View All Documents & Correspondence
“A System & Method For Enabling Participation In E Learning Scenarios”
Abstract: Accordingly, the present invention provides a portable data carrier for enabling participation in e-learning scenarios, comprising an interface for receiving a first data set, a first access control element and a second access control element, the said first access control element being based on at least participant’s credentials and the said second access control element being based on at least one predetermined parameter; a secure memory for storing the first data set thus received and the first and the second access control elements; and an access control means being in operational communication with the secure memory for retrieving the first and the second access control elements stored thereupon, comparing the retrieved access control elements with the access control elements received via the interface and outputting the first data set based on the comparison. The present invention also provides a method and a corresponding system that enable participation in e-learning scenarios using the portable data carrier of the aforesaid nature.
Notices, Deadlines & Correspondence
Patent Information
Applicants
GIESECKE & DEVRIENT INDIA PVT. LTD.
Inventors
1. Deepen MANTRI
Specification
FORM 2
THE PATENTS ACT, 1970
(39 of 1970)
&
THE PATENTS RULES, 2003
COMPLETE SPECIFICATION
(See section 10, rule 13)
“A SYSTEM & METHOD FOR ENABLING PARTICIPATION IN E-LEARNING SCENARIOS”
GIESECKE & DEVRIENT INDIA PVT. LTD., having office at 9/1 A, Padale Prime, Erandwane, Pune,
411004, India
The following specification particularly describes the invention and the manner in which it is to be performed.
Field of the Invention:
The present invention relates to the area of portable data carriers, methods and systems which enable participation in e-learning scenario.
Background of the invention
In modern society, examinations are an inevitable compulsion in an educational process of a youth aspiring to make a career out of it. Mostly all of the reputed junior, graduate and postgraduate institutions and varsities select the students for admission depending on their performance in some or the other form of examinations; multiple-choice entrance exams being the favorites. In country like India, every year millions of students compete through such exams for few thousand seats. Thus their result in such examinations plays a pivotal role in shaping their careers. As a side-effect, prominent form of examination malpractice i.e. question paper leakage has consistently remained a bane of educational system. In recent years there has been a tremendous increase in number of gangs/rackets indulging in such malpractice. With widespread corruption in varsities and educational institutions, it comes as no surprise that the varsity personnel are also part of such rackets. Every year, news reporting the leakage of question paper of one or other high stake exams makes a sweeping headline leaving the youth of the country demoralized and frustrated.
The adverse effect of such an examination malpractice (question paper leakage) cannot be over emphasized. It breaches the worth of examination system resulting in mass production of ill-conceived, ill-equipped and corrupt-minded professionals (journalists, doctors, accountants, engineers, administrators etc). No doubt that presence of such people further degrades/corrupts the social, economical and political life of the society.
Advances in smartcard and/or secure elements technology can actually help in curbing this burning menace. This is what is being described in detail in following sections.
Different approaches have been discussed for accomplishing this. One is via traditional portable data carrier like smartcards, student cards etc and other leverages the smart mobile devices of users itself.
Currently most of the high stake national entrance exams (may be exams conducted at globe level too) are multiple-choice and paper based. The question paper is prepared and printed in numbers by the central examination authorities and then are distributed to various examination centers. There is absolutely no doubt that during printing and transit, the paper-based question papers are subject to theft and leak. Moreover, the answer papers are again
subject to fraud when sent for evaluation. The paper based answer sheets can easily be modified and replaced. Manual evaluation and grading process involved here is usually costly, inefficient and again subject to fraud.
World Wide Web-based or network-based online examination systems address most of these issues. The new possible approaches have been proposed for providing flexible and secure examination system as a replacement of inefficient paper based exams.
Glossary of Terms:
There follows a glossary of terms, some of which are conventional and others have been coined:
Portable Data Carrier: A portable data carrier is preferably a data carrier with appropriate safety features. The portable data carrier can be a hardware component, such as smart card, USB-token, chip card, a mass memory card, a multimedia card, a subscriber identification module in a mobile radio network and/or an electronic identification document, such as an electronic identity card, a passport with a machine readable chip or secure elements. The portable data carrier can be hardware or software component, such as a trusted execution technology (TXT) or a trusted execution environment (TEE). A TXT is a hardware extension to microprocessors or chipsets which are intended to provide computer users or systems a higher level of trust and control over their computing devices, also known as trusted platform modules TPM. On the other hand a TEE is a standardized software platform for mobile devices in which a secure area residing the main processor of the mobile devices guarantees that sensitive data is stored, processed and protected. It enables the offering of safe execution of authorized software, known as trusted applications (or TRUSTLET®) and therefore enables to enforce protection, confidentiality, integrity and access rights of data, which belong to these TRUSTLETS®. In particular, the term portable data carrier relates to a smart card with an integrated microchip, such as a credit or debit payment card, a health card, an access authorization card, an identification card and/or an electronic vehicle registration card. Especially the portable data carrier relates to an instance such as a students card or a card, which uniquely identifies a student.
Secure element: A secure element might be designed as a hardware component or a software component. Designed as a hardware component, the secure element might be arranged as a fixed integrated component in a terminal such as mobile devices. Therein it can be removed from the terminal, such as a chip card or it can be arranged un-removable, for example, as M2M module, co-processor and trusted base element. Alternatively, the security element is
designed as a software component in the form of a trusted platform module e.g. as a trusted part of the operating system kernel of the mobile terminal or as a security software.
