Electronic Resources in the Virtual Learning Environment
The LOM specification is being used by several international
repository projects. A key example is MERLOT (Multimedia
Educational Resource for Learning and Online Teaching) (http://www
.merlot.org/) which contains a wealth of reusable online learning
materials. The LOM specification is also being used by ARIADNE, the
digital repository funded by the European Union (http://www.ariadne-
eu.org/) and the US Department of Defense SCORM initiative
(http://www.adlnet.org/). In the UK, the JORUM + Project is another
example of a digital repository using this specification. The project is
funded by JISC and runs from 2002 until 2005. It seeks to provide a
learning object repository for further and higher education to encourage
and facilitate the deposit, reuse and sharing of learning materials in UK
tertiary education. A scoping study was undertaken in 2003 to
investigate the requirements of the community for such a repository.
JISC recognises the importance of such repositories and maintains that:
Learning object repositories can provide access to a wide range of
learning materials for students and lecturers and also minimize the
need to reinvent the wheel across different institutions or subject
areas.
21
The LOM standard defines approximately 80 separate ‘elements’ for the
description and management of learning resources. These include generic
items such as title, author, description and keywords, technical aspects
such as file size and type, and also include educational and interpretive
aspects like ‘typical learning time’ or ‘educational context’.
Resource list interoperability
Throughout this book we have seen how digital libraries and e-learning
systems are moving closer together. In the area of standards, however,
this movement has been slower, with library standards being developed
by NISO and e-learning standards by IMS. Nevertheless, following the
JISC-funded DiVLE Programme, which was discussed in some detail in
Chapter 2, IMS began work on a standard for resource list
interoperability. In June 2003 IMS published a Charter for Resource List
Interoperability which is available on the Internet.
22
The consortium
recognised that there was currently no metadata standard for the
description of resources associated with courses within virtual learning
environments. Consequently, resources lists were often created by relying
on ad hoc or proprietary methods and tools. IMS are currently working
118

Standards, specifications and access management
to establish specifications for the exchange of structured metadata
between systems that provide resources and those that harvest and
organise those resources for pedagogic purposes.
Access management standards
One of the big technical issues associated with electronic resources and
virtual learning environments is authentication (i.e. identifying the
persons attempting to gain access to electronic resources) and
authorisation (determining from that person’s identity, and often using
other sources of information, what privileges the individual has and
hence whether access should be allowed or not). Many electronic library
resources and almost all virtual learning environments need access
management for security reasons, to ensure the systems and resources
are only accessed by designated users. JISC have invested a large amount
of funding into this area, most recently through their Authentication,
Authorisation and Accounting (AAA) Programme.
23
In recognition that
international standards are emerging in the area, the UK has been
working with other countries to facilitate these developments. They also
have a programme of research projects which are scheduled to report at
the end of 2004.
Electronic resources and access management
Until recently, authentication to electronic resources was through IP
address, therefore only those users accessing a resource from within the
IP range of an institution, typically from within a university campus,
could gain access. However, this method has a number of inherent
weaknesses, nor does it allow for distance learning and the increasing
need for remote access to resources. The solution to this problem is to
provide access to resources via a proxy server. This means that users
connect remotely to the proxy server and would then appear to be within
the campus, so could gain access to resources. This method of access
management is currently used in most US universities, e.g. Princeton
University, Northwestern University and UC Berkeley.
The UK developed a system to address this problem of off-campus
access through the Athens Access Management system. Developed in
1996 by Eduserv it is currently established as the de facto standard for
secure access management to web-based services for the UK education
119

Electronic Resources in the Virtual Learning Environment
and health sectors. In 2000 JISC awarded Athens the contract for the
Provision of Authentication Services for UK higher and further education
until 2006. All members of the institution have an Athens password
through which they can access remotely a range of electronic resources.
Other access management systems include: PAPI (Point of Access to
Information Providers), developed by the Spanish National Research
Network (RedIRIS); Akenti
24
which was developed by the US
Department of Energy; and PERMIS (PrivilEge and Role Management
Infrastructure Standards Validation) which was funded by the European
Commission under their Information Society Initiative in
Standardization (ISI) Programme.
In the US, developments in this area are being led by Internet2
25
which
is a consortium led by 206 universities, working in partnership with
industry and government. The consortium is ‘seeking to develop and
deploy advanced network applications and technologies, accelerating the
creation of tomorrow’s Internet.’ The group have developed a
middleware solution known as Shibboleth, which is currently on trial in
the UK as a potential replacement for the Athens system. Shibboleth is a
federated system of authentication and authorisation and has been
described by Carmody (2001) as:
… investigating architectures, frameworks, and practical technologies
to support inter-institutional sharing and controlled access to web
available services.
26
Shibboleth is open source and standards based.
There is also considerable research in the area of digital certificates,
which are based on the Public/Private Key technology. Digital certificates
are an important means for authentication that are more secure than
usernames and passwords. Again the development of standards in this
area is important and the most common type is the X.509 v3 certificate,
which was proposed as a standard by the Internet Engineering Task
Force (IETF).
27
The system was developed to protect nuclear missiles
and each key has been described as a unique encryption device. No two
keys are ever identical, which is why a key can be used to identify its
owner. The keys always work in pairs and information encrypted by the
public key can only be decrypted by the corresponding private key.
Public keys can be freely distributed, but a private key is kept secure,
usually on your own computer. A digital certificate automates the
distribution of private keys so that when you install a digital certificate
on your computer, you obtain a private key. Digital certificates are
120

Standards, specifications and access management

Download 1.99 Mb.

Do'stlaringiz bilan baham: