Inhalt

•  
   Abstract
•  
   Kurzfassung
•  
   Vorwort
•  
   Contents
•  
   List of Figures
•  
   List of Tables
•  
   List of Abbreviations
•  
  Introduction
•  
   Motivation
•  
   Outlining Fundamental Terms for this Discussion
•  
   Objectives
•  
  Achieving these Goals
•  
   Approach
•  
   Evaluation Criteria
•  
   Limitations
•  
   Principal Contributions
•  
  Literature Survey
•  
   Overview
•  
   Search Space
•  
   (Closely) Related Work
•  
   Terminology and Structure for Extracting Activities
•  
   Implications from Educational Science for E-Learning Systems
•  
   Social Support by Cooperation and Communication
•  
   Activities of Students as Important Step of the Learning Process
•  
   Priority to Meet Learning Objectives
•  
   Flexible Learning
•  
   Integration into Learning Environment
•  
   Security Engineering for E-Learning
•  
   Software Architecture
•  
   Security Concepts
•  
  Resulting Limitations for Practical Systems
•  
   Complexity and Character of E-Learning Systems
•  
   Security Restraints
•  
   Conclusion
•  
  Preparation of the Threat Analysis
•  
   Overview
•  
   Role Based Access Control
•  
  Identification of Assets
•  
   Procedure
•  
   E-Learning
•  
   Information Security Services
•  
   Web Services
•  
   Conclusion
•  
  Analysis of Threats in E-Learning Systems
•  
   Overview
•  
  Threat Analysis Approach
•  
   Comparison of Approaches
•  
   Critical Discussion of FTA Approach
•  
  Analysis of E-Learning Assets
•  
   Introduction to Fault Tree Terminology
•  
   Scenario: Purchased Advanced Training with Mentoring
•  
   Threats of E-Learning Assets
•  
  Analysis of Information Security Service Assets
•  
   Scenario: Distant University with Various Study Courses
•  
   Threats of Information Security Service Assets
•  
  Analysis of Web Service Assets
•  
   Scenario: Various Training Providers with Single Authentication
•  
   Threats of Web Service Assets
•  
  Perpetual Concept Related Issues
•  
   Enrolment and Role Hierarchy
•  
   Supervision and Observation
•  
   Import and Export Functionality
•  
   Low Level Event Based Threats
•  
   Investigative Process
•  
   Exploitation
•  
   Conclusion
•  
  Case Studies
•  
   Overview
•  
  Learning Management System
•  
   Term Definition and Functionality
•  
   Selection of Learning Management Systems
•  
  Information Security Services
•  
   Authentication
•  
   Access Control
•  
   Data Confidentiality
•  
   Data Integrity
•  
   Non-Repudiation
•  
   Availability
•  
  Conceptual Shortcomings
•  
   Deactivation of Foreign Mail Addresses
•  
   Generalisation and Module Inclusion
•  
  Recommendations
•  
   Overview
•  
   Management Strategies
•  
  Implementation Concepts and Technical Remarks
•  
   Base System Protection and Implementation
•  
   Authentication
•  
   Availability
•  
   Organisational Concept and Policies
•  
   Data Confidentiality
•  
   Data Integrity
•  
   Non-repudiation
•  
   Access Control
•  
   User Support and Human Factor
•  
   Guidance and (Security) Usability
•  
   Security Education and User Involvement
•  
  Security Agent for Practical Support
•  
   General Specifications
•  
   Integrity Protection by Digital Signatures
•  
   Realisation
•  
   Application in MOODLE
•  
   Conclusion of the Security Agent Project
•  
   Conclusion
•  
   Conclusion and Future Work
•  
  Complete Fault Tree Analysis Results
•  
   Overview
•  
  Main Tree
•  
   Block 1: E-Learning Assets
•  
   Block 2: Information Security Service Assets
•  
   Block 3: Web Services Assets
•  
   Redundant Subtrees