maandag, oktober 23, 2006

Security and data integrity worries

On 10 October Kennisnet, a Dutch organisation that facilitates ict in education, held a meeting about their ePortfolio standard. This ePortfolio standard is a derived localisation of the IMS standard and has a more narrow definition for some datafields focused on the Dutch context. It remains interoperable, which is a good thing and vital in the current global market.

One question that was still open is the following: How can we guarantee data integrity for the grades, teachers reviews and comments?

The educational intstitutions are held responsible for this data and therefor should protect it from manipulation. A change in grading from 'bad' to 'exellent' must not remain undetected.
  • Should signatures be calculated for this data based upon public and private encryption keys?
  • Should (this part of) the portfolio be virtual and only hold references to the grading data at the website of the original source?
  • Should there be a grading bank that holds and issues the data from a central trusted repository?

Is the answer for this problem already thought up elsewere? I am probably not the first one to think about this,... and hopefully not the last ;-)

Geen opmerkingen:

Een reactie posten