Authentication and Authorisation for Widget-based Applications in a Loosely-coupled Web eLearning Environment

Jean-Noël Colin, Minh Tien Hoang

2014

Abstract

In this paper, we discuss the mechanisms used for authentication and authorisation of users in a widget-based web environment that integrates multiple components from multiple providers running at multiple locations. Users are typically teachers and pupils who access our platform either directly or through their usual Learning Management System (LMS). Although the technologies used themselves are not new, we believe that the approach we follow is innovative enough in their integration and use. Our approach is based on a survey ran among european teachers about their practices in terms of user credentials usage and sharing.

References

  1. Aghaee, S. and Pautasso, C. (2012). An evaluation of mashup tools based on support for heterogeneous mashup components. In Harth, A. and Koch, N., editors, Current Trends in Web Engineering, volume 7059 of Lecture Notes in Computer Science, pages 1- 12. Springer Berlin Heidelberg.
  2. Colin, J.-N. and Simon, B. (2012). D7.2: Second generation of iTEC shells and composer. Project deliverable 7.2, University of Namur.
  3. Crocker, D. (2008). Augmented BNF for Syntax Specifications: ABNF. RFC 5234, RFC Editor.
  4. De Keukelaere, F., Bhola, S., Steiner, M., Chari, S., and Yoshihama, S. (2008). Smash: secure component model for cross-domain mashups on unmodified browsers. In Proceedings of the 17th international conference on World Wide Web, WWW 7808, pages 535-544, New York, NY, USA. ACM.
  5. Ferraiolo, D. F., Sandhu, R., Gavrila, S., Kuhn, D. R., and Chandramouli, R. (2001). Proposed nist standard for role-based access control. ACM Trans. Inf. Syst. Secur., 4(3):224-274.
  6. Foundation, O. (2007). Openid authentication 2.0. http: //openid.net/developers/specs/.
  7. Hardt, D. (2012). The OAuth 2.0 Authorization Framework. RFC 6749, RFC Editor.
  8. Saltzer, J. and Schroeder, M. (1975). The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278-1308.
  9. Team, A. S. (2013). Apache shiro reference documentation. http://shiro.apache.org/reference.html.
  10. Wilson, S., Sharples, P., Griffiths, D., and Popat, K. (2011). Augmenting the vle using widget technologies. Int. J. Technol. Enhanc. Learn., 3(1):4-20.
  11. Zibuschka, J., Herbert, M., and Roßnagel, H. (2010). Towards privacy-enhancing identity management in mashup-providing platforms. In Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy, DBSec'10, pages 273-286, Berlin, Heidelberg. SpringerVerlag.
Download


Paper Citation


in Harvard Style

Colin J. and Tien Hoang M. (2014). Authentication and Authorisation for Widget-based Applications in a Loosely-coupled Web eLearning Environment . In Proceedings of the 10th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-758-023-9, pages 17-26. DOI: 10.5220/0004795700170026


in Bibtex Style

@conference{webist14,
author={Jean-Noël Colin and Minh Tien Hoang},
title={Authentication and Authorisation for Widget-based Applications in a Loosely-coupled Web eLearning Environment},
booktitle={Proceedings of the 10th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2014},
pages={17-26},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004795700170026},
isbn={978-989-758-023-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 10th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - Authentication and Authorisation for Widget-based Applications in a Loosely-coupled Web eLearning Environment
SN - 978-989-758-023-9
AU - Colin J.
AU - Tien Hoang M.
PY - 2014
SP - 17
EP - 26
DO - 10.5220/0004795700170026