The Deep Study of the Role Multi-Factor Authentication in E-Learning Systems: Primitive Tools and Schemes
DOI:
https://doi.org/10.56714/bjrs.52.1.2Keywords:
role-based access control, educational systems, multi-factor authentication, authenticationAbstract
Modern technology has brought a revolution in all spheres of human life including in educational systems. Different from the traditional classroom methods, current e-learning environments are rapidly overtaking the conventional forms of school training. This is normally achieved through robust platforms designed to boost skill acquisition systems and continuous engagement with learning. This helps in the attainment of interactive and personalized learning for students anywhere and anytime. E-learning is aligned and fully supported by cloud computing technology, which helps in the synchronization of all operational processes. Nevertheless, these technological advancements results in significant challenges such as data insecurity. The main issues surround the assurance that students and trainees sensitive and personal information remain secure from unauthorized access. The most critical concern appears to be insufficient security offered by the data access control mechanisms in these systems. In this regard, Role-Based Access Control (RBAC) has become very prominent in building secure computing systems lately. RBAC grants and blocks computing systems’ information access to individuals hinged on their roles and responsibilities. Over the years, numerous other security solutions have been developed, ranging from shared security protocols, single-factor authentication to multi-factor authentication. These security techniques have been implemented through multiple layers and numerous methods such as biometrics, object, and knowledge-based authentications. Such security technologies have been created to help ensure that the three main security characteristics of confidentiality, integrity, and availability, as well as defense against cyber and malicious threats are attained. This paper aims to present and analyze the most popular and significant security solutions and measures developed over the recent past in the e-learning/educational systems domain
Downloads
References
[1] M. S. Jayawardhena and P. Foley, “Changes in the banking sector: The case of Internet banking in the UK,” International Journal of Bank Marketing, vol. 18, no. 4, pp. 160–170, 2000.
[2] W. Webb, “The evolution of telecommunication systems,” IEEE Communications Magazine, vol. 43, no. 10, pp. 60–65, Oct. 2005. DOI: https://doi.org/10.1109/MCOM.2005.1522114
[3] D. Blumenthal and M. Tavenner, “Health information technology in the United States: Where we stand and where we are going,” New England Journal of Medicine, vol. 362, no. 14, pp. 1323–1326, Apr. 2010.
[4] C. Jacomme, S. Kremer, and S. K. An, “Extensive formal analysis of multi-factor authentication protocols,” ACM Transactions on Privacy and Security, vol. 24, no. 2, 2021, DOI: 10.1145/3440712. DOI: https://doi.org/10.1145/3440712
[5] I. Cahyanto, H. Madihah, I. Budiarso, A. Sutrisno, and T. Hidayat, “Effectiveness of multifactor authentication technology for protecting student privacy: A systematic literature review,” Edum Journal, vol. 7, no. 2, pp. 253–269, Jan. 2025, DOI: 10.31943/edumjournal.v7i2.286. DOI: https://doi.org/10.31943/edumjournal.v7i2.286
[6] A. Boldyreva, Z. Gui, and B. Warinschi, “Understanding leakage in searchable encryption: A quantitative approach,” Proceedings on Privacy Enhancing Technologies, vol. 2024, no. 4, pp. 503–524, Oct. 2024, DOI: 10.56553/popets-2024-0127. DOI: https://doi.org/10.56553/popets-2024-0127
[7] S. G. Lyastani, M. Backes, and S. Bugiel, “A systematic study of the consistency of two-factor authentication user journeys on top-ranked websites,” in Proc. NDSS, San Diego, CA, USA, 2023, DOI: 10.14722/ndss.2023.23362. DOI: https://doi.org/10.14722/ndss.2023.23362
[8] W. Kennedy and A. Olmsted, “Three factor authentication,” in Proc. 12th Int. Conf. Internet Technology and Secured Transactions (ICITST), Cambridge, UK, 2018, pp. 212–213, DOI: 10.23919/ICITST.2017.8356384. DOI: https://doi.org/10.23919/ICITST.2017.8356384
[9] M. K. Kabier, A. A. Yassin, and Z. A. Abduljabbar, “Towards designing educational systems using role-based access control,” International Journal of Intelligent Engineering and Systems, vol. 16, no. 2, pp. 50–63, 2023, DOI: 10.22266/ijies2023.0430.05. DOI: https://doi.org/10.22266/ijies2023.0430.05
