Beruflich Dokumente
Kultur Dokumente
discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/224110301
CITATIONS READS
31 449
2 authors:
Some of the authors of this publication are also working on these related projects:
A Learning Management System (LMS) Adoption Framework for Higher Education Sector in Iraq View
project
All content following this page was uploaded by Ip-Shing Fan on 07 July 2015.
The user has requested enhancement of the downloaded file. All in-text references underlined in blue are added to the original document
and are linked to publications on ResearchGate, letting you access and read them immediately.
International Journal of Digital Society (IJDS), Volume 1, Issue 2, June 2010
emphasis: some focus on the content, some on broader term which includes aspects of distance and
communication, and some on the technology [1]. online education, as well as being blended with face-
One of the early definitions for e-learning was to-face learning.
provided by the American Society for Training and
Development (ASTD), which proposes that e- This was the dominant teaching
learning covers a wide set of applications and Pre 1983 - Era of tool before computers became
processes, such as web-based learning, computer- Instructor-led widely available, and when
Training interactions between the
based learning, virtual classrooms, and digitals
instructor and students took place
collaboration. in the classrooms.
E-learning is the implementation of technology in
order to support the learning process, whereby Windows 3.1, Macintosh and CD
knowledge or information can be accessed using the ROMs were the main technology
communication technology. The learning process can 1984-1993 – developments during this period.
be continuous, provided that the content is available Multimedia However, classroom interactions
on the net. Eklund [2] defines e-learning as a and dynamic presentations were
component of flexible learning, which is a wide set lacking in this medium.
of applications and processes, all of which use all
As the web evolved, the arrival of
available electronic media to deliver education and
e-mail, media players and
training; this includes computer-based learning, web- streaming audio/video began to
based learning, virtual classrooms, and digital 1994-2000 – Web
change the face of multimedia
collaboration. Infancy
mediums. Students were able to
access lecture notes or materials
2.2. E-learning Development and Growth from the web at any time and at
any (Internet-capable) location.
The use of technology to support learning was
Advanced website design, rich
started as early as the 1980s. Such a development
streaming media (real
was also in conjunction with the dissemination of audio/video) and high bandwidth
computers for personal use at that time. In fact, 2001 and beyond – (faster data flow) will
higher learning institutions have also dramatically Next-generation revolutionise the way in which
changed over the last thirty years in consideration of Web education will be delivered.
policy drivers, such as widening participation, long Instructor-led, interactive modes
life learning, and quality assurance [3]. Figure 1 can now happen via the web,
below shows the maturity of e-learning through 1983 reaching far more students than
until the present day. The emphasis on e-learning in before.
the past has been on the ‘e’, which refers to
electronic or technology. There is an urge to shift to Figure 1. The Maturity of E-learning [4]
the learning (content) in ensuring the success of e-
learning. Moreover, there are some common terms
which are used interchangeably so as to reflect the
usage of technology in education, such as distributed Distributed Education
education, e-learning, distance education, blended
learning and online classes.
Distance Education
Distance education relates more to self-learning.
In this instance, the learning materials are posted
through physical mail or can be accessed online. The e-learning
meeting sessions are conducted only a few times per f2f
semester. Meanwhile, the combination of face-to- Blended Learning
face and online learning sessions is referred to as
blended learning and are quite popular nowadays.
It is a method of educating at a distance which
utilises technology combined with traditional
education or training. Strategic learning delivery
channels are used, such as physical classrooms,
virtual classrooms, print, email and message boards, Figure 2: The Relationship of E-learning to Distribution Learning
(Mason & Rennie, 2006)
mentoring systems, software simulations, online
collaboration, and mobile and wireless channels [5].
As depicted in Figure 2, Mason and Rennie [1] Today, the implementation of e-learning is a
position e-learning as a type of distance education. combination of three ways of using technology:
They also mention that ‘distributed education’ is a using technology asynchronously, i.e. only as tools
to support or supplement a traditional (face-to-face) learning content on the Internet, and enables it to be
learning, using technology asynchronously and accessible by the user at any time and at any location
synchronously as tools to support or supplement a (asynchronous learning). It then broadens to allow
traditional (face-to-face) learning, and using the learning session to be conducted at anytime and
technology asynchronously and synchronously to anywhere (synchronous learning) from the
deliver a learning course (completely online). Figure perspectives of all users (instructor/lecturer and
3 depicts the flow of communication between students). E-learning now enables the registration,
students and educators in the e-learning system assessment, and posting graduation certification
component. online. With the intention of adding greater
flexibility, mobile learning has been introduced
despite the fact that usage is currently limited and not
fully utilised. As the functionality of e-learning
continues to grow, the e-learning environment needs
to become more secured. Greater functionality
presented to users will make the e-learning
environment more open and exposed to the
information security threats.
