134計(jì)算機(jī)專業(yè)相關(guān)有關(guān)外文文獻(xiàn)翻譯成品為移動學(xué)習(xí)環(huán)境設(shè)計(jì)安全的考試管理系統(tǒng)（sems） 4萬字符

1、<p>　　此文檔是畢業(yè)設(shè)計(jì)外文翻譯成品（ 含英文原文+中文翻譯），無需調(diào)整復(fù)雜的格式！下載之后直接可用，方便快捷！本文價(jià)格不貴,也就幾十塊錢！一輩子也就一次的事！</p><p>　　外文標(biāo)題：Designing a Secure Exam Management System (SEMS) for M-Learning Environments</p><p>　　外文作者：M

2、ustafa Kaiiali ; Armagan Ozkaya ; Halis Altun ; Hatem Haddad ; Marc Alier</p><p>　　文獻(xiàn)出處:IEEE Transactions on Learning Technologies ( Volume: 9 , Issue: 3 , July-Sept. 1 2016 ) (如覺得年份太老，可改為近2年，畢竟很多畢業(yè)生都這樣做)&

3、lt;/p><p>　　英文7964單詞，41785字符，中文12748漢字。</p><p>　　Designing a Secure Exam Management System (SEMS) for M-Learning Environments</p><p>　　Abstract—M-Learning has enhanced the e-learning b

4、y making the learning process learner-centered. However, enforcing exam security in open environments where each student has his/her own mobile/tablet device connected to a Wi-Fi network through which it is further conne

5、cted to the Internet can be one of the most challenging tasks. In such environments, students can easily exchange information over the network during exam time. This paper aims to identify various vulnerabilities that ma

6、y violate e</p><p>　　Index Terms— Access control, e-learning, exam engine, Learning Management System (LMS), m-learning</p><p>　　1 INTRODUCTION</p><p>　　E-LEARNING has experienced s

7、uch an extraordinary growth over the last years that its global industry market is estimated to be worth USD 91 billion [1]. Learn- ing Management Systems (LMSs), due to being essential tools of e-learning, have been ado

8、pted by many organizations to establish and provide access to online learning services. Nowadays, the success of LMSs is so great: 74% of the US corporations and educational institutions currently offering e-learning emp

9、loy LMSs in their training progr</p><p>　　The expansion of mobile devices, meanwhile, is providing new ways to learn (mobile learning or m- learning). The 2015 Horizon Report [7] mentions that Bring Your Own

10、 Device (BYOD) learning technology is expected to be increasingly adopted by institutions in one year’s time or less to make use of mobile and online learning. Forecast of the number of smartphone users for 2019 is 5.6 b

11、illion globally which is three times that for 2013 [8]. Thus, LMSs must change to adapt to new user requirements an</p><p>　　M-learning puts the control of the learning process in hands of the learner itself

12、 [10] and enhances collaboration and flexibility. It is concluded in [11] that having a mo- bile, accessible e-book is “perceived to benefit student learning due to the value placed on the affordance of situated study in

13、 everyday life.” The students that participated in this study expressed feelings of competence and high self-efficacy, and that they were able to learn more using their e-books. Moreover, among othe</p><p>　

14、　Some of the contributions of m-learning [14] are:</p><p>　　1.It is learner-centered [15].</p><p>　　2.It is a new alternative for information delivery and</p><p>　　3.It enhances col

15、laborative learning [16].</p><p>　　On the other hand, m-learning faces several challenges</p><p>　　[14]such as:</p><p>　　1.Lack of teacher confidence, training or technical difficul

16、ties with mobile devices [17], [18].</p><p>　　2.Lack of institutional support [17], [18].</p><p>　　3.Interoperability problems with LMSs [19].</p><p>　　4.Security and privacy issues

17、 [20], [21].</p><p>　　One possible solution to overcome these challenges is the integration of m-learning initiatives with LMSs. From students’ point of view, m-learning could personalize their learning proc

18、ess as well as enable them to collaborate with other students or teachers. From teachers’ point of view, they could continue to use LMSs as their working platform, leaving mobile devices for students. The problem, howeve

19、r, is that the integration between m- learning applications and LMS is not an easy task. Indeed</p><p>　　Moodle, as one of the mostly accepted and widely used open-source LMS, is a web-based application. It

20、had a user base of 83008 registered and verified sites, serving 70696570 users in 7.5+ million courses with 1.2+ million teachers as of June 2013 [22]. Yet, due to the fact that it is not made to be service oriented, its

21、 services cannot be consumed through client applications other than web browsers. This has limited its scope of use to personal computers; therefore, the Moodbile Project [23] wa</p><p>　　Even though Moodle

