Student Records: A complete asynchronous environment in education Abstract Technological improvements enhanced our education experience and involved new terms like distance-learning. Todays education systems are need to be supported by new architectures managing course, instructor, student, and performance records. We have developed a multi-tier architecture integrating backend tools and systems with commodity interfaces. We implemented an asynchronous open information access environment supporting curriculum management, student databases, statistic data collection and presentation, assignment submission and performance evaluations, personalized data access on the web, securtiy issues, different user levels and access lists. The resulting environment, evolved with the needs, reached a large audience, more than 400 users, including in-campus and online distance courses, had used it. This paper presents a technical overview of the architecture and discusses its functionalities gained from the experience. Introduction Recent technological innovations tremendously effected the education systems. Distance learning became a common technique in education. Technologies are adapted to many academic courses like the ones offered by Syracuse University to Jackson State students. In these courses, collaboration tools, mailing lists, bulletin boards are used, and rich set of online materials and reference links in WWW are presented to students. Both synchronous and asynchronous techniques and resources are subject to continuous improvements. The computational science education group at the Northeast Parallel Architectures Center (NPAC) has developed a huge repository of online course material, which includes lectures, tutorials, and programming examples in various languages. To provide a regular basis synchronous interaction with students involving teachers and other learners, in addition to asynchronous learning materials, TANGO system was used to deliver CSC 499 over the Internet. All these improvements in the technology based education methods bring new needs. Our education experience showed that the new face of learning has lack of online-open asyncronous information access environment both for students and teaching staff like registering, passwords assignments, automized mail lists, students' data recording, observing students, preparation and presentation of performance records, long term reference needs for a particular student work, assessment tools, which were used to be done by human interactions in traditional systems. In a distributed environment, the system provides accesses from different locations through a complete security mechanism and user authentication interface integrated to commodity interfaces. Distributed students can on-line register for the courses. The student records and their performance records are planned to be kept in a database continuously that provides a base for a virtual university student services. A student can access his performance page, at any time from any where having web access; and/or can include his resume for the applications, which causes more reliable evaluations. Students may also use other services like post office, file uploading, class lists, submitting surveys, and other account administration. Besides convenience at submitting the grades to the students, NPAC grading system helps to instructors as an assessment tool. The graders can see various statistics about the students at any time while grading from a web browser. A categorized questionaire database is useful for online surveys and quizes. Preparing class surveys provides keep tracking of the student progress, understanding course quality, and increased adaptability to the student needs. Possible customizations at the grading brings more flexibilities at the grading. In the system, additional to seing a simple grade, students themselves are able to see their performance, like average or expected grade, grader comments, and suggestions, etc., through the semester . The environment also presents an user friendly administration interface on the web. A server administrator can tune up the performance and change the configurtion from any web-browser connected to the internet network. The main functionalities in the environment as the collaboration of supervisors, instructor, co-instructors, TA, students, guests , and administrators through the Web Browsers are ; Course Manipulations; add,update,delete, and surveys. Student Records Manipulations Assignment Records Manipulations Customizing Grading Preparing surveys Grading and Statistics System User Records; defining new users, manipulating user accesses System Services like backups, and class list construction Students' Access Menu, personal information and grades Basic Needs and Problems encountered leading to the project; With our experience we realized that especially the outside distributed students had lived diffuculties to follow a course presented with recent web technologies. Many students thousands miles away from our teaching center had frustrated to have offerings in-campus students had. A new complete integrated environment need to be presented to the outside registered students to make them feel like living in a virtual university. Even the in-campus students having many ascyncronous resources around craved such an environment. Specific web-based interfaces should allow users to access certain information,perform related operations, and store the results in a statefull environment. For an example, on-line grading, or submitting student performance records was not so formal, secure, and flexible with email. Though individual solutions exists for long time, for examplesubmitting grades with pgp encyrpted