E-LEARNING has experienced such an extraordinary growth over the last years that its global industry market is estimated to be worth USD 91 billion . Learn-ing Management Systems (LMSs), due to being essential tools of e-learning, have been adopted by many organiza-tions to establish and provide access to online learning services. Nowadays, the success of LMSs is so great: 74% of the US corporations and educational institutions cur-rently offering e-learning employ LMSs in their training programs . In Spain, over 90% of the universities and colleges use an LMS . According to , 29% of the or-ganizations (banking sector, retailing sector, etc.) in Tur-key have adopted e-learning applications. Globally, 79.5% of large companies were reported to be using these sys-tems in their training programs in 2008  and the market for LMS is estimated to have an annual growth rate of about 25.2% through the year 2018 . The expansion of mobile devices, meanwhile, is providing new ways to learn (mobile learning or m-learning). The 2015 Horizon Report  mentions that Bring Your Own Device (BYOD) learning technology is expected to be increasingly adopted by institutions in one year’s time or less to make use of mobile and online learn-ing. Forecast of the number of smartphone users for 2019 is 5.6 billion globally which is three times that for 2013 . Thus, LMSs must change to adapt to new user require-ments and technologies. For example, interaction with external applications, such as social networks and mobile applications, must be incorporated in LMSs  to facili-tate personal learning demands that happen anywhere and at any time. M-learning puts the control of the learning process in hands of the learner itself  and enhances collaboration and flexibility. It is concluded in  that having a mo-bile, accessible e-book is “perceived to benefit student learning due to the value placed on the affordance of situated study in everyday life.” The students that partic-ipated in this study expressed feelings of competence and high self-efficacy, and that they were able to learn more using their e-books. Moreover, among other technological factors impacting the future of m-learning, Rao et al.  asserted that cloud computing would make mobile learn-ing more efficient in many ways, ultimately in time and cost. A web portal developed using Amazon’s cloud computing service is presented in  whereby teachers without programming skills can implement interactive learning processes. The materials developed can be used with mobile applications on Android and iOS based de-vices. Some of the contributions of m-learning  are: 1.It is learner-centered . 2.It is a new alternative for information delivery and 3.It enhances collaborative learning . On the other hand, m-learning faces several challenges  such as: 1.Lack of teacher confidence, training or technical difficulties with mobile devices , . 2.Lack of institutional support , . 3.Interoperability problems with LMSs . 4.Security and privacy issues , . One possible solution to overcome these challenges is the integration of m-learning initiatives with LMSs. From students’ point of view, m-learning could personalize their learning process as well as enable them to collabo-rate with other students or teachers. From teachers’ point of view, they could continue to use LMSs as their work-ing platform, leaving mobile devices for students. The problem, however, is that the integration between m-learning applications and LMS is not an easy task. Indeed, LMSs do not generally contain interoperability standards to communicate with external applications; they are usu-ally designed as monolithic or layered systems . Moodle, as one of the mostly accepted and widely used open-source LMS, is a web-based application. It had a user base of 83008 registered and verified sites, serving 70696570 users in 7.5+ million courses with 1.2+ million teachers as of June 2013 . Yet, due to the fact that it is not made to be service oriented, its services cannot be consumed through client applications other than web browsers. This has limited its scope of use to personal computers; therefore, the Moodbile Project  was con-ceived to extend the Moodle functionality to the world of mobile devices. This project aims to enable mobile learn-ing applications to work together with the widely accept-ed Moodle LMS by incorporating the appropriate external web services into Moodle architecture or redesigning certain components of Moodle to be service oriented. Even though Moodle 2.0 already had a collection of web services, these web services focused on developing an API suitable for massive batch actions like user or course creation and inscriptions. They are not, however, suitable for the integration of mobile learning applica-tions and do not properly address security management issues. Moodle Architecture is designed following the classic three-tier architecture where the major part of business logic is located at Domain Tier as illustrated in Fig. 1. While Domain and Presentation tiers have not been changed with respect to Moodle Architecture, the Mood-bile extension has created two tiers:
1.An External Tier where the actual services for mo-bile integration are defined. This layer can basical-ly access methods from the standard LMS API. 2.A Connectors Tier consisting of connectors for supported web services communication protocols like SOAP and JSON-RPC. Each connector imple-ments the translation of the services defined in the External Tier to the specific protocol. At the same time, this tier provides additional web services protocols and authentication methods more suita-ble for mobile devices, such as OAuth .