22、2.0 already had a collection of web services, these web services focused on developing an API suitable for massive batch actions like user or course creation and inscriptions. They are not, however, suitable for the inte

23、gration of mobile learning applications and do not properly address security management issues. Moodle Architecture is designed following the classic three-tier architecture where the major part of business logic is loca

24、ted at Domain Tier as illustrated in Fig.</p><p>　　1.An External Tier where the actual services for mobile integration are defined. This layer can basically access methods from the standard LMS API.</p>

25、;<p>　　2.A Connectors Tier consisting of connectors for supported web services communication protocols like SOAP and JSON-RPC. Each connector implements the translation of the services defined in the External Tier

26、 to the specific protocol. At the same time, this tier provides additional web services protocols and authentication methods more suitable for mobile devices, such as OAuth [24].</p><p>　　Fig. 1. Moodbile We

27、b Services Architecture [14].</p><p>　　Therefore, Moodbile project is to provide an extension that would turn Moodle into a web services provider for mobile applications, with the design of a web-service lay

28、er to access most suitable Moodle features for mobile applications. However, while Moodbile serves as an ex- cellent extension to Moodle to bring its widely adopted services, such as administration, documentation, deliv

29、ery of e-learning courses or training programs, to the mobile world, it never touches the Moodle Quiz Engine whi</p><p>　　Security in e-learning for various environments in general has been well-considered i

30、n literature from early on [25], [26], [27]. Scholars have offered various protection measures against security threats originating from both the user side and the management side [28]. A significant component of e-learn

31、ing processes is online exams. It is clearly desirable to simplify exam management such that all exam stages are performed electronically, so exams become e-exams. A number of e-exam systems for </p><p>　　Th

32、e classical approach to perform e-exams involves providing specific exam centers equipped with machines configured with static security policy to be used only for exam purposes. This approach brings about the cost of cre

33、ation and upkeep of the environment, and continuous under utilization thereof. Also, such policies cannot be applied in m-learning environments where the students’ mobile/tablet devices are meant to be used for general p

34、urposes, e.g. Internet browsing or e-book reading, as well</p><p>　　Moodbile Project does not address the security and privacy issues related to conducting exams in m-learning environment, and neither does t

35、he Moodle Quiz Engine which emphasizes only on the learning process not on securing the examination process. The “Secure Exam Environment” described in [35] supports exams based on Moodle to be taken by students on lapto

36、ps. The system denies access to local files and Internet, but allows the use of certain programs like Excel and Java applications. Stu- dents</p><p>　　This paper aims to design a Secure Exam Management Syste

37、m (SEMS) that meets the distinct security requirements of m-learning environments and to integrate it with the current Moodle/Moodbile platform. This will result in a complete LMS that is both equipped with se- cure exam

38、 services and suitable for m-learning. Our intention of integrating SEMS with a well-known LMS such as Moodle is so to get the benefits of Moodle’s ready- made services in other learning aspects such as course material a

39、dmin</p><p>　　The paper is organized as follows: Section 2 presents the core services and functionalities of SEMS Exam Engine. Section 3 introduces SEMS Security Agent that en- forces the dynamic network acc

40、ess control on students’ mobile devices during exams. Section 4 discusses various network issues that can affect the exam process. Section 5 is on SEMS integration with Moodle/Moodbile frame- work. Finally, Section 6 pre

41、sents a survey conducted about SEMS.</p><p>　　Although the proposed SEMS design is platform independent, the paper presentation adopts Android platform as a case-study for the following reasons:</p>&

42、lt;p>　　1.Android devices are more affordable for students.</p><p>　　2.According to IDC, Android dominated the market with a 78% in the first quarter of 2015 [38].</p><p>　　3.Android is suppor

43、ted by many enterprises such as Google, HTC, Sony, Intel, LG, and Samsung [39].</p><p>　　4.For better compatibility with Fatih Project [40], the Turkish government project that seeks to integrate computer te

44、chnology into Turkey's public education system. It will be fully developed on Android.</p><p>　　2SEMS EXAM ENGINE CORE SERVICES AND</p><p>　　FUNCTIONALITIES</p><p>　　The Quiz En

45、gine embedded in Moodle is not built based on Service Oriented Architecture. It is implemented as a bulk of PHP code which has to be accessed through standard web browsers that are a bit slow on mobile devices and cannot

46、 address the exam security issues that exist in m-learning environment. Moodbile services ex- tension to Moodle does not touch the Moodle’s Quiz Engine. Thus, we need to develop a new Quiz Engine that can be deployed as

47、a service oriented application, so that its servi</p><p>　　2.1Secure and Random Distribution of Exam Questions</p><p>　　This service provides the following functionalities:</p><p>　

