Revisiting Mandatory Access Control: Improving the Security of E-learning Systems

E.R. Weippl and G. Quirchmayr (Austria)


Security; e-learning; role-based access control, RBAC, mandatory access control, MAC


Mandatory access control is traditionally used to automatically classify content, thereby relieving the user of the burden of manually setting access rights correctly. As E-learning also is about sharing content with the right people, security plays a mojor role in this context. For instance, exam questions should only be available to students when they take the exam. From a security point of view RBAC mechanisms can be used to implement a MAC like environment; moreover, this approach can easily be integrated into existing e-learning platforms such as Moodle. This is where the two worlds meet and where this paper focusses.

Important Links:

Go Back