the authorities should be allowed to look into an exam’s records and verify the presence or the absence of frauds. In short, exams should be verifiable. However, what verifiability means for exams is unclear and no tool to analyze an exam’s verifiability is available. In this paper we address both issues: we formalize several individual and universal verifiability properties for traditional and electronic exams, so proposing a set of verifiability properties and clarifying their meaning, then we implement our framework in ProVerif, so making it a tool to analyze exam verifiability. We validate our framework by analyzing the verifiability of two existing exam systems – an electronic and a paper-and-pencil system. [less ▲] Detailed reference viewed: 160 (3 UL)Defining Verifiability in e-Auction Protocols; Jonker, Hugo ; in Proc. 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2013) (2013) Detailed reference viewed: 95 (1 UL)Verifiability in e-Auction protocols & Brandt's protocol revisited; ; Jonker, Hugo et alScientific Conference (2013) Detailed reference viewed: 48 (0 UL) |
||
