Get Out Of My Space! The Need For Secured Shared Space In Online Collaborative Learning
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
The Clute Institute International Academic Conference San Antonio, Texas, USA 2014
Get Out Of My Space! The Need For
Secured Shared Space In Online
Collaborative Learning
Robert Ekblaw, University at Albany, SUNY, USA
ABSTRACT
The proliferation of online learning, combined with an emphasis on collaborative learning in
graduate or senior-level courses, has generated a flurry of tools and applications. A key part of
any tool is the means for the students working together to share their work. However, many
instructors and administrators do not consider that aspect. Some commercial online Course
Management Systems (like Blackboard) do not provide a separate and secured space for student
collaboration, forcing the students to come up with their own solution. The students, however,
may not be experienced enough to know what to look for in such an application, and may not
select the most appropriate one for their situation. This could lead to security, privacy, and data
integrity problems.
This paper will discuss case studies and examples in the literature where security and data
integrity have been an issue in collaborative learning. It will also examine some repercussions of
a lack of security. In addition, suggestions from both students and instructors will be discussed.
Keywords: Collaborative Learning; Online Learning; Security; Data Integrity; Trust
INTRODUCTION
Online learning has become a major trend in modern collegiate education. Higher costs and dwindling
budgets have inspired many institutions to add online courses to increase the number of students taking courses
while minimizing expenses. Unfortunately, many of these “movements” to online courses are not funded with the
time or money to train the instructors in its use, or research the best applications to conduct online learning
(Bouwma-Gearhart & Bess, 2012). Thus, the cheapest and easiest tool will be used, and the focus will be on
delivering the course material.
That focus may be fine for courses focusing on individual effort, like degree-program introductory courses.
However, many advanced courses, especially senior-level and graduate courses, practice collaborative learning,
where groups of students are working together on assignments and projects. This adds a new focus area to the
online course. Course material delivery is not the only consideration; now, it is also important to consider the
security, integrity, and privacy of the information shared among students. Since most commercially-available online
course tools do not provide a secure shared space like that, as they were not designed with collaborative learning in
mind, many students often use external tools, like Google docs or Wikis. The use of these tools fools students and
instructors alike, believing that the use of a password to access such tools ensures their security and privacy (Tu,
2002). However, this is not always the case, especially among wikis (Raitman, Ngo, Augar, & Zhou, 2005).
The increased use of mobile devices (tablets, smartphones, etc) has added an additional level of concern.
Now users must not only be concerned about the security of the data repository they are using, but also about the
security of the transmission between user and data (Kambourakis, Kontoni, Rouskas, & Gritzalis, 2007). The
students are so used to their devices, however, that they fail to consider such concerns.
© Copyright by author(s) 120 The Clute InstituteThe Clute Institute International Academic Conference San Antonio, Texas, USA 2014
Why should they be concerned? What could happen if their shared information is insecure? Depending
upon the tool and medium used, there could be different results. Many classes that practice collaborative learning
begin the course by having the students introduce each other on some wiki or discussion board. If that data is
compromised, outsiders could learn personal information about the students, and perhaps use that in negative ways
(like harassment or identify theft). If other students in the course can access the information, they may copy it and
turn it in as their own work, creating questions of cheating. If the team is working on innovative research, an
outsider could copy and even patent their ideas.
There are three main issues involved here: security, privacy, and data integrity. The successive sections of
this paper will define and describe these issues, and examine what are some of the consequences of weak safeguards
in each area. The next section will be an overview of current literature, where I examine what other professionals
have already identified as issues, and what has been done to address some of them. The following section will
analyze what is already being done in this arena, and what I see is necessary to continue or expand research. The
fourth section will detail some preliminary analysis work I’ve already conducted, and the last section will postulate
and suggest further research.
LITERATURE REVIEW
As I was gathering literature in this area, I quickly discovered that very little research has actually been
done. There are plenty of studies looking into the effectiveness of collaborative learning, and the importance of
social presence in its success, but little has been discussed about privacy and security.
There seems to be two main reasons why that is so:
1. Students are not really concerned about privacy. In surveys asking students what were their concerns about
engaging in collaborative learning, security ranked very low (Tu, 2002)
2. Students believe that anywhere they need to sign into using a userid and password blocks unauthorized
users (Weisband & Reinig, 1995)
While there has been little research into this area, there have been a sufficient number of studies to
categorize the work into four major areas of emphasis: trust among the student collaborators, social presence,
security of the system, and privacy of information. More recently, the increased use in mobile devices has spurred
more interest in security concerns, so I’ll also look at that focus.
