| The use of PGP to provide secure email delivery of CAA results (2002) | |||||||||||
Abstract | |||||||||||
| THE USE PGP PROVIDE SECURE EMAIL DELIVERY CAA RESULTS Simon Hatton Alan Boyle Sue Byrne and Chris Wooff The Use PGP Provide Secure Email Delivery CAA Results Simon Hatton Chris Wooff Sue Byrne Computing Services Department The University Liverpool Brownlow Hill Liverpool Alan Boyle Department Earth Sciences The University Liverpool Brownlow Street Liverpool hatton liverpool Abstract important component any assessment procedure the security results and authentication the examinee Unfortunately the use regular email for the delivery CAA Computer Assisted Assessment results not immune from these problems regular email suffers from number potential security flaws When email sent across the Internet transmitted readable text format This means that unauthorised user managed access the message whilst transit while stored email server then they could easily read the email even alter the content the message Additionally regular email offers form authentication possible for user send email but make look though somebody else actually sent prevent these problems number software packages have been developed one such program PGP Pretty Good Privacy PGP can encrypt and sign email message before sent therefore providing the following security Prevent unauthorised users reading the message privacy Proof that the message has not been altered integrity Confirmation the origin the message authentication the University Liverpool JISC Joint Information Systems Committee funded pilot project was se. An important component of any assessment procedure is the security of results and authentication of the examinee. Unfortunately the use of regular email for the delivery of CAA (Computer Assisted Assessment) results is not immune from these problems as regular email suffers from a number of potential security flaws. When an email is sent across the Internet it is transmitted in a readable text format. This means that if an unauthorised user managed to access the message whilst in transit or while stored on an email server then they could easily read the email, or even alter the content of the message. Additionally regular email offers no form of authentication. It is possible for a user to send an email but make it look as though somebody else actually sent it. To prevent these problems a number of software packages have been developed, one such program is PGP (Pretty Good Privacy). PGP can encrypt and sign an email message before it is sent, therefore providing the following security: Prevent unauthorised users reading the message (privacy) • • • Proof that the message has not been altered (integrity) Confirmation of the origin of the message (authentication) At the University of Liverpool a JISC (Joint Information Systems Committee) funded pilot project was setup to investigate the use of PGP to provide secure email delivery of CAA results. | |||||||||||
Publication details | |||||||||||
| |||||||||||