Title :
Secure exams despite malicious management
Author :
Bella, Giampaolo ; Giustolisi, Rosario ; Lenzini, Gabriele
Author_Institution :
Dipt. di Mat. e Inf., Univ. di Catania, Catania, Italy
Abstract :
An exam is a practise for assessing the knowledge of a candidate from an examination she takes. Exams are used in various contexts, such as in university tests and public competitions. We begin by identifying various security and privacy requirements that modern exams should meet, especially in the prospect of them being supported by information and communication technologies. These requirements extend well beyond ensuring authenticating the candidate and preventing her from cheating. Cheating is routinely enforced by invigilation by trusted parties, whereas we discuss that an exam should meet its security and privacy requirements against stronger threat models, including malicious exam authorities. Thus exams must be designed with the care normally devoted to security protocols, and in such a mindset we present WATA IV, a new protocol that meets our security and privacy requirements even when an exam manager is malicious.
Keywords :
computer aided instruction; data privacy; security of data; trusted computing; WATA IV; exam manager; information and communication technologies; malicious exam authorities; malicious management; privacy requirements; public competitions; secure exams; security protocols; security requirements; trusted parties; university tests; Authentication; Cryptography; Educational institutions; Privacy; Protocols; Testing;
Conference_Titel :
Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on
Conference_Location :
Toronto, ON
Print_ISBN :
978-1-4799-3502-4
DOI :
10.1109/PST.2014.6890949