A sense of trust is vital in the effective result of collaborative learning. This is important because the
members of the collaborative group must be able to trust each other (Sapon-Shevin & Chandler-Okott, 2001). Trust
is the key to maintaining motivation and confidence among the students working together (Kambourakis, Kontoni,
Rouskas, & Gritzalis, 2007). If trust is broken or not present, the students will not want to work together, and won’t
believe in the team. They may even believe that other members are self-serving, pushing their own agenda or
altering data so that they appear more important, or a more contributing member, than the rest of the team (Sapon-
Shevin & Chandler-Okott, 2001).
Trust among the members is not the only important aspect of trust. The student users must be able to trust
the system they are using (Tamjklyamcholo, Sapiyan, Baba, Tamjid, & Gholipour, 2013). Furthermore, they must
be able to trust the administrators and other users of that system. Otherwise, they will not disclose personal
information (Tu, 2002). They may even choose not to use the system at all (Raitman, Ngo, Augar, & Zhou, 2005),
and thus not participate in the collaborative learning process.
A final aspect of trust is trust in the final result. If the student users do not trust that their information is
secure, they will also not use the system, and may not participate in the process at all (Bouwma-Gearhart & Bess,
2012).
Trust, or the lack of it, can also affect social presence. Social presence is defined as the sense that each
student is active and participating in the process (Shea & Bidjerano, 2010). If the students do not trust the system or
© Copyright by author(s) 121 The Clute InstituteThe Clute Institute International Academic Conference San Antonio, Texas, USA 2014
process, they won’t participate as much, and thus limit their social presence. Strangely, despite research illustrating
the impact of trust and concerns of security on social presence, students frequently rank concerns about privacy and
data security very low among factors that negatively impact social presence (Tu, 2002). Tu summarized that due to
the fact that “users are unable to visualize the negative impacts” of many security concerns (Tu, 2002; p 298). One
consistent aspect Tu found was that students consider bulletin boards and discussion boards less secure than other
means of communication, and thus tend to limit posting personal or confidential information. That could indicate
that discussion boards, a common tool for online collaborative learning, might not support discourse as much as
instructors might desire.
Security of the data used by collaborating students would seem to be a major concern, but many of the
surveys conducted in the literature found that it was not a major concern among the students. A major reason many
students were not concerned was due to the use of passwords. They figured that if they had to enter a password in
order to access the location of the data, the data was secure (Tu, 2002; Weisband & Reinig, 1995). Some students,
and even instructors, felt that data security was a matter for the Information Technology group, and not an issue for
the students (Tamjklyamcholo, Sapiyan, Baba, Tamjid, & Gholipour, 2013). Therefore, they did not concern
themselves with it.
Wikis are a popular communication and workspace tool for collaborative learning. Here, again, students
did not have a major security concern. They figured that the presence of an instructor or administrator overseeing
what was posted on the wiki served as an appropriate security measure (Raitman, Ngo, Augar, & Zhou, 2005), even
if they had no idea how frequently the overseer reviewed the wiki. In fact, students were more concerned about
losing work (i.e. someone deleting their post) than outsiders gaining access to their work (Raitman, Ngo, Augar, &
Zhou, 2005).
Interestingly, apathy was a major barrier to security concerns. Many students felt that other people simply
wouldn’t be interested in their musings or contributions, so it didn’t really matter to them whether their work was
secure (Tu, 2002). This was especially true for community discussion boards, where students figured that the
information there was so course-related, and didn’t contain much personal information, that it didn’t matter if the
data was secure or not (Weisband & Reinig, 1995).
Ownership and proprietorship were two concerns that some authors raised, especially among graduate
students. The fact that some of their collaborative research might be used for publication raised some issues about
making privacy and ownership of the work (Bouwma-Gearhart & Bess, 2012), especially when the students shared
their work in blogs. They felt it was important to maintain privacy of crucial research findings, so that someone
performing similar research didn’t steal their findings and publish first (Bouwma-Gearhart & Bess, 2012).
Bouwma’s group also found some concerns about “lurkers”, people loosely connected to the research who had
access to the blog, but were not active participants in the research. A good research blog should allow contributors
to review their part of the research, but not the overall results.