emails, these techniques are not practical for every student and lack the completeness of an environment and future needs of students based on the sprit of the Web Education. Not having the student records in a trustable, easely-securely accessible database environment is a complete disadvantage for both on and off-campuss students. The team offering the courses became loaded immediately by the work of technical class preparation. Construction of class lists, email lists, making unix accounts, listing student home pages, submitting passwords to students and keeping track with add-drop students, measuring class level with surveys for different types of courses needed many human-effort beacuse of lacking an automized environment. The issues like grading became problem in distributed education cases with respectful number of teaching team in charge. Furthermore, online progress tracking, having a categorized questionaire databank, automatically evaluation reports ,and similar services became a need more than a luxiary by the time. Features We designed the student records specifically to offer the following functionalities through a web interface; User and Student Main Page Image URL: http://carver.npac.syr.edu:3768/users-docs/msen7/paper/userstudentmenu.gif [Image][Image] Course Records Manipulations One can see the courses listed to make operations like browse, update, delete, on the present courses, or new courses can be added. Instructors can prepare surveys to be filled by on-line registering students. New surveys can always be added during the course offerings to estimate the class learning level, to makeother assesments, or to understand expectations of students. Student Records Manipulations & Students's own account administration Staff users can see the students registered in a specific course listed. One can create new students optional to students' own online-registration, browse, update, remove a student. Students can enter their assignment submission pages through their accounts on the web. Students themselves has private accounts with enhanced tools for their personal use, which they get by online registering to the courses. They can always see their performance records, use post office, upload homework files, administor their virtual directories and personal accounts. Assignments & Grading The team offering courses to students can make new assignments through the web interfaces and specify grading information about the assignments like percantage, published urls, etc. The on-line grading provides an asyncrounous collobaration between distributed staff team members hided from the online students. Students may see their grades online, securly and privately after they are published by graders. The grader has various altarnatives while grading. The grades may either be numeric grades, or customized grades like A, A-, B, B- , etc., or excellent, good fair, poor, etc., or present absent, in cases for k12 students. In either case, the average calculations can be done automatically. The grader may choose class list or individual assignments for faster grading. At any time, one can see the class averages, grade distribution, ranks, etc. The following pictures illustrates the usage of the system; The grading interface contains information depending on the security level of accessing person. For example, a student can only see his grades, assignment ingormation, the points he lost or gained, and some comments by grader. On the other hand the grader can include some secret comments only available to the authorized people like instructors, or parents. Furthermore, an instructor or supervisor can also include top level secur comments for the individual grades or in general student performance which are only available for specific users. Grading Image URL http://carver.npac.syr.edu:3768/users-docs/msen7/paper/grading.gif [Image] File Manager NPAC Virtual File Manager is integrated in the environment for uploading homework files into virtual directories in server side, and directory-file manipulations. Students uses the same passwords and/or transfered from their personal accounts to access their directories. File Manager Image URL : http://carver.npac.syr.edu:3768/users-docs/msen7/paper/filemanager.gif [Image] Surveys & Quizes Through the web interfaces, instructors can prepare surveys for students at any time the course offered. A questionaire bank keeped in the database to select previous survey questions from the databank. Questions may be distributed into different categories, and presented in a logical way to the students independent of their preparation at different times. In a similar fashion to surveys, class quizes can also be prepared. Beyond the regular quizes, different apects of quizes from student-self evaluation quizes to pop-quizes in class time are currently in progress. The survey results are automatically evaluated and immediately presented to supervisors on their browsers. By using the surveys the understanding level and expectations of the class may be measured, and the performance of the class can be levaraged. An example of a class survey results are presented in the following picture; Survey Results Image URL http://carver.npac.syr.edu:3768/users-docs/msen7/paper/surveyresult.gif [Image] User records Additional to the student users, a different kind of the user accounts are kept in the system for instructors, supervisors, co-instructors, TAs, graders, administrators, browsers, other system administrators, etc. These records contains personal information about the users and their access priviliges. The security issues about different level of users will be discussed later. Services and legacy systems connections One of the important chracteristics of