48、　Enabling the teacher to define a bank of exam questions and to link them to his/her subject through an appropriate interface (Subject’s Question Bank Interface). In case of objective kind of questions, each question may

49、 have a set of options. The teacher has to provide those options through the same interface and specify the correct choices among them to enable the exam engine to auto- evaluate students’ answers. In case of descriptive

50、 kind of questions, a text box (or probably a sketching canva</p><p>　　Enabling the teacher to specify a subject’s exam properties such as: Date and Time, Duration, Percentage of level A, level B, and level

51、C questions in the exam paper, etc. through an appropriate inter- face (Subject’s Exam Setup Interface).</p><p>　　Securely authenticating and enrolling students, using any of the well-known secure authentica

52、tion mechanisms, into exams at the pre-defined date and time through the Exam Enrollment Interface. Multifactor authentication can be adopted for stronger security as explained in Section 2.4.</p><p>　　4.Cre

53、ating exam instances by random distribution of exam questions to the enrolled students’ mo- bile/tablet devices according to the predefined ex- am properties such as percentage of each question level. This means that que

54、stions are not going to reach students in the same order. Moreover, the multi-choices of each question, in case of objective questions, will be flipped randomly and delivered differently to each student. The Exam Server

55、associates the exam questions with a message digest sig</p><p>　　5.Students answer the exam questions through the Exam Client Software Interface. Their answers are then submitted to the Exam Server along wit

56、h a signed message digest to ensure the integrity.</p><p>　　6.Processing students’ answers to determine their grades in the test. The Exam Server has to evaluate students’ answers according to the questions’

57、 correct solutions pre-defined by the teacher. Then it has to generate the appropriate reports.</p><p>　　7.Reporting: The Exam Engine has to generate a set of reports to enrich the assessment process, like:&

58、lt;/p><p>　　Subject’s Exam Report: It reflects statistical in- formation about a particular exam (Students’ Grades, Min, Max and Average Grade, etc.).</p><p>　　Student’s General Report: It reflects

59、 general in- formation about the performance of a particular student in the whole semester/year. It shows his/her scored marks in all subjects and calculates his/her GPA and other statistical values.</p><p>

60、　　Teacher’s Report: It shows the average performance of students in all the subjects given by a particular teacher.</p><p>　　2.2Turbo-Mode Assessment</p><p>　　This service can be useful for cond

61、ucting arbitrary quizzes during class time rapidly. It increases or decreases the level of the questions in a reactive manner. Assuming we have five levels of questions (A, B, C, D, and E), the Exam Server starts asking

62、each student questions of level C. According to the student's answers, it increases or decreases the level of the questions in a reactive manner. As a result, student’s level can be determined using fewer questions a

63、nd in a shorter time (binary </p><p>　　2.3 Preventing the “Unattended Exam” Issue</p><p>　　In a Wi-Fi based network, we cannot guarantee that each student is going to attend an exam from a dedic

64、ated classroom. A student can simply sit in a nearby room and log in to the exam system through the Wi-Fi network. He/she can subsequently open his/her course notes and use it to answer the questions illegally. To encoun

65、ter this</p><p>　　issue, we propose the following strategies.</p><p>　　2.3.1 Proctor Approval based Strategy</p><p>　　This strategy best suits the case in which we have a small numb

66、er of students and the proctor is familiar with them. Once the student logs in to the exam system, before he/she gets enrolled into the exam, his/her name will be populated in a list shown in the proctor’s mobile device

67、through the Exam Enrollment Confirmation Interface. The proctor has to physically check that all students whose names are listed are present in the dedicated class room to approve their enrollment request accordingly.<

68、;/p><p>　　2.3.2QR-Code based Strategy</p><p>　　This strategy is suitable for medium/large number of students where the proctor may not be familiar with all examinees. In this strategy the Exam Serv

69、er has to generate a QR-code based exam access token for every student according to the following procedure.The Exam Server generates an RSA public key pair specifically used to generate the exam access to- kens as shown

70、 in Table 1.</p><p>　　The Exam Server repeats steps 2-5 for all students involved in the exam. All access tokens, ordered by student numbers, are printed on a special paper which can be teared easily from th

71、e dash-line as depicted in Fig. 3. The proctor is given the access token list in the exam center before the exam.</p><p>　　A student gets into the dedicated exam room and obtains his/her access token from th

72、e proctor. After he/she signs into the exam system through the Exam Client Software (ECS) installed on the student’s mobile/tablet device, ECS asks the student to present his/her access token in front of the mobile/table

73、t device camera. This process guarantees that no student can log in to the exam system from another room as access tokens are not distributed there. In case a student must leave the room for an em</p><p>　　T

