Next Article in Journal
Research on the Clothing Classification of the She Ethnic Group in Different Regions Based on FPA-CNN
Previous Article in Journal
Effect of Plant Extracts Addition on the Physico-Chemical and Sensory Properties of Biscuits
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 13
Issue 17
10.3390/app13179675
Review Report
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

A Novel Two-Factor Authentication Scheme for Increased Security in Accessing the Moodle E-Learning Platform

Appl. Sci. 2023, 13(17), 9675; https://doi.org/10.3390/app13179675
by Vasile BaneÅŸ 1,*, Cristian Ravariu 1, Bhargav Appasani 2 and Avireni Srinivasulu 3
Reviewer 1:
Ali Barati
Reviewer 2:
Brij B. Gupta
Reviewer 3:
Ali Nawaz Ranjha
Appl. Sci. 2023, 13(17), 9675; https://doi.org/10.3390/app13179675
Submission received: 20 June 2023 / Revised: 14 August 2023 / Accepted: 23 August 2023 / Published: 27 August 2023

Round 1

Reviewer 1 Report

A Novel Two-Factor Authentication Scheme for Increased Security in Accessing the Moodle E-learning Platform is proposed in this manuscript. We think this manuscript is not well organized and not well written. In the review process I have following comments.

* The paper was written in the weak English language and poor structure.
* The introduction section should describe the advantages and benefits of the proposed method. The Motivation and Contribution section should be integrated with the introduction.
* In "Related works" section should focus more on differences between this paper and other works to highlight the novelty of this paper. Also the disadvantages and shortcomings of the previous methods that are addressed in the proposed method must be stated.
* The authors need to improve the motivation and contributions of this paper.
* What are the simulation parameters?
* The proposed method has no proper structure and is not well described.
* The novelty of the paper is questionable.
* Simulations results do not indicate the efficiency and effectiveness of the proposed method. Comparisons performed with previous methods are not suitable.
* The quality of the paper is not suitable for journal publication.

A Novel Two-Factor Authentication Scheme for Increased Security in Accessing the Moodle E-learning Platform is proposed in this manuscript. We think this manuscript is not well organized and not well written. In the review process I have following comments.

* The paper was written in the weak English language and poor structure.
* The introduction section should describe the advantages and benefits of the proposed method. The Motivation and Contribution section should be integrated with the introduction.
* In "Related works" section should focus more on differences between this paper and other works to highlight the novelty of this paper. Also the disadvantages and shortcomings of the previous methods that are addressed in the proposed method must be stated.
* The authors need to improve the motivation and contributions of this paper.
* What are the simulation parameters?
* The proposed method has no proper structure and is not well described.
* The novelty of the paper is questionable.
* Simulations results do not indicate the efficiency and effectiveness of the proposed method. Comparisons performed with previous methods are not suitable.
* The quality of the paper is not suitable for journal publication.

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Reviewer 2 Report

The purpose of this project was to present a new solution that contributes to better account management, ensuring a high degree of authentication security, protection of information uploaded to the site, easy access and identification of people connected to the Moodle platform. My comments for this paper are: 

 

