Improving The Security of E-Exam Systems

Abstract

Though e-exams have their advantages like accuracy and speed reduced human intervention, there are some flaws as well. These flaws are security threats, the same way as traditional exams are exposed to them such as cheating or unauthorized access. Furthermore, e-exams are also exposed to threats like impersonation and tampering or accessing exam related data and information on servers. As a result, there is a need to establish a strong security framework within the e-exam system that universities adopt, such that smooth and timely conduction of exams can take place. The present study deals with such security threats of e-exam systems and provides a solution by proposing a new security framework, to deal with these threats. Based on the primary data, a security framework of e-exam system was proposed at university levels. This security model aimed to mitigate the threats determined during the survey, along with the strategies and system requirements suggested by the survey respondents. The proposed framework provides security at two levels. Firstly, at the university level using biometric authentication and user login authentication. The second level was the cloud level, where four security methods (encryption, anti-X, security system access and SQL injection) were added to secure the data in the cloud (application server side). Further it is suggested in the model to use Infrastructure as a service (IaaS) for cloud computing because of its various advantages and security options which have been discussed in the model.