Summary of the Invention:
Accordingly, the present invention provides a portable data carrier for enabling participation in e-learning scenarios, comprising: an interface for receiving a first data set, a first access control element and a second access control element, the said first access control element being based on at least participant’s credentials and the said second access control element being based on at least one predetermined parameter, a secure memory for storing the first data set thus received and the first and the second access control elements; and an access control means being in operational communication with the secure memory for retrieving the first and the second access control elements stored thereupon, comparing the retrieved access control elements with the access control elements received via the interface and outputting the first data set based on the comparison.
In particular the present invention provides a portable data carrier for enabling participation in e-learning scenarios, comprising of an interface for receiving and delivering data sets, an access controller for managing access rights to these data sets via access control elements and a secure memory for tamper resistant storage of the data sets and access control elements. The data sets constitute all needed data meaningful to an e-learning scenario. The access control elements are configured to be unique cryptographic secrets belonging and/or derived from participant’s information or participants credentials and/or predetermined parameters. The access controller is used to decide whether an access to resources and data sets of the data carrier is to be allowed or denied based on comparison of stored first and/or second access control elements and newly presented first and second access control elements, wherein the newly presented first and second access control elements are received via the said interface. In general the said interface is configured to receive and deliver a first, a second and a third data set. The first data set is usually a set of information or questionnaire prepared by an e-learning authority. The second data set is usually received from the participant as an incremental and interactive response to the first data set. The third data set consists of the expected responses to the first data set which is prepared by the e-learning authority, especially the same authority preparing the first data set. In general, a first access control element, a second access control element and/or a third access control element is initially stored in the secure memory of the portable data carrier. The first access control element is derived from the participant’s credentials. The second and third access control element is derived from predetermined parameters. The first access control element and/or
the second access control element are made available to the participant. The third access control element is only known by the e-learning authority. The access controller allows the said interface of the portable data carrier to extract and present the stored data sets out of its secure memory if a comparison of the received first, second and/or third access control element with the stored first, second and/or third access control element results in a match.
The phrase participant’s information or participant’s credentials are used interchangeable in this application.
In another embodiment of the present invention the said first data set thus received comprises lecture notes, seminar notes, examination question set, practice question sets, syllabus, course material, schedule of lecture, schedule of examination, schedule of seminars and/or combinations thereof; and the said first data set is optionally unique for a particular participant and optionally uniquely encrypted for a particular participant.
In an embodiment of the present invention, the said interface is provided on the portable data carrier either during the production process of the portable data carrier or thereafter.
In another embodiment of the present invention, the portable data carrier is being further configured to securely receive second data set via the interface.
In yet another embodiment of the present invention, the said second data set thus received via the interface is stored in the secure memory.
In still another embodiment of the present invention, the said secure memory stores a third data set, said third data set containing expected response for (a) at least one item thus contained in the first data set or (b) all the items thus contained in the first data set; said third data set is stored in the secure memory and access to the same is made available after receiving a third access control element, the third access control element being not available with the participant.
In further embodiment of the present invention, the said interface allows reviewing and/or modifying said second data set provided.
In furthermore embodiment of the present invention, the portable data carrier further comprises an auto-evaluation element to evaluate said second data set provided.
In another embodiment of the present invention, the said secure memory stores an evaluated score.
In yet another embodiment of the present invention, the said secure memory stores essential test related data.
In still another embodiment of the present invention, the at least one of the said first access control element and said second access control element stored in the portable data carrier is a unique identification key provided to the participant along-with said portable data carrier.
In further embodiment of the present invention, the said secure memory stores an e-learning application developed by an e-learning authority server.
In furthermore embodiment of the present invention, the said at least one response is a descriptive response.
According to another aspect of the present invention, there is provided a method for enabling electronically secured e-learning, comprising: creating at least one first data set; personalizing a portable data carrier to obtain an unique portable data carrier, the said unique portable data carrier corresponds to a particular participant and comprises secure first data set, the secure first data set being accessible only after receiving a first access control element and a second access control element, the said first access control element being based on at least participant’s credentials and the said second access control element being based on at least one predetermined parameter; dispatching, to the said participant, the secure first data set; and obtaining a second data set, from the said participant corresponding to the secure first data set.
In an embodiment of the present invention, the secured first data set thus received is unique for a particular participant and the first data set is prepared by an e-learning authority.
In another embodiment of the present invention, the method further comprising allowing access to the secured first data set thus received using the said first and second access control elements and providing access to first data set to the participant.
In yet another embodiment of the present invention, one of the said first and second access control elements is biometric information.
In still another embodiment of the present invention, the method further comprising disallowing the said participant from providing second data set, if one or more of the following criteria are satisfied: end of time period allotted for providing the response;
movement of the participant beyond a restricted boundary; if number of power disruptions is above a predefined disruption threshold.
In further embodiment of the present invention, the method further comprising delivering the said second data set thus obtained from the participant for any one of record keeping purposes, evaluation purposes, re-evaluation purposes, non-repudiation purposes.
