2021 IEEE 13th International Conference on Computer Research and Development
Trusted Data Management for E-learning System
Based on Blockchain
2021 IEEE 13th International Conference on Computer Research and Development (ICCRD) | 978-1-6654-2260-4/20/$31.00 ©2021 IEEE | DOI: 10.1109/ICCRD51685.2021.9386354
Chenglong Cao
Anhui Finance and Trade Vocational College
Hefei, 230601, China
chenglongcao@sina.cn
Abstract—During the epidemic outbreak of COVID-19, all
universities, middle schools and primary schools in China
adopted the form of online teaching. It brings convenience, but it
also raises some security and privacy issues. The challenge to
solve the issues is how to achieve effective access control and how
to ensure the authenticity of online data. Because blockchain has
the characteristics of openness, unforgeability and
decentralization, we present a trusted data management scheme
for e-learning system based on blockchain. In the scheme, large
amounts of resource data are stored in a distributed storage
system; the evidences of uploaded data are stored in blockchain
network established by high credible institutions. Once the data
in the distributed storage are tampered, it will be discovered by
looking up blockchain transactions. In order to make up for the
lack of privacy protection in blockchain, we adopt attribute
encryption. For different resources, different ciphertext policies
are given. Only the users whose attributes satisfy the policy can
decrypt the data. Further, a fine-grained access control scheme
for e-learning is designed. In addition, the scheme can prevent
collusion attacks; even if multiple users collude, they will not get
more resources.
Keywords—e-learning, data management, blockchain, tamper-
proof, access control
I. INTRODUCTION
During the epidemic outbreak of COVID-19, all
universities, middle schools and primary schools in China
adopted the form of online teaching. Various online teaching
platforms provide convenient services. For example, Tencent
meeting provides teacher-student communication services;
Tencent classroom provides online classroom services; rain
classroom provides MOOC interface and online examination.
With the help of these platforms, an online comprehensive
teaching and learning process can be carried out. Online
teaching has become one of the earlier ways to overcome the
epidemic.
E-learning is a teaching and learning way based on the
Internet. Because there are many illegal activities on the
Internet, e-learning is inevitably faced with security risks. In
Internet communication, there are some common threats, such
as the loss of confidentiality, data exposure and tampering [1].
In addition, when evaluating students' homework, we need to
make sure that the assignment is submitted effectively. We
expect to discover this deception situation when a student and
the platform conspire to make a second submission or make
modification after submission. Unreasonable data can lead to
This work was supported by the Natural Science Key Research Projects
of Anhui Colleges and Universities under Grant KJ2019A1205 and by the
Quality Engineering Project of Anhui Colleges and Universities under Grant
2020xsxxkc351.
978-1-6654-2260-4/21/$31.00 ©2021 IEEE
Authorized licensed use limited to: UNIVERSITY OF LECCE. Downloaded on June 14,2021 at 09:29:09 UTC from IEEE Xplore. Restrictions apply.
Xiaoling Zhu
School of Computer Science and Information Engineering
Hefei University of Technology
Hefei, 230601, China
zhuxl@hfut.edu.cn
inaccurate evaluation; inaccurate evaluation will greatly
damage the quality of e-learning. If the security issues in e-
learning are not solved, the attraction of e-learning will be
reduced and its development will be hindered.
In order to solve the above issues, data supervision is a way.
If an educational administration department can identify the
malicious users by collecting and analyzing the e-learning data,
it will help to reduce the security risk. During the supervision,
there are security and privacy requirements. Confidentiality
and integrity are two basic properties. Confidentiality refers to
the protection of sensitive information. Unauthorized users
cannot access the data. Authorized users are limited to access
within a certain range. Integrity ensures that data are not
maliciously modified or destroyed. After submission, data
cannot be tampered. So the challenge comes from two aspects:
how to achieve effective access control and how to ensure the
authenticity of e-learning data.
Because blockchain [2] has the characteristics of openness,
unforgeability and decentralization, this paper proposes an e-
learning system based on blockchain. The system is composed
of students, teachers, educational administration department,
educational alliance, online teaching platform and so on.
Students, teachers and other entities need to register and obtain
the key from the authority. The data provider obtains the key
for data upload; the data visitor obtains the key for data query.
The contribution of this paper includes three aspects. (i) The
attribute based encryption method is used and the fine-grained
access control mechanism for e-learning is designed. Only
when the attributes of users satisfy decryption policy, can the
ciphers be decrypted correctly. (ii) The scheme prevents
collusion attacks from data visitors and the combination of
multiple visitors cannot obtain more resources. (iii) The
institutions with high credibility jointly establish an alliance
blockchain to record the evidence of uploaded data. The
corresponding ciphertext data are stored in a distributed storage
system. By the alliance blockchain, the uploaded data can be
verified and the tampering attacks can be prevented.