The use of social networks brought out additional concerns about ownership and privacy. In a study on the
use of social networks in collaborative learning, 70% of students surveyed stated they would not use social networks
to share thoughts or ideas unless specifically told to do so (Jones, Blackey, Fitzgibbon, & Chew, 2010). They were
unsure of the social site’s rules on ownership (like, did it become public domain as soon as it was posted?). Also,
most students use social networks for fun, and they did not like the idea of using their “fun zone” for academic
purposes. That study did show how students have little concern about sites they access for fun purposes (gaming,
music sharing, etc), even if they access those sites using the devices they use to access or store their academic and
research work.
The consideration of devices brings us to the advancement of mobile devices. As the use of mobile devices
among students has grown, so has the number of research articles examining their safe use. This can be a major
concern, as personal information like cell number, IP address, and GPS location is transmitted every time a mobile
device accesses the Internet (Kambourakis, Security and Privacy in m-learning and Beyond: Challenges and State-
of-the-Art, 2013). I found a significant number of research articles investigating the safe use of mobile devices.
Still, even then, authors found that a majority of work into the use of mobile devices focused on design,
© Copyright by author(s) 122 The Clute InstituteThe Clute Institute International Academic Conference San Antonio, Texas, USA 2014
development, and implementation, not security (Kambourakis, Security and Privacy in m-learning and Beyond:
Challenges and State-of-the-Art, 2013).
Kambourakis identified two main aspects of security for mobile apps: protection against unauthorized
intrusion, and integrity of the data. Session protocols and other methods of determining false IP addresses are a
common means to protect against unauthorized intrusion, but Kambourakis felt they still had a long way to go
before they were a truly secure method (Kambourakis, Security and Privacy in m-learning and Beyond: Challenges
and State-of-the-Art, 2013). Kambourakis is looking forward to advances in biometrics, while other authors feel
that voice recognition (Lee & Salman, 2012)or signature-based systems (Razaque & Elleithy, 2012) would be
excellent solutions. Note all three methods are designed to uniquely identify the user, so even someone else using
the same device would not be authorized. These methods would resolve one stated concern – what if someone
picked up my phone and started accessing the site? (Kambourakis, Kontoni, Rouskas, & Gritzalis, 2007)
Many mobile device applications already use a combination of public and private keys, as well as local
security certificates, to help authenticate both users and data (Kambourakis, Kontoni, Rouskas, & Gritzalis, 2007).
These are better than simple passwords, as they authenticate the DEVICE as well as the USER, but since many
browsers and mobile apps allow a user to save a password, that still doesn’t resolve the possibility that a different
person is using the device. Banks and other institutions solve that with a visual key or selection that only the
authorized user would know (Kambourakis, Security and Privacy in m-learning and Beyond: Challenges and State-
of-the-Art, 2013). Some shared sites use additional security badges that only allow access to certain folders or files,
further providing security of the data contained (Liu, Jiang, Sha, & Govindan, 2012).
The use of cloud-based data systems has raised some new security issues. Researchers have examined
cloud security and identified five key aspects (Alshwaier, Youssef, & Emam, 2012):
1. Identification and Authentication
2. Authorization
3. Integrity and Confidentiality
4. Non-repudiation
5. Availability
Identification and Authentication means that the system provides a method to identify who is the user and
whether that user is allowed. Userids and passwords are the simplest way that most cloud-based data repositories
handle that aspect.
Authorization refers to any particular user’s rights, permissions, and ownership to items. Ownership is
usually automatic – the person who uploads the file or information is the owner. That owner can assign permissions
to other people as they are given permission to share the data. Often, shared users can read, edit, download, or copy
the cloud-based data.
Integrity and confidentiality refers to whatever encryption orvalidity schemes are in use to ensure that the
data is accurate, and that confidential information like exams or grades are viewable only by the intended parties.
Most cloud-based data sites use a combination of public and private keys to ensure data integrity (Liu, Jiang, Sha, &
Govindan, 2012). Encryption is more interesting. Some cloud sites use encryption on incoming data packets, but
they don’t differentiate between data packets of higher confidentiality (like exams or grades) versus standard data
packets.
Non-repudiation ensures that transaction processing works and doesn’t lose any transactions. This is
important for simultaneous multi-user environments, as cloud apps are designed to be. Basically, transaction
processing is used for situations where more than one user is referencing or updating the same file at the same time.