In further more embodiment of the present invention, the delivering of the said second data set is performed in a secured manner wherein the security is provided by (a) the access controller (b) the cryptographic strength of said first and second access control elements (c) a standardized secure element or (d) a trusted execution environment.
In another embodiment of the present invention, the method further comprises of evaluating the said second data set thus obtained.
In yet another embodiment of the present invention, the said at least one first data set is created at an e-learning authority server.
In still another embodiment of the present invention, the method further comprises of addition and deletion or modification of questions at said exam authority server upon appropriate authentication.
In further embodiment of the present invention, the said e-learning authority server is directly connected to a portable data carrier personalization device.
In furthermore embodiment of the present invention, the said e-learning authority server is also uploaded with credentials of participants using existing communication channels.
In yet another embodiment of the present invention, the said transmission may be any one of an online transmission techniques or offline transport methods.
In still another embodiment of the present invention, the method further comprises of securely storing said second data set provided by the participant in said portable data carrier.
In further embodiment of the present invention, the said portable data carrier also securely stores a third data set corresponding to the said first data set.
In furthermore embodiment of the present invention, the method further comprises reviewing and/or modifying said second data set provided before indicating end of e-learning.
In an embodiment of the present invention, the method further comprises of triggering an auto evaluation of said second data after indicating said end of e-learning.
In another embodiment of the present invention, the method further comprises of providing a score to the participant based on said auto evaluation.
In yet another embodiment of the present invention, unique test related data is securely transmitted to said e-learning authority server using a secure transmission channel.
In still another embodiment of the present invention, the said at least one response is a descriptive response and the same is transmitted to said e-learning authority server.
In further embodiment of the present invention, the said transmission is done via contact based transmission or over-the-air technique.
According to another aspect of the present invention, there is provided a system for enabling electronically secured e-learning, comprising: an e-learning authority server for creating at least one first data set; at least one portable data carrier being operationally coupled to the said e-learning authority server, each of the said at least one portable data carrier corresponds to a particular participant and comprises secure first data set, the secure first data set being accessible only after receiving a first access control element and a second access control element, the said first access control element being based on at least participant’s credentials and the said second access control element being based on at least one predetermined parameter; an user interface being operationally coupled to the said at least one portable data carrier for displaying to the said participant the first data set and obtaining second data set, corresponding to the displayed first data set, from the said participant.
In another embodiment of the present invention, the e-learning authority server is provided with a means for receiving participant’s credentials and means for enabling addition/ deletion/ modification of the first and third data sets at said exam authority server upon appropriate authentication.
In an embodiment of the present invention, the system further comprising a portable data carrier personalization device connected to the said e-learning authority server.
In another embodiment of the present invention, the said portable data carrier is further configured to store said second data set provided by the participant.
In still another embodiment of the present invention, the said portable data carrier also securely stores a third data set corresponding to said first data set and access to the same is made available after receiving a third access control element, the third access control element being not available with the participant.
In further embodiment of the present invention, the said user interface is configured to provide access to said second data set provided by participant for reviewing and/or modifying before end of e-learning session.
In furthermore embodiment of the present invention, the said portable data carrier or user interface or e-learning authority server is configured to trigger an auto evaluation of said second data set after said end of e-learning session.
Brief Description of the Accompanying Drawings
Further aspects and advantages of the present invention will be readily understood from the
following detailed description with reference to the accompanying drawings, where like
reference numerals refer to identical or functionally similar elements throughout the separate
views. The figures together with the detailed description below, are incorporated in and form
part of the specification, and serve to further illustrate the aspects and explain various
principles and advantages, in accordance with the present invention wherein:
Figure 1 shows the construction of a portable data carrier in accordance with the embodiment
of the present invention described in detailed in the first scenario;
Figure 2a and 2b shows the flow chart of the process in accordance with a first embodiment
of the present invention described in detailed in the first scenario;
Figure 3 shows the overall system which implements first embodiment of the present
invention described in detailed in the first scenario;
Figure 4a and 4b shows the flow chart of the process in accordance with a second
embodiment of the present invention described in detailed in the second scenario;
Figure 5 shows the overall system which implements second embodiment of the present
invention described in detailed in the second scenario; and
Figure 6 shows the overall system in accordance with the third embodiment described in
detailed in the third scenario.
Skilled artisans will appreciate that elements in the drawings are illustrated for simplicity and have not necessarily been drawn to scale. For example, the dimensions of some of the
elements in the drawings may be exaggerated relative to other elements to help to improve understanding of aspects of the present invention.
Detailed description of the invention
While the invention is susceptible to various modifications and alternative forms, specific embodiment thereof has been shown by way of example in the drawings and will be described in detail below. It should be understood, however that it is not intended to limit the invention to the particular forms disclosed, but on the contrary, the invention is to cover all modifications, equivalents, and alternative falling within the spirit and the scope of the invention as defined by the appended claims.
The method steps have been represented where appropriate by conventional symbols in the drawings, showing only those specific details that are pertinent to understanding the embodiments of the present invention so as not to obscure the disclosure with details that will be readily apparent to those of ordinary skill in the art having benefit of the description herein.
The terms “comprises”, “comprising”, or any other variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method that comprises a list of steps does not include only those steps but may include other steps not expressly listed or inherent to such process, method. Similarly, one or more elements in a system or apparatus proceeded by “comprises… a” does not, without more constraints, preclude the existence of other elements or additional elements in the system or apparatus.
