June 25-29, 2007 Vancouver BC, Canada - Association for the ...
June 25-29, 2007 Vancouver BC, Canada - Association for the ...
June 25-29, 2007 Vancouver BC, Canada - Association for the ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
PRE-CONFERENCE TUTORIALS & WORKSHOPS<br />
Monday, <strong>June</strong> <strong>25</strong>, Afternoon, 1:30 PM - 5:00 PM<br />
T4: Security and Dependability in E-Learning<br />
Edgar R. Weippl, Vienna University of Technology, Austria<br />
Abstract<br />
This tried-and-true tutorial provides attendants with a comprehensive overview of<br />
security issues relevant to e-learning. After attending <strong>the</strong> tutorial, participants will<br />
be able to per<strong>for</strong>m a security risk analysis <strong>for</strong> <strong>the</strong>ir projects and have a through<br />
understanding of possible risks in e-learning. Even though security has become<br />
paramount in many o<strong>the</strong>r areas of Web-based business, research in e-learning is<br />
still hardly concerned about <strong>the</strong> issues of security and privacy. A similar tutorial<br />
(Security in E-Learning) has already been presented at many conferences, including<br />
EDMEDIA 2003-2006 and E-Learn 2005. Based <strong>the</strong> feedback of <strong>the</strong>se tutorials<br />
and ongoing research work this year's tutorial will offer insight to recent<br />
advances in computer security and include aspects of dependability.<br />
Objectives<br />
Considering <strong>the</strong> enormous costs of creating and maintaining courses, it is surprising<br />
that security is not yet considered an important issue by most people involved,<br />
including teachers and students. Unlike traditional security research, which has<br />
largely been driven by military requirements to en<strong>for</strong>ce secrecy, in <strong>the</strong> realm of e-<br />
learning it is not <strong>the</strong> in<strong>for</strong>mation itself that has to be protected against unauthorized<br />
access but, <strong>the</strong> way it is presented. In most cases <strong>the</strong> knowledge contained in e-<br />
learning programs is more or less widely available; <strong>the</strong>re<strong>for</strong>e, <strong>the</strong> asset is not <strong>the</strong><br />
in<strong>for</strong>mation itself but <strong>the</strong> hypermedia presentation used to convey it.<br />
Dependability includes most security requirements but does no longer focus on<br />
confidentiality, a requirement that is considered not that important by many teachers<br />
and students. In this tutorial we build on <strong>the</strong> findings published in our book<br />
"Security in E-Learning" (to be published by Springer NY in 2005) and extend <strong>the</strong>m<br />
to include aspects of dependability.<br />
Outline<br />
Objectives - After attending <strong>the</strong> tutorial <strong>the</strong> audience will be able to answer following<br />
questions:<br />
• Authors<br />
-Why is security relevant when creating content?<br />
-Which kind of threats are <strong>the</strong>re?<br />
-Which assets should I protect?<br />
* Texts, Images<br />
* Links,<br />
* Exams, Solutions<br />
* Programs and Interactive Examples<br />
-How can I protect <strong>the</strong> a<strong>for</strong>ementioned assets?<br />
-Are <strong>the</strong>re ways to impede illegal use through smart design?<br />
-How much additional ef<strong>for</strong>t will be required?<br />
• Teachers<br />
-Why is security relevant when using e-learning?<br />
-Which kind of threats are <strong>the</strong>re?<br />
-Which assets should I protect?<br />
-Does standardization (of e.g. exams) undermine <strong>the</strong> freedom of academia?<br />
-How can I determine <strong>the</strong> level of risk exposure of my exam questions?<br />
-How can I make my lecture “secure“? Will it have a negative impact on my<br />
“honest” students?<br />
-How much additional ef<strong>for</strong>t will be required?<br />
• Managers<br />
-Which organization issues are relevant to security?<br />
-How is security influenced by<br />
* infrastructure<br />
* buildings and floor layouts,<br />
* organizational workflows<br />
(e.g. how are exam results handled to eventually affect grades?)<br />
-How can a manager make a good case <strong>for</strong> security so that teachers, authors<br />
and students will support him?<br />
-How much additional ef<strong>for</strong>t will be required?<br />
Prerequisites<br />
Target Audience<br />
• Authors creating e-learning content.<br />
• Teachers using e-learning systems.<br />
• Managers responsible <strong>for</strong> <strong>the</strong> selection and maintenance of e-learning programs.<br />
Intended Experience Level<br />
Advanced<br />
Instructor Qualifications<br />
Dr. Edgar R. Weippl is assistant professor at <strong>the</strong> Vienna University of Technology and<br />
CEO of Security Research. His research focuses on applied concepts of IT-security<br />
and e-learning. Edgar has taught several tutorials on security issues in e-learning at<br />
international conferences, including ED-MEDIA 2003-2006 and E-Learn 2005. In<br />
2005, he published Security in E-Learning with Springer. After graduating with a<br />
Ph.D. from <strong>the</strong> Vienna University of Technology, Edgar worked <strong>for</strong> two years in a<br />
research startup. He <strong>the</strong>n spent one year teaching as an assistant professor at Beloit<br />
College, WI. From 2002 to 2004, while with <strong>the</strong> software vendor ISIS Papyrus, he<br />
worked as a consultant <strong>for</strong> an HMO (Empire BlueCross BlueShield) in New York, NY<br />
and Albany, NY, and <strong>for</strong> Deutsche Bank (PWM) in Frankfurt, Germany. An extended<br />
CV including all publications is available at www.ifs.tuwien.ac.at/~weippl<br />
Tutorials are indicated by a T# and have a lecture/demonstration <strong>for</strong>mat. Workshops are indicated by a W# and are primarily hands-on sessions.<br />
We advise early registration <strong>for</strong> all Tutorials and Workshops due to limited space available.<br />
10