  • Can you provide an overview of the existing authentication methods used in Moodle and the limitations they possess in terms of security?
  • How does the proposed two-factor authentication scheme enhance the security of accessing the Moodle e-learning platform? What are the specific mechanisms or techniques employed in this scheme to provide an increased level of authentication security?
  • Could you elaborate on the implementation details of the novel authentication scheme? How does it integrate with the existing Moodle platform, and what additional requirements or components are necessary to support the two-factor authentication process?
  • What are the advantages of using digital certificate authentication as one of the factors in the proposed scheme? How does it contribute to ensuring a high degree of trust and protection against security forgery?
  • In your paper, you mentioned the goal of better account management. Could you explain how the proposed authentication scheme improves the management of user accounts on the Moodle platform? What features or functionalities does it offer to facilitate easy access and identification of users?
  • Were there any specific challenges or considerations in implementing the two-factor authentication scheme for Moodle? How did you address these challenges, and what were the key learnings from the implementation process?
  • How did you evaluate the effectiveness and performance of the proposed authentication scheme? Did you conduct any experiments or user studies to assess its usability, security, and practicality? If so, what were the results and feedback received?
  • Can the proposed two-factor authentication scheme be easily adopted by institutions and organizations already using Moodle? Are there any compatibility issues or dependencies that need to be taken into account when implementing this scheme in different Moodle setups?
  • Considering the evolving nature of cybersecurity threats, what measures or considerations have you taken to ensure the long-term viability and resilience of the proposed authentication scheme? How does it account for potential future advancements in security protocols and technologies?
  • Author can read the following papers to increase the technical strength of the paper: An Anonymous Pre-Authentication and Post-Authentication Scheme Assisted by Cloud for Medical IoT Environments, Spectral graph theory-based virtual network embedding for vehicular fog computing: A deep reinforcement learning architecture
  • Based on your research findings, what are the potential future directions for enhancing the security of accessing e-learning platforms like Moodle? Are there any emerging technologies or approaches that could further improve the authentication process and protect user accounts and information?

 

Moderate editing of English language required

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 3 Report

In this paper, the authors studied a two-factor authentication scheme for increased security in accessing the Moodle E-learning platform. However, I have some comments.

1.      Please perform thorough revision to remove any grammatical errors.

2.      Literature review is incomplete. 6G could potentially improve Moodle's performance, security, and user experience by offering faster connectivity, enhanced data handling, and advanced security measures. Thus, latest works in technical literature for futuristic 6G networks should be added such as

[a] Ranjha, A., Javed, M.A., Srivastava, G. and Lin, J.C.W., 2022. Intercell Interference Coordination for UAV enabled URLLC with perfect/imperfect CSI using cognitive radio. IEEE Open Journal of the Communications Society.

3.       What are the standard authentication methods used by the IT administrator for students connecting to the Moodle platform?

4.      How does Moodle's platform design support universal learning and teaching?

5.      Why has the need for two-factor authentication increased in institutions, governments, and among individuals?

6.      How does digital certificate authentication enhance the level of trust and security for online applications and encrypted information?

7.      What specific features or solutions does the project propose to improve account management, authentication security, and information protection on the Moodle platform?

 

A thorough revision should be performed to remove any grammatical errors.

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Round 2

Reviewer 2 Report

The author address all the previous comments but still some issues are pending: 

The abstract needs to be rewritten to point out significance and impact of the paper.

In the related work, it is recommended to refer the contribution made by the researchers and the novelty of the research. 

I recommend that the authors add some more current articles to improve the paper's overall quality. The preparation of a comparative analysis of the current publications on this subject should also be included.

Avoid presenting with lengthy paragraph.

 

Minor editing of English language required

Author Response

Response to Reviewer Comments

 

Authors thanks for pertinent observations.

 

We have done a thorough revision to remove any grammatical errors.

 

Point 1: The abstract needs to be rewritten to point out significance and impact of the paper.

 

Response 1:  We reviewed the abstract.

Moodle is a platform designed for universal learning to support pedagogical interactions and educational activities. The information technology (IT) administrator uses standard authentication methods for students logging into the Moodle platform. The need for two-factor authentication has grown as institutions, governments, and individuals realize that passwords are not secure enough to protect user accounts in their current technical format. The classic connection methods have vulnerabilities, and the account password is easy to crack. Analyzing these aspects, the goal is to create a new safe and reliable alternative to the traditional authentication methods in e-learning platforms. The proposed solution introduces a new authentication factor using digital certificates stored on physical devices or the cloud to address the evolving authentication and security challenges effectively. The absence of this authentication within the Moodle ecosystem has imparted a sense of urgency to its implementation. With the innovative authentication scheme, the users have gained confidence, are satisfied with the new solution and have not reported security breaches. The result was increased security, data protection and better account management.

 

Point 2:  In the related work, it is recommended to refer the contribution made by the researchers and the novelty of the research.