Therefore, Moodbile project is to provide an extension that would turn Moodle into a web services provider for mobile applications, with the design of a web-service layer to access most suitable Moodle features for mobile applications. However, while Moodbile serves as an ex-cellent extension to Moodle to bring its widely adopted services, such as administration, documentation, delivery of e-learning courses or training programs, to the mobile world, it never touches the Moodle Quiz Engine which was originally coded using PHP in a way that makes it very difficult to be service oriented. Consequently, Moo-dle Quiz Engine can only be accessed through web browsers, not through mobile apps. Web browsers are not considered as reliable platforms to conduct exams on mobile/tablet devices; they are slow, prone to security vulnerabilities, and may shutdown for many reasons. Security in e-learning for various environments in gen-eral has been well-considered in literature from early on , , . Scholars have offered various protection measures against security threats originating from both the user side and the management side . A significant component of e-learning processes is online exams. It is clearly desirable to simplify exam management such that all exam stages are performed electronically, so exams become e-exams. A number of e-exam systems for various purposes, ranging from custom adaptive systems  to commercial solutions ,  have been developed. However, e-exams carry such unique and specific securi-ty issues that more of user-centered and technology-supported countermeasures need to be implemented , . Frank  introduced a reference model based on types of risks that threaten integrity of e-exams and eval-uated three commercial systems using this model. The classical approach to perform e-exams involves providing specific exam centers equipped with machines configured with static security policy to be used only for exam purposes. This approach brings about the cost of creation and upkeep of the environment, and continuous underutilization thereof. Also, such policies cannot be applied in m-learning environments where the students’ mobile/tablet devices are meant to be used for general purposes, e.g. Internet browsing or e-book reading, as well as for the sake of exams. Using students’ mobile devices as exam stations offers the advantages of low cost, more exam takers at the same time, and no need for a wired network. Thus, a dynamic security policy is needed in this case with an appropriate enforcing mecha-nism. To the best of our knowledge, this issue has not yet been addressed by any previous work for the same envi-ronment.Moodbile Project does not address the security and privacy issues related to conducting exams in m-learning environment, and neither does the Moodle Quiz Engine which emphasizes only on the learning process not on securing the examination process. The “Secure Exam Environment” described in  supports exams based on Moodle to be taken by students on laptops. The system denies access to local files and Internet, but allows the use of certain programs like Excel and Java applications. Stu-dents have to connect their laptops to the wired LAN and boot from a USB drive or DVD. Other e-exam systems developed based on mobile platforms with wireless ac-cess ,  lack proper security considerations and exam management functions. This paper aims to design a Secure Exam Management System (SEMS) that meets the distinct security require- ments of m-learning environments and to integrate it with the current Moodle/Moodbile platform. This will result in a complete LMS that is both equipped with se-cure exam services and suitable for m-learning. Our in-tention of integrating SEMS with a well-known LMS such as Moodle is so to get the benefits of Moodle’s ready-made services in other learning aspects such as course material administration, documentation, etc. which have been experienced and appreciated for the last 15 years. However, the proposed SEMS can also work as a standalone secure exam management system for m-learning environments without integration with Moodle. The paper is organized as follows: Section 2 presents the core services and functionalities of SEMS Exam En-gine. Section 3 introduces SEMS Security Agent that en-forces the dynamic network access control on students’ mobile devices during exams. Section 4 discusses various network issues that can affect the exam process. Section 5 is on SEMS integration with Moodle/Moodbile frame-work. Finally, Section 6 presents a survey conducted about SEMS.Although the proposed SEMS design is platform inde-pendent, the paper presentation adopts Android platform as a case-study for the following reasons:1.Android devices are more affordable for students. 2.According to IDC, Android dominated the market with a 78% in the first quarter of 2015 . 3.Android is supported by many enterprises such as Google, HTC, Sony, Intel, LG, and Samsung . 4.For better compatibility with Fatih Project , the Turkish government project that seeks to integrate computer technology into Turkey’s public educa-tion system. It will be fully developed on Android.
