Skip to main content

A model of digital identity for better information security in e-learning systems

A Correction to this article was published on 11 August 2021

This article has been updated

Abstract

The trend of rapid development of information technologies is creating new challenges in information security such as security management of identities in e-learning systems. In order to cope with these challenges, this work has developed a model of digital identity (MDI) intended primarily for e-learning systems. Two main objectives are identified for development of the MDI, firstly, to contribute to raising of information security awareness and improving information security behavior, and secondly to enable the bridging of security gaps in the interaction between student/administrator. To achieve these aims, this model has introduced processes of planning and feedback, by which it differs from all previous works. Practical application of this model is made in Moodle platform through the developed software application in the form of the security tool as a plugin for filtering inactive users (IUs). The most notable advantages of the MDI are better security management of personal information and filling of a security gap such as the absence of full administrator control over the information flow. The experimental results validate and demonstrate the practical effectiveness of the proposed security tool. Moreover, potential threats and risks from insider and outsider attackers are discussed, providing proposals of pragmatic solutions for their mitigating or reducing. Finally, this work should have a profound positive impact on further academic research and additionally it should contribute to a better understanding of challenges in information security that emerge with the development of the contemporary e-learning systems.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Change history

References

  1. 1.

    Cole J, Foster H (2008) Using Moodle-Teaching with the popular open source course management system. O.R. Media, United Sates of America

  2. 2.

    Wang M, Vogel D, Ran W (2011) Creating a performance-oriented e-learning environment: A design science approach. Information & Management 56(7):260–269

    Google Scholar 

  3. 3.

    Shaw RH, Chen CC, Harris A, Huang HJ (2009) The impact of information richness on information security awareness training effectiveness. Comput Educ 52(1):92–100

    Google Scholar 

  4. 4.

    Venkatraman S, Alazab M, Vinayakumar R (2019) A hybrid deep learning image-based analysis for effective malware detection. J Inf Secur Appl 47:377–389

    Google Scholar 

  5. 5.

    Jeong YS, Ahn BT (2021) An efficient management scheme of blockchain-based cloud user information using probabilistic weighting. J Supercomput 77:3339–3358

    Google Scholar 

  6. 6.

    Safa NS, Maple C, Watson T, Von Solms R (2018) Motivation and opportunity based model to reduce information security insider threats in organisations. Journal of Information Security and Applications 40:247–257

    Google Scholar 

  7. 7.

    Korać D, Simić D (2019) Fishbone Model and Universal Authentication Framework for Evaluation of Multifactor Authentication in Mobile Environment. Comput Secur 85:313–332

    Google Scholar 

  8. 8.

    Furnell SM, Karweni T (2001) Security issues in online distance learning. Vine 31(2):28–35

    Google Scholar 

  9. 9.

    Fenu G, Marras M, Boratto L (2018) A multi-biometric system for continuous student authentication in e-learning platforms. Pattern Recogn Lett 113:83–92

    Google Scholar 

  10. 10.

    Feizollah A, Anuar NB, Salleh R, Suarez-Tangil G, Furnell S (2017) AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection. Comput Secur 65:121–134

    Google Scholar 

  11. 11.

    Meng W, Wong DS, Furnell S, Zhou J (2014) Surveying the development of biometric user authentication on mobile phones. IEEE Communications Surveys & Tutorials 17(3):1268–1293

    Google Scholar 

  12. 12.

    Ray S, Biswas GP (2011) Design of mobile-PKI for using mobile phones in various applications. In: Proceedings of IEEE International Conference on Recent Trends in Information Systems. IEEE, pp 297–302

  13. 13.

    Miguel J, Caballé S, Xhafa F (2017) Security for e-learning. In: Intelligent data analysis for e-learning: enhancing security and trustworthiness in online learning systems. Academic Press, pp 7–23

  14. 14.

    Korać D, Simic D (2017) Design of Fuzzy Expert System for Evaluation of Contemporary User Authentication Methods Intended for Mobile Devices. Journal of Control Engineering and Applied Informatics 19(4):93–100

    Google Scholar 

  15. 15.

    Bitton R, Finkelshtein A, Sidi L, Puzis R, Rokach L, Shabtai A (2018) Taxonomy of mobile users’ security awareness. Comput Secur 73:266–293

    Google Scholar 

  16. 16.

    Verkijika SF (2018) Understanding smartphone security behaviors: An extension of the protection motivation theory with anticipated regret. Comput Secur 77:860–870

    Google Scholar 

  17. 17.

    Khan AN, Mat Kiah ML, Madani SA et al (2013) Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing. J Supercomput 66:1687–1706

    Google Scholar 

  18. 18.

