Table 9 Security and privacy group
From: An evaluation and selection problems of OSS-LMS packages
References | Criterion | Sub-criterion | Brief description | Procedure mentioned |
|---|---|---|---|---|
Arh and Blazic (2007) | Security and privacy of an LMS | Authentication | Standard security practices focus on the handling of authentication credentials and subsequent tokens to prevent replay attack | Yes |
Authorization | After the user has been correctly authenticated, authorization mechanisms decide what the user is allowed to do | Yes | ||
Validation of input | A system that can be used anonymously must be hardened to validate all input from users | Yes | ||
Jadhav and Sonar (2011) | Audit | Products logging and auditing capabilities | Yes | |
Data/document encryption | Package support for data/document encryption | Yes |