The transaction processing will ensure that all changes are corrected implemented, and the final product is the
correct combination of all transactions. Many cloud apps handle this with a “check out” procedure, where only one
user can obtain an editable copy of the file at a time, and others must wait until the user checks that back in
(Alshwaier, Youssef, & Emam, 2012). That’s okay for small courses, but Massive Open Online Courses (MOOCs)
© Copyright by author(s) 123 The Clute InstituteThe Clute Institute International Academic Conference San Antonio, Texas, USA 2014
make that impractical. A commonly used cloud sharing system, Google Docs, handles it by maintaining one open
copy of the file. Additional users simply gain access to it, and all users can see who is editing it at the same time,
where each user’s changes are denoted by a different color and a sidebar key shows which user is denoted by which
color (Alshwaier, Youssef, & Emam, 2012).
Availability means that the cloud, and the desired data, is available whenever a user might need it.
Redundancy helps ensure that. Redundancy means that a second archived copy exists somewhere else, so that if the
primary data site is down for maintenance or repairs, the copy can be accessed (Alshwaier, Youssef, & Emam,
2012).
FINDINGS AND FOCUS
I find it interesting that most of the literature points to a lack of concerns among students, instructors, and
administrators regarding the security and privacy of the data shared during collaborative learning. That would serve
to explain why there has been so little research and discussion about it in the literature. However, one has to wonder
if there truly is a lack of concern regarding that, or, as mentioned in the article by Tamjklyamcholo et.al., it is
believed to be a matter for the IT staff. Before we disregard the need for security and privacy of shared data in
collaborative learning, it would be wise to truly delve into the minds of the students and instructors using
collaborative learning tools. Thus, one research concern would be what users consider important regarding the
security, privacy, and integrity of their shared data.
The increased use of cloud-based technologies raises additional questions. Prior to that, most institutions
would use a Course Management System that was loaded onto their own computer network, and therefore be
managed by maintained by their local Information Technology department. Thus, any issues of data security and
privacy were local to the university or institution. This history is why both Tu and Weising reported that students
felt comfortable about the security of their data if they needed to provide a password to access the system. Since all
of the data was located on the local network, and anyone wishing to access would need to provide a password, only
authorized individuals would have access to the data.
However, cloud-based applications are not located on the local network. The application and its associated
data are not managed by the local IT department. Security is now managed by an external source, and the institution
has no control over it. Despite that, the use of such applications is on the rise. We, as an information-based society,
have grown so comfortable with our use of the Internet, that we have taken it for granted. We are now longer
concerned about the accuracy of the information out there, or how others are connected to us when we are accessing
the Internet, until something negative or tragic happens that forces us to consider it. Often, though, it’s too late then.
Clearly it is necessary to examine the security protocols and procedures used by developers and
administrators of cloud-based education and collaboration tools. That examination would include determining how
it protects the data, how user access is handled and regulated, and what sort of safeguards are engaged. It might
even include determining what form of archiving or backup retrieval is available, in case the site or application
becomes corrupted. Such an examination leads to another research question, specifically, “What are the standard
security and data protection protocols used by cloud-based applications?”
There is one last issue that is hardly touched in the literature. Most of the researchers engaged in this
research are experienced in either computer technology or data management. They instinctively know of some
concerns, and thus don’t need to ask about them. However, the general student user of collaborative learning tools
would not have that knowledge. They may have different concerns, or they may lack concerns due to a poor
understanding of the risks. A true examination of data security cannot simply end with how satisfied these users are,
but whether they truly have concerns. A student may respond to a survey that they are satisfied with the data
security of an application they using simply because they have no idea if there is anything about which they should
be concerned. Thus, a true examination of this topic would require understanding if users have any concerns, and
exactly what those concerns might be.
Based on the findings of the literature, the following research questions were created. These will serve as
the basis for the research discussed in the remaining sections of this paper:
© Copyright by author(s) 124 The Clute InstituteThe Clute Institute International Academic Conference San Antonio, Texas, USA 2014
1. What do users consider important aspects of data security, privacy, and integrity when using shared data?
2. What are standard security protocols in most web-based and cloud-based applications?
3. How is data protected and archived in most web-based and cloud-based applications?
4. What are concerns for true online collaboration, both procedural and data security-related?
A model has also been created from the literature. Called the Collaborative Tool Acceptance Model, it
includes both internal (centered on the individual student) and external (course or institution-based) factors. The
model is shown below:
Internal External
Trust of other
users
Privacy of the
site and its data Intention to use Acceptance of
use
Trust of the Security of the
system system
Student Social Ownership of
Presence the data
Figure 1: Collaboration Tool Acceptance Model
The next section of the paper will discuss research conducted to prove the veracity of this model.
RESEARCH
Since the model depends upon both the students and the system, both aspects are examined in the research.
