WO2022060215A1 - A system and method for semi-online examination and invigilation - Google Patents

A system and method for semi-online examination and invigilation Download PDF

Info

Publication number
WO2022060215A1
WO2022060215A1 PCT/MY2021/050054 MY2021050054W WO2022060215A1 WO 2022060215 A1 WO2022060215 A1 WO 2022060215A1 MY 2021050054 W MY2021050054 W MY 2021050054W WO 2022060215 A1 WO2022060215 A1 WO 2022060215A1
Authority
WO
WIPO (PCT)
Prior art keywords
file
examination
password
encrypted
module
Prior art date
Application number
PCT/MY2021/050054
Other languages
French (fr)
Inventor
Yeng Weng LEONG
Salman YUSSOF
Chien Fat CHAU
Original Assignee
Universiti Tenaga Nasional
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Universiti Tenaga Nasional filed Critical Universiti Tenaga Nasional
Publication of WO2022060215A1 publication Critical patent/WO2022060215A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/20Education
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09BEDUCATIONAL OR DEMONSTRATION APPLIANCES; APPLIANCES FOR TEACHING, OR COMMUNICATING WITH, THE BLIND, DEAF OR MUTE; MODELS; PLANETARIA; GLOBES; MAPS; DIAGRAMS
    • G09B7/00Electrically-operated teaching apparatus or devices working with questions and answers
    • G09B7/02Electrically-operated teaching apparatus or devices working with questions and answers of the type wherein the student is expected to construct an answer to the question which is presented or wherein the machine gives an answer to the question presented by a student
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q2220/00Business processing using cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Definitions

