Status Update: SecuriTest

Well its been a while between posts, but finally it looks like SecuriTest Student will be getting a full run this semester at RMIT.

I thought I'd just quickly update you all on the status of this tool:

V1.2.3 was accepted by tutors and released for deployment on the 7th July after some fine tuning of alert tones. This guarantees that students will be detected when they undertake an illegal action and hopefully will act as a deterrent.

V1.2.4 is currently under development with minor changes with regards to the look and feel of the initial screen sequence being undertaken and other very minor bug fixes.

The feature list for V1.2.4 is:

• Student name and ID logging
• Selectable default deny or default permit
• Restrictions (either permit or deny based on default mode) list derived from text file
• Restrictions based on full title specification
• Restrictions based on application family
• Restrictions based on sub-string of title
• Case sensitivity is selectable
• Persistent key logging of illegal key strokes only
• Visual logging of all illegal keystrokes
• Two submission modes, one for regular submission, which restricts the access students to the PC after submission, the other for tutors to get access to the PC unrestricted after submission for disaster recovery purposes (password protected)
• Selectable if regular submission automatically closes SecuriTest
  
• Blocks access to Task Manager (not in a Novell environment)
  
• Blocking of cut, copy, paste in selectable areas (i.e. Open/Save/Save As file dialogue boxes)
• Blocking of right click in selectable areas (i.e. Open/Save/Save As file dialogue boxes)
• Taskbar is always accessable
  
• Fast opening of development environment direct from the main student screen
• Copy and open assessment file from a secure location
• Copy folder of assessable material from a secure location
• Automatic zip submission of a folder
• Selectable password protection on zip file
  

The features currently scheduled for completion in V1.3 are:
Information display from text file
Always permit list from text file
Always deny list from text file
Restore to last safe handle (if still available) rather than to the Logging screen
Stealth Mode - runs without a trace but locks up undesirable applications

We are also aiming to develop V1.0 of SecuriTest Academics (a tool to assist academics develop settings files for SecuriTest quickly and accurately ) in the next 6 months.

SecuriTest : Overview

What is SecuriTest ?

UseCases – SecuriTest Student


1. Student runs SecuriTest & enters Student ID and Password

e.g. EEET2250

Password: lab3



2. Student uses Window listed with FULL title (default deny mode)

e.g. title of this doc in word is:

09Feb-Use Cases List Ver2.0.doc –Microsoft Word

Only a window with this title is allowed nothing else,

Are there any exceptions ?

Of course Securitest is an exception and the log on window is.



3. Student uses Application listed by – title (default deny mode)

e.g. Microsoft Word

allows any window which contains the phrase “Microsoft Word”

to be used.

Thus: 09Feb-Use Cases List Ver2.0.doc –Microsoft Word

Would be allowed





4. Student uses Application listed by single word match mode (default deny mode)

e.g. Word to match: “Microsoft”

allows any window with the word Microsoft to run,

or: Word: “Firefox”

allows any window containing the phrase “Firefox” to run.



5. Student attempts use of Window listed with FULL title (default permit mode)

e.g.

only the window with title

09Feb-Use Cases List Ver2.0.doc –Microsoft Word

Is NOT allowed to run.



6. Student attempts use of Application listed by – title (default permit mode)

e.g. Word to match: “Microsoft”

DENIES any window with the word Microsoft from running,

or: Word: “Firefox”

DENIES any window containing the phrase “Firefox” from running .



7. Student attempts use of Application listed by single word match mode (default permit mode)

8. Student submits using normal submission method

9. Student submits using tutor approval submission method

10. Student attempts to copy a file whilst in the save dialog box (block copy/cut enabled)

11. Student attempts to cut a file whilst in the save dialog box (block copy/cut enabled)

12. Student attempts to copy a file whilst in the save dialog box (block copy/cut disabled)

13. Student attempts to cut a file whilst in the save dialog box (block copy/cut disabled)



Special Cases

1. Student executes a command which opens a command prompt in the submission directory (to be expanded to have permit/deny from file)



Additional Use Cases not Implimented yet

- Case sensitivity/insensitivity what is the current default ????

- Logical control eg &, | etc to control access lists (This is essentially what you were getting at with your UserCase 3)

“User Case:3: heiko the genius

all 3 words in any order, ....whether before or after the '-' dash, the window is blocked.”

starting off -

We are getting this site ready for our papers and thoughts on plagiarism and how it affects competence.
We have some well documented experiences and good solutions for Engineering