To gather student opinion, I distributed a survey to students of fully and partially online courses. Each course
surveyed uses at least one Cloud-based data sharing system. A copy of the survey can be found in Appendix A.
To gather information about the data-sharing applications themselves, I obtained a list of the Top Ten
Cloud-based and mobile data sharing application development companies. I contacted those companies and asked
to interview a few of their developers. After assuring them that no trade secrets or proprietary information will be
obtained in the research, I was allowed to interview their developers. I had created a series of questions designed to
obtain the information I needed to validate the model. A copy of those questions appears in Appendix B.
Sometimes additional questions had to be asked to draw out the specific information I needed, but those questions
served as the basis of the interviews.
So far, the survey has been distributed to students in 24 classes taught at two different universities. More
universities, and more classes, are being identified and added to the research. The interviews have been conducted
with twelve developers from four of the top ten companies. Three other companies have agreed to the interviews,
and interviews are being scheduled.
RESEARCH FINDINGS
The surveys were analyzed using a 5-point Likert scale, using a value of 1 for “Strongly disagree” and a
value of 5 for “Strongly agree.” To have a question average agreement, the overall average of that question’s scale
must be at least 3.7. The following table shows the average scale value for each question among the surveys
processed so far:
© Copyright by author(s) 125 The Clute InstituteThe Clute Institute International Academic Conference San Antonio, Texas, USA 2014
Question # Question Average value
1 I feel that data I place in an online application is safe 3.4
Having to use a password to access an online application makes me feel that my data is
2 4.2
secure
3 I trust that the online applications used in class are secure 4.1
4 I trust that an online application suggested by my instructor would be secure 4.3
5 I trust that online applications I access through a computer on campus are secure 3.6
6 I trust that online applications I access via my mobile device are secure 3.5
7 I trust that data I place in an online repository is secure 4.2
8 I trust that data I place in a local application is secure 4.3
I have more faith that my data is secure in a local application than in an online
9 4.5
repository
A large percentage of the surveys had answers of “Slightly agree” across the board. Unless the students are
just overly agreeable in life, that would seem to agree with Weisband & Reinig’s impression that most students
aren’t concerned about the safety of their data (Weisband & Reinig, 1995).
Some interesting findings have emerged in the research so far. Clearly, the use of a password increases a
student’s sense of security when using an application. They also have more faith in applications used or suggested
by the instructor or the institution. More interesting, students have more faith in local data repositories, ones that are
assumed to be managed by the educational institution, than those managed by an external entity. These support the
“Trust of the system” part of the model, which promotes students’ intention to use the system.
The interviews that have been conducted seems to augment that impression. The developers I spoke with
understand that data security is a key emphasis of their work, and they do spend extra time planning and testing that
their application maintains data securely. There wasn’t a single developer that did not view data security as a crucial
consideration, and everyone spent time ensuring the security of their application.
Overall, it does appear that some students don’t really think about the security of the data they place on
data sharing applications. However, it appears that many of them do. They are not worried about it, though,
because they believe that many systems are secure, especially those recommended by representatives of the
educational institution. Developers of such applications reinforce that belief, as they focus on data security during
the construction of data sharing applications. While data breaches continue to become headline news, such incidents
do not seem to elicit panic among collaborative education students.
FUTURE WORK
This research is verifying aspects of trust in the system, composed of privacy and data security. However,
two other aspects of the Collaborative Tool Acceptance Model are not tested in this research. Further research is
required to test how much Student Social Presence affects their acceptance of a collaborative data tool. Such
research might involve measuring student presence in a course, and then shifting them to a new data sharing tool.
Additional research is also required to measure how trust in the other students affects acceptance of a data
sharing tool. Would students be more hesitant to share data with other students that they don’t trust? Intuitively that
question would be answered “Yes,” but research would be required to determine whether that is truly the case.
A final research topic could verify whether students’ trust in online applications is well-placed. Research
could determine whether additional focus on data security during the development process actually results in a more
secure system. Such research could also determine if students have more faith in systems that are truly more secure,
thereby showing that students’ trust is well-placed.
REFERENCES
1. Alshwaier, A., Youssef, A., & Emam, A. (2012). A New Trend for E-Learning in KSA Using Educational
Clouds. Advanced Computing: An International Journal, 3(1), 81-97.
© Copyright by author(s) 126 The Clute InstituteThe Clute Institute International Academic Conference San Antonio, Texas, USA 2014
2. Bouwma-Gearhart, J. L., & Bess, J. L. (2012). The Transformative Potential of Blogs for Research in
Higher Education. Journal of Higher Education, 83(2), 249-275.