the projects is that it contains many services automized in its environment. The load of the staff offering courses in NPAC relieved considerably. For an example, assignment of unix accounts passwords through the system was a long process before both by waiting paper list from the university official registration office, and delivering the passwords to the indivudual students. Preparing& submitting majordomo email lists can be automaticly done. Besides these automization jobs, there are other services directly offered in the environment like its own postoffice to send emails to selected individuals or groups in the students and staff. The class list with home page, email and picture links of students are presented in various places for the public usage. The passwords of students in the system are applied to variuos other systems to decrease the number of passwords to remember. The environment own services are also useful to tune-up the performance and to increase usabilty. The specific cache mechanism for user, student, course, assignment records leverage the performance by decreasing the number of database accesses. The connection mechanisms in the architecture can be controlled from a front-end interface to an easy use and configuration for administrators. The access logs, not only web access logs but the environment own access logs, are kept for future references and assessment. Security Issues The student records are one of the most private information in education. Because of its exposure to the public over the internet, the whole environment is subject to attacks to capture, to alter, to destroy the private information. For the sake of completeness, complete security should be inseted into the architecture. We solved the security issues under the following categories; Security Image URL http://carver.npac.syr.edu:3768/users-docs/msen7/paper/security.gif [Image] [Image][Image] Communication channel security; Currently, we have the technology to secure enough the communication channels over a public network. Using public key cryptography in the SSL protocol secures the transfering of the information over the internet. We are running an SSL server to present all the interfaces thruogh it. User authentication; Like many computer operating systems a user authenticates himself by entering a user login id and a secret password known solely to himself and the system. The system compares this password with one recorded in a User Table which is available to only the authentication program. Since the beginning, while registering to a course, the users can always change their passwords through the web interfaces & they can choose whatever they want. User access lists; The second part of the authentication mechanism is keeping access lists for the system users. If we do not count the super user exception, all the users are restricted only to access to the allowed part of the database. For each user the names of the courses, which he can access, are kept in the user tables. Whenever a user wants to access some private data, or HTML pages, his access list automatically checked whether he has this course in his access list. Access lists can be easyly manipulated in the user records of the grading system, simply by carrying present course names to the access list box. User privilge levels; Since privacy issues are most important in such a system, user password authontication and access lists are not enough to keep privacy by themselves. Therefore, a further mechanism, user access priviliges, is also included in the system. The user access priviliges puts one more layer of restrictions to access and/or manipulate any private data. After getting a successfull password authentication, and having desired course specified in the access list, a user must have powerfull enough priviliges to read and/or to write, update some records, or to see HTML information pages. There are following 7 categories of user priviliges defined; Super USer, Supervisor, Instructor,Co-Instructor, TA, System, Browser, and students. Presentation security; One of the challenging issues about the securtiy is not the communication security but the keeping privacy after data transfered. It is highly possible that students may see their grades and other private records in a public cluster. Although it is not possible to provide complete security at this level, we improved different strategies to make the risk as low as possible. Every window appearing in front of the students has a timeout clock, which destroy the window after the time decrease to zero. Another issue is giving a unique id-number to the person when he logins, each time one logins to his account a new unique id is given, and the id expires after specified time finish. This prevents using of the same url address by somebody else. This even provides a clue to the user when somebody else stealed his passwords when he tries to login at the same time. Although most browsers does not cache the SSL server data by default, the user may turn this option to cache the data, where such personal preferences of users may cause security leaks but they are highly unlikely. HTML Editable User Interfaces All the user interfaces are presented through the WEB browsers, and they also keeped as HTML-like files in a template library seperated from the implementation and the database records. One can easily edit a user interface like an HTML file without any technical knowledge of the environment. Also using different style sheets for different users is also possible. Easy system administration A front end menu is prepared for the system administrators, who are configuring the connections like, JDBC-Database connectivity, and tuning up the performance, etc. Any third party, who wants to use the project for themselves, can easily use the project just by using user friendly front-end guiders without any deep knowledge of components without having highly skilled computer experts. 