SEMSEXAM ENGINE CORE SERVICES AND FUNCTIONALITIES
The Quiz Engine embedded in Moodle is not built based on Service Oriented Architecture. It is implemented as a bulk of PHP code which has to be accessed through standard web browsers that are a bit slow on mobile de-vices and cannot address the exam security issues that exist in m-learning environment. Moodbile services ex-tension to Moodle does not touch the Moodle’s Quiz En-gine. Thus, we need to develop a new Quiz Engine that can be deployed as a service oriented application, so that its services can be consumed by a mobile application designed to cater to m-learning specific security require-ments. As well, it should be integratable with Moo-dle/Moodbile in order to have a complete LMS which suites the m-learning environment and addresses all of its security issues. The core services of the proposed Exam Engine are discussed below.
- Secure and Random Distribution of Exam Questions
This service provides the following functionalities:
1.Enabling the teacher to define a bank of exam questions and to link them to his/her subject through an appropriate interface (Subject’s Ques-tion Bank Interface). In case of objective kind of questions, each question may have a set of options. The teacher has to provide those options through the same interface and specify the correct choices among them to enable the exam engine to auto-evaluate students’ answers. In case of descriptive kind of questions, a text box (or probably a sketch-ing canvas) will appear below each question at the student device screen to allow him/her to write/draw the question’s answer; those answers will be saved at server side to be further reviewed and evaluated by the teacher. In addition, each question will have a property to specify its diffi-culty “level” (let’s say: A, B, C, D, and E).
2.Enabling the teacher to specify a subject’s exam properties such as: Date and Time, Duration, Per-centage of level A, level B, and level C questions in the exam paper, etc. through an appropriate inter-face (Subject’s Exam Setup Interface).
3.Securely authenticating and enrolling students, using any of the well-known secure authentication mechanisms, into exams at the pre-defined date and time through the Exam Enrollment Interface. Multifactor authentication can be adopted for stronger security as explained in Section 2.4.
4.Creating exam instances by random distribution of exam questions to the enrolled students’ mo-bile/tablet devices according to the predefined ex-am properties such as percentage of each question level. This means that questions are not going to reach students in the same order. Moreover, the multi-choices of each question, in case of objective questions, will be flipped randomly and delivered differently to each student. The Exam Server asso-ciates the exam questions with a message digest signed by its private key to ensure data integrity. The Exam Server also has to memorize the way it has distributed the questions to each student to be able to evaluate the correct answers once the stu-dents submit their answers back to the Exam Serv-er. This process, illustrated in Fig. 2, guarantees that each student gets different questions order and makes cheating by “hand-signals” impossible. The prepared questions bank is reusable. Teachers can always enrich their courses’ questions bank by adding new questions or upgrading old ones dur-ing the semester. At the exam time, it is the re-sponsibility of the Exam Server to create exam in-stances out of the questions bank. Incorporating the “question level” concept helps the Exam Serv-er to prepare a moderate kind of questions while selecting them out of the questions bank.
5.Students answer the exam questions through the Exam Client Software Interface. Their answers are then submitted to the Exam Server along with a signed message digest to ensure the integrity.
6.Processing students’ answers to determine their grades in the test. The Exam Server has to evaluate students’ answers according to the questions’ cor-rect solutions pre-defined by the teacher. Then it has to generate the appropriate reports.
7.Reporting: The Exam Engine has to generate a set of reports to enrich the assessment process, like: ·Subject’s Exam Report: It reflects statistical in-formation about a particular exam (Students’ Grades, Min, Max and Average Grade, etc.). ·Student’s General Report: It reflects general in-formation about the performance of a particular student in the whole semester/year. It shows his/her scored marks in all subjects and calcu-lates his/her GPA and other statistical values. ·Teacher’s Report: It shows the average perfor-mance of students in all the subjects given by a particular teacher.
2. Turbo-Mode Assessment
This service can be useful for conducting arbitrary quiz-zes during class time rapidly. It increases or decreases the level of the questions in a reactive manner. Assuming we have five levels of questions (A, B, C, D, and E), the Exam Server starts asking each student questions of level C. According to the student’s answers, it increases or de-creases the level of the questions in a reactive manner. As a result, student’s level can be determined using fewer questions and in a shorter time (binary search).
