Presentation is loading. Please wait.

Presentation is loading. Please wait.

Requirements for Building a Secure System for Online Performance Evaluations Dan Rubin, James Tsai, James Watson and Philip Varner December 4, 2000 David.

Published byMervyn Morris Modified over 9 years ago

Similar presentations

Presentation on theme: "Requirements for Building a Secure System for Online Performance Evaluations Dan Rubin, James Tsai, James Watson and Philip Varner December 4, 2000 David."— Presentation transcript:

1 Requirements for Building a Secure System for Online Performance Evaluations Dan Rubin, James Tsai, James Watson and Philip Varner December 4, 2000 David Evans, CS 551

2 Meet Johnny Q. Survey It’s time to fill out those surveys What does Johnny want? –Anonymity –Relatively simple, quick method to fill them out

3 Meet SEAS D. Admin What he wants –One evaluation per student per class –Only valid students doing the evaluations –“Valid” results

4 The current system This is what Johnny sees: –Gets an email

5 The current system

6 Current system problems The initial password is sent in the email Initial attack can break in, create PIN, evaluate, and be all done. Original system was on blue.unix. We were able to hack into the system!

7 Sample evaluation “Comment1.9 : Dear XXXXXX, This system of evaluating is horrible. I am glad you know exactly when I submit my evaluation. The reminder e- mails really helped. Also the pin number with my login was a nice touch. Now you will never know it is me. No. This system of evaluating is horrible. The only thing more horrible was its hounding e-mails.”

8 Other Schools RPI study says 85% use paper and pencil 2% are online MIT – uses certificates! JHU’s College of A&S – only asks for SSN!

9 Requirements/Suggestions Encrypted transactions. Evaluation and name are not linked. Isolation of database/server. IP restrictions. Ease of use. Analyze how many evaluations come from a given IP address in a certain amount of time.

10 Demo

11 Highlights of Prototype Implementation Intuitive web-based user interface Encrypted communications using Apache-SSL Eval ID links to classes, doesn't link to person 3-tier system- Browser + Apache-SSL/PHP + MySQL Access to results is fine-grained (coming soon)

Download ppt "Requirements for Building a Secure System for Online Performance Evaluations Dan Rubin, James Tsai, James Watson and Philip Varner December 4, 2000 David."

Similar presentations

Support.ebsco.com Creating Search Alerts Tutorial.

Support.ebsco.com Creating Search Alerts Tutorial.
1.Click on the Need a login? Click here. link directly beneath the login boxes. 2.Enter your social security number & birth date. When finished, click.

1.Click on the Need a login? Click here. link directly beneath the login boxes. 2.Enter your social security number & birth date. When finished, click.
You are responsible for security of your internet banking transactions ONLINE.

You are responsible for security of your internet banking transactions ONLINE.
Welcome to the CardSaver VoIP Billing & Call Management Demonstration © 2004, Parwan Electronics Corporation.

Welcome to the CardSaver VoIP Billing & Call Management Demonstration © 2004, Parwan Electronics Corporation.
WILEY GUIDE TO CREATING USER REGISTRATION ON WILEY ONLINE LIBRARY

WILEY GUIDE TO CREATING USER REGISTRATION ON WILEY ONLINE LIBRARY
Individual Bidder Enrollment

Individual Bidder Enrollment
Creating an Amazon Simple Email Service Account. 1- Sign Up for an Amazon Account 2- Verify Sending Email Account or Domain 3- Send Test Message 4- Request.

Creating an Amazon Simple Service Account. 1- Sign Up for an Amazon Account 2- Verify Sending Account or Domain 3- Send Test Message 4- Request.
Support.ebsco.com EBSCOadmin Security Tutorial. Welcome to EBSCO’s tutorial on EBSCOadmin Security, where you control access to your EBSCOadmin module.

Support.ebsco.com EBSCOadmin Security Tutorial. Welcome to EBSCO’s tutorial on EBSCOadmin Security, where you control access to your EBSCOadmin module.
CS 1604 Introduction to the Internet Jiten Maheswary

CS 1604 Introduction to the Internet Jiten Maheswary
Online Login Security Enhancement Creating an online username & password January, 2015.

Online Login Security Enhancement Creating an online username & password January, 2015.
Welcome to University Housing’s UCHOOSE Tutorial.

Welcome to University Housing’s UCHOOSE Tutorial.
Ajay Joshi. Function  Simple opening screen with large icons for each ‘grouping’ (Efficient)  Opens through a web browser (Efficient)  First time you.

Ajay Joshi. Function  Simple opening screen with large icons for each ‘grouping’ (Efficient)  Opens through a web browser (Efficient)  First time you.
Conversion of Faculty Evaluations to an On- Line Format Catherine Hackett Renner SUNY Geneseo Larry Piegza Gap Technologies, Inc. OnlineCourseEvaluations.com.

Conversion of Faculty Evaluations to an On- Line Format Catherine Hackett Renner SUNY Geneseo Larry Piegza Gap Technologies, Inc. OnlineCourseEvaluations.com.
On-line Co-op Evaluation System Digital Evaluation Systems.

On-line Co-op Evaluation System Digital Evaluation Systems.
Instructions on how to apply electronically to: Summer College for High School Students (U.S. Students or International Students) Summer Academy for High.

Instructions on how to apply electronically to: Summer College for High School Students (U.S. Students or International Students) Summer Academy for High.
An overview of the electronic work permit system in use at the ISAC facility ISAC Electronic Work Permit System Rob Shanks, TRIUMF, Vancouver CANADA,

An overview of the electronic work permit system in use at the ISAC facility ISAC Electronic Work Permit System Rob Shanks, TRIUMF, Vancouver CANADA,
COIS11011 Resource Package. How can MyITLab help you? Online training resource to improve your skills in Office Applications Online training resource.

COIS11011 Resource Package. How can MyITLab help you? Online training resource to improve your skills in Office Applications Online training resource.
+ Working in Your CCE Online Course Site. + Structure of CCE Online Course Sites CCE online courses use the document sharing and collaboration features.

+ Working in Your CCE Online Course Site. + Structure of CCE Online Course Sites CCE online courses use the document sharing and collaboration features.
Federal Student Aid Identification username and password – this is how students and parents will sign the FAFSA application. The FSA ID process replaced.

Federal Student Aid Identification username and password – this is how students and parents will sign the FAFSA application. The FSA ID process replaced.
Board of Canadian Registered Safety Professionals Certification Maintenance Online Tool BCRSP introduces a new web-based tool to assist certificate holders.

Board of Canadian Registered Safety Professionals Certification Maintenance Online Tool BCRSP introduces a new web-based tool to assist certificate holders.

Similar presentations

Ads by Google