Towards the Construction of a User Unique Authentication Mechanism on LMS Platforms through Model-Driven Engineering (MDE)
Authors: 
Jhon Francined Herrera-Cubides, Paulo Alonso Gaona-García, Geiner Alexis Salcedo-SalgadoAuthors Info & Claims
Jhon Francined Herrera-Cubides, Paulo Alonso Gaona-García, Geiner Alexis Salcedo-SalgadoAuthors Info & ClaimsAbstract
In LOD, authentication is a key factor in the security dimension of linked data quality models. This is the case of (a) LMS that manages open educational resources (OERs), in training process, and (b) LMS integrated platforms, which also require authenticating users. Authentication tackles a range of problems such as users forgetting passwords and time consumption in repetitive logins in different applications. In the context of linked OERs that are developed in LMS, it is necessary to design guidelines in order to carry out the authentication process. This process authorizes access to different linked resources platforms. Therefore, to provide abstraction methods for this authentication process, it is proposed to work with model-driven architecture (MDA) approach. This paper proposes a security abstraction model on LMS, based on MDA. The proposed metamodel seeks to provide a set of guidelines on how to carry out unified authentication, establishing a common dialogue among stakeholders. Conclusion and future work are proposed in order to generate authentication instances that allow access to resources managed in different platforms.
References
[1]
A. Kleppe, J. Warmer, and W. Bast, MDA Explained: The Model Driven Architecture: Practice and Promise, Addison-Wesley, Boston, MA, USA, 2003, ISBN: 0-321-19442-X, https://dl.acm.org/citation.cfm?id=829557.
[2]
Z. Bizonova, D. Ranc, and M. Drozdova, “Model driven e-learning platform integration,” in Proceedings of CEUR Workshop, Busan, Korea, November 2007, http://ceur-ws.org/Vol-288/p02.pdf.
[3]
V. García-Díaz, J. Tolosa, B. G-Bustelo, E. Palacios-González, O. Sanjuan-Martínez, and R. Crespo, “TALISMAN MDE framework: an architecture for intelligent model-driven engineering,” in Lecture Notes in Computer Science, vol. 5518, Springer, Berlin, Germany, 2009.
[4]
A. Rodrigues da Silva, “Model-driven engineering: a survey supported by the unified conceptual model,” Computer Languages, Systems & Structures, vol. 43, pp. 139–155, 2015.
[5]
D. Orozco, W. Giraldo, and H. Trefftz, MDE; MDA; Transformaciones y DSLs. Una breve introducción, Universidad Eafit, Medellín, Colombia, 2013, https://repository.eafit.edu.co/bitstream/handle/10784/5107/Articulo8CCC.pdf?sequence=4&isAllowed=y.
[6]
F. Aguillón Martínez and M. Mateus Gómez, Automatización del desarrollo de aplicaciones web mediante el enfoque MDA-MDE, Facultad de Ingeniería, Pontificia Universidad Javeriana, Colombia, Bogotá, Colombia, 2014, https://repository.javeriana.edu.co/handle/10554/15572.
[7]
B. Hyland, G. Atemezing, M. Pendleton, and B. Srivastava, Linked Data Glossary, W3C Working Group, Dublin, Ireland, 2013, https://www.w3.org/TR/ld-glossary/#linked-open-data.
[8]
J. Herrera-Cubides, P. Gaona-Garcia, and S. Sánchez-Alonso, “The web of data: past, present and ¿future?” in Proceedings of XI Latin American Conference on Learning Objects and Technology (LACLO), pp. 1–8, San Carlos, AL, Costa Rica, October 2016.
[9]
J. Herrera-Cubides, P. Gaona-García, J. Alonso Echeverri, K. R. Vargas, and A. Gómez Acosta, “A Fuzzy logic system to evaluate levels of trust on linked open data resources,” Revista Facultad de Ingeniería, no. 86, pp. 40–53, 2018.
[10]
P. Gaona-García, A. Fermosa-García, and S. Sánchez-Alonso, “Exploring the relevance of europeana digital resources: preliminary ideas on europeana metadata quality,” Revista Interamericana de Bibliotecología, vol. 40, no. 1, pp. 59–69, 2017.
[11]
P. Gaona-Garcia, K. Gordillo, C. Montenegro-Marin, and A. Gómez-Acosta, “Visualizing security principles to access resources based on linked open data: case study DBpedia,” Information: An International Interdisciplinary Journal, vol. 21, no. 1, pp. 109–122, 2018.
[12]
J. Herrera-Cubides, P. Gaona-García, and K. Gordillo-Orjuela, “A view of the web of data. case study: use of services CKAN,” Revista Ingeniería, vol. 22, no. 1, pp. 111–124, 2017.
