INCA: um serviço de segurança para ambientes de ensino colaborativos
Abstract
Research efforts on e-Learning systems have mainly focused on the provision of learning contents for users, but these efforts have not considered security requirements in the implementation of such systems. However, threats to security may not be neglected, as these applications are usually built using heterogeneous, distributed and open architectures. This feature may make these systems vulnerable to ill-intentioned users. This work presents the INCA (Integrity, Non Repudiation, Confidentiality and Authenticity), a service that provides security through the technology of Web Services and aims at meeting the security requirements of e- Learning environments developed in different architectures and programming languages. The use of web services to provide security in e-Learning environments will complement the features of such environments, not being limited to platforms in which the client system was developed. INCA uses cryptography and digital signature to provide integrity, non-repudiation, confidentiality and authenticity. Through the tests it could be seen that INCA provides security for e-learning environments in a flexible, configurable, scalable and efficient way. The main features of INCA are presented in this work, with their employability in a case study for the upload tool for Sakai and Moodle environments, which were modified so that they could make use of INCA. The contribuition of this work is the case study implementation for the above mentioned environments, since such tool in these systems does not have security services. Such modifications were necessary to evaluate the applicability of the INCA in different environments. The case study shows the proof of concept for the security service presented in this work.