  • the present invention relates to semi-online examination and invigilation, particularly a system and method for transmitting examination questions and invigilating examination via semi-online mode.
  • online examination is a web-based examination system where examination is conducted via internet.
  • the examinees can take the online examination with their own devices anywhere as long as a browser and internet connection are available. Therefore, stable and fast internet connectivity is crucial in conducting and taking online examination.
  • internet connectivity is always a critical problem in online examination system. This is especially unfair to the examinees who encounter poor internet connectivity and slow internet speed which may result in a lower grade due to lack of time to complete the examination. Additionally, it also poses as a difficulty for the examiners to carry out a real-time invigilation due to the poor internet connectivity. Consequently, an integrity issue of examination may arise as the examinees having fast internet connectivity may refer to online references and communicate with peers in answering the examination questions. Accordingly, an improved online examination system is required to address the issues of internet connectivity and integrity.
  • US20080131860A1 discloses a security and tamper resistance for high stakes online testing.
  • the invention comprises a computer environment includes an educational management system having a server and a method for administering a high-stakes exam. Said method comprising the steps of securing at least one computing device having a processor and memory on which the high stakes exam is to be administered by controlling the processor’s access to the memory; verifying at least one aspect of the environment in which the high-stakes exam is to be administered; and administering the high-stakes exam on the computing device.
  • CN107067846A discloses an exam and a training system relates to an intelligent cloud exam and training system based on Internet of Things.
  • the system comprises a management module, a training module and an exam module.
  • Said training module comprises a teaching machine, wherein the teaching machine is connected with a video library and multiple learning machines through the network, wherein the video library is connected with multiple mobile terminals through the network.
  • the exam module comprises a question library and an invigilation module, wherein the question library is connected with an exam server through the network, wherein the exam server is connected with multiple answering machines through the network, and the invigilation module comprises an invigilation host computer and multiple invigilation devices.
  • the online learning and training mode is adopted, the teacher and students can interact in real time, a teaching video can be uploaded to the video library, revision is facilitated, the remotely invigilation device is adopted for invigilation.
  • CN1 03208212A discloses an anti-cheating remote online examination method and system.
  • the method comprises collecting the face and the portrait on the examinee ID card at the time of registration to confirm the examinee identity, establishing the examinee identity database, and sending the signed electronic test paper correspondingly through the remote online examination system.
  • the system compares the relative position of the face the relative position of the examinees in the entire examination process to determine whether the examinee is in a normal or abnormal examination state, wherein the abnormal state is when the face and eyes of the examinee are not within a set identification range of the system.
  • the aforesaid online examination and invigilation systems and methods require stable internet connection.
  • none of aforesaid prior arts allow early transmission of examination questions and offline invigilation. Accordingly, the above-mentioned prior arts are ineffective and inconvenient to the examinees who face the internet connectivity problem.
  • the present invention provides a system and method for semi-online examination and invigilation.
  • the present invention discloses a semi-online examination and invigilation system characterized by: an encryption module to encrypt a plurality of files including an examination questions file; an examination module to receive the plurality of encrypted files from the encryption module and decrypt the plurality of encrypted files, present examination questions from the file, receive and encrypt examination answers into a response folder and further encrypt the response folder; a collector module to receive the encrypted response folder from the examination module and decrypt said response folder; wherein the plurality of encrypted files in the encryption module are encrypted with multiple passwords including a session password that is given at the examination date and time for authentication and decryption; wherein the multiple passwords are extracted from the encrypted files relatively to decrypt the examination questions file upon completing authentication; wherein the examination module further receiving invigilated data to be encrypted in the response folder upon completing examination.
  • Fig. 1 is a block diagram of a semi-online examination and invigilation system (100) in accordance to an embodiment of the present invention
  • Fig. 2 is a flow chart of a method (200) for performing a semi-online examination and invigilation using the system (100) in accordance to an embodiment of the present invention
  • Fig. 3 is a flow chart of a method (201 ) for encrypting a plurality of files in accordance to an embodiment of the present invention
  • Fig. 4 is a flow chart of a method (204) for decrypting a plurality of files in accordance to an embodiment of the present invention.
  • compositions or an element or a group of elements are preceded with the transitional phrase “comprising”, it is understood that we also contemplate the same composition, element or group of elements with transitional phrases “consisting of”, “consisting”, “selected from the group of consisting of, “including”, or “is” preceding the recitation of the composition, element or group of elements and vice versa.
  • a semi-online examination and invigilation system (100) comprises three key modules which are an encryption module (110), an examination module (120) and a collector module (130) as shown in Figure 1 , wherein the encryption module (110) and the collector module (130) are manipulated by the examiner; whereas the examination module (120) is installed in the examinee’s device such as personal computer and accessible by examinee.
  • the present invention aims to provide a solution to ensure a fair examination for all examinees regardless the internet connectivity issue.
  • the encryption module (100) encrypts files A, B and C with multiple passwords including a system password, a subject password, a session password, a zip password or any combination thereof (201 ).
  • Figure 3 further shows the details of encryption method (201 ).
  • File A is preferably but not limited to a Rich Text Format (RTF) file comprises examination questions, wherein file A is encrypted with the system password, the subject password and the session password.
  • File B is preferably but not limited to a text file with Dynamic Link Library (DLL) extension comprises examinee’s identity (ID), date, starting time, ending time and duration of examination and the subject password, wherein file B is encrypted with the system password.
  • RTF Rich Text Format
  • DLL Dynamic Link Library
  • Said file A and B are further being resided in a zip folder encrypted with the zip password.
  • File C is preferably but not limited to a Configuration (CFG) file comprises the zip password and random noise.
  • the encrypted files A, B and C will then be transmitted to the examination module (120) through any kind of transmitter means.
  • the system password is also known as a common fixed password which is known to the encryption module (110), examination module (120) and the collector module (130).
  • the subject password is unique to each examiner, this is to ensure the file A comprises examination questions is ineligible without the modules even if the subject password is compromised. The other way around, file A will still be ineligible without the unique subject password even if the modules are compromised.
  • the session password is hard coded to a specific date and it is dispensed from examiner to examinee on the date and time of the examination through any dispenser means, more preferably but not limited to Learning Management System (LMS).
  • LMS Learning Management System
  • the zip password is also unique to each examiner for enhancing the security to reduce the risk of data to be deliberately transmitted.
  • the random noise is generated by the examiner’s motion of the mouse within the window in displaying file A. This is an additional information hiding step to enhance the difficulty in analysing the encrypted data. Furthermore, the passwords that have been keyed in by the examiner are encrypted and stored in the root folder to prevent data loss.
