View
213
Download
0
Category
Tags:
Preview:
Citation preview
A Secure Examination System with Multi-Mode
Input on the Web
Alex ShafarenkoDept Computer Science
University of Hertfordshire
Challenges of automated examination
• Authentication and security– Assurance of personal identity
– Tamper-free data connection
• Prevention of Plagiarism and of Solution by Imitation– Multi-form input: text, diagrams, math,
etc,– Concealment of question pattern via
random presentation
Challenges of automated examination
• Assessment automation– Graded assessment of answers– Adaptive grading of complexity
• Flexibility– Random selection from a large question
base
– Self-steering
Authentication and Security: Web-supported
techniques
• Password protection inadequate– standard password-protection schemes
are used for access prevention, not authentication(no password - no access, but if you have one, you can be anybody)
– relies on password owner keeping it secret– password owner should not benefit from
divulging password
• Examination candidates– require authentication, not access
restriction (can see all content, but have to be a particular person to submit answers)
– may tell their password to a colleague and benefit from it
• Authentication by certificate– Involves responding to a code challenge– Similar to password protection, except
cannot be eavesdropped on– Still vulnerable to voluntary disclosure
Authentication of human subjects
Unix workstations
Secure the browser
Examination Procedure
Before session:• Invigilator logs in to server,
obtains session code• Invigilator enters session
code to his/her w/station• Candidate list with auth.
codes is produced• Invigilator logs in to each
w/station special "candidate" account is logged in
• log-in script starts browser with o/lay windows
• short-cuts and external access is disabled browser displays intial dialog screen
• Session starts• Candidates enter the room in
any order when a w/station is free
• Each candidates presents an ID and gets the auth. code
• He or she proceeds to a free w/station
• Enters name and auth. code• initial dialog screen
communicates login data to server
• server checks and then invalidates auth. code
• server uploads the exam paper
• candidate enters his or her answers
• session terminates, candidate leaves
• browser displays initial dialog
Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx xxx Xxx xxxxx xxxx xxxx xxxx xxxxxx
xxx
Structure of the test Web page
answerapplets
“submit” applet
Timer applet
Communication solution
text-baseinterface
Multi-choice examination method:
decision spaceSelection choice
n out of m ;yes/no
…
Semantic choice
Choose the rightanswer out of all possible
English sentences
Structural choice
Choose the rightanswer out of all possibleclusters of building blocks
S y n t h e t i c v i e w
Build your answerby selection of n blocks
out of m into a set
Build your answerby putting building blocks
into a structure
Build your answerby putting building blocks
into a semantic entity
Formula input applet
Graph input applet
Other issues
• Test page scripting– extended HTML with choice and
randomisation directives– language for specifying correct
answers and assessment procedures– adaptive testing
Conclusions
• Secure exam system is developed and evaluated on a large group of students
• Java “security” issues and lack of exam-relevant security have been overcome
• Needs XML support for exam database• Needs GUI for exam paper preparation
Recommended