The credibility of online examinations in Higher Education is hardened by numerous factors and use-case scenarios. This paper reports on a longitudinal study, that spanned over eighteen months, in which various stakeholders from three European Higher Education Institutions (HEIs) participated, aiming to identify core threat scenarios experienced during online examinations, and to, accordingly, propose threat models, data metrics and countermeasure features that HEI learning management systems can embrace to address the identified threat scenarios. We also report on a feasibility study of an open-source intelligent and continuous student identity management system, namely TRUSTID, which implements the identified data metrics and countermeasures. A user evaluation with HEI students (n = 133) revealed that the TRUSTID system is resilient and effective against impersonation attacks, based on intelligent face and voice identification mechanisms, and scored well in usability and user experience. Aspects concerning the preservation of privacy in storing, retrieving and processing sensitive personal data are also discussed.
Read full abstract