[13]
A. Zaveri, A. Rula, A. Maurino, R. Pietrobon, J. Lehmann, and S. Auer, “Quality assessment methodologies for linked open data. a systematic literature review and conceptual framework,” Semantic Web Journal, vol. 7, no. 1, pp. 63–93, 2012.
[14]
F. McSweeney, “Five reasons to use single sign-on (SSO) with Workable,” Workable, 2018, https://blog.workable.com/use-sso-with-workable/.
[15]
E. McKeown, “What is single sign-on (SSO)?” Ping identity, 2017, https://www.pingidentity.com/en/company/blog/2017/08/23/what_is_single_sign-on_sso.html.
[16]
GSI, “Seguridad informática,” Grupo de Seguridad informática, 2018, https://eva.fing.edu.uy/pluginfile.php/58016/mod_resource/content/6/FSI-2018-IAA.pdf.
[17]
J. Lanza Calderón and L. Sánchez González, “Seguridad en Redes de Comunicación,” in Grupo de Ingeniería Telemática, Departamento de Ingeniería de Comunicaciones, Universidad de Cantabria, Santander, Spain, 2015, https://ocw.unican.es/course/view.php?id=28.
[18]
Mentor, “Mecanismos básicos de Seguridad,” in Seguridad Informática, Aula Mentor, Ministerio de Educación, Cultura y Deporte. España, Torrelavega, Spain, http://descargas.pntic.mec.es/mentor/visitas/demoSeguridadInformatica/mecanismos_bsicos_de_seguridad.html.
[19]
IBM, Identificación y Autenticación, IBM Knowledge Center, New York, NY, USA, 2016, https://www.ibm.com/support/knowledgecenter/es/SSFKSJ_7.5.0/com.ibm.mq.sec.doc/q009740_.htm.
[20]
J. Montoya and Z. Restrepo, “Gestión de identidades y control de acceso desde una perspectiva organizacional,” Ingenierías USBMed, vol. 3, no. 1, pp. 23–34, 2012.
[21]
RedIris, Autenticación de usuarios, Red Académica y de Investigación Nacional Iris, Madrid, Spain, 2008, https://www.rediris.es/cert/doc/unixsec/node14.html.
[22]
Oracle, Guía de administración del sistema: servicios de seguridad, Oracle, Redwood City, CA, USA, 2011, https://docs.oracle.com/cd/E24842_01/html/E23286/toc.html.
[23]
E. Ruckhaus, M. Vidal, S. Castillo, O. Burguillos, and O. Baldizan, “Analyzing linked data quality with LiQuate,” in The Semantic Web: ESWC 2014, Lecture Notes in Computer Science, vol. 8798, Springer, Berlin, Germany, 2014.
[24]
J. Pattanaphanchai, “DC proposal: evaluating trustworthiness of web content using semantic web technologies,” in Lecture Notes in Computer Science, vol. 7032, Springer, Berlin, Germany, 2011.
[25]
A. Rula and A. Zaveri, “Methodology for assessment of linked data quality,” in Proceedings of LDQ 2014, 1st Workshop on Linked Data Quality, pp. 1–4, Leipzig, Germany, September 2014, http://ceur-ws.org/Vol-1215/paper-04.pdf.
[26]
F. Radulovic, N. Mihindukulasooriya, R. García-Castro, and A. Gómez-Pérez, “A comprehensive quality model for Linked Data,” Semantic Web, vol. 9, pp. 3–24, 2018.
[27]
C. C. T. Di Noia, B. Marcu, and M. Matera, “A quality model for linked data exploration,” Web Engineering, Lecture Notes in Computer Science, vol. 9671, pp. 397–404, Springer, Berlin, Germany, 2016.
[28]
C. Bizer, P. Mendes, Z. Miklos, J. Calbimonte, A. Moraru, and G. Flouris, “D2.1 conceptual model and best practices for high-quality metadata publishing,” Technical Report, Planet Data, 2012, https://www.planet-data.eu/results/deliverables.html.
[29]
D. Pons, J. Hilera, and C. Pagés, “La estandarización para la calidad en los metadatos de recursos educativos virtuales,” in Proceedings of IV Congresso Internacional sobre Qualidade e Acessibilidade da Formação Virtual, Leiria, Portugal, July 2013, http://www.esvial.org/wp-content/files/estandarizacionmetadatosPonsHileraPages.pdf.