The features of the present invention are set forth with particularity in the appended claims. The invention itself, together with further features and attended advantages, will become apparent from consideration of the following detailed description, taken in conjunction with the accompanying drawings. One or more embodiments of the present invention are now described, by way of example only, with reference to a specific example of portable data carrier. The invention is by no means bound by this particular example.
Scenario 1
Referring to figure 1, a portable data carrier for enabling participation in an e-learning scenario is shown. The data carrier comprises an interface, an access controller and a secure memory. The data carrier is able to receive data sets and access control elements via the interface. The secure memory is able to store the received data sets and access control elements. The access controller is able to receive the stored access control elements and is further able to compare the stored access elements with access elements received from the interface.
If a participant wants to participate in said e-learning scenario, the interface first obtains a first access control element, wherein the first access control element is based on participants’ credentials. The interface furthermore obtains a second access control element based on at least one predetermined parameter. The first and the second access control element will be explained in greater details below. The first and second access control elements are provided on the portable data carrier via the interface either during the production process of the data carrier or at a later life cycle stage of the portable data carrier. Optionally the data carrier receives a first data set which is unique for a particular participant and optionally uniquely encrypted for a particular participant during production of the portable data carrier or thereafter.
During participation in the e-learning scenario the interface obtains again a first access control element and a second access element. The access controller compares the first access control element and second access control element stored in the secure memory with the again obtained first access control element and second access control element. The portable data carrier outputs the first data set based on the result of the comparison.
The portable data carrier is further configured to securely receive and securely store a second data set via the interface. The said interface allows reviewing and/or modifying second data set provided by the participant.
The secure memory stores a third data set, said third data set which is related to the first data set. The secure memory also stores an evaluated score and essential test related data.
At least one of the first access control element and said second access control element stored in the portable data carrier is a unique identification key provided to the participant along-with said portable data carrier.
Referring to figure 2a, 2b and 3, the method along with the system enabling participation in an e-learning scenario/session using portable data carriers is described. A computer based server database system managing the safe and secure storage of one or more data sets, the information related to type and topic of the data sets, personal information of participants and so on. Such a server is hosted and managed by a central e-learning authority which is responsible for preparing data sets to be used in the e-learning scenarios described herein. Unauthorized access to this server database is forbidden using state-of-the-art access control mechanisms. The database in this server is open for modification by way of addition, deletion
or correction only upon appropriate prior state-of-the-art authentication and user verification procedure and is made available only at the e-learning authority. This server system can be connected to external world via internet, intranet, mobile network or any other network technology. The intention being that the information of all the students registering into the e-learning scenario can be synchronized from various locations across a region. Proper authentication and validation procedures can be employed so that malicious or wrong data does not get uploaded in the server. Appropriate security mechanisms can be employed to make the server data free from hacks and attacks. The server will be located in a central secure location fulfilling all of such requirements. This server system may also be connected directly to a portable data carrier personalization device thereby facilitating the secure transfer of at least one data set prepared.
The first data set transferred to the portable data carrier will be secured using access control elements. The said access control element comprises at least a first access control element derived from at least participant’s credentials and at least a second access control element derived from at least a predetermined parameter. The access control element is unique to each card hence also unique to each registered participant. Based on the aforesaid principle, the first and second access control elements together can be selected from the group comprising of secure password, cryptographic key, biometric identity information, participant’s credentials, a Personal Identification Number (PIN), RFID tag, Bar code, personal identification code, one time password, GPS co-ordinates of a particular location, time and date of e-learning session, student data like name, age, birth date, but not limited to these. The personalized portable data carrier may be dispatched individually to registered participants or to respective e-learning centers using existing transport means. At least one of the secure elements required to access the secured first data set stored on the portable data carrier is dispatched directly to the participant using existing secure means of transport. The existing secure means of transport may include online means, offline means or traditional secured postal mail service.
Similarly, secure transport mechanisms can be employed to transport the second access control element to the e-learning centers. As these centers may not have internet or network connectivity at all, already established mechanisms for offline key transport may also be incorporated. In case the examination centers possess network connection capability with the e-learning authority then unique access control elements can be transferred online in a secure manner using existing secure online transmission mechanisms. Once the second access control element get transferred to e-learning centers, network connection is no more required.
This second access control element is provided to the corresponding participant upon successful verification of the participant’s identification at the e-learning center.
In order to initiate participation in the e-learning session, a participant is required to insert the portable data carrier received from the e-learning authority or from the e-learning centre into an e-learning facilitating terminal. Subsequently, the participant is required to input the first access control element received from the e-learning authority followed by inputting the second access control element received at the e-learning center. Upon successful verification using the first and the second access control elements, the secure first data set stored on the portable data carrier is available for viewing, to the participant. Once the access is granted, the e-learning session gets started. The e-learning session can subsequently proceed in offline mode. Thus network connectivity throughout the e-learning session is no longer a requirement. Hence this approach will be more cost effective as compared to the e-learning scenarios which rely on online connectivity throughout the e-learning session. In the scenario that the participant is required to provide a second data set based on the first data set made available to the participant, the said participant is allowed to review or modify the said second data set until an indication is trigerred for an end of providing the second data set by the participant or for an end of the stipulated time period allotted for providing the said second data set. In this scenario, a tracking mechanism tracks various parameters such as time spent, displacement of the participant, GPS location and power disruptions to the portable data carrier while providing the second data set. The tracking mechanism disallows the said participant from providing said second data set if one or more of these criteria get satisfied. The criterion includes any one of an end of time period allotted for providing the second data set, movement of the participant beyond a restricted boundary or if number of power disruptions is above a predefined disruption threshold but not limited to these.
