Securing Training Objects and Records Management
Small Business Information
TECHNOLOGY SERVICE CORP.
1900 S. Sepulveda Blvd, Suite 300, Los Angeles, CA, 90025
AbstractIn the training industry, widely dispersed training audiences (particularly for Web-based content) require various levels of access control to training materials. The use of smart cards, biometrics, and other tokens as security access/user identity verification keys provide an avenue not only to deliver the right distance learning applications to the right people, but also to provide a trusted audit trail for data modifications. Various Authentication Management Infrastructure (AMI) systems have emerged to help organizations manage the complexity associated with deploying complex, enterprise-wide authentication schemes involving identity tokens and biometrics. Within the training and development communities, the Learning Management System (LMS) has also emerged as an important product category. The LMS not only allows organizations to more effectively and efficiently manage the vast amount of metadata associated with training activities (learners, courses, transcripts, test results, certifications, skills, etc.), but also to provide a standardized run-time environment for launching and management of Web-based learning materials. The SCORM and Aviation Industry Computer Based Training Committee (AICC) standards have been developed to, among other things facilitate the integration of Web-based learning content from multiple providers into a single organizational LMS. There is, however, no standardized way to integrate the use of these strong authentication tokens (and the AMI products that provide this functionality) with the Learning Management System that launches and tracks training and learners. It is up to each LMS to provide its own ad hoc authentication infrastructure, leading both to unnecessary management complexity, and to under use of the security and traceability provided by Authentication Management Infrastructure systems. The purpose of this SBIR is to investigate and develop a standard framework and scripting language that would allow the enterprise AMI to be deployed efficiently in protecting and auditing training assets and records.
* information listed above is at the time of submission.