forums between the student and the lecturer or Technology Acceptance Model (TAM), the
instructor. Another benefit offered by e-learning is perceived usefulness and perceived ease of use do
faster delivery of assessments, as lecturers can give have impacts on users’ acceptance on the technology
feedback faster compared with the traditional usage: if they don’t see how e-learning can help
method, and students can also contribute to feedback them, the student will ultimately resist continuation,
amongst themselves. or even enrol because they think they would fail
because of lack of support and training provided by
2.4 Challenges in E-Learning the learning provider. Moreover, instructors would
also feel the same; subsequently, another reason for
Implementing e-learning is not an easy task. not wanting to use e-learning is because they see
Despite many benefit gained from e-learning, there little reward or recognition, yet there are so many
are also issues and challenges when aiming to make actions to carry out so as to ensure the success of e-
e-learning successful. The challenges, as reflected in learning. Despite the challenges discussed above, the
Figure 5, are considered from two perspectives: the market of e-learning is growing. The growth of e-
learning provider, and the user. From the learning learning is fuelled by new institutions entering the
provider perspective, Higher Learning Institutions online arena combined with a continued student
(HLIs) are experiencing difficulties in relation to demand for online learning option. Amongst the
various technological issues, such as preparing factors to be considered when developing the e-
efficient infrastructure. Bandwidth and connectivity learning environment, multimedia instruction,
are ultimately necessary, since students will be autonomous learning, instructor-led interaction,
dependent on these facilities to access learning improvement of learning effectiveness, and social
materials on the web. Moreover, the delivery of high presence are all considerations. These challenges are
bandwidth content, such as digital video, is still somehow related when creating secure and
problematic to the home user. Learning material is successful e-learning environments in the sense of
also an issue, since a lack of quality content is confidentiality, availability and integrity.
prepared. Developing good content for students Importantly, information security in e-learning is a
should consider many different factors, such as challenge which is rarely discussed. Security in e-
pedagogical aspects, human-computer interface, and learning has been disregarded and abandoned [9].
expertise. Ensuring all of these are well-prepared
requires a high budget; thus, high costs for 3. Information Threats in Internet
implementation are to be expected. In a developing
country, all of these challenges are even more With consideration to ICT, people nowadays are
difficult, simply because of the resources issues getting the benefits of accessing vast information
faced. quickly. Information may exist in many forms: it can
be printed or written on paper, stored electronically
and transmitted by post or by electronic means.
Whatever form information takes or the means by
which it is shared, it should always be appropriately
protected.
Information deriving from useful data is amongst
an organisation’s main assets. Nevertheless, when it
is always easy for everybody to access, it will
therefore also be easy and useful for anybody to gain
access, irrespective of whether they have good or bad
intention. As a result of this increasing
interconnectivity, information is now exposed to a
growing number and a wider variety of threats and
Figure 5.The E-learning Challenges vulnerabilities. As such, information must be
protected in order to avoid the loss of its
confidentiality, integrity and availability. Some of
From the users’ perspectives, they are experiencing the most serious threats are listed as below.
challenges in the contexts of readiness. Aziz [8]
proposes critical factors in preparing people 1. Deliberate software attacks (viruses, worms,
readiness include commitment and skills. Readiness macros, denial of service)
includes readiness of knowledge, plus readiness of 2. Technical software failures and errors
motivation for self-learning. Students are not (bugs, coding problems, unknown
prepared for e-learning because of low computer loopholes)
literacy and low levels of self-discipline for self- 3. Acts of human error or failure (accidents,
learning methods. Furthermore, according to the employee mistakes)
4. Deliberate acts of espionage or trespass to verify whether or not an assignment has been
(unauthorised access and/or data collection) completed and sent by a valid student. The identity
5. Deliberate acts of sabotage or vandalism and the secure content are difficult to maintain.
(destruction of information or system) E-learning shares similar characteristics of other
