Abstract

Over the years, e-learning and e- examination has become standard in many institutions of higher learning. It has been observed that examination questions and results can be easily intercepted by invalid users, thus the security of resources shared among valid users is not guaranteed. In order to solve these problems as it relates to access control, a Role based Examination System (RBES) was designed, developed and evaluated. RBES attempted to solve the security issue by the combination of two authentication techniques: text- based authentication and graphical password authentication. The Text-based authentication utilizes two text-based parameters namely the username and password. The graphical password authentication makes use of a finite set of controls (RBES chooses radio buttons) which are identified by numbers. These numbers constitute the password used for graphical authentication. To improve on resource sharing among users in the examination system, RBES proposes role management (role creation, role update, role removal) and user management (user creation, user update and user removal). The developed system made use of asp.net, C#, IIS server, WAMP server, Mysql and other tools for its development. RBES was tested by some legitimate and illegitimate users and the performance of the system was found to be satisfactory, hence RBES shows an efficient and reliable scheme that can be deployed in any examination or e-learning system. Finally the potential threats to the system were modeled and the use of weak passwords was found to be the most likely threat the system could be vulnerable to.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.