[30]
A. Zaveri, A. Rula, A. Maurino, R. Pietrobon, J. Lehmann, and S. Auer, “Quality assessment for linked data: a survey, a systematic literature review and conceptual framework,” 2012, http://www.semantic-web-journal.net/system/files/swj773.pdf.
[31]
C. Castro, Montoya. Configuración de software basada en metamodelos y modelos, Repositorio Universidad de los Andes, Bogotá, Colombia, 1992, http://repositorio.uniandes.edu.co/xmlui/handle/1992/3991.
[32]
V. García Díaz, E. Núñez Valdez, J. Espada, C. Pelayo García, J. Cueva Lovelle, and C. Montenegro Marín, “Introducción breve a la ingeniería dirigida por modelos,” Revista Tecnura, vol. 18, no. 40, 2014.
[33]
V. García Díaz, H. Fernández-Fernández, E. Palacios-González, C. Pelayo, O. Sanjuán-Martínez, and J. Cueva Lovelle, “TALISMAN MDE: mixing MDE principles,” Journal of Systems and Software, vol. 83, no. 7, pp. 1179–1191, 2010.
[34]
V. García Díaz, MDCI: Model Driven Continuous Integration, Departamento de Informática, Universidad de Oviedo, Oviedo, Spain, 2011, http://www.tdx.cat/handle/10803/80298.
[35]
C. Montenegro Marín, P. Gaona García, J. Cueva Lovelle, and O. Sanjuan Martínez, “Aplicación de ingeniería dirigida por modelos (mda), para la construcción de una herramienta de modelado de dominio específico (dsm) y la creación de módulos en sistemas de gestión de aprendizaje (lms) independientes de la plataforma,” Revista Dyna, vol. 78, no. 169, 2011, http://www.scielo.org.co/pdf/dyna/v78n169/a05v78n169.pdf.
[36]
C. Montenegro, J. Cueva, O. Sanjuán, and P. Gaona, “Desarrollo de un lenguaje de dominio específico para sistemas de gestión de aprendizaje y su herramienta de implementación KiwiDSM mediante ingeniería dirigida por modelos,” Revista Ingeniería, vol. 15, no. 2, pp. 67–81, 2010.
[37]
Evidian, Los 7 métodos de autenticación más utilizados, Evidian, New York, NY, USA, 2015, https://www.evidian.com/pdf/wp-strongauth-es.pdf.
[38]
F. Sotelo Gómez and M. Solarte, “Incorporación de recursos web como servicios de e-learning al sistema de gestión de aprendizaje. LRN: una revisión,” Tecnura, vol. 18, no. 39, pp. 165–180, 2014.
[39]
WizHosting, Soluciones Web enlatadas, WizHosting InternetServices, London, UK, 2015, http://www.wizhosting.com/e-learning.
[40]
UDistrital, Interfaces de Logueo Sistema Académico y LMS, UDistrital, Bogotá, Colombia, https://funcionarios.portaloas.udistrital.edu.co/urano/.
[41]
M. Rojas, J. Montilva, and M. Hurtado, “Diseño de repositorios de objetos de aprendizaje como estrategia de reutilización e integración de contenidos en modelos de educación virtual,” in Proceedings of 11th LACCEI Latin American and Caribbean Conference for Engineering and Technology, Cancun, Mexico, August 2013, http://www.laccei.org/LACCEI2013-Cancun/RefereedPapers/RP240.pdf.
[42]
Tecnoinver, Qué es Single Sign-On o Autenticación Única, Tecnoinver: Cloud, Datacenter y Hosting, Santiago, Chile, 2015, https://www.tecnoinver.cl/que-es-single-sign-on-o-autenticacion-unica/.
[43]
C. Mainka, V. Mladenov, J. Schwenk, and T. Wich, “SoK: single sign-on security—an evaluation of openID connect,” in Procedings of 2017 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 251–266, Paris, France, April 2017.
[44]
9Series, How Single Sign On Authentication Work?, 9Series HandCrafted Technology Solutions, Ahmedabad, Gujarat, 2017, https://www.9spl.com/blog/how-single-sign-on-authentication-work/.
[45]
C. Scott, D. Wynne, and C. Boonthum-Denecke, “Examining the privacy of login credentials using web-based single sign-on–are we giving up security and privacy for convenience?” in Proceedings of 2016 Cybersecurity Symposium (CYBERSEC), pp. 74–79, Coeur d’Alene, Idaho, USA, April 2016, https://www.computer.org/csdl/proceedings/cybersecsym/2016/5771/00/07942428.pdf.
[46]
B. Zwattendorfer, A. Tauber, and T. Zefferer, “A privacy-preserving eID based Single Sign-On solution,” in Proceedings of 2011 5th International Conference on Network and System Security, pp. 295–299, Milan, Italy, September 2011.
