Improving IoT-based E-Learning Authentication and Security Using Blockchain Technology
Electronic learning (e-learning) is a cutting-edge technology that provides a powerful and scalable learning platform.
It allows students and instructors to work together from any geographic location in real time. Nowadays, e-learning applications are largely implemented in educational institutions, allowing learners to access numerous educational resources at any time, to do homework, and to exchange learning data and records electronically between the educational entities [1]. In line with this, modern technologies such as the Internet of Things (IoT), mobile networking, Cloud computing, etc., have been successfully used within e-learning. This integration technology offers great potential when it comes to improving the teaching and learning process, enhancing the communication practices among learners, and increasing the learning efficiency and performance [2].
Many educational institutions still use an inappropriate and outdated method of managing student records and credentials. When a student transfers from one institution to another, the student’s information and prior educational record must be made available to the new institution. This means that the student or institute has to communicate with multiple institutions in order for the student’s learning record to be delivered directly to the relevant parties upon request [4]. This is a time-consuming process as institutions have to verify the records and respond. In addition, non-uniform assessment systems and the diversity of the learning data make it difficult to verify learning records or grades. E-learning data is confidential and only accessible by authorized users. Nevertheless, there are several security-related deficiencies in most e-learning systems that have raised concerns about the privacy and security of electronic learning data [3].
IoT technology provides a more effective electronic teaching-learning platform with a variety of distance learning objects. The integration of IoT into the field of education enables a connection with different heterogeneous learning systems, the exchange of learning data in a standard way, and collaboration with the educational objects seamlessly. It allows learners to communicate and access various data sources in real time with a high degree of interactions. Furthermore, it can improve operational efficiency, increase resource sharing, reduce costs, and increase the scalability for communication [10]. However, the inclusion of IoT in the learning process raises several issues that need to be thoroughly addressed. The growing number of interconnected IoT and other IP-based things have the potential to generate massive amounts of learning data that are offloaded to the Cloud servers for centralized data processing and storage [5]. This increase could lead to performance deficiencies along with latency and throughput issues, making data management even more complicated [26]. On the other hand, sensitive learning data transmitted in the network is vulnerable to various security risks including data privacy and integrity violations. These security challenges are augmented by the resource-constrained nature of IoT devices such as limited energy, restricted memory, and low processing capabilities which make traditional security mechanisms inapplicable in IoT. The implementation of complex security methods can exhaust the energy of the objects and degrade the efficiency of e-learning applications that require real-time communication and instant data sharing [6].
The challenges for secure IoT-based learning systems arise from the centralized IoT architecture which requires IoT devices to be authenticated through trusted third parties (TTP). It is very difficult to rely on the centralized authentication systems that can be prone to many challenges including a single point of failure, low scalability, and high computation and communication overheads [7]. The educational parties have no control over the data collected and shared during the centralized authentication, and they have no guarantee over whether the centralized service provider follows certain security measurements [8]. Distributed security approaches for identity management and secure authentication between the students, teachers, and other staff personnel are essential. Additionally, the need for delay-sensitive authentication and authorization mechanisms is becoming more imperative for systems that use resource-constrained and heterogeneous devices such as IoT [9].
In this Article, we address security and efficiency issues in current traditional centralized authentication systems. To this end, we propose an energy-efficient secure architecture that provides lightweight authentication, identity verification, and the end-to-end protection of the students’ learning records in educational environments. This approach will help students transfer their learning records from one institution to another in a secure and authenticated manner. The security model is based on blockchain technology and can be integrated into IoT-based learning systems with limited computations and energy and memory requirements to provide the real-time protection of the data collected by devices in the IoT network.
References
[1] M. B. Abbasy and E. V. Quesada, “Predictable influence of IoT (Internet of Things) in the higher education,” Int. J. of Information and Education Technology, vol. 7, no.12, pp. 914-920, 2017.
[2] O. A. Khashan, “Secure Outsourcing and Sharing of Cloud Data Using a User-Side Encrypted File System,” IEEE Access, vol. 8, pp. 210855-210867, 2020.
[3] J. Marquez, J. Villanueva, Z. Solarte and A. Garcia. “IoT in education: Integration of objects with virtual academic communities,” in New advances in information systems and technologies, pp. 201-212. 2016.
[4] M. Han, Z. Li, J. He, D. Wu, Y. Xie and A. Baba, “A novel blockchain-based education records verification solution,” in Proc. of the 19th Ann. SIG Conf. on Info. Tech. Education, pp. 178-183, September 2018.
[5] E. Fazeldehkordi and T. M. Grønli, “A Survey of Security Architectures for Edge Computing-Based IoT,” IoT, vol. 3, no. 3, pp. 332-365, 2022.
[6] S. Medileh, A. Laouid, R. Euler, A. Bounceur, M. Hammoudeh, M. AlShaikh,,..., and O. A. Khashan, “A flexible encryption technique for the internet of things environment,” Ad Hoc Networks, vol. 106, pp. 102240, 2020.
[7] Z. Cui, X. U. Fei, S. Zhang, X. Cai, Y. Cao, W. Zhang and J. Chen, “A hybrid blockchain-based identity authentication scheme for multi-WSN,” IEEE Trans. on Services Computing, vol. 13, no. 2, pp. 241-251, 2020.
[8] O. A. Khashan, “Parallel Proxy Re-Encryption Workload Distribution for Efficient Big Data Sharing in Cloud Computing,” in 2021 IEEE 11th Ann. Comp. and Comm. Workshop and Conf. (CCWC), pp. 0554-0559, 2021.
[9] U. Khalid, M. Asim, T. Baker, P. C. Hung, M. A. Tariq and L. A. Rafferty, “A decentralized lightweight blockchain-based authentication mechanism for IoT systems,” Cluster Computing, pp. 1-21, 2020.