6. Technical hardware failures or errors e-services. There are three main characteristics of
(equipment failure) every e-service: the service is accessible via the
7. Deliberate acts of theft (illegal confiscation Internet, the service is consumed by a person via the
of equipment or information) Internet, and there might be a fee which the
8. Compromises to intellectual property consumer pays the provider for using the e-services.
(piracy, copyright, infringement) The functionality and security threats to e-learning
9. Quality of Service deviations from service have common features with other e-services, and the
providers (power and WAN service issues) management approaches could also have common
10. Technological obsolescence (antiquated or characteristics. If organisations are to protect and
out-dated technologies) maximise the return on their investment in learning
11. Deliberate acts of information extortion technology, content and services, the systems they
(blackmail for information disclosure). use must be interoperable, usable, manageable, and
durable [12]. Previous studies have shown that there
are barriers to a more wide-spread adoption of online
3.1. Information Security in E-Learning education [6]. The reason behind such barriers is not
the high costs or the greater level of tasks which
E-learning is mainly dependent on information as need to be carried out, but rather the security aspect,
well as communication technologies. According to which is something that is really intangible in the
Rosenberg [10], e-learning is based on three cyber world. Ultimately, it is difficult to verify
fundamental criteria, which are: 1) network-capable whether or not the assignment is completed and sent
updating, storage/retrieval, distribution and sharing by a genuine student. The identity and the secure
of information; 2) delivery to the end of user via content are difficult to maintain. Furthermore,
computer using standard Internet technology; and 3) security issues in e-learning have been addressed
focus on the broadest view of e-learning. The first mostly by security technology; for example a
and second criteria expose the e-learning institutions technical framework on authentication and
to the threats, as the use of ICT could ultimately lead accountability, access control, protect of
to many possible information security risks which communications, non-repudiation issues and learning
could compromise information, such as loss of resource provider server protection [13].
confidentiality, availability, exposure of critical data,
and vandalism of public information services [11]. 3.2 Information Security Elements in E-
Unfortunately, very few efforts have been made to Learning
rectify this situation. More efforts have been
emphasised to enhance the content and technology Information security is the protection of
due to addressing content and technology as the information from threats. It is implemented in order
challenges in securing a successful e-learning to ensure business continuity and to accordingly
environment. minimise business risk. At the same time, it is
Security is needed within e-learning expected that there be a good return on investments
environments owing to the fact that, nowadays, and business opportunities. The e-learning aims are
knowledge has become an important means of concerned with providing teaching and e-learning to
production, as product and as a key for personal everyone. Ensuring the availability and integrity of
success. In e-learning, information deriving from information is the main goal in relation to e-learning
useful data is amongst the main assets of the security. Availability in e-learning is the assurance
organisation. Amongst security issues in e-learning that the e-learning environment is accessible by
are protection against manipulation (students, authorised users, whenever needed. Two facets of
insider), user authentication, and confidentiality [11]. availability are typically discussed, which are denial
However, as the functionality of e-learning is of service and loss of data processing capabilities.
expanding, information must be actively protected in The e-learning users are dependent on the
this bigger context to avoid the loss of its information on the Internet; therefore, the availability
confidentiality, integrity and availability. Some of materials and information to be accessed at any
people might state that knowledge should be shared, time and any location is crucial. Failing to fulfil this
but there are situations where the flow of sensitive will have a huge impact on e-learning users and e-
information should be restricted to only a few well- learning providers. Yang et al. [14] mention that
defined groups, such as, for example, learning some features which affect e-learning are privacy
materials for certain groups and copyright protection and security for e-delivery and collaborative
of intellectual properties. Furthermore, it is difficult education.
advice from outside organisations may also be management) of delivering the key to the validated
needed. people is handled insufficiently, which can
There are 10 domains listed in the handbook of consequently lead to the key ending up with
ISM, which are: access controls; communication malicious people. In a different situation, the key
system; risk management and business continuity might also become lost or could be duplicated and
planning; policy, standards and organisation; then used by unauthorised people. Therefore, it is not
computer architecture and system security; law, only the solution or controls which matter but the
investigation and ethics; application program management of security, which will determine the
security; cryptography, operation security and success of the security controls and solution
physical security. All of these domains are very implemented. In spite of considering the hardware
important, and each should be considered when and software solution, information security can be
ensuring the security of information. achieved by a suitable set of controls, known as
Security management is a discipline in making Information Security Management (ISM). ISM
trade-offs continual activity: controls in the system includes policies, process, procedures, organisational
versus controls in the environment, security control structures, and software and hardware functions.
versus customer convenience and productivity, Kritzinger and Von Solm [20] suggest four main
strong controls versus implementation and elements of information security within e-learning
administrative cost, and so on. [18]. Once a computer environments, including ensuring e-learning
system has been deployed, it then needs to be information security governance, creating e-learning
managed so as to ensure that it works correctly. information security policy and procedures,
Whitson [19] states that the major areas of computer implementing e-learning information security
management include guaranteeing confidentiality, countermeasures, and monitoring the e-learning
integrity, and availability of all assets. information security countermeasures. The elements
ISM has some standards and guidelines to be suggested here include the management aspect to
followed when setting up and managing an effective ensure that the security implementation achieve its
ISM: for example, the British standard BS ISO/IEC objective.