  • the examination module (120) will first run a check to ensure a compatible vision based device is connected to the examinee’s device in order to execute the examination module (120). After the examination module (120) is executed, the examinee will need to download the encrypted files A, B and C received from the encryption module (110). Once downloading is completed, the examinee is allowed to select the vision based device to be used. After that, the examinee is required to read through the institution rules and examination rules, followed by checking the individual checkboxes to agree the rules. The action of checking the checkboxes leads to the commencement of login process.
  • an external authentication interface is presented to authenticate the identity of examinee upon execution of the examination module (120).
  • the first scrutiny is to authenticate that the examinee is a student of the institution by entering the username and password (202). After that, the examination module (120) will be navigated to the prescribed LMS system to acquire the session password upon successful of the first authentication.
  • the second scrutiny is to authenticate the session password to verify the examinee is taking the examination at the correct date and time (203). Said second scrutiny act as one of the safeguard to ensure the examination is taken at the correct date and time and prevent examinee from retaking the examination to tamper the examination answers. Examinee who uses the correct session password other than the examination date will lead to failure in decrypting the examination questions and answers files.
  • the date and time are extracted from the examinee’s computer system and internet to ensure that the examinee starts and ends the examination at the correct date and time. Therefore, the system (100) will be shut down if the examinee was being detected to reset the date and time on the computer. This step helps to prevent the examinee from resetting the date and time to retake the examination. .
  • the decryption process (204) will be started upon successful authentication.
  • Figure 4 further shows the details of decryption method (204).
  • the system password is used to decrypt file C in order to extract zip password to decrypt the folder comprises encrypted file A and file B. After decrypting the folder, the system password is further used to decrypt file B to extract the subject password. Said subject password, system password and session password are used to decrypt file A to extract the examination questions. As aforesaid, using the correct session password outside the examination date and time will cause failure in decrypting the file A that comprises examination questions.
  • the examination module (120) further creates a new tab comprising non-editable decrypted examination questions, an editable empty RTF document, the username of examinee, the list of software running at the background, the duration left for the examination, the real time camera and some housekeeping tools.
  • the empty RTF document is capable to accept inputs from the other hardware and software via the operating system interface such as copy and paste of text and graphics. This helps to simplify the examination module (120) by utilizing the functionality of pre-existing software.
  • the examinee is also requested to disable the network adapters upon successful login. This is to prevent the examinee refer to the online reference and discussing online when answering the examination questions.
  • the internet connection status will be checked frequently and a pop up will appear if the network adapted is found to be enabled.
  • the prescribed vision based device preferably but not limited to a camera is further acts as an invigilation device to invigilate the examination (205), wherein the said invigilation can be conducted offline.
  • Said vision based device capture the surroundings of examinee perform periodic face capture and periodic screen capture in order to record any suspicious behaviour of the examinee throughout the examination, wherein the periodic captures will be tagged with system date, time, and hardware identification.
  • the software list which is active during the examination will also be recorded for the examiner to track whether the examinee had connected to any online references throughout the examination.
  • the examination module (120) encrypt the examination answers and invigilated data in a response folder (206), wherein the password of the encrypted response folder is only known to the examination module (120) and collector module (130) to prevent the examinee from tampering the contents of submission in the response file.
  • the examination answers and invigilated data are further being stored in a data storage device preferably but not limited to a hard disk.
  • the encrypted response folder further comprises a periodic backup file which periodically back up the RTF document in which the examinee answers the questions in. This is to ensure the last backup point is saved in case of power outage.
  • the information such as the CPU id, hard disk id and username collected from the examinee’s computer are appended to the copy of the answer script in RTF format and encrypted using a password only known to the programmer and the examiner. Said information is kept secret from the examiner to avoid indiscriminate access to examinee’s information. In the case where cheating is suspected, both parties (programmer and examiner) must be agreeable before said encrypted information can be accessed.
  • the collector module (130) received the encrypted response folder from the examination module (120) as shown in method (207).
  • the path of the file, the path of the unzipped file and unzip passwords are required in order to decrypt the response file (209).
  • the examiner needs to provide the correct subject password in conjunction with the collector module (130) to decrypt the response folder.
  • the collector module (130) further contains other sets of passwords which the examiner does not have access to. Therefore, even if the subject password is compromised, the file cannot be opened as the remaining passwords are hard coded into a program.
  • the semi-online examination and invigilating system (100) in the present invention allows the examination files to be slowly transmitted to examinee in a secure method at least a day earlier prior to the examination. It is no need to worry the contents of the examination questions made known to the examinee before starting the examination as the files are safely encrypted with passwords. Only minimal internet connection is required for login process to authenticate the identity of examinee in order to acquire the session password at the correct examination date and time for decrypting and answering the examination questions. Meanwhile, the examination answers also can be slowly submitted to the collector module (130) after examination is completed. Moreover, the offline invigilation is implementable in the present invention due to the feature of tagging invigilated data with the system date and time. Also, said invigilated data and examination answers are further being encrypted in the response file to prevent from data tempering. Accordingly, real time invigilation and data transmitting which require fast and stable internet connectivity can be exempted from the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • General Health & Medical Sciences (AREA)
  • Educational Administration (AREA)
  • Educational Technology (AREA)
  • Computing Systems (AREA)
  • Tourism & Hospitality (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Human Resources & Organizations (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Databases & Information Systems (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention discloses a semi-online examination and invigilation system (100) characterized by: an encryption module (110) to encrypt a plurality of files including an examination questions file; an examination module (120) to receive the plurality of encrypted files from the encryption module (110) and decrypt the plurality of encrypted files, present examination questions from the file, receive and encrypt examination answers into a response folder and further encrypt the response folder; a collector module (130) to receive the encrypted response folder from the examination module (120) and decrypt said response folder; wherein the plurality of encrypted files in the encryption module (110) are encrypted with multiple passwords including a session password that is given at the examination date and time for authentication and decryption; wherein the multiple passwords are extracted from the encrypted files relatively to decrypt the examination questions file upon completing authentication; wherein the examination module (120) further receiving invigilated data to be encrypted in the response folder upon completing examination.