The said second data set thus obtained from the participant is delivered to the e-learning authority for any one of record keeping purposes, evaluation purposes, re-evaluation purposes, non-repudiation purposes. The delivering of the said second data set is performed in a secured manner wherein the security is provided by (a) the said access controller (b) the cryptographic strength of said access control elements, (c) a standardized secure element or (d) a trusted execution environment. The second data set may be evaluated against a third data set. The said third data set is related to the first data set. In the scenario where the first data set is a question set, the third data set may be a corresponding correct answer set. The said evaluation can be an auto evaluation that gets triggered upon indication of an end of providing the second data set by the participant, an end of the stipulated time period allotted
for providing the said second data set or upon disallowing the participant from providing the said second data set due to any of the reasons mentioned above. The said auto evaluation occurs only in the scenario where the said third data set is stored in the portable data carrier. The evaluation may also be a manual evaluation that is undertaken at the examination authority after secure delivery of the second data set. Once the evaluation is completed, a score is provided to the participant. In the event of an auto evaluation, this score is provided instantaneously to the participant after providing the second data set. In the event of a manual evaluation of the second data set, the score is provided to the participant in any of the existing forms of results/score declaration.
In any of the events of indication of submitting the second data set by the participant, end of the stipulated time period allotted for providing the said second data set or upon disallowing the participant from providing the said second data set due to any of the reasons mentioned above, a digital signature of the first data set, the second data set obtained and the evaluated score are stored on the portable data carrier or alternatively securely transferred to the server for record purposes.
Scenario 2
Referring to figure 4a, 4b and 5, the method along with the system enabling participation in an e-learning scenario/session using mobile device having Trusted Execution Environment (TEE) is described. A central e-learning authority server managing the safe and secure storage of data sets, the information related to type and topic of the data sets, personal information of participants and so on. Such a server is hosted and managed by a central e-learning authority which is responsible for preparing data sets to be used in the e-learning scenarios described herein. Unauthorized access to this server database is forbidden using state-of-the-art access control mechanisms. The database in this server is open for modification by way of addition, deletion or correction only upon appropriate prior state-of-the-art authentication and user verification procedure and is made available only to designated individuals at the e-learning authority. This server system can be connected to external world via internet, intranet or any other network technology. The intention being that the information of all the students registering into the e-learning scenario can be synchronized from various locations across a region. Proper authentication and validation procedures can be employed so that malicious or wrong data does not get uploaded in the server. Appropriate security mechanisms can be employed to make the server data free from hacks and attacks. The server will be located in a central secure location fulfilling all of such requirements.
The first data set will be secured using access control elements. The said access control element comprises at least a first access control element derived from at least participant’s credentials and at least a second access control element derived from at least a predetermined parameter. The access control element is unique to each card hence also unique to each registered participant. Based on the aforesaid principle, the first and second access control elements together can be selected from the group comprising of secure password, cryptographic key, biometric identity information, participant’s credentials, a Personal Identification Number (PIN), RFID tag, Bar code, personal identification code, one time password, GPS co-ordinates of a particular location, time and date of e-learning session, student data like name, age, birth date, but not limited to these. The first data set is transferred to the mobile device and is stored in the TEE.
The first access control element required to access the secured data set stored on the TEE is transferred directly to the participant using existing secure means of transport. The existing secure means of transport may include online means, offline means or traditional secured postal mail service. On the other hand, the second access control element is provided to the mobile device only after the participant reaches a designated location. By way of example, GPS data automatically generated by the mobile device is used to determine whether the participant has reached a designated location. Access to the first data set will be made available to the participant in a manner substantially similar to the one described in scenario 1.
Similar to scenario 1, once the access is granted, the e-learning session gets started; the e-learning session can subsequently proceed in offline mode. Throughout the session, the participant’s credentials and data will be displayed on the screen of mobile device and as an additional security measure may be verified manually by the vigilant in person, if relevant for an e-learning scenario.
If the participant is required to provide a second data set based on the first data set made available to the participant, the said participant is allowed to review or modify the said second data set until an indication for end of providing the second data set by the participant or at the end of the stipulated time period allotted for providing the said second data set. In this scenario, a tracking mechanism tracks various parameters such as time spent, physical displacement of the participant’s mobile device, GPS location while providing the second data set, etc. The tracking mechanism disallows the said participant from providing said second data set if one or more criteria are satisfied. The criteria being any one of an end of
time period allotted for providing the second data set, movement of the participant’s mobile device beyond a boundary or if number of power disruptions is above a predefined disruption threshold.
The second data set is received via the interface and is stored in the TEE. In an exemplifying scenario where at least a first data set stored in the Trusted Execution Environment is a question set, the Trusted Execution Environment may store a third data set which is a corresponding correct answer set for the question set stored. This correct answer set is made available solely to an auto evaluation system after providing the unique access control element. This unique access control element is unique in the manner that it is not available to a participant or an e-learning center. In alternative option, instead of transferring the second access control element to the mobile device, the same may be securely transported to e-learning centers and the e-learning centers will provide the same to the corresponding participant upon successful verification of the participant’s identification.
