Enabling authentication for practical examinations and other sessions Paper Presenter: NARAINSAMY PAVADAY, ACM Author(s): Yashvin Awotar, UOM & DCDM Abstract The need for practical sessions in engineering field cannot be played down. In computer science as in other courses successful completion of these experiments as well as the lab sheets is primordial before proceeding to the learning of more advanced concepts. Unfortunately one of the greatest challenges facing teachers of computer science courses is making sure that the practical and subsequent tests are performed by the students and no one else. This paper proposes the use of an emerging biometric technology in a context aware context to sort out the problems mentioned above. Additionally there is evidence that such a control mechanism will reduce rate of failure in module having a practical component and furthermore reduce attrition rate. Moreover there is scope for its applicability in other situations where the use of heavy duty equipment, high voltage equipment and dangerous products are interfaced to a computer for control. Keywords: Education, security, authentication and biometric. Introduction Traditional formal assessment processes provide no guarantee for validating the identity of the candidates completing the examination. Although it is usually successful, it has inherent authentication problems. It is unlikely that the Invigilator will always be able to categorically identify all candidates by the likenesses shown on their identification cards, even when this process is substantiated by other forms of identification. The problem is more vivid when it comes to first year students or when the invigilators are not familiar with the candidates. On the other hand complaisance between the two parties may have catastrophic consequences. Additionally it logical to believe that spotting those having problems early in the practical classes will help reduce failure. Credibility of continuous and own-spot assessments can only be assured once we can substantiate the identity of the participants and assure the security of the assessment process. In this situation, security involves both the confirmation that the assessment has not been tampered with and that the participant has not had any unauthorized assistance to complete the tasks. Even in traditional examination halls, with human invigilators, it is nearly impossible to confirm that students do not have assistance. During practical classes as with normal examination often unauthorized devices are discovered. The only way to categorically determine that such devices are not being used would be to fully search examinees upon their entry to the examination hall. Current metal scanning technologies appear to be ineffective for this function, due to the miniature size of these devices and the former being unpractical to search as students arrive at different times. At the university another problem gaining momentum is the presence of students who have not yet paid for the examinations. The proposed system empowers educators to construct a flexible environment to conduct practical classes and assessments. Faculty and students can rest assured that the assessment process is secure and authentic. By monitoring the attendance of students they can expect a decrease in attrition associated with practical modules. Our main focuses for this particular work is the use of fingerprint for security purposes in a university laboratory. This could also be used to simulate the workplace environment. It has been tested in the Computer Science labs has been used for testing our prototype application including but not limited to using of PC’s, logging on PC’s and restricting web sites access, printing of confidential documents, generating alarms for impostors, restricting access to hardware, control of ports. The latter being an analogy to the workplace where special heavy machineries are connected either to the local ports or through the network. During practical classes, students either search the web for solutions or the bring miniature devices, CDs for games and songs and floppy disks. In brief, the list of authorized students for each session is fed to the main computer controlling access to the laboratory and only those whose fingerprint match the watch list will go through. Similarly for conducting practical examinations the list of registered candidates will be used to restrict access. Moreover once authenticated, the system will start one of the pc in the lab and the user will be able to log on that indicated pc only. The profile of that user is then loaded on that machine so that he does only what is authorized, e.g. in a programming class he is allowed the use the keyboard and the mouse only. For practical classes s/he may be allowed to print also.