Description

A SYSTEM AND METHOD FOR SEMI-ONLINE EXAMINATION AND INVIGILATION
TECHNICAL FIELD
The present invention relates to semi-online examination and invigilation, particularly a system and method for transmitting examination questions and invigilating examination via semi-online mode.
BACKGROUND OF THE INVENTION
The traditional examination method of pen and paper requires everyone to gather at a same place at the same time to take an examination. Thereafter, a modern method of online examination system had been introduced and adopted to replace said traditional examination method following the development of technology. Basically, online examination is a web-based examination system where examination is conducted via internet. The examinees can take the online examination with their own devices anywhere as long as a browser and internet connection are available. Therefore, stable and fast internet connectivity is crucial in conducting and taking online examination.
Nevertheless, internet connectivity is always a critical problem in online examination system. This is especially unfair to the examinees who encounter poor internet connectivity and slow internet speed which may result in a lower grade due to lack of time to complete the examination. Additionally, it also poses as a difficulty for the examiners to carry out a real-time invigilation due to the poor internet connectivity. Consequently, an integrity issue of examination may arise as the examinees having fast internet connectivity may refer to online references and communicate with peers in answering the examination questions. Accordingly, an improved online examination system is required to address the issues of internet connectivity and integrity.
US20080131860A1 discloses a security and tamper resistance for high stakes online testing. The invention comprises a computer environment includes an educational management system having a server and a method for administering a high-stakes exam. Said method comprising the steps of securing at least one computing device having a processor and memory on which the high stakes exam is to be administered by controlling the processor’s access to the memory; verifying at least one aspect of the environment in which the high-stakes exam is to be administered; and administering the high-stakes exam on the computing device.
CN107067846A discloses an exam and a training system relates to an intelligent cloud exam and training system based on Internet of Things. The system comprises a management module, a training module and an exam module. Said training module comprises a teaching machine, wherein the teaching machine is connected with a video library and multiple learning machines through the network, wherein the video library is connected with multiple mobile terminals through the network. The exam module comprises a question library and an invigilation module, wherein the question library is connected with an exam server through the network, wherein the exam server is connected with multiple answering machines through the network, and the invigilation module comprises an invigilation host computer and multiple invigilation devices. The online learning and training mode is adopted, the teacher and students can interact in real time, a teaching video can be uploaded to the video library, revision is facilitated, the remotely invigilation device is adopted for invigilation.
CN1 03208212A discloses an anti-cheating remote online examination method and system. The method comprises collecting the face and the portrait on the examinee ID card at the time of registration to confirm the examinee identity, establishing the examinee identity database, and sending the signed electronic test paper correspondingly through the remote online examination system. In the examination process, the system compares the relative position of the face the relative position of the examinees in the entire examination process to determine whether the examinee is in a normal or abnormal examination state, wherein the abnormal state is when the face and eyes of the examinee are not within a set identification range of the system. The aforesaid online examination and invigilation systems and methods require stable internet connection. Moreover, none of aforesaid prior arts allow early transmission of examination questions and offline invigilation. Accordingly, the above-mentioned prior arts are ineffective and inconvenient to the examinees who face the internet connectivity problem.
Hence, there is a need to provide a secure system and method for semionline examination and invigilation that allows early transmission of examination questions and slow transmission of examination answers without integrity of the examination being compromised due to file tampering as well as effectively address internet connectivity issue.
SUMMARY OF THE INVENTION
It is an objective of the present invention to provide an effective system and method for semi-online examination and invigilation to address internet connectivity issue.
It is further an objective of the present invention to provide a secure system and method for semi-online examination and invigilation which allow early transmission of examination questions and slow transmission of examination answers.
It is yet another objective of the present invention to provide an offline invigilation system to invigilate examination process.
Accordingly, these objectives may be achieved by following the teachings of the present invention. The present invention provides a system and method for semi-online examination and invigilation.
The present invention discloses a semi-online examination and invigilation system characterized by: an encryption module to encrypt a plurality of files including an examination questions file; an examination module to receive the plurality of encrypted files from the encryption module and decrypt the plurality of encrypted files, present examination questions from the file, receive and encrypt examination answers into a response folder and further encrypt the response folder; a collector module to receive the encrypted response folder from the examination module and decrypt said response folder; wherein the plurality of encrypted files in the encryption module are encrypted with multiple passwords including a session password that is given at the examination date and time for authentication and decryption; wherein the multiple passwords are extracted from the encrypted files relatively to decrypt the examination questions file upon completing authentication; wherein the examination module further receiving invigilated data to be encrypted in the response folder upon completing examination.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS
So that the manner in which the above recited features of the present invention can be understood in detail, a more particular description of the invention, briefly summarized above, may have been referred by embodiments, some of which are illustrated in the appended drawings. It is to be noted, however, that the appended drawing illustrate only typical embodiments of this invention and are therefore not to be considered limiting of its scope, for the invention may admit to other equally effective embodiments.
These and other features, benefits, and advantages of the present invention will become apparent by reference to the following text figure, with like reference numbers referring to like structures across the views, wherein:
Fig. 1 is a block diagram of a semi-online examination and invigilation system (100) in accordance to an embodiment of the present invention;
Fig. 2 is a flow chart of a method (200) for performing a semi-online examination and invigilation using the system (100) in accordance to an embodiment of the present invention;