    Alotaibi M, Furnell S, Clarke N (2016) Information security policies: a review of challenges and influencing factors. In: 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST). IEEE, pp 352–358

  19. 19.

    Capobianco BM, French BF, Diefes-Du HA (2012) Engineering identity development among pre-adolescent learners. J Eng Educ 101(4):698–716

    Google Scholar 

  20. 20.

    Dykstra J, Spafford EH (2018) The case for disappearing cyber security. Commun ACM 61(7):40–42

    Google Scholar 

  21. 21.

    Albeshri A, Caelli W (2010) Mutual protection in a cloud computing environment. In: 12th IEEE International Conference on High Performance Computing and Communications (HPCC). IEEE, pp 641–646

  22. 22.

    Rubin N (2017) Moodle–Remote Code Execution. https://netanelrub.in/2017/03/20/moodle-remote-code-execution/. Accessed 3 Jan 2020

  23. 23.

    Moodle (2019). http://moodle.org/stats. Accessed 3 Jan 2020

  24. 24.

    Walt E, Eloff JHP, Grobler J (2018) Cyber-security: Identity deception detection on social media platforms. Comput Secur 78:76–89

    Google Scholar 

  25. 25.

    Safa NS, Maple C, Furnell S, Azad MA, Muhammad Perera C, Dabbagh M, Sookhak M (2019) A deterrence and prevention-based model to mitigate information security insider threats in organisations. Futur Gener Comput Syst 97:587–597

    Google Scholar 

  26. 26.

    Gomi H (2010) A persistent data tracking mechanism for user-centric identity governance. Identity in the Information Society 3(3):639–656

    Google Scholar 

  27. 27.

    Beres Y, Baldwin A, Mont M, Shiu S (2007) On identity assurance in the presence of federated identity management systems. In: Proceeding DIM '07 proceedings of the 2007 ACM workshop on digital identity management. ACM, pp 27–35

  28. 28.

    Bosworth K, Gonzalez MG, Jaweed S, Wright T (2005) Entities, identifiers and credentials – what does it all mean? BT Technol J 23(4):25–36

    Google Scholar 

  29. 29.

    Bertino E, Takahashi K (2010) Identity Management: Concepts, technologies, and systems. Artech House Inc, London

    Google Scholar 

  30. 30.

    Windley P (2005) Digital Identity. O’Reilly Media Inc, United States of America

    Google Scholar 

  31. 31.

    Jiang Q, Khan MK, Lu X et al (2016) A privacy preserving three-factor authentication protocol for e-Health clouds. J Supercomput 72(10):3826–3849

    Google Scholar 

  32. 32.

    Cunningham KJ (2019) How language choices in feedback change with technology: Engagement in text and screencast feedback on ESL writing. Comput Educ 135:91–99

    Google Scholar 

  33. 33.

    Filius RM, de Kleijn RAM, Uijl SG, Prins FJ, van Rijen HVM, Grobbe DE (2018) Strengthening dialogic peer feedback aiming for deep learning in SPOCs. Comput Educ 125:86–100

    Google Scholar 

  34. 34.

    Rowe AD, Fitness J, Wood LN (2014) The role and functionality of emotions in feedback at university: A qualitative study. Aust Educ Res 41:283–309

    Google Scholar 

  35. 35.

    Rowe A (2011) The personal dimension in teaching: Why students value feedback. Int J Educ Manag 25:343–360

    Google Scholar 

  36. 36.

    Alotaibi F, Furnell S, Stengel I, Papadaki M (2017) Gamifying cyber security awareness via mobile training apps. In: CERC 2017 Collaborative European Research Conference Proceedings. CEUR Workshop Proceedings, pp 236–238

  37. 37.

    Shepherd LA, Archibald J, Ferguson RI (2017) Assessing the impact of affective feedback on end-user security awareness. In: Tryfonas T (ed) Human aspects of information security, privacy and trust, HAS 2017, Lecture notes in computer science, vol 10292. Springer, Cham

  38. 38.

    Xu Y, Yin D, Zhou D (2019) Investigating Users’ Tagging Behavior in Online Academic Community Based on Growth Model: Difference between Active and Inactive Users. Inf Syst Front 21(4):761–772

    Google Scholar 

  39. 39.

    Kima KK, Lee AR, Lee UK (2019) Impact of anonymity on roles of personal and group identities in online communities. Information & Management 56:109–121

    Google Scholar 

  40. 40.

    Christopherson K (2007) The positive and negative implications of anonymity in Internet social interactions: ‘on the Internet. Nobody Knows You’re a Dog’, Computers in Human Behavior 23(6):3038–3056

    Google Scholar 

  41. 41.

