[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Plethora of gradebooks, grade change audit.



Hi,
    I've been reading both your thoughts on the issue of a grade change audit.  I agree
with Matt, the security you are suggesting is difficult because there aren't any paper
copies.  I've been thinking about this, and I think pgp keysigning would be a good idea.
But I'm sure there will eventually be an excuse that can still blame it on the teacher.
    The only thing I can think of is making regular tape backups of the database at its
full integrity and keeping it in an untouchable location.  I don't think there is anyway
of keeping the DBA out of reach of the grades unless you make your own personal copies of
it.  That is why I am making it possible for teachers to save their grades locally on a
disk.
                        Now I have something to think about,
                                Bradley Burnside

> Bill,
>
> I think i understand your position, but this kind of security is
> difficult because there are no paper copies.  because
> administrators own the machine(s) that will be used
> to store the grades, nothing keeps a very adept DBA from
> changing logs and database entries.
>
> there are a number of ways i am thinking this can be fixed.
>
> One way is to have the system create grade listings at the
> end of each term for each teacher.  The teacher then has to supply
> a pgp/gpg key to sign the listing.
>
> These listings then have to be saved by the system.  and
> if they aren't then it would be easy to show all the
> "irregularities" are the turly the admistrators'.
>
> A not nearly so complex system a but probaly as efective is just have
> a simple transaction log created for every modification.  This
> will probably be enough to show no wrong doing on the part of
> the teacher.  This system(which is already planned) offer
> quite a bit of security-via-obscurity.  about the only people
> that could make mods that wouldn't be detectable would be
> the authors.(myself and a few others that hack on the system.)
>
> But again, signed logs seems to be about the only truely
> secure way to prove that grades weren't changed.
>
> code for sending out a memo probably would hassles teachers
> and administrators more than what it would make up in true
> security.
>
> --matt wimer