Fig. 3 is a flow chart of a method (201 ) for encrypting a plurality of files in accordance to an embodiment of the present invention; and Fig. 4 is a flow chart of a method (204) for decrypting a plurality of files in accordance to an embodiment of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
While the present invention is described herein by way of example using embodiments and illustrative drawings, those skilled in the art will recognize that the invention is not limited to the embodiments of drawing or drawings described, and are not intended to represent the scale of the various components. Further, some components that may form a part of the invention may not be illustrated in certain figures, for ease of illustration, and such omissions do not limit the embodiments outlined in any way. It should be understood that the drawings and detailed description thereto are not intended to limit the invention to the particular form disclosed, but on the contrary, the invention is to cover all modifications, equivalents, and alternatives falling within the scope of the present invention as defined by the appended claim. As used throughout this description, the word "may" is used in a permissive sense (i.e. meaning having the potential to), rather than the mandatory sense, (i.e. meaning must). Further, the words "a" or "an" mean "at least one” and the word “plurality” means “one or more” unless otherwise mentioned. Furthermore, the terminology and phraseology used herein is solely used for descriptive purposes and should not be construed as limiting in scope. Language such as "including," "comprising," "having," "containing," or "involving," and variations thereof, is intended to be broad and encompass the subject matter listed thereafter, equivalents, and additional subject matter not recited, and is not intended to exclude other additives, components, integers or steps. Likewise, the term "comprising" is considered synonymous with the terms "including" or "containing" for applicable legal purposes. Any discussion of documents, acts, materials, devices, articles and the like is included in the specification solely for the purpose of providing a context for the present invention. It is not suggested or represented that any or all of these matters form part of the prior art base or were common general knowledge in the field relevant to the present invention.
In this disclosure, whenever a composition or an element or a group of elements is preceded with the transitional phrase “comprising”, it is understood that we also contemplate the same composition, element or group of elements with transitional phrases “consisting of”, “consisting”, “selected from the group of consisting of, “including”, or “is” preceding the recitation of the composition, element or group of elements and vice versa.
The present invention is described hereinafter by various embodiments with reference to the accompanying drawing, wherein reference numerals used in the accompanying drawing correspond to the like elements throughout the description. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiment set forth herein. Rather, the embodiment is provided so that this disclosure will be thorough and complete and will fully convey the scope of the invention to those skilled in the art. In the following detailed description, numeric values and ranges are provided for various aspects of the implementations described. These values and ranges are to be treated as examples only, and are not intended to limit the scope of the claims. In addition, a number of materials are identified as suitable for various facets of the implementations. These materials are to be treated as exemplary, and are not intended to limit the scope of the invention.
Referring to the drawings, the invention will now be described in more detail.
A semi-online examination and invigilation system (100) comprises three key modules which are an encryption module (110), an examination module (120) and a collector module (130) as shown in Figure 1 , wherein the encryption module (110) and the collector module (130) are manipulated by the examiner; whereas the examination module (120) is installed in the examinee’s device such as personal computer and accessible by examinee. The present invention aims to provide a solution to ensure a fair examination for all examinees regardless the internet connectivity issue.
Referring to the method (200) for performing the semi-online examination and invigilation using the system (100) in Figure 2, the encryption module (100) encrypts files A, B and C with multiple passwords including a system password, a subject password, a session password, a zip password or any combination thereof (201 ). Figure 3 further shows the details of encryption method (201 ). File A is preferably but not limited to a Rich Text Format (RTF) file comprises examination questions, wherein file A is encrypted with the system password, the subject password and the session password. File B is preferably but not limited to a text file with Dynamic Link Library (DLL) extension comprises examinee’s identity (ID), date, starting time, ending time and duration of examination and the subject password, wherein file B is encrypted with the system password. Said file A and B are further being resided in a zip folder encrypted with the zip password. File C is preferably but not limited to a Configuration (CFG) file comprises the zip password and random noise. The encrypted files A, B and C will then be transmitted to the examination module (120) through any kind of transmitter means.
In a preferred embodiment of the present invention, the system password is also known as a common fixed password which is known to the encryption module (110), examination module (120) and the collector module (130). The subject password is unique to each examiner, this is to ensure the file A comprises examination questions is ineligible without the modules even if the subject password is compromised. The other way around, file A will still be ineligible without the unique subject password even if the modules are compromised. The session password is hard coded to a specific date and it is dispensed from examiner to examinee on the date and time of the examination through any dispenser means, more preferably but not limited to Learning Management System (LMS). The zip password is also unique to each examiner for enhancing the security to reduce the risk of data to be deliberately transmitted. Additionally, the random noise is generated by the examiner’s motion of the mouse within the window in displaying file A. This is an additional information hiding step to enhance the difficulty in analysing the encrypted data. Furthermore, the passwords that have been keyed in by the examiner are encrypted and stored in the root folder to prevent data loss.
In a preferred embodiment of the present invention, the examination module (120) will first run a check to ensure a compatible vision based device is connected to the examinee’s device in order to execute the examination module (120). After the examination module (120) is executed, the examinee will need to download the encrypted files A, B and C received from the encryption module (110). Once downloading is completed, the examinee is allowed to select the vision based device to be used. After that, the examinee is required to read through the institution rules and examination rules, followed by checking the individual checkboxes to agree the rules. The action of checking the checkboxes leads to the commencement of login process.