    Owens TJ, Robinson DT, Smith-Lovin L (2010) Three faces of identity. Ann Rev Sociol 36:477–499

    Google Scholar 

  42. 42.

    Mihăescu MC, Popescu PŞ, Popescu E (2017) Data analysis on social media traces for detection of “spam” and “don’t care” learners. J Supercomput 73:4302–4323

    Google Scholar 

  43. 43.

    Korać D, Simić D (2014) Digital identity in identity management models. In: Proceeding of the 2014 International Conference on ICT Conference and Exibition, Aranđelovac, InfoTech 2014

  44. 44.

    Jia H, Chen Y, Li Y, Yan X, Liu F, Luo X, Wang B (2019) Attributes revocation through ciphertext puncturation. J Inf Secur Appl 48(3):102355

    Google Scholar 

  45. 45.

    Taylor TL (2003) Intentional bodies: Virtual environments and the designers who shape them. Int J Eng Educ 19(1):25–34

    Google Scholar 

  46. 46.

    Koole M (2010) The web of identity: selfhood and belonging in online learning networks. Proceedings of the 7th International Conference on Networked Learning 2010. Seventh International Conference on Networked Learning 2010, pp 241–248

  47. 47.

    Esparza JM (2019) Understanding the credential theft lifecycle. Computer Fraud & Security 2:6–9

    Google Scholar 

  48. 48.

    Tabrizchi H, Kuchaki Rafsanjani M (2020) A survey on security challenges in cloud computing: issues, threats, and solutions. J Supercomput 76:9493–9532

    Google Scholar 

  49. 49.

    Chen Y, Chen J (2021) A secure three-factor-based authentication with key agreement protocol for e-Health clouds. J Supercomput 77:3359–3380

    Google Scholar 

  50. 50.

    Dhasarathan C, Kumar M, Srivastava AK et al (2021) A bio-inspired privacy-preserving framework for healthcare systems. J Supercomput. https://doi.org/10.1007/s11227-021-03720-9

    Article  Google Scholar 

  51. 51.

    Akremi A, Rouached M (2021) A comprehensive and holistic knowledge model for cloud privacy protection. J Supercomput. https://doi.org/10.1007/s11227-020-03594-3

    Article  Google Scholar 

  52. 52.

    Shi Rh, Zhong H, Zhang S (2015) Comments on two schemes of identity-based user authentication and key agreement for mobile client-server networks. J Supercomput 71:4015–4018

    Google Scholar 

  53. 53.

    Jafri R, Arabnia H (2009) A survey of face recognition techniques. J Inf Process Syst 5(2):41–68

    Google Scholar 

  54. 54.

    Ueda H, Nakamura M (2017) Deployment of multilanguage security awareness education online course by federated moodle in Japan. In: Computer Software and Applications Conference (COMPSAC), 2017 IEEE 41st Annual, vol 2. IEEE, pp 49–52

  55. 55.

    Hernandez JCG, Chavez MAL (2008) Moodle security vulnerabilities. In: 2008 5th International Conference on Electrical Engineering, Computing Science and Automatic Control. IEEE, pp 352–357

  56. 56.

    Korać D, Damjanović B, Simić D (2020) Information security in M-learning systems: challenges and threats of using cookies. In: 19th International symposium infoteh-Jahorina 2020, pp 1–6

  57. 57.

    Manzo M (2017) A model for users behavior analysis and forecasting in Moodle. J e-Learn Knowl Soc 13(2):129–139

    Google Scholar 

  58. 58.

    Fournier-Bonilla SD, Watson K, Malaveâ C, Froyd J (2001) Managing curricula change in engineering at Texas A&M University. Int J Eng Educ 17(3):222–235

    Google Scholar 

  59. 59.

    Korać D, Cica D (2018) A mathematical model for evaluation of intelligence products value. J Inf Optim Sci 39(4):903–926

    Google Scholar 

  60. 60.

    Reider D, Knestis K, Malyn-Smith J (2016) How Does Identity Shape the Experiences of Women of Color Engineering Students? J Sci Educ Technol 25(6):847–858

    Google Scholar 

Download references

Acknowledgements

Special thanks is devoted to anonymous reviewers for their invaluable feedback. As this research was conducted in 2015-2020 period in two countries Bosnia and Herzegovina, and Serbia, the authors would like to also thank members of six colleges for their valuable feedback and worthwhile discussions.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Dragan Korać.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

“The original online version of this article was revised:” In this article ref. 43 was incorrect.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Korać, D., Damjanović, B. & Simić, D. A model of digital identity for better information security in e-learning systems. J Supercomput (2021). https://doi.org/10.1007/s11227-021-03981-4

Download citation

Keywords

  • Model of digital identity (MDI)
  • Information security
  • Security and security tool