Enabling authentication for practical examinations and other sessions

Enabling authentication for practical examinations and other
Yashvin Awotar, UOM & DCDM
The need for practical sessions in engineering field cannot be played down. In computer
science as in other courses successful completion of these experiments as well as the lab
sheets is primordial before proceeding to the learning of more advanced concepts.
Unfortunately one of the greatest challenges facing teachers of computer science courses
is making sure that the practical and subsequent tests are performed by the students and
no one else. This paper proposes the use of an emerging biometric technology in a context
aware context to sort out the problems mentioned above. Additionally there is evidence
that such a control mechanism will reduce rate of failure in module having a practical
component and furthermore reduce attrition rate. Moreover there is scope for its
applicability in other situations where the use of heavy duty equipment, high voltage
equipment and dangerous products are interfaced to a computer for control.
Keywords: Education, security, authentication and biometric.
Traditional formal assessment processes provide no guarantee for validating the identity of
the candidates completing the examination. Although it is usually successful, it has
inherent authentication problems. It is unlikely that the Invigilator will always be able to
categorically identify all candidates by the likenesses shown on their identification cards,
even when this process is substantiated by other forms of identification. The problem is
more vivid when it comes to first year students or when the invigilators are not familiar
with the candidates. On the other hand complaisance between the two parties may have
catastrophic consequences. Additionally it logical to believe that spotting those having
problems early in the practical classes will help reduce failure. Credibility of continuous and
own-spot assessments can only be assured once we can substantiate the identity of the
participants and assure the security of the assessment process. In this situation, security
involves both the confirmation that the assessment has not been tampered with and that
the participant has not had any unauthorized assistance to complete the tasks. Even in
traditional examination halls, with human invigilators, it is nearly impossible to confirm
that students do not have assistance. During practical classes as with normal examination
often unauthorized devices are discovered.
The only way to categorically determine that such devices are not being used would be to
fully search examinees upon their entry to the examination hall. Current metal scanning
technologies appear to be ineffective for this function, due to the miniature size of these
devices and the former being unpractical to search as students arrive at different times. At
the university another problem gaining momentum is the presence of students who have
not yet paid for the examinations. The proposed system empowers educators to construct
a flexible environment to conduct practical classes and assessments. Faculty and students
can rest assured that the assessment process is secure and authentic. By monitoring the
attendance of students they can expect a decrease in attrition associated with practical
modules. Our main focuses for this particular work is the use of fingerprint for security
purposes in a university laboratory. This could also be used to simulate the workplace
environment. It has been tested in the Computer Science labs has been used for testing
our prototype application including but not limited to using of PC’s, logging on PC’s and
restricting web sites access, printing of confidential documents, generating alarms for
impostors, restricting access to hardware, control of ports. The latter being an analogy to
the workplace where special heavy machineries are connected either to the local ports or
through the network. During practical classes, students either search the web for solutions
or the bring miniature devices, CDs for games and songs and floppy disks. In brief, the list
of authorized students for each session is fed to the main computer controlling access to
the laboratory and only those whose fingerprint match the watch list will go through.
Similarly for conducting practical examinations the list of registered candidates will be used
to restrict access. Moreover once authenticated, the system will start one of the pc in the
lab and the user will be able to log on that indicated pc only. The profile of that user is
then loaded on that machine so that he does only what is authorized, e.g. in a
programming class he is allowed the use the keyboard and the mouse only. For practical
classes s/he may be allowed to print also.