So, our work can provide a trusted data management
framework for e-learning system. It can provide security
functions such as confidentiality and tamper proof and it is
conducive to promoting the healthy development of e-learning.
The remaining of the paper is organized as follows. Section
II introduces the related work. Section III discusses system
model, security model and design objectives. Section IV
91
presents the trusted data management scheme. Section V A. System Model
presents security analysis. Finally, Section VI concludes our In Fig. 1, we adopt the consortium blockchain to establish
work. the data sharing scheme. Six entities are included in the system
II. RELATED WORK as follows.

We introduce research works on secure e-learning system,
the application of blockchain in education and the related work
of blockchain in data sharing.
A. Secure e-learning System
Aissaoui [3] proposed a new methodology based on
security plug-in layer to protect and detect authentication
vulnerabilities in e-learning system. Barik et al. [4] explored
the risks and remedies. The risks can be mitigated using
firewall, elliptic curve cryptography and digital watermarking.
Khlifi et al. [5] explored an e-assessments based on student
behavior. It continuously authenticates the students by utilizing
the previously stored information about students' successful
authentications. Kausar et al. [6] presented a secure
authentication mechanism for students and teachers with a
trusted server or a fog server. Session key establishment
protocol is provided to setup keys for a specified time period
such as a class, seminar or exam. In the scheme, each student
has to establish a session key with the trusted server in each
session, so the communication and computing costs are large;
and the server will become the bottleneck of system
performance.
1) Data providers upload data before the specified time.
They may be students or teachers. Data is stored in ciphertext
in a distributed storage system, and its evidence is stored in the
blockchain.
2) Data visitors request data from the platform. Only user
attributes satisfy the access requirements, the visitor can obtain
the required data. Visitors may be students, teachers,
educational administration departments, etc.
3) Blockchain nodes are built and maintained by several
institutions with high credibility such as educational affairs and
educational alliances. They record the evidence of uploaded
data. Blockchain is used to solve the problems of data integrity.
4) Distributed storage system adopts a scalable system
structure, and uses multiple storage servers to store a large
amount of encrypted data.
5) E-learning platform provides various service interfaces,
such as online classroom and online examination.
6) Authorities are responsible for entity registration, key
distribution and so on.

The above mentioned schemes [3-6] focus on the security

and privacy of e-learning system. But they do not provide
fine-grained access control for specific resources.
B. Blockchain and Data Sharing
Blockchain has emerged as a novel technology that enables
users to construct a shared, distributed and fault-tolerant
database [7]. Ghoshal et al. [8] proposed an auditing
mechanism without a third-party requirement, but they did not
consider the privacy and security of users. Blockchain-based
data auditing can provide tamper-proof records. However,
every user in the network can read all the information in the
public ledger. Therefore, the privacy protection of data should
be considered.
C. Blockchain and Education
Professor John Domingue, director of the Knowledge and Fig. 1 System framework.
Media Research Center of the Open University in the United
Kingdom, believed that blockchain technology and smart The system workflow is as follows.
contracts would cater to the increasingly decentralized learning
model [9]. For students and schools, the sharing of learning (1) In the registration stage, data providers, data visitors, e-
data will bring convenience to learners, institutions and learning platform obtain their keys from the authorities.
employers [10]. In [11], a blockchain-based platform stores (2) In the data upload stage, a user submits his data to the
some contracts between students and their higher education online platform. The platform stores the ciphertext of the data
sponsors. The fund will be arranged and managed by some in a distributed storage system, and stores the evidence on the
competitive agents who will hold the distributed ledgers and blockchain.
act as miners in the blockchain network. The works [9-11] are
the applications of blockchain in education, and they do not (3) In the data query stage, a user sends the request to the
discuss privacy protection. platform. The platform downloads the ciphertext data from the
distributed storage and the evidence from the blockchain.
III. PROBLEM STATEMENT When the two match, the ciphertext is returned to the requester.
The section provides the system model, the security model When the attributes of the requester meet the decryption
and the design objectives. conditions, the plaintext of the data can be obtained.

92

Authorized licensed use limited to: UNIVERSITY OF LECCE. Downloaded on June 14,2021 at 09:29:09 UTC from IEEE Xplore. Restrictions apply.
B. Security Model
Security threats may come from two aspects: internal and
external adversaries. External attacks include eavesdropping,
forgery and replay. In internal attacks, data providers may
tamper with previously submitted data; data visitors may be
interested in data beyond their access rights; e-learning
platform may modify some data due to the self-interest,
equipment failure, technical or management problems.