74、he process of distributing exam tokens can be auto mated if the school can afford equipping every exam table with a Wi-Fi enabled, mini, black and white LCD screen (in the size of a hand watch screen).</p><p&g

75、t;　　2.3.3NFC based Strategies</p><p>　　2.3.3.1Network NFC Reader and NFC-Enabled Student ID Cards</p><p>　　In this strategy, the Exam Server signs every student’s general information, such as st

76、udent’s number and name, using its Private Key. The generated signature is further stored on a write-once NFC-enabled ID card as the one shown in Fig. 4. On the other hand, every exam room is equipped with a simple wall-

77、mounted network NFC Reader like the one depicted in Fig. 5.</p><p>　　Once a student enters an exam room, he/she is sup- posed to swipe his/her NFC-enabled ID card on the net- work NFC reader of the exam room

78、 before he/she gets seated. When the student logs into the exam system, the Exam Server checks whether the exam’s corresponding NFC reader has previously logged the student’s signed information. This guarantees that the

79、student is within the dedicated exam room.</p><p>　　This method, however, has a security flaw. A student may give his/her ID card to an accomplice and ask him/her to enter the class room and swipe the card

80、 over the NFC reader on his/her behalf. The accomplice may sit in the exam room idle allowing the student to log in to the system from a neighboring room (he/she will be allowed to log in because his/her card was swiped

81、over the NFC reader). Here is the job of the proctor to ensure that every student who swipes his/her ID card over the NFC reade</p><p>　　2.3.3.2Exam NFC Tag and NFC-Enabled Mobile Devices</p><p>

82、;　　In this strategy, the Exam Server generates a generic access string as shown in Table 6. It then signs the access string with its Private Key and stores the result on a write-once NFC tag as the one shown in Fig. 6. T

83、he proctor collects the NFC tag from the exam center and sticks it to a proper place in the dedicated exam room.</p><p>　　When a student enters the exam room, he/she will pass his/her NFC-enabled mobile/ta

84、blet device over the NFC tag. Then, ECS has to send the value read to get validated by the Exam Server before it allows the student to log in. If it is a bottleneck to ask all the students to swipe over a single tag, the

85、 Exam Server can generate 3-5 tags which can be distributed to different places in the dedicated exam room for simultaneous enrollment process.NFC tags are extremely cheap; however, this strategy</p><p>　　2.

86、4Providing an Appropriate Mechanism for Anti- impersonation</p><p>　　Student authentication for exam enrollment is a serious issue. Especially when there is a large number of students attending the exam and

87、the proctor does not know all of them personally. A student may employ an impersonator, providing his/her credentials, to attend the exam on his/her behalf. To prevent impersonation, we recommend the adoption of a well-k

88、nown biometric-based authentication technology, such as face recognition, to serve as a supplementary access key.</p><p>　　Authentication based on face recognition is a long standing problem that has been st

89、udied extensively and several well-established techniques have made it a very common authentication approach [30], [31], [42]. There are plenty of methods available in the literature which can be classified as template-b

90、ased vs. geometric-based, appearance-based vs. model-based, holistic vs. piecemeal. Due to ever-increasing use of mobile devices, new algorithms for secure authentication on such devices attract c</p><p>　　C

91、omputational load imposed by the face recognition algorithms is generally one of the key issues. However, the current computational power of the mobile devices gives a pave to obtain a real-time application of face recog

92、nition. Extensive research effort is dedicated to improve the real-time performance of face recognizer by utilizing available embedded GPUs on mobile devices [46], [47], [48]. In SEMS, we plan to utilize the OpenCV libra

93、ry [49], which allows easier development of proven algorith</p><p>　　In the proposed system, a face recognition module will be integrated with the OAuth protocol as a second authentication factor. A student

94、will firstly be authenticated using his/her own username and password, whereupon he/she will be prompted to take a proper pause in front of his/her mobile/tablet device camera. The software on the student’s device will b

95、e responsible for capturing a proper face. Since current computational power of mobile devices allows us to implement feature extraction secti</p><p>　　Spoofing attacks are of concern with respect to face re

96、cognition security, but are taken into consideration by the research community [50], [51]. There are plenty of techniques such as liveness detection [52] and progressive authentication [53] which can be easily integrated

97、 in the face recognition module to counter-attack spoofing. Thus, we believe that face recognition is a usable, highly secure, and efficient biometric-based authentication mechanism that can be adopted as a second authen

98、ticat</p><p>　　2.5Preventing Students from Exchanging Mobile/Tablet Devices during an Exam</p><p>　　Beyond all the enforced security mechanisms discussed earlier and those which are going to be

99、discussed later on in this paper, students might still attempt to cheat by simply exchanging their mobile/tablet devices after they get authenticated by the Exam Server. To prevent this issue, ECS tries to re-authenticat