3. Jones, N., Blackey, H., Fitzgibbon, K., & Chew, E. (2010). Get out of MySpace! Computers & Education,
776-782.
4. Kambourakis, G. (2013, June). Security and Privacy in m-learning and Beyond: Challenges and State-of-
the-Art. International Journal of u- and e- Service, Science, and Technology, 6(3), 67-84.
5. Kambourakis, G., Kontoni, D.-P. M., Rouskas, A., & Gritzalis, S. (2007). A PKI approach for deploying
modern secure distributed e-learning and m-learning environments. Computers & Education, 1-16.
6. Lee, K. B., & Salman, R. (2012). The Design and Development of Mobile Collaborative Learning
Application Using Android. Journal of Information Technology and Application in Education, 1(1), 1-8.
7. Liu, B., Jiang, Y., Sha, F., & Govindan, R. (2012). Cloud-Enabled Privacy-Preserving Collaborative
Learning for Mobile Sensing. Proceedings from SenSys: The ACM Conference on Embedded Networked
Sensor Systems. Toronto, CA: ACM.
8. Raitman, R., Ngo, L., Augar, N., & Zhou, W. (2005). Security in the online e-learning environment.
Proceedings of the 5th IEEE International Conference on Advanced Learning Technologies (pp. 702-706).
Kaohstung, Taiwan: IEEE.
9. Razaque, A., & Elleithy, K. (2012). Restoring privacy to users to foster Mobile Collaborative Learning.
Proceedings of the 2012 ASEE Northeast Section Conference. Lowell, MA: ASEE.
10. Sapon-Shevin, M., & Chandler-Okott, K. (2001). Student Cohorts: Communities of Critique or
Dysfunctional Families? Journal of Teacher Education, 52, 350-365.
11. Shea, P., & Bidjerano, T. (2010). Learning presence: Toward a theory of self-efficacy, self-regulation, and
the development of communities of inquiry in online and blended learning environments. Computers &
Education, 1721-1731.
12. Tamjklyamcholo, A., Sapiyan, M., Baba, B., Tamjid, H., & Gholipour, R. (2013). Information security -
Professionl perceptions of knowledge-sharing intention under self-efficacy, trust, reciprocity, and shared
language. Computers & Education, 223-232.
13. Tu, C.-H. (2002). The relationship between social presence and online privacy. The Internet and Higher
Education, 5, 293-318.
14. Weisband, S. P., & Reinig, B. A. (1995, December). Managing User Perceptions of Email Privacy.
Communications of the ACM, 38(12), 40-47.
© Copyright by author(s) 127 The Clute InstituteThe Clute Institute International Academic Conference San Antonio, Texas, USA 2014
APPENDIX A
Please respond to the following statements by filling in the bubble of the appropriate value to the right:
Strongly Somewhat Neutral Somewhat Strongly
disagree disagree agree agree
1. I feel that data I place in an
online application is safe.
2. Having to use a password to
access an online application makes
me feel that my data is more secure.
3. I trust that the online applications
used in class are secure.
4. I trust that an online application
suggested by my instructor would
be secure.
5. I trust that online applications I access
through a computer on campus are
secure.
6. I trust that online applications I access
via my mobile device (tablet, laptop,
cell phone) are secure.
7. I trust that data I place in an online
repository (like Google docs or Dropbox)
is secure.
8. I trust that data I place in a local
application (like Blackboard) is secure.
9. I have more faith that my data is
secure in a local application like
Blackboard than in an online
repository like Google docs.
Please rate your opinion of the security of data in the following applications by filling the bubble of the appropriate
value:
Poor Fair Average Good Excellent
1. Email
2. Discussion Board
3. Blackboard
4. Online data repository
5. Facebook
6. Shared web service (like Github)
© Copyright by author(s) 128 The Clute InstituteThe Clute Institute International Academic Conference San Antonio, Texas, USA 2014
APPENDIX B
The following are the base interview questions used to query mobile and Cloud-based application developers:
1. What are the chief concerns regarding data security when you are designing an application?
2. What sort of data threats do you guard against?
3. What are adequate user identification techniques to ensure that only authorized users have access to the
application?
4. What permissions are necessary to adequately protect the data as used and stored by a variety of users?
5. Are there any trends or standards common to shared user access applications on the web?
6. Are there additional considerations necessary to protect data used on mobile devices like tablets or smart
phones?
© Copyright by author(s) 129 The Clute InstituteYou can also read