[47]
Y. Chen, B. Xia, B. Wu, and L. Shi, “Design of web service single sign-on based on ticket and assertion,” in Proceedings of 2011 2nd International Conference on Artificial Intelligence, Management Science and Electronic Commerce AIMSEC 2011, pp. 297–300, Zhengzhou, China, August 2011.
[48]
M. Beltrán, M. Calvo, and S. González, “Federated system-to-service authentication and authorization combining PUFs and tokens,” in Proceedings of 2017 12th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC), pp. 1–8, Madrid, Spain, July 2017.
[49]
UC, Configuración correo IMAP, Universidad de Cantabria, Santander, Spain, https://sdei.unican.es/paginas/servicios/correo/manual_imap.aspx.
[50]
J. Szczegielniak, Introducing Single Sign-on to an Existing ASP.NET MVC Application, RedGate Hub, Cambridge, UK, 2015, https://www.red-gate.com/simple-talk/dotnet/asp-net/introducing-single-sign-on-to-an-existing-asp-net-mvc-application/.
[51]
C. Steel, R. Lai, and R. Nagappan, Core Security Patterns: Securing the Identity--Design Strategies and Best Practices, InformIT, Pearson, Carmel, Indiana, 2009, http://www.informit.com/articles/article.aspx?p=1398626.
[52]
D. Kaplanis and TalentLMS, Integrating Single Sign-On with your Cloud LMS, TalentLMS Features & Updates, London, UK, 2014, https://www.talentlms.com/blog/integrating-single-sign-on-with-cloud-lms/.
[53]
D. Parr, LMS SSO with ONELOGIN, Paradiso Solutions, Maharashtra, India, 2017, https://www.paradisosolutions.com/blog/lms-sso/.
[54]
MiniOrange, Single Sign On (SSO), MiniOrange, Maharashtra, India, 2018, https://www.miniorange.com/canvas-single-sign-on-(sso).
[55]
D. Hardt, The OAuth 2.0 Authorization Framework, RFC 6749. Internet Engineering Task Force (IETF), Fremont, CA, USA, 2012, https://tools.ietf.org/html/rfc6749.
[56]
Pradas, BPMN OAuth 2 0 Authorization Code Grant, GenMyModel, Pradas, Milan, Italy, 2018, https://repository.genmymodel.com/pradas/BPMN-OAuth.2.0.Authorization.Code.Grant.
[57]
G. Salcedo, Dashboard Proyecto de Investigación SSO, Universidad Distrital Francisco José de Caldas, Bogotá, Colombia, 2018, https://autenticacion.udistrital.edu.co/dashboard.
[58]
J. Martin, Implantación de un SSO (Single Sign On), Master interuniversitario en Seguridad de las tecnologías de la información y de las Comunicaciones (MISTIC), Universidad Oberta de Cataluña, Barcelona, Spain, 2008, http://openaccess.uoc.edu/webapps/o2/bitstream/10609/28021/6/nacho_martinTFM0114memoria.pdf.
[59]
P. Sheriff, “Single Sign-On Enterprise Security for Web Applications,” Microsoft Developer Network, PDSA, Inc., Bristol, UK, 2004, https://msdn.microsoft.com/en-us/library/ms972971.aspx#singlesignon_topic10.
Index Terms
- Towards the Construction of a User Unique Authentication Mechanism on LMS Platforms through Model-Driven Engineering (MDE)
Index terms have been assigned to the content through auto-classification.
Recommendations
Model-driven engineering
During the last decade a new trend of approaches has emerged, which considers models not just documentation artefacts, but also central artefacts in the software engineering field, allowing the creation or automatic execution of software systems ...
Model-driven engineering with domain-specific meta-modelling languages
Domain-specific modelling languages are normally defined through general-purpose meta-modelling languages like the MOF. While this is satisfactory for many model-driven engineering (MDE) projects, several researchers have identified the need for domain-...
Bridging existing Web modeling languages to model-driven engineering: a metamodel for WebML
ICWE '06: Workshop proceedings of the sixth international conference on Web engineeringMetamodels are a prerequisite for model-driven engineering (MDE) in general and consequently for model-driven web engineering in particular. Various modeling languages, just as in the web engineering field, however, are not based on metamodels and ...
Comments
Information & Contributors
Information
Published In
Copyright © 2019 Jhon Francined Herrera-Cubides et al.
This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Publisher
Hindawi Limited
London, United Kingdom
Publication History
Published: 01 January 2019
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 13 Nov 2024
Other Metrics
Citations
View Options
View options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in