[10] A. H. Y. Mohammed, R. A. Dziyauddin, and L. A. Latiff, “Current multi-factor authentication: Approaches, requirements, attacks and challenges,” International Journal of Advanced Computer Science and Applications, vol. 14, no. 1, 2023. [Online]. Available: https://www.ijacsa.thesai.org DOI: https://doi.org/10.14569/IJACSA.2023.0140119
[11] M. A. Syahreen, N. Hafizah, N. Maarop, and M. Maslinan, “A systematic review on multi-factor authentication framework,” International Journal of Advanced Computer Science and Applications, vol. 15, no. 5, 2024, DOI: 10.14569/IJACSA.2024.01505105. DOI: https://doi.org/10.14569/IJACSA.2024.01505105
[12] B. M. Elomda, T. A. A. Abdelbary, H. A. Hassan, K. S. Hamza, and Q. Kharma, “An enhanced multi-layer blockchain security model for improved latency and scalability,” Information, vol. 16, no. 3, Mar. 2025, DOI: 10.3390/info16030241. DOI: https://doi.org/10.3390/info16030241
[13] R. Raimundo and A. Rosário, “Blockchain system in higher education,” European Journal of Investigation in Health, Psychology and Education, vol. 11, no. 1, pp. 276–293, 2021, DOI: 10.3390/ejihpe11010021. DOI: https://doi.org/10.3390/ejihpe11010021
[14] J. G. Chamani, D. Papadopoulos, M. Karbasforushan, S. Cruz, and I. Demertzis, “Dynamic searchable encryption with optimal search in the presence of deletions,” in Proc. USENIX Security Symposium, 2022. [Online]. Available: https://www.usenix.org/conference/usenixsecurity22/presentation/chamani
[15] L. Yan et al., “Attribute-based searchable encryption: A survey,” Electronics, vol. 13, no. 9, 2024, DOI: 10.3390/electronics13091621. DOI: https://doi.org/10.3390/electronics13091621
[16] S. P. Otta, S. Panda, M. Gupta, and C. Hota, “A systematic survey of multi-factor authentication for cloud infrastructure,” Future Internet, vol. 15, no. 4, Apr. 2023, DOI: 10.3390/fi15040146. DOI: https://doi.org/10.3390/fi15040146
[17] I. Amorim and I. Costa, “Homomorphic encryption: An analysis of its applications in searchable encryption,” Mathematics, vol. 11, no. 13, 2023, DOI: 10.3390/math11132948. DOI: https://doi.org/10.3390/math11132948
[18] A. S. Balobaid, Y. H. Alagrash, A. H. Fadel, and J. N. Hasoon, “Modeling of blockchain with encryption-based secure education record management system,” Egyptian Informatics Journal, vol. 24, no. 4, 2023, DOI: 10.1016/j.eij.2023.100411. DOI: https://doi.org/10.1016/j.eij.2023.100411
[19] S. Khan, H. Abbas, and M. Binsawad, “Secure semantic search using deep learning in a blockchain-assisted multi-user setting,” Journal of Cloud Computing, vol. 13, no. 1, 2024, DOI: 10.1186/s13677-023-00578-5. DOI: https://doi.org/10.1186/s13677-023-00578-5
[20] I. Wanisha et al., “Multi-factor authentication using blockchain: Enhancing privacy, security and usability,” International Journal of Computer Technology and Science, vol. 1, no. 3, pp. 41–55, 2024, DOI: 10.62951/ijcts.v1i3.24. DOI: https://doi.org/10.62951/ijcts.v1i3.24
[21] S. Narkedimilli, A. V. Sriram, and S. Raghav, “FL-DABE-BC: A privacy-enhanced decentralized authentication framework for IoT scenarios,” arXiv:2410.20259, 2024. DOI: https://doi.org/10.1145/3722565.3727194
[22] N. Apthorpe et al., “Measuring NIST authentication standards compliance by higher education institutions,” in Proc. SOUPS, 2025, pp. 335–350, DOI: 10.48550/arXiv.2409.00546.
[23] A. Braeken, “Highly efficient symmetric key-based authentication and key agreement protocol using Keccak,” Sensors, vol. 20, no. 8, 2020, DOI: 10.3390/s20082160. DOI: https://doi.org/10.3390/s20082160
[24] M. Ramadan, G. Du, F. Li, and C. Xu, “A survey of public key infrastructure-based security for mobile communication systems,” Symmetry, vol. 8, no. 9, 2016, DOI: 10.3390/sym8090085. DOI: https://doi.org/10.3390/sym8090085
[25] F. M. Salem et al., “AMAKAS: Anonymous mutual authentication and key agreement scheme for multi-server environments,” Journal of Cloud Computing, vol. 12, no. 1, 2023, DOI: 10.1186/s13677-023-00499-3. DOI: https://doi.org/10.1186/s13677-023-00499-3
[26] U. E. Chinanu and O. Amujo, “Comparative survey of cyber-threat and attack trends,” International Journal of Innovative Research in Computer and Communication Engineering, vol. 6, 2018.
