J. C. Granda, Pelayo Nuño, D. García, F. J. Suárez
{"title":"Security Issues in a Synchronous e-Training Platform","authors":"J. C. Granda, Pelayo Nuño, D. García, F. J. Suárez","doi":"10.1109/ARES.2011.75","DOIUrl":null,"url":null,"abstract":"Synchronous e-training is emerging as an alternative for developing human resources training plans in large organizations. Real-time communications are used to emulate face-to-face interaction that occurs in on-campus learning environments. However, the security concerns that a synchronous e-training platform must face may compromise the integrity, availability and confidentiality of corporate information, which may lead to serious economic and legal consequences. The disclosure of corporate information or the unauthorized participation in e-training activities must be prevented. In this paper, the security issues in synchronous e-training are identified, and the threats to a real e-training platform are analyzed. The platform is organized into four virtual networks with different security requirements and vulnerabilities. The platform assumes that multicast communications are available in the underlying corporate network. The threats affecting each element of the platform and their impact on e-training activities are discussed. Finally, a security scheme is proposed fixing the aforementioned vulnerabilities. Digital certificates and encryption algorithms solve most of the vulnerabilities, but other techniques such as access control lists and user skills on security basics are essential. Most of the proposed scheme is applicable to other real-time communication systems, since the e-training platform is built using standard technologies commonly used in voice over IP systems.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"185 5-6","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 Sixth International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2011.75","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
Synchronous e-training is emerging as an alternative for developing human resources training plans in large organizations. Real-time communications are used to emulate face-to-face interaction that occurs in on-campus learning environments. However, the security concerns that a synchronous e-training platform must face may compromise the integrity, availability and confidentiality of corporate information, which may lead to serious economic and legal consequences. The disclosure of corporate information or the unauthorized participation in e-training activities must be prevented. In this paper, the security issues in synchronous e-training are identified, and the threats to a real e-training platform are analyzed. The platform is organized into four virtual networks with different security requirements and vulnerabilities. The platform assumes that multicast communications are available in the underlying corporate network. The threats affecting each element of the platform and their impact on e-training activities are discussed. Finally, a security scheme is proposed fixing the aforementioned vulnerabilities. Digital certificates and encryption algorithms solve most of the vulnerabilities, but other techniques such as access control lists and user skills on security basics are essential. Most of the proposed scheme is applicable to other real-time communication systems, since the e-training platform is built using standard technologies commonly used in voice over IP systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