C. Design Objectives
• Access control. Data can only be accessed by the
entities with the corresponding access rights. By
making control rules when the data owner uploads the
data, the requestor within the scope of authorization
can access the resources.
• Tamper proof. Any entity in the system cannot modify
the previous uploaded data.
IV. TRUSTED DATA MANAGEMENT SCHEME
The e-learning data cannot be tampered, which are the
basic security requirement. In addition, data can only be
accessed by authorized users. As we know, attribute
encryption [12] ensures that only the visitors with the access
rights can obtain the corresponding data. Therefore, the
scheme adopts attribute encryption with blockchain to protect
security of e-learning system.
A. System Initialization
In the initialization, two multiplicative cyclic group G (its
generator g) and GT with the same prime order N are chosen.
And a bilinear map e : G  G → GT is defined. Besides, a hash
function H : 0, 1 → G that maps a global identity GID to
*
an element of G is provided and we assume H is a random
oracle. So the global parameters GP={G, GT, N, g, e, H} are
obtained. Then, the keys of the authorities are generated. If
each attribute i belongs to one authority, the authority chooses
two random exponents, computes public key
PK = {e( g , g ) , g , i} and keeps SK = { i , yi , i} as his
i yi
secret key.
B. Key Generation
To create a key of attribute i for a user with the identify
GID, the authority computes ki ,GID = g i H (GID) yi , and issues
it to the user.
C. Data Upload
Data provider performs the following steps.
(1) He chooses a random number as the key K, uses the
symmetric encryption algorithm E to encrypt and gets the
ciphertext CT1 = EK ( data ) .
(2) Then, the access structure is determined. He chooses
n  l access matrix A whose rows are mapped to attributes
through a function ρ. He chooses a random s  Z N and a
random vector v  Z N with s as its first entry. Let x = Ax  v ,
l
where Ax is row x of A. He also chooses a random vector
93
Authorized licensed use limited to: UNIVERSITY OF LECCE. Downloaded on June 14,2021 at 09:29:09 UTC from IEEE Xplore. Restrictions apply.
w  Z Nl with 0 as the first entry. And let wx = Ax  w . Then, he
chooses a random rx  Z N .The ciphertext is computed as
CT2 = { A,  , C0 , C1, x , C2, x , C3, x } . Here, C0 = Ke( g , g ) s ,
x   ( x ) rx y ( x ) rx
C1, x = e( g , g ) e( g , g ) , C2, x = g , C3, x = g
rx wx
g .
(3) He calculates the transaction
 
Tx = ts GID H ( CT1 ) ||  . Here, ts is time stamp; σ is his
signature to the previous items in Tx.
(4) He sends ts GID CT1 CT2 Tx to the e-learning
platform. The platform will store ts GID CT1 || CT2 in the
distributed storage system, and put Tx into the transaction pool
of the blockchain through the smart contract.
D. Data Request
(1) A data requester sends ts ||GID to the platform. The
platform inquires and gets CT1||CT2 from the distributed
storage system, and gets Tx through the smart contract. After
verifying the signature is correct, the platform compares the
hash value of CT1 with H(CT1) in Tx.
(2) If they are inconsistent, give up; otherwise, the
platform will send CT1||CT2 to the data requester.
(3) The data requester decrypts K from
CT2 = { A,  , C0 , C1, x , C2, x , C3, x } as follows.
Under an access matrix (A, ρ), if a requester has the secret
keys k ( x ),GID for a subset of rows Ax of A such that (1, 0,…, 0)
is in the span of these rows, then he proceeds as follows. For
each such x, he computes:
Dx = C1, x  e( H (GID), C3, x ) / e(k  ( x ),GID , C2, x ))
He computes the constants cx  Z N such that
 cx Ax = (1, 0, . . . , 0)
and then computes K = C0 Dx
x
cx
.
(4) He uses K to decrypt the data from CT1, i.e.,
data = DK ( CT1 ) .
E. Blockchain Establishment and Maintenance
The blockchain consists of a series of blocks containing a
certain number of transactions. The generation of blocks are
determined by all entities using a consensus mechanism.
According to the entity access mechanism, blockchains can be
divided into three categories including public blockchain,
alliance blockchain and private blockchain.
Our scheme uses alliance blockchain which are constructed
and maintained by several entities with high credibility. Unlike
public blockchain, alliance blockchain is owned by the entities
within the alliance. Here, according to the proof of stake
mechanism, a current leader is selected to create a new block
and its signature, broadcast them to the blockchain network
and update the distributed ledger. It is not possible to make any
changes to a previously added block.