 

Response 2: We introduced in the paper a reference to the researchers’ contribution and to the novelty of the research. This reference can be found in section 4.

The novelty inherent in this study encompasses several key facets. These include the introduction of a novel connection methodology that hitherto remains absent from the Moodle e-learning platform's architecture. A distinct plugin is designed to seamlessly integrate digital certificates into the Moodle ecosystem. Central to the efficacy of this novel approach is the concept of authentication redundancy, achieved through the utilization of a digital certificate and the inherent account within the platform. The authentication process is fortified by meticulous verifications conducted during the point of authentication, predicated upon the digital certificate and corresponding user account. This comprehensive approach engenders a resilient and sustainable security posture for the authentication process over extended durations. The robustness of this framework is exemplified by the intrinsic safeguarding of the digital certificate, afforded through encryption and the authoritative issuance by a certification entity. The implementation journey encompassed endeavours to surmount the existing authentication paradigms inherent within the Moodle ecosystem. Through the inception of this innovative authentication solution, a thorough evaluation and comparative analysis of authentication methodologies prevalent in diverse e-learning systems was undertaken. This perpetual challenge underscored the need to transcend conventional boundaries and materialize the proposed solution optimally, thereby endowing users with substantial advantages and augmenting both the intrinsic value and security of the Moodle system. The successful culmination of this endeavour can be attributed to an exhaustive analysis, profound comprehension of the solution's requisites, and rigorous testing. The judicious application of established best practices within the realm of information technology further bolstered this achievement.

 

Point 3: I recommend that the authors add some more current articles to improve the paper's overall quality. The preparation of a comparative analysis of the current publications on this subject should also be included.

 

Response 3: We added three articles similar to this topic and included a comparative analysis of the mentioned publications. This reference can be found in section 1. Introduction, with related comments.

As outlined in the study led by Sharma et al., the central objective revolves around devising strategies to enhance security and safeguard interactive web-based learning platforms against cyber threats. This mission is underpinned by a thorough review of relevant literature [9]. Nassani et al. expound upon the substantive role occupied by e-learning in conjunction with blockchain technology, elucidating their symbiotic potential in enhancing the efficacy of privacy and security protocols. This exploration extends to electronics manufacturing, wherein the consequential impact of e-learning on privacy and security efficacy intersects with the transformative influence of blockchain adoption and integration [10]. Shahzad et al.'s investigation underscores the evolving security landscape, necessitating robust measures to protect sensitive data in rapidly advancing Internet technologies and artificial intelligence. They posit the significance of state-of-the-art networks like 6G and fortified data transfer protocols in meeting diverse security demands [11]. Collectively, these studies converge on the security challenges intrinsic to e-learning platforms. They identify intricate issues and propose innovative solutions to mitigate the vulnerabilities pervasive in these widely embraced interactive web domains. The articles mentioned above collectively address the thematic discourse concerning security challenges within e-learning platforms, while concurrently endeavoring to delineate strategies for preempting security issues intrinsic to these widely adopted and functionally versatile interactive web-based platforms.

  1. Sharma, P., Agarwal, K., & Chaudhary, P. J. I. J. (2021). E-learning platform security issues and their prevention techniques: A review. INTERNATIONAL JOURNAL,6(8).
  2. Nassani, A. A., Grigorescu, A., Yousaf, Z., Trandafir, R. A., Javed, A., & Haffar, M. (2023). Leading Role of E-Learning and Blockchain towards Privacy and Security Management: A Study of Electronics Manufacturing Firms. Electronics, 12(7), 1579.
  3. Shahzad, K.; Aseeri, A.O.; Shah, M.A. A Blockchain-Based Authentication Solution for 6G Communication Security in Tactile Networks. Electronics 2022, 11, 1374. https://doi.org/10.3390/electronics11091374

 

Authors thanks a lot to all reviewers for their hard work, giving us the opportunity to improve our work.

Reviewer 3 Report

The comments have been addressed.

Author Response

Authors thanks a lot to all reviewers for their hard work, giving us the opportunity to improve our work.

Back to TopTop