In a preferred embodiment of the present invention, an external authentication interface is presented to authenticate the identity of examinee upon execution of the examination module (120). There are two sets of scrutiny in the login process and minimal internet connection is required. The first scrutiny is to authenticate that the examinee is a student of the institution by entering the username and password (202). After that, the examination module (120) will be navigated to the prescribed LMS system to acquire the session password upon successful of the first authentication. The second scrutiny is to authenticate the session password to verify the examinee is taking the examination at the correct date and time (203). Said second scrutiny act as one of the safeguard to ensure the examination is taken at the correct date and time and prevent examinee from retaking the examination to tamper the examination answers. Examinee who uses the correct session password other than the examination date will lead to failure in decrypting the examination questions and answers files.
In a preferred embodiment of the present invention, the date and time are extracted from the examinee’s computer system and internet to ensure that the examinee starts and ends the examination at the correct date and time. Therefore, the system (100) will be shut down if the examinee was being detected to reset the date and time on the computer. This step helps to prevent the examinee from resetting the date and time to retake the examination. .
The decryption process (204) will be started upon successful authentication. Figure 4 further shows the details of decryption method (204). The system password is used to decrypt file C in order to extract zip password to decrypt the folder comprises encrypted file A and file B. After decrypting the folder, the system password is further used to decrypt file B to extract the subject password. Said subject password, system password and session password are used to decrypt file A to extract the examination questions. As aforesaid, using the correct session password outside the examination date and time will cause failure in decrypting the file A that comprises examination questions.
After decryption is completed, the examination module (120) further creates a new tab comprising non-editable decrypted examination questions, an editable empty RTF document, the username of examinee, the list of software running at the background, the duration left for the examination, the real time camera and some housekeeping tools. The empty RTF document is capable to accept inputs from the other hardware and software via the operating system interface such as copy and paste of text and graphics. This helps to simplify the examination module (120) by utilizing the functionality of pre-existing software.
The examinee is also requested to disable the network adapters upon successful login. This is to prevent the examinee refer to the online reference and discussing online when answering the examination questions. The internet connection status will be checked frequently and a pop up will appear if the network adapted is found to be enabled. In a preferred embodiment, the prescribed vision based device preferably but not limited to a camera is further acts as an invigilation device to invigilate the examination (205), wherein the said invigilation can be conducted offline. Said vision based device capture the surroundings of examinee perform periodic face capture and periodic screen capture in order to record any suspicious behaviour of the examinee throughout the examination, wherein the periodic captures will be tagged with system date, time, and hardware identification. Additionally, the software list which is active during the examination will also be recorded for the examiner to track whether the examinee had connected to any online references throughout the examination. When the examinee clicks to submit the answers or examination duration reaches zero, the examination module (120) encrypt the examination answers and invigilated data in a response folder (206), wherein the password of the encrypted response folder is only known to the examination module (120) and collector module (130) to prevent the examinee from tampering the contents of submission in the response file. Moreover, the examination answers and invigilated data are further being stored in a data storage device preferably but not limited to a hard disk. The encrypted response folder further comprises a periodic backup file which periodically back up the RTF document in which the examinee answers the questions in. This is to ensure the last backup point is saved in case of power outage.
In a preferred embodiment of the present invention, the information such as the CPU id, hard disk id and username collected from the examinee’s computer are appended to the copy of the answer script in RTF format and encrypted using a password only known to the programmer and the examiner. Said information is kept secret from the examiner to avoid indiscriminate access to examinee’s information. In the case where cheating is suspected, both parties (programmer and examiner) must be agreeable before said encrypted information can be accessed.
In a preferred embodiment of the present invention, the collector module (130) received the encrypted response folder from the examination module (120) as shown in method (207). The path of the file, the path of the unzipped file and unzip passwords are required in order to decrypt the response file (209). The examiner needs to provide the correct subject password in conjunction with the collector module (130) to decrypt the response folder. The collector module (130) further contains other sets of passwords which the examiner does not have access to. Therefore, even if the subject password is compromised, the file cannot be opened as the remaining passwords are hard coded into a program.
The semi-online examination and invigilating system (100) in the present invention allows the examination files to be slowly transmitted to examinee in a secure method at least a day earlier prior to the examination. It is no need to worry the contents of the examination questions made known to the examinee before starting the examination as the files are safely encrypted with passwords. Only minimal internet connection is required for login process to authenticate the identity of examinee in order to acquire the session password at the correct examination date and time for decrypting and answering the examination questions. Meanwhile, the examination answers also can be slowly submitted to the collector module (130) after examination is completed. Moreover, the offline invigilation is implementable in the present invention due to the feature of tagging invigilated data with the system date and time. Also, said invigilated data and examination answers are further being encrypted in the response file to prevent from data tempering. Accordingly, real time invigilation and data transmitting which require fast and stable internet connectivity can be exempted from the present invention.
Various modifications to these embodiments are apparent to those skilled in the art from the description and the accompanying drawings. The principles associated with the various embodiments described herein may be applied to other embodiments. Therefore, the description is not intended to be limited to the embodiments shown along with the accompanying drawings but is to be providing broadest scope of consistent with the principles and the novel and inventive features disclosed or suggested herein. Accordingly, the invention is anticipated to hold on to all other such alternatives, modifications, and variations that fall within the scope of the present invention and appended claim.