[27] A. O. de Sá et al., “Intelligent attacks on cyber-physical systems and critical infrastructures,” 2024, DOI: 10.3233/NICSP240033. DOI: https://doi.org/10.3233/NICSP240033
[28] S. Gao et al., “A robust and efficient authentication and key agreement for UAV-assisted AGS communication,” Journal of King Saud University – Computer and Information Sciences, vol. 37, no. 6, 2025, DOI: 10.1007/s44443-025-00151-x. DOI: https://doi.org/10.1007/s44443-025-00151-x
[29] H. S. Lallie et al., “Analysing cyber attacks and cyber security vulnerabilities in the university sector,” Computers, vol. 14, no. 2, p. 49, 2025, DOI: 10.3390/computers14020049. DOI: https://doi.org/10.3390/computers14020049
[30] A. el Koshiry et al., “Unlocking the power of blockchain in education,” Blockchain: Research and Applications, vol. 4, no. 4, Dec. 2023, DOI: 10.1016/j.bcra.2023.100165. DOI: https://doi.org/10.1016/j.bcra.2023.100165
[31] C. McCabe, A. I. C. Mohideen, and R. Singh, “A blockchain-based authentication mechanism,” Sensors, vol. 24, no. 17, Sep. 2024, DOI: 10.3390/s24175830. DOI: https://doi.org/10.3390/s24175830
[32] V. R. Kebande et al., “A blockchain-based multi-factor authentication model for cloud-enabled IoV,” Sensors, vol. 21, no. 18, Sep. 2021, DOI: 10.3390/s21186018. DOI: https://doi.org/10.3390/s21186018
[33] O. A. Khashan et al., “Blockchain-based decentralized authentication model for IoT-based e-learning,” Computers, Materials and Continua, vol. 75, no. 2, pp. 3133–3158, 2023, DOI: 10.32604/cmc.2023.036217. DOI: https://doi.org/10.32604/cmc.2023.036217
[34] M. Al-Hemairy et al., “Blockchain-based framework for academic certification validation,” Education and Information Technologies, vol. 29, no. 14, pp. 18203–18232, Oct. 2024, DOI: 10.1007/s10639-024-12493-6. DOI: https://doi.org/10.1007/s10639-024-12493-6
[35] G. S. Cho, Y. H. Kim, and S. Y. Lee, “Design and implementation of APFS object identification tool,” Journal of the Korea Institute of Information Security and Cryptology, vol. 32, no. 5, pp. 1049–1062, 2022, DOI: 10.13089/JKIISC.2022.32.5.1049.
[36] C. J. F. Cremers, Scyther: Unbounded Verification of Security Protocols, ETH Zurich, Tech. Rep. 572, 2011, DOI: 10.3929/ethz-a-006809966.
[37] A. Armando et al., “The AVISPA tool for the automated validation of Internet security protocols,” LNCS, vol. 3576, 2005. [Online]. Available: http://www.avispa-project.org DOI: https://doi.org/10.1007/11513988_27
[38] C. Hummert and D. Pawlaszczyk, Mobile Forensics: The File Format Handbook, Springer, 2022, DOI: 10.1007/978-3-030-98467-0. DOI: https://doi.org/10.1007/978-3-030-98467-0
[39] B. Blanchet et al., “ProVerif 2.00: Automatic cryptographic protocol verifier,” User Manual, 2018. [Online]. Available: https://bblanche.gitlabpages.inria.fr/proverif/manual.pdf
[40] T. Arpitha, D. Chouhan, and J. Shreyas, “Anonymous and robust biometric authentication for social IoT healthcare,” Journal of Engineering and Applied Science, vol. 71, no. 1, 2024, DOI: 10.1186/s44147-023-00342-1. DOI: https://doi.org/10.1186/s44147-023-00342-1
[41] A. Li et al., “Analysis and improvement on an authentication scheme for WSNs in IoT,” Wuhan University Journal of Natural Sciences, vol. 28, no. 6, pp. 541–552, 2023, DOI: 10.1051/wujns/2023286541. DOI: https://doi.org/10.1051/wujns/2023286541
[42] H. Park et al., “Provably quantum secure three-party mutual authentication,” Electronics, vol. 13, no. 19, 2024, DOI: 10.3390/electronics13193930. DOI: https://doi.org/10.3390/electronics13193930
[43] M. Saqib and A. H. Moon, “Design of a three-factor authentication and key agreement scheme using biometrics for IoT,” Research Square, 2024, DOI: 10.21203/rs.3.rs-4181532/v1. DOI: https://doi.org/10.21203/rs.3.rs-4181532/v1
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Journal of Basrah Researches (Sciences)

This work is licensed under a Creative Commons Attribution 4.0 International License.
This journal is licensed under the Creative Commons Attribution 4.0 International License (CC BY 4.0).
Under this license, users are permitted to read, download, copy, distribute, print, search, link to the full texts of articles, and create derivative works, including for commercial purposes, provided that appropriate credit is given to the original author(s) and the source.
Authors retain the copyright of their published work, while granting the Journal of Basrah Researches Sciences (JBRS) the right of first publication. Proper attribution must include the article title, author name(s), journal name, DOI, and a link to the Creative Commons license.





