loading
Documents

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Jannik Dreier 1 ; Rosario Giustolisi 2 ; Ali Kassem 3 ; Pascal Lafourcade 4 ; Gabriele Lenzini 2 and Peter Y. A. Ryan 2

Affiliations: 1 ETH Zurich, Switzerland ; 2 SnT/University of Luxembourg, Luxembourg ; 3 Université Grenoble Alpes, France ; 4 University d'Auvergne, France

ISBN: 978-989-758-045-1

Keyword(s): Electronic Exams, Formal Verification, Authentication, Privacy, Applied Pi-Calculus, ProVerif

Related Ontology Subjects/Areas/Topics: Data and Application Security and Privacy ; Formal Methods for Security ; Identification, Authentication and Non-Repudiation ; Information and Systems Security ; Privacy ; Security in Information Systems ; Security Protocols ; Security Requirements ; Security Verification and Validation

Abstract: Universities and other educational organizations are adopting computer and Internet-based assessment tools (herein called e-exams) to reach widespread audiences. While this makes examination tests more accessible, it exposes them to new threats. At present, there are very few strategies to check such systems for security, also there is a lack of formal security definitions in this domain. This paper fills this gap: in the formal framework of the applied pi-calculus, we define several fundamental authentication and privacy properties and establish the first theoretical framework for the security analysis of e-exam protocols. As proof of concept we analyze two of such protocols with ProVerif. The first “secure electronic exam system” proposed in the literature turns out to have several severe problems. The second protocol, called Remark!, is proved to satisfy all the security properties assuming access control on the bulletin board. We propose a simple protocol modification that removes the need of such assumption though guaranteeing all the security properties. (More)

PDF ImageFull Text

Download
Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.225.38.2

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Dreier J., Giustolisi R., Kassem A., Lafourcade P., Lenzini G. and Y. A. Ryan P. (2014). Formal Analysis of Electronic Exams.In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 101-112. DOI: 10.5220/0005050901010112

@conference{secrypt14,
author={Jannik Dreier and Rosario Giustolisi and Ali Kassem and Pascal Lafourcade and Gabriele Lenzini and Peter Y. A. Ryan},
title={Formal Analysis of Electronic Exams},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={101-112},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005050901010112},
isbn={978-989-758-045-1},
}

TY - CONF

JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - Formal Analysis of Electronic Exams
SN - 978-989-758-045-1
AU - Dreier J.
AU - Giustolisi R.
AU - Kassem A.
AU - Lafourcade P.
AU - Lenzini G.
AU - Y. A. Ryan P.
PY - 2014
SP - 101
EP - 112
DO - 10.5220/0005050901010112

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.