Claims

1. A semi-online examination and invigilation system (100) characterized by: an encryption module (110) to encrypt a plurality of files including an examination questions file; an examination module (120) to receive the plurality of encrypted files from the encryption module (110) and decrypt said plurality of encrypted files, present examination questions from the file, receive and encrypt examination answers into a response folder and further encrypt the response folder; a collector module (130) to receive the encrypted response folder from the examination module (120) and decrypt said response folder; wherein the plurality of encrypted files in the encryption module (110) are encrypted with multiple passwords including a session password that is given at the examination date and time for authentication and decryption; wherein the multiple passwords are extracted from the encrypted files relatively to decrypt the examination questions file upon completing authentication; wherein the examination module (120) further receiving invigilated data to be encrypted in the response folder upon completing examination.
2. The system (100) according to claim 1 , wherein the encryption module (110) and collector module (130) are manipulated by examiner.
3. The system (100) according to claim 1 , wherein the examination module (120) is accessible by examinee.
4. The system (100) according to claim 1 , wherein the encrypted files in said encryption module (110) comprising: encrypted file A, file B and file C; file A is encrypted with a system password known across the modules (110, 120 and 130), a subject password specific for the examination questions file and the session password specific for examination date; file B and file C are encrypted with the system password; and wherein the encrypted file A and file B are resided in a zip folder encrypted with a zip password.
5. The system (100) according to claim 4, wherein said file A comprising examination questions file, said file B comprising examinee details, examination details and subject password, and said file C comprising the zip password and random noise.
6. The system (100) according to claim 1 , 4 or 5, wherein the examination module (120) comprising: encrypted file A, file B and file C received from the encryption module (110); the system password to decrypt file C to extract the zip password to decrypt the zip folder comprises encrypted file A and file B and further to decrypt file B to extract the subject password to decrypt file A; wherein the system password, the subject password and the session password are used to decrypt file A relatively upon completing authentication.
7. The system (100) according to claim 1 or 6, wherein an external authentication interface is presented to authenticate the identity of examinee upon execution of the examination module (120).
8. The system (100) according to claim 1 , 4 or 6, wherein the session password is given upon completing identity authentication. 14
9. The system (100) according to claim 1 , 4, 7 or 8, wherein the external authentication interface further authenticates said given session password prior to extract the examination questions file.
10. The system (100) according to claim 1 , wherein a vision based device is connected to the examination module (120) for invigilation.
1 1. The system (100) according to claim 10, wherein the invigilation is an offline invigilation.
12. The system (100) according to claim 1 , 10 or 1 1 , wherein the invigilation produce invigilated data comprises face capture, screen capture and software active list.
13. The system (100) according to claim 12, wherein the invigilated data are further tagged with the computer system’s date and time.
14. A method (200) for performing a semi-online examination and invigilation using the system (100) of claim 1 comprising the steps of: encrypting file A, file B and file C with multiple passwords (201 ); wherein said multiple passwords comprising a system password, a subject password, a session password and a zip password; authenticating the identity of examinee by an external authenticating interface to acquire the session password (202); authenticating the session password by the external authenticating interface to ensure examination is taken at the correct date and time (203); decrypting the encrypted files comprising examination questions by examiner module (120) upon completing authentication (204); invigilating the examination by using a vision based device(205); storing the invigilated data and examination answers in a response folder and encrypting said response folder upon completing examination (206); and 15 decrypting the response folder by a collector module (130) to extract the invigilated data and examination answers (207). The method (200) according to claim 15, wherein encrypting of file A, file B and file C (201 ) comprising the steps of: encrypting file A with the system password, the subject password and the session password; encrypting file B and file C with the system password; and residing encrypted file A and file B in a folder encrypted with the zip password. The method (200) according to claim 15, wherein decrypting the encrypted files (204) comprising the steps of: decrypting file C with the system password to extract the zip password to decrypt the folder comprises file A and file B; decrypting file B with the system password to extract the subject password; decrypting file A with the system password, the subject password and the session password. The method (200) according to claim 15, wherein the invigilating of examination (205) comprising face capturing, screen capturing and software active list monitoring. The method according to claim 15 or 18, wherein the invigilating of examination (206) is an offline invigilation.
PCT/MY2021/050054 2020-09-21 2021-07-02 A system and method for semi-online examination and invigilation WO2022060215A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI2020004890 2020-09-21
MYPI2020004890 2020-09-21