3. Preventing the “Unattended Exam” Issue
In a Wi-Fi based network, we cannot guarantee that each student is going to attend an exam from a dedicated classroom. A student can simply sit in a nearby room and log in to the exam system through the Wi-Fi network. He/she can subsequently open his/her course notes and use it to answer the questions illegally. To encounter this issue, we propose the following strategies.
4. Providing an Appropriate Mechanism for Anti-impersonation Student authentication for exam enrollment is a serious issue. Especially when there is a large number of students attending the exam and the proctor does not know all of them personally. A student may employ an impersonator, providing his/her credentials, to attend the exam on his/her behalf. To prevent impersonation, we recom-mend the adoption of a well-known biometric-based authentication technology, such as face recognition, to serve as a supplementary access key. Authentication based on face recognition is a long standing problem that has been studied extensively and several well-established techniques have made it a very common authentication approach , , . There are plenty of methods available in the literature which can be classified as template-based vs. geometric-based, appearance-based vs. model-based, holistic vs. piecemeal. Due to ever-increasing use of mobile devices, new algo-rithms for secure authentication on such devices attract considerable attention from research community , , . Computational load imposed by the face recognition algorithms is generally one of the key issues. However, the current computational power of the mobile devices gives a pave to obtain a real-time application of face recognition. Extensive research effort is dedicated to im-prove the real-time performance of face recognizer by utilizing available embedded GPUs on mobile devices , , . In SEMS, we plan to utilize the OpenCV library , which allows easier development of proven algorithms such as Eigenfaces, Fisherfaces, and Local Binary Pattern Histograms for face recognition. OpenCV supports ex-ploiting parallel processing power of GPUs. In the proposed system, a face recognition module will be integrated with the OAuth protocol as a second au-thentication factor. A student will firstly be authenticated using his/her own username and password, whereupon he/she will be prompted to take a proper pause in front of his/her mobile/tablet device camera. The software on the student’s device will be responsible for capturing a proper face. Since current computational power of mobile devices allows us to implement feature extraction section of the face recognition, we propose to implement this section as a service on the mobile device. The extracted features will be sent to the Server to be compared against the student’s registered face features and a confirmation will be sent back to the mobile device to approve stu-dent’s identity. Spoofing attacks are of concern with respect to face recognition security, but are taken into consideration by the research community , . There are plenty of techniques such as liveness detection  and progressive authentication  which can be easily integrated in the face recognition module to counter-attack spoofing. Thus, we believe that face recognition is a usable, highly secure, and efficient biometric-based authentication mechanism that can be adopted as a second authentication factor.
5. Preventing Students from Exchanging Mobile/Tablet Devices during an Exam
Beyond all the enforced security mechanisms discussed earlier and those which are going to be discussed later on in this paper, students might still attempt to cheat by simply exchanging their mobile/tablet devices after they get authenticated by the Exam Server. To prevent this issue, ECS tries to re-authenticate the students biometri-cally by asking them to represent their faces in front of the mobile camera on a random basis. With this mecha-nism, students cannot exchange their devices during an exam after getting authenticated as the system at any point of time can ask them to represent their identity. Moreover, the proctor software will have the function-ality to force a particular student attending an exam to get re-authenticated by the system in case any suspicious case occurs. It can simply signal the corresponding student’s ECS to re-initiate the authentication process. ECS will always respond to this signal coming from the exam’s registered proctor device.
6. Following the Widely Accepted Industrial Standards
SEMS Exam Engine must conform to a well-known and widely-adopted set of standards and specifications devel-oped by IMS Global Learning Consortium (IMS-GLC) . IMS-GLC is a specification authoring organization comprised of distributed computer learning system ven-dors, publishers, digital content vendors, government agencies, universities, training organizations, and other interested parties. It is a global and non-profit member organization supported by over 190 of the world’s leaders in educational and learning technology. It has approved and published some 20 standards that are the most wide-ly used learning technology standards in higher educa-tion around the globe. These include meta-data, content packaging, enterprise services, question & test, competen cies, tools interoperability, sharable state persistence, vocabulary definition, and learning design. All IMS-GLC standards are available free of charge via the IMS GLC web site and can be used without royalty. The IMS Ques-tion & Test Interoperability (QTI) specification enables the exchange of item, test and results data between authoring tools, item banks, test constructional tools, learning sys-tems, and assessment delivery systems.