The said second data set thus obtained from the participant is delivered to the e-learning authority for any one of record keeping purposes, evaluation purposes, re-evaluation purposes, non-repudiation purposes. The delivering of the said second data set is performed in a secured manner wherein the security is provided by (a) the access controller (b) the cryptographic strengths of the access control elements, (c) a standardized secure element or (d) the trusted execution environment. The second data set may be evaluated against said third data set. The said third data set is related to the first data set. The said evaluation can be an auto evaluation that gets triggered upon indication of an end of providing the second data set by the participant, an end of the stipulated time period allotted for providing the said second data set or upon disallowing the participant from providing the said second data set due to any of the reasons mentioned above. The said auto evaluation occurs only in the scenario where the said third data set is provided to the mobile device. The evaluation may also be a manual evaluation that is undertaken at the examination authority after secure delivery of the second data set. Once the evaluation is completed, a score is provided to the participant. In the event of an auto evaluation, this score is provided instantaneously to the participant after providing the second data set. In the event of a manual evaluation of the second data set, the score is provided to the participant in any of the existing forms of results/score declaration.
Scenario 3
Referring to figure 6, usually universities provide their students the identity cards during admission process. If equipped with appropriate hardware and software, these identity
portable data carriers can be used for storing first data set. These portable data carriers can be personalized with the said interface and data sets over-the-air or via contact based technology.
As the portable data carrier may contain unique cryptographic identification key which is allocated during the process of admission, the same can be used for authentication purposes while obtaining the first data set. Rest of the things like managing, controlling and providing secure environment during the e-learning session will remain same as described in scenario 1 above.
The only difference with this approach is that student’s identity portable data carrier itself is used and will get loaded with first data set over the air or via contact based interface. If the first data set comprises combination of objective and subjective type questions, the identity portable data carrier can evaluate the answers provided by the student in respect of the objective type of questions and transfer the answer to subjective type questions over-the-air or via contact based interface to server database system.
While the particular preferred embodiments of the present invention have been shown and described, it will be obvious to those skilled in the art that changes and modifications may be made without departing from the teachings of the invention. It is therefore contemplated that the present invention cover any and all modifications, variations or equivalents that fall within the scope of the basic underlying principles disclosed above and claimed herein.
WE CLAIM
1. A portable data carrier for enabling participation in e-learning scenarios, comprising:
an interface for receiving a first data set, a first access control element and a second access control element, the said first access control element being based on at least participant’s credentials and the said second access control element being based on at least one predetermined parameter;
a secure memory for storing the first data set thus received and the first and the second access control elements; and
an access control means being in operational communication with the secure memory for retrieving the first and the second access control elements stored thereupon, comparing the retrieved access control elements with the access control elements received via the interface and outputting the first data set based on the comparison.
2. The portable data carrier as claimed in claim 1, wherein
the said interface is provided on the portable data carrier either during the production process of the portable data carrier or thereafter;
the said first data set thus received comprises lecture notes, seminar notes, examination question set, practice question sets, syllabus, course material, schedule of lecture, schedule of examination, schedule of seminars and/or combinations thereof; and the said first data set is optionally unique for a particular participant and optionally uniquely encrypted for a particular participant.
3. The portable data carrier as claimed in claim 1, being further configured to securely receive second data set via the interface and store the same on the secure memory, the second data set being related to the content of the first data set , wherein if said first data set is a question set, said secure memory stores a correct answer set, said correct answer set containing correct answer for (a) at least one question thus contained in the question set or (b) all the questions thus contained in the question set; and access to said correct answer set is made available solely to an auto evaluation element after receiving a third access control element, the third access control element being not available with the participant and the examination center.
4. A method for enabling participation in e-learning scenarios, comprising:
a. creating a first data set;
b. personalizing a portable data carrier to obtain an unique portable data carrier,
the said unique portable data carrier corresponds to a particular participant and
comprises secure first data set, the secure first data set being accessible only
after receiving a first access control element and a second access control
element, the said first access control element being based on at least
participant information and the said second access control element being based
on at least one predetermined parameter;
c. dispatching, to the said participant, the secure first data set; and
d. obtaining, from the said participant, a second data set corresponding to the
secure first data set.
5. The method as claimed in claim 4, wherein the secure first data set thus received is unique for a particular participant and the first data set is prepared by an e-learning authority.
6. The method as claimed in claim 4, further comprising allowing access to the secured first data set thus received using the said first and second access control elements and providing access to first data set to the participant.
7. The method as claimed in claim 4, further comprising disallowing the said participant from providing said second data set if one or more of the following criteria are satisfied:
a. end of time period allotted for providing the second data set;
b. movement of the participant beyond a boundary;
c. if number of power disruptions is above a predefined disruption threshold.
8. The method as claimed in claim 4, further comprising delivering the said at second data set thus obtained from the participant for any one of record keeping purposes, evaluation purposes, re-evaluation purposes, non-repudiation purposes.