17799:2005 Information Security Management ISM in e-learning can be stated as similar to
System (ISMS). The design and implementation of other e-services; however, there are some different
an organisation’s ISMs are influenced by business emphases based on the services being offered. E-
needs and objectives, resulting security requirements, learning offers flexibility to the user as a learner,
the process employed and the size and structure of whilst simultaneously ensuring availability, integrity
the organisation. and confidentiality of information. The behaviours of
Information security is important to both public users in e-learning are also different from the users in
and private sector businesses, and when striving to other e-services; therefore, ISM is specifically
protect critical infrastructures. In both sectors, needed for e-learning.
security will function as an enabler to achieving e-
government or e-learning, for example, and also to 4.3 Framework
avoid or reduce the relevant risks. Therefore, the
management of information security is needed in ISM is the only real opportunity for an
order to maintain a competitive edge, adequate cash organization to build an effective security
flow, profitability, legal compliance, and commercial architecture which can fight existing and emerging
image. information security threats. Therefore, e-learning
requires an ISM framework which can act as a guide
4.2 Information Security Management in in helping the e-learning provider (institutions) in
E-Learning terms of managing the information security within
the e-learning environment. The framework should
At present, information security technology, consider the e-learning context and accordingly
hardware and software have been used in order to include the appropriate and necessary elements
secure the e-learning environment. Yang et al. [14] comprised within e-services. When developing a
suggest the obligation of having effective framework, few important requirement need to be
mechanisms for security and privacy control and addressed. A further investigation concerned with
management. Having a control without proper identifying the threats and incidents of attack in e-
planning concerning how to manage the control does learning needs to be conducted in order to ensure the
not help in reducing the threats in e-learning. An success of ISM frameworks for e-learning.
analogy to this is: to keep a house or a room of The e-learning ISM framework should include
valuable data, the door is locked, using the key and various details on policies, process, procedures,
lock as the control mechanism. Only the authorised organisational structures, and software and hardware
people are given the key to access to the house. functions so as to enhance security execution.
Unfortunately, however, the process (the Another aspect which should be considered is the
maintenance procedures. Security management is an [6] Allen, E. and Seaman, J. (2007), Online Nation Five
important part of the whole secure system process. A Years of Growth in Online Learning, 1, Sloan
system whereby security cannot be managed is not Consortium, United States.
secure, no matter how excellent the controls
suggested. Furthermore, the users (lecturer and [7] Jain, K. K. and Ngoh, L. B. (2003), ‘Motivating
students) will also benefit with the secured e-learning Factors in e-learning -a Case study of UNITAR’,
environment. Student Affairs Online, [Online], vol. 4, no. 1, pp.21,
June, 2008 available at:
http://www.studentaffairs.com/ejournal/Winter_200
5. Conclusion 3/e-learning.html.
E-learning has grown and is expanding at a very [8] A. Aziz, S. H., M.Yunus, A. S., A. Bakar, K. and
rapid pace. The benefits it offers increase the number B.Meseran, H. (2006.), ‘Design and development of
of e-learning users. The functionality of e-learning learning management system at universiti Putra
continues to expand and relies more and more Malaysia: a case study of e-SPRINT. I’, WWW 06:
heavily on the Internet. However, the Internet has Proceedings of the 15th international Conference on
World Wide Web, May 23 - 26, 2006, Edinburgh,
become a place of illegal activities, which therefore
Scotland, ACM, New York, pp.979-980.
expose e-learning to threats. Ensuring the availability
and integrity of information and material within e-
[9] Raitman, R., Ngo, L. and Augar, N. (2005), ‘Security
learning environments requires that countermeasures,
in the Online E-Learning Environment’, Advanced
such as security technology hardware and software, Learning Technologies, 2005.ICALT 2005.Fifth
need to be implemented. Nevertheless, it is IEEE International Conference on Advanced
considered insufficient. Moreover, IMS is needed in Learning Technologies, pp.702-706.
order to ensure the security of the e-learning
environment. ISM for e-learning is no different to [10] Rosenberg, M. J. (2001), E-learning strategies for
other e-services; however, because of the flexibility delivering knowledge in the digital age, McGraw-
factor offered by e-learning and different user Hill, New York.
behaviours, e-learning requires a security
management framework which can act as a guide in [11] Graf, F. (2002), ‘Providing security for eLearning’,
helping the e-learning provider (institutions) in Computers & Graphics, vol. 26, no. 2, pp.355-365.
managing the information security within the e-
learning environment. Furthermore, the combination [12] Norman, S. and Da Costa, M. (2003), ‘Overview of
of ISM and the current information security e-learning Specifications and Standards’, Open
technology used will provide better results in the Learning Agency, and Eduspecs Technical Liaison
success of security implementation. Office.