The current applied study aimed at developing the applied knowledge in a specific context to provide a secure architecture for m-learning environments and assess the satisfaction of instructors with this architecture. As Payame Noor University (PNU) of Southern Khorasan province, Iran, employed the web-based e-learning service, it began to program a mobile application to provide using this service on mobile devices.
The main difference between this app and other m-learning apps is using a secure architecture to create a sense of trust and satisfaction with users while using the m-learning services on their mobile phones.
2.1. The Main Steps in Designing the Proposed Strategy
- Selection of an appropriate basis
Various applications are used by software developers to deliver m-learning both in commercial and free licenses (
14). Since the e-learning services are available to all students of PNU of Southern Khorasan on www.lms.skpnu.ac.ir, it was necessary to program an app that allow the students to communicate with e-learning web services of the university, pick up the courses, and use teachers’ information service database.
Programming and developing of this app were based on the Semertzidis successful experience presented in his Master’s thesis (
15). To better understand the entire project of architecture, Figure 4 shows the component view of the system.
Figure 4. Component View of the System (
- Choosing the right encryption method
In an application, an innovative and successful encryption algorithm was used to secure data (
Choosing an appropriate encryption method:
To secure data, an innovative and successful encryption algorithm used in electronic payment applications was employed (
16). In this model, a hybrid application of elliptical bending algorithms and a message summary of the BLAKE 2.0 was used.
Its features are fast and responsive and require little memory usage, and its implementation was easy with Android APIs programming.
2.2. Review of the Proposed Scheme
Data confidentiality prevents unauthorized access. In other words, only authorized personnel can access the data and unlicensed personnel cannot access the data (
The factors that influence the success of data confidentiality in the proposed architecture were: user authentication, identity verification, double-checking authenticity, and non-denial service. Therefore, by analyzing these factors, it was demonstrated that it covered all the security needs:
- Given that the advanced encryption standard (AES) algorithm and a 128-byte key as well as RSA algorithm and a 1024-byte key were used for coding of user and organization information and these algorithms had acceptable security, the information confidentiality was obtained.
- Given that each user had a unique PIN and this PIN was placed inside organization database, after receiving the demand, the organization could decode the related PIN sent with information package including the demand, and match it with PIN existed in the organization, and confirm user identity if they were similar.
- By the PIN, the user could be quite sure about communication with the desired organization. PIN was registered at the time of user’s registration and only the user and organization knew it. It could be in any forms (such as favorite movie star) and ensured the user on communication with the desired organization and the organization’s identity was confirmed this way.
- For the confirmation of mutual identity, SHA-1 hash function was used. Service receiver program prepares a summary of the sent information using this function and then, encoded it using organization’s public key and sent along with other information. At the organization, after receiving the information package, the encoded summary was decoded using organization’s private key. Then information summary was recalculated using the function, after being matched and if similar, mutual identity confirmation was ensured.
- Given that information packages sent to the organization by service receiver contained user PIN, if the PIN was confirmed, the carrier of PIN was accounted for the related transactions and the user could not deny sending the demand, because he/she had sent the demand or the PIN was used by another person. Therefore, undoubtedly the customer cannot deny sending the demand received by the organization and this showed non-repudiation feature in the proposed design.
To measure the satisfaction of users, the questionnaire was distributed among the PNU of Southern Khorasan professors. Data collection was conducted in a survey method.
Statistical population included all professors using m-learning in Tabas, Firdaus, and Birjand cities (26 participants). Given the small size of the population, all of the participants were included in the research. Data collection tool was a researcher-made questionnaire. Reliability of the questionnaire was 94% using Cronbach’s alpha. The validity of the questionnaire was verified by the recruited professors and the factor’s validity of the questionnaire was calculated 63% based on the factor validity (explained percentage of variance). Data analysis was performed with SPSS version 16 by t test and the one-way analysis of variance (ANOVA).