9. The method as claimed in claim 8, wherein the delivering of the said second data set is performed in a secure manner wherein the securing is performed using (a) an access controller,, (b) the cryptographic strength of said first and, second access control elements, (c) a standardized secure element or (d) trusted execution environment.
10. The method as claimed in claim 4, wherein transmission of said first and/or second access control element takes place in a secure manner to respective recipients.
Deleted: the said first access control element
Deleted: the
11. The method as claimed in claim 4, wherein if said first data set is a question set, the second data set comprises at least one answer, and said secure memory optionally stores a correct answer set, said correct answer set containing correct answer for (a) at least one question thus contained in the question set or (b) all the questions thus contained in the question set; and the method further comprises triggering an auto evaluation of said at least one answer thus contained in the second data set based on the correct answer set.
12. A system for enabling participation in e-learning scenarios, comprising:
an e-learning authority server for creating first data set;
at least one portable data carrier being operationally coupled to the said e-learning authority server, each of the said at least one portable data carrier corresponds to a particular participant and comprises secure first data set, the secure first data set being accessible only after receiving a first access control element and a second access control element, the said first access control element being based on at least participant information and the said second access control element being based on at least one predetermined parameter;
an user interface being operationally coupled to the said at least one portable data carrier for displaying to the said participant the first data set and obtaining from the said participant, second data set corresponding to the first data set.
13. A portable data carrier for enabling participation in examination substantially as herein described with reference to the foregoing detailed description and the accompanying drawings.
14. A method for enabling electronically secured examination substantially as herein described with reference to the foregoing detailed description and the accompanying drawings.
15. A system for enabling electronically secured examination substantially as herein described with reference to the foregoing detailed description and the accompanying drawings.
Documents
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 3407-MUM -2011 - CORRESPONDANCE 2-12-2011.pdf | 2023-10-21 |
| 1 | 3407-MUM-2011-RELEVANT DOCUMENTS [06-06-2018(online)].pdf | 2018-06-06 |
| 2 | 3407-MUM -2011 - CORRESPONDANCE 7-12-2011.pdf | 2023-10-21 |
| 2 | 3407-MUM-2011-PA [06-06-2018(online)].pdf | 2018-06-06 |
| 3 | 3407-MUM-2011-Changing Name-Nationality-Address For Service [06-06-2018(online)].pdf | 2018-06-06 |
| 3 | 3407-MUM -2011 - FORM 3 2-12-2011.pdf | 2023-10-21 |
| 4 | Drawings.pdf | 2021-10-03 |
| 4 | 3407-MUM-2011-ASSIGNMENT DOCUMENTS [06-06-2018(online)].pdf | 2018-06-06 |
| 5 | Form-1.pdf | 2021-10-03 |
| 5 | 3407-MUM-2011-8(i)-Substitution-Change Of Applicant - Form 6 [06-06-2018(online)].pdf | 2018-06-06 |
| 6 | Relevant Documents & Assignment.pdf | 2018-08-10 |
| 6 | Form-3.pdf | 2021-10-03 |
| 7 | IP18249 Power of Attorney (Form 26).pdf | 2018-08-10 |
| 7 | Form-5.pdf | 2021-10-03 |
| 8 | IP18249 Form 6.pdf | 2018-08-10 |
| 8 | 3407-MUM-2011-AbandonedLetter.pdf | 2019-08-08 |
| 9 | 3407-MUM-2011-ORIGINAL UR 6(1A) FORM 26-031018.pdf | 2019-02-20 |
| 9 | IP18249 Form 13.pdf | 2018-08-10 |
| 10 | 3407-MUM-2011-ORIGINAL UR 6(1A) VERIFIED TRANSLATION FROM COMMERCIAL REGISTER-031018.pdf | 2019-02-20 |
| 10 | IP18249 Coveringl letter & Form 1.pdf | 2018-08-10 |
