An Approach for Adapting Moodle into a Secure Infrastructure

  • Jesus Diaz
  • David Arroyo
  • Francisco B. Rodriguez
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6694)

Abstract

Moodle is one of the most popular open source e-learning platforms. It makes available a very easy-to-deploy environment, which once installed, is ready to be used. These two characteristics, make it a very attractive choice. But regarding information security and privacy, it presents several and important drawbacks. This is mainly due to the fact that it leaves the most serious tasks, like server configuration or access control in the hands of the system administrator or third-party module developers. This approach is understandable, as is that very fact what makes Moodle easy and therefore attractive. The aim of this paper is not to discredit this option, but to enhance it by means of standard cryptographic and information security infrastructures. We focus in the registration process, which ends with the distribution of a user certificate. To link the users’ real identity with their virtual one, we have taken an approach that merges EBIAS (Email Based Identification and Authentication System) with a kind of challenge-response method involving secure pseudo random number generation based in a fast chaos-based Pseudo Random Number Generator.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Jesus Diaz
    • 1
  • David Arroyo
    • 1
  • Francisco B. Rodriguez
    • 1
  1. 1.Grupo de Neurocomputacion Biologica, Departamento de Ingenieria Informatica, Escuela Politecnica SuperiorUniversidad Autonoma de MadridSpain

Personalised recommendations