Transcript Requirements for Building a Secure System for Online Performance Evalutions

Requirements for Building a
Secure System for Online
Performance Evaluations
Dan Rubin, James Tsai,
James Watson and Philip Varner
December 4, 2000
David Evans, CS 551
Meet Johnny Q. Survey
• It’s time to fill out those surveys
• What does Johnny want?
– Anonymity
– Relatively simple, quick method to
fill them out
Meet SEAS D. Admin
• What he wants
– One evaluation per student
per class
– Only valid students doing
the evaluations
– “Valid” results
The current system
• This is what Johnny sees:
– Gets an email
The current system
Current system problems
• The initial password is sent in the email
• Initial attack can break in, create PIN,
evaluate, and be all done.
• Original system was on blue.unix. We were
able to hack into the system!
Sample evaluation
• “Comment1.9 : Dear XXXXXX, This system of
evaluating is horrible. I am glad you know
exactly when I submit my evaluation. The
reminder e- mails really helped. Also the pin
number with my login was a nice touch. Now you
will never know it is me. No. This system of
evaluating is horrible. The only thing more
horrible was its hounding e-mails.”
Other Schools
•
•
•
•
RPI study says 85% use paper and pencil
2% are online
MIT – uses certificates!
JHU’s College of A&S – only asks for SSN!
Requirements/Suggestions
•
•
•
•
•
•
Encrypted transactions.
Evaluation and name are not linked.
Isolation of database/server.
IP restrictions.
Ease of use.
Analyze how many evaluations come from
a given IP address in a certain amount of
time.
Demo
Highlights of Prototype
Implementation
•
•
•
•
Intuitive web-based user interface
Encrypted communications using Apache-SSL
Eval ID links to classes, doesn't link to person
3-tier system- Browser + Apache-SSL/PHP +
MySQL
• Access to results is fine-grained (coming soon)