| 11 | 3407-MUM-2011-OTHERS(ORIGINAL UR 6( 1A) FORM 26,ASSIGNMENT,TRANSLATION)-110618.pdf | 2018-10-08 |
| 11 | ABSTRACT 1.jpg | 2018-08-10 |
| 12 | 3407-MUM-2011-FER.pdf | 2018-09-28 |
| 12 | 3407-MUM-2011-FORM 5(13-4-2015).pdf | 2018-08-10 |
| 13 | 3407-MUM-2011-FORM 3(13-4-2015).pdf | 2018-08-10 |
| 13 | 3407-MUM-2011-FORM-26 [24-09-2018(online)].pdf | 2018-09-24 |
| 14 | 3407-MUM-2011-FORM 26(16-1-2012).pdf | 2018-08-10 |
| 14 | 3407-MUM-2011-Response to office action (Mandatory) [24-09-2018(online)].pdf | 2018-09-24 |
| 15 | 3407-MUM-2011-CORRESPONDENCE(13-4-2015).pdf | 2018-08-10 |
| 15 | 3407-MUM-2011-FORM 26(13-4-2015).pdf | 2018-08-10 |
| 16 | 3407-MUM-2011-CORRESPONDENCE(16-1-2012).pdf | 2018-08-10 |
| 16 | 3407-MUM-2011-FORM 2.pdf | 2018-08-10 |
| 17 | 3407-MUM-2011-FORM 2(TITLE PAGE)-(13-4-2015).pdf | 2018-08-10 |
| 17 | 3407-MUM-2011-CORRESPONDENCE(31-7-2012).pdf | 2018-08-10 |
| 18 | 3407-MUM-2011-CORRESPONDENCE(7-12-2011).pdf | 2018-08-10 |
| 18 | 3407-MUM-2011-FORM 18(7-12-2011).pdf | 2018-08-10 |
| 19 | 3407-MUM-2011-FORM 1(13-4-2015).pdf | 2018-08-10 |
| 19 | 3407-MUM-2011-FORM 13(31-7-2012).pdf | 2018-08-10 |
| 20 | 3407-MUM-2011-FORM 1(16-1-2012).pdf | 2018-08-10 |
| 20 | 3407-MUM-2011-FORM 1(31-7-2012).pdf | 2018-08-10 |
| 21 | 3407-MUM-2011-FORM 1(16-1-2012).pdf | 2018-08-10 |
| 21 | 3407-MUM-2011-FORM 1(31-7-2012).pdf | 2018-08-10 |
| 22 | 3407-MUM-2011-FORM 1(13-4-2015).pdf | 2018-08-10 |
| 22 | 3407-MUM-2011-FORM 13(31-7-2012).pdf | 2018-08-10 |
| 23 | 3407-MUM-2011-CORRESPONDENCE(7-12-2011).pdf | 2018-08-10 |
| 23 | 3407-MUM-2011-FORM 18(7-12-2011).pdf | 2018-08-10 |
| 24 | 3407-MUM-2011-FORM 2(TITLE PAGE)-(13-4-2015).pdf | 2018-08-10 |
| 24 | 3407-MUM-2011-CORRESPONDENCE(31-7-2012).pdf | 2018-08-10 |
| 25 | 3407-MUM-2011-CORRESPONDENCE(16-1-2012).pdf | 2018-08-10 |
| 25 | 3407-MUM-2011-FORM 2.pdf | 2018-08-10 |
| 26 | 3407-MUM-2011-CORRESPONDENCE(13-4-2015).pdf | 2018-08-10 |
| 26 | 3407-MUM-2011-FORM 26(13-4-2015).pdf | 2018-08-10 |
| 27 | 3407-MUM-2011-FORM 26(16-1-2012).pdf | 2018-08-10 |
| 27 | 3407-MUM-2011-Response to office action (Mandatory) [24-09-2018(online)].pdf | 2018-09-24 |
| 28 | 3407-MUM-2011-FORM 3(13-4-2015).pdf | 2018-08-10 |
| 28 | 3407-MUM-2011-FORM-26 [24-09-2018(online)].pdf | 2018-09-24 |
| 29 | 3407-MUM-2011-FER.pdf | 2018-09-28 |
| 29 | 3407-MUM-2011-FORM 5(13-4-2015).pdf | 2018-08-10 |
| 30 | 3407-MUM-2011-OTHERS(ORIGINAL UR 6( 1A) FORM 26,ASSIGNMENT,TRANSLATION)-110618.pdf | 2018-10-08 |
| 30 | ABSTRACT 1.jpg | 2018-08-10 |
| 31 | 3407-MUM-2011-ORIGINAL UR 6(1A) VERIFIED TRANSLATION FROM COMMERCIAL REGISTER-031018.pdf | 2019-02-20 |
| 31 | IP18249 Coveringl letter & Form 1.pdf | 2018-08-10 |
| 32 | 3407-MUM-2011-ORIGINAL UR 6(1A) FORM 26-031018.pdf | 2019-02-20 |
| 32 | IP18249 Form 13.pdf | 2018-08-10 |
| 33 | 3407-MUM-2011-AbandonedLetter.pdf | 2019-08-08 |
| 33 | IP18249 Form 6.pdf | 2018-08-10 |
| 34 | Form-5.pdf | 2021-10-03 |
| 34 | IP18249 Power of Attorney (Form 26).pdf | 2018-08-10 |
| 35 | Form-3.pdf | 2021-10-03 |
| 35 | Relevant Documents & Assignment.pdf | 2018-08-10 |
| 36 | 3407-MUM-2011-8(i)-Substitution-Change Of Applicant - Form 6 [06-06-2018(online)].pdf | 2018-06-06 |
| 36 | Form-1.pdf | 2021-10-03 |
| 37 | Drawings.pdf | 2021-10-03 |
| 37 | 3407-MUM-2011-ASSIGNMENT DOCUMENTS [06-06-2018(online)].pdf | 2018-06-06 |
| 38 | 3407-MUM-2011-Changing Name-Nationality-Address For Service [06-06-2018(online)].pdf | 2018-06-06 |
| 38 | 3407-MUM -2011 - FORM 3 2-12-2011.pdf | 2023-10-21 |
| 39 | 3407-MUM-2011-PA [06-06-2018(online)].pdf | 2018-06-06 |
| 39 | 3407-MUM -2011 - CORRESPONDANCE 7-12-2011.pdf | 2023-10-21 |
| 40 | 3407-MUM-2011-RELEVANT DOCUMENTS [06-06-2018(online)].pdf | 2018-06-06 |
| 40 | 3407-MUM -2011 - CORRESPONDANCE 2-12-2011.pdf | 2023-10-21 |
Search Strategy
| 1 | Search_Strategy_28-09-2018.pdf |