2.Architecture and Involved technologies The entire architecture is implemented based on the concern of portability and easy installation to any machine in anywhere. The involved technologies includes HTML, JavaScript, Java, JDBC, SQL, and limited amount of Perl for specific local legacy systems. Architecture Image URL http://carver.npac.syr.edu:3768/users-docs/msen7/paper/architecture.gif [Image] The architecture is a multi-tier architecture. In general it can be seen as a trhee-tier architecture. The more layers in middle tier especially designed in semantics of modularity and easy integration with other related projects. The user interface completely presented as an commmodity interface. All the data access, and functionality is managed through the client browsers. The communication channel is secured with SSL to complete other inside security mechanisms as previously mentioned. In the middle layer, the main intelligence of the environment is placed. The communication with the outside world is provided through the servlets. The middle tier itself contains different levels. The first level contains the high level functionalities to talk with the clients and to perform the operations in a more advanced level without considering the low level system dependencies like database connectivity. The relational database records are considered as the objects at this level. The second level mainly serves as a cache memory to database objects. The cache mechanism provided performance increases by decreasing accesses to the database for each operation. The objects in the cache are defined as the objects which are keeping single relational database table row entry and related methods to perform on them. At any time when a user login to his account, all of his personal records transfered to cache for any possible access by user, or the recent course records always kept in cache during the semester. The last level performs low level operations like connecting to the databases and performing database related operations. Each independent type of tables like, students, users, courses, etc., has an associated class. The table mapped class is responsible for accessing to database, fetching the records, turning them into objects, keeping the consistency with object modifications and database, and also related table operations like listing the whole table, sorting etc. The last layer in the architecture is database backend. Since implementation is done with java, any suitable database supporting basic SQL standards can be choosen and the database access can be forwarded to selected database through JDBC bridge update in the front end options. In the implementation, SQL usage is minimized so that even some Databses like mSQL with full SQL standard support can be used. The last layer also includes a template library stored as HTML-like files. The user interfaces can be easly enhanced simply by editing this HTML-like files without any knowledge of the java codes and database issues. The parser module takes this files and embed dadabase information into the HTML-like file and return a complete HTML file to the user dynamically. The environment supports also the legacy systems through a cgi-module. One example is majordomo email list can be sent by instructors through a user interface which get the registered students from database. Any scripts can be added to the cgi module providing connection with legacy systems. Another example, using the same passwords for other support systems lunched by other groups. Future Directions The Student Record Database has useful information about the users of the Web resources. It stores all the user registration information and the student's performance records. The system also keep access logs of the students. Since the purposed system involves with the same users, the combination of the two data group will provide opportunities to make new kind of analyzes. Because other systems usually do not have user information on web logs, or they do not have registration information in case they have authentication mechanisms, the analyses does not provide any assessment opportunity on users. Also, combination use of database records with TANGO collaboration system open new horizons in assesment. Conclusion NPAC's student records database environment has been used by many students, about 450, and staff up to date in two years. It is evolved with professional experience and new needs both by on and off campus course offerings. The environment keeps a rich set of online available tools useful in education. Distributed students from Missisipi, Boston, X, and Syracuse online registered for the same course offereings in the environment. The implementation is entirely written in Java in a portable fashion. Its layered and modular architecture provides easy upgrading and integrability with other environments, e.g., high level sharing database records. Other educational organisations like JSU also installed it. The environment provides easy server administratin and configuration additional to its convenience for users through the Web. Refereneces K. Dincer and G. C. Fox, Using Java and JavaScript in the Virtual Programming Lab: A Web-Based Parallel Programming Environment, in Concurrency: Practice and Experience Journal, June 1997. K. Dincer and G. C. Fox, Design Issues in Building Web-based Parallel Programming Environments, in Proceedings of the Sixth IEEE International Symposium on High Performance Distributed Computing (HPDC-6), Portland, OR, August 5-8, 1997.