Publications (1)

Publication Number Publication Date
WO2022060215A1 true WO2022060215A1 (en) 2022-03-24

Family

ID=80776908

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2021/050054 WO2022060215A1 (en) 2020-09-21 2021-07-02 A system and method for semi-online examination and invigilation

Country Status (1)

Country Link
WO (1) WO2022060215A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20070037962A (en) * 2005-10-04 2007-04-09 구자용 3step edu system
US9135671B2 (en) * 2012-05-15 2015-09-15 Tata Consultancy Services Limited Secured computer based assessment
US9154748B2 (en) * 2013-02-25 2015-10-06 Board Of Trustees Of Michigan State University Online examination proctoring system
US9294267B2 (en) * 2012-11-16 2016-03-22 Deepak Kamath Method, system and program product for secure storage of content
KR102112959B1 (en) * 2019-09-09 2020-05-19 장원석 System and method for processing test sheet using augmented reality and virtual reality

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20070037962A (en) * 2005-10-04 2007-04-09 구자용 3step edu system
US9135671B2 (en) * 2012-05-15 2015-09-15 Tata Consultancy Services Limited Secured computer based assessment
US9294267B2 (en) * 2012-11-16 2016-03-22 Deepak Kamath Method, system and program product for secure storage of content
US9154748B2 (en) * 2013-02-25 2015-10-06 Board Of Trustees Of Michigan State University Online examination proctoring system
KR102112959B1 (en) * 2019-09-09 2020-05-19 장원석 System and method for processing test sheet using augmented reality and virtual reality

Similar Documents

Publication Publication Date Title
Nigam et al. A systematic review on AI-based proctoring systems: Past, present and future
TWI706368B (en) Block chain-based service leasing method, device, system and electronic equipment
US7257557B2 (en) Multi-modal testing methodology
US10033727B1 (en) Account sharing detection in online education
CN102567662B (en) For processing the apparatus and method of data
BR112018007449B1 (en) COMPUTING DEVICE, COMPUTER IMPLEMENTED METHOD AND COMPUTER READABLE MEMORY DEVICE
US20090150983A1 (en) System and method for monitoring human interaction
Almuairfi et al. A novel image-based implicit password authentication system (IPAS) for mobile and non-mobile devices
US20120102324A1 (en) Remote verification of user presence and identity
Wing A symbiotic relationship between formal methods and security
Pandey et al. E-parakh: Unsupervised online examination system
CN106572082A (en) Approval signature verifying method, mobile device, terminal device and system
Antona et al. Universal access in human-computer interaction
US9105194B1 (en) Semi-network independent educational electronic exam engine
US11837031B2 (en) Distributed voting platform
WO2022060215A1 (en) A system and method for semi-online examination and invigilation
CN115392913B (en) Electronic contract generating method based on user identity recognition and storage medium
Sabbah et al. A smart approach for bimodal biometric authentication in home-exams (sabbah model)
Stobert Memorability of assigned random graphical passwords
Sastry Verifying security properties in electronic voting machines
Chatterjee et al. Cloud based LMS Security& Exam Proctoring Solution
Falana et al. Se-LMS: Secured e-learning management systems for smart school
Sabbah Proposed models for secure e-examination system
US20190378230A1 (en) Information processing apparatus and information processing method
Sousak et al. Towards Intelligent and Continuous Online Student Identity Management

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21869832

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21869832

Country of ref document: EP

Kind code of ref document: A1