Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Security in Computing
Anonymous Fingerprinting with Direct Non-repudiation
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Security in the Online E-Learning Environment
ICALT '05 Proceedings of the Fifth IEEE International Conference on Advanced Learning Technologies
Developers Guide to Web Application Security
Developers Guide to Web Application Security
Designing an overload control strategy for secure e-commerce applications
Computer Networks: The International Journal of Computer and Telecommunications Networking
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Anonymous Credentials for Privacy-Preserving E-learning
MCETECH '08 Proceedings of the 2008 International MCETECH Conference on e-Technologies
Email-Based Identification and Authentication: An Alternative to PKI?
IEEE Security and Privacy
SSL and TLS: Theory and Practice
SSL and TLS: Theory and Practice
Moodle 1.9 Extension Development
Moodle 1.9 Extension Development
Towards privacy-aware elearning
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
A formal methodology for integral security design and verification of network protocols
Journal of Systems and Software
Hi-index | 0.00 |
Moodle is one of the most popular open source e-learning platforms. It makes available a very easy-to-deploy environment, which once installed, is ready to be used. These two characteristics, make it a very attractive choice. But regarding information security and privacy, it presents several and important drawbacks. This is mainly due to the fact that it leaves the most serious tasks, like server configuration or access control in the hands of the system administrator or third-party module developers. This approach is understandable, as is that very fact what makes Moodle easy and therefore attractive. The aim of this paper is not to discredit this option, but to enhance it by means of standard cryptographic and information security infrastructures. We focus in the registration process, which ends with the distribution of a user certificate. To link the users' real identity with their virtual one, we have taken an approach that merges EBIAS (Email Based Identification and Authentication System) with a kind of challenge-response method involving secure pseudo random number generation based in a fast chaos-based Pseudo Random Number Generator.