 V. SECURITY ANALYSIS jointly establish a blockchain network to record the evidence of
Proposition 1. The decryption of K from uploaded data. The corresponding ciphertext data are stored in
a distributed storage system. Any entity cannot modify the
CT2 = { A,  , C0 , C1, x , C2, x , C3, x } is correct. previously uploaded data. The scheme can resist tamper attacks.
Proof. From the data upload and request phases, we can see Only the users, whose attributes match the access structure, can
obtain the data plaintext. And it can prevent collusion attacks
Dx = C1, x  e( H (GID), C3, x ) / e(k  ( x ),GID , C2, x )) from internal members due to their different global identifiers.
e ( g , g )  x e( g , g )
  ( x ) rx
 e( H (GID), g
y p ( x ) rx
g wx ) For future research, we will evaluate the effect of e-
=  ( x) y ( x ) rx learning. And using artificial intelligence methods and the
e( g H (GID) , g ))
mass data on the teaching platform, we will analyze and
x  ( x) yp( x)
e( g , g ) e( H (GID), g )e( g wx
, g rx )  e( H (GID) , g rx ) identify the characteristics of online learners, and provide
=
e( g
 ( x)
H (GID)
y ( x )
, g )) rx personalized learning support services.
x
= e( g , g ) e( H (GID), g ) wx
ACKNOWLEDGMENT
Ke( g , g ) s This work was supported in part by the Natural Science
C0 D cx
= Key Research Projects of Anhui Colleges and Universities
 x
x
x ( e ( g , g ) e( H (GID), g ) wx )cx
x
under Grant KJ2019A1205, in part by the Quality Engineering
Project of Anhui Colleges and Universities under Grant
Ke( g , g ) s 2020xsxxkc351.
=
 cx x  cx wx
e( g , g ) x e( H (GID), g ) x REFERENCES
s
Ke( g , g ) [1] Y. Chen and W. He, Security Risks and Protection in Online Learning:
= A Survey[J]. International Review of Research in Open and Distance
 cx Ax v  cx Ax w
e( g , g ) x e( H (GID), g ) x Learning, 2013, 14(5):108-127.
[2] F. Tschorsch and B. Scheuermann, “Bitcoin and Beyond: a Technical
Ke( g , g ) s Survey on Decentralized Digital Currencies,” IEEE Communications
= =K Surveys and Tutorials, 2016, 18(3):2084-2123.
e( g , g ) s e( H (GID), g )0
[3] K. Aissaoui and M. Azizi . "El-Security: E-learning Systems Security
Proposition 2. Any entity in the system cannot modify the Checker Plug-in." the 2nd international Conference 2017.
uploaded data. The scheme resists tamper attack. [4] N. Barik and S. Karforma . "Risks and Remedies in E-Learning
Proof. The blockchain transactions cannot be tampered, System." International Journal of Network Security & Its Applications
which ensures that the evidence of uploaded data has integrity. 4.1(2012):51–59
Once the data in the distributed storage is changed, it will be [5] Y. Khlifi and H. A. El-Sabagh . "A Novel Authentication Scheme for E-
discovered. assessments Based on Student Behavior over E-learning Platform."
International Journal of Emerging Technologies in Learning (iJET)
Proposition 3. Only the users whose attributes match the 12.4(2017):62–89
access structure can obtain the corresponding data. [6] S. Kausar, Huahu X , et al. "Fog-Assisted Secure Data Exchange for
Examination and Testing in E-learning System." Mobile Networks and
Proof. According to the principle of attribute encryption, Applications (2020):1-17.
only when the data visitor has the attributes specified by a data [7] E. Gaetani, L. Aniello, R. Baldoni, et al. “Blockchain-Based Database to
holder, can he obtain the plaintext of the data. Ensure Data Integrity in Cloud Computing Environments s,”
Proceedings of the First Italian Conference on Cybersecurity
Proposition 4. The scheme prevents collusion attacks between (ITASEC17), Venice, Italy. 2017: 146-155.
data visitors. [8] S. Ghoshal and G. Paul, “Exploiting Block-Chain Data Structure for
Proof. A hash function on the data visitor’s global identity Auditorless Auditing on Cloud Data,” International Conference on
GID is used to resist collusion attacks. The collusion will not Information Systems Security. 2016 : 359 – 371.
work, since the wx will have different bases due to different [9] T. Xu, “Research on the Development and Significance of
GID. It means if a single user has not the enough key to obtain Blockchain+Education,” JOURNAL OF DISTANCE EDUCATION.
2017(2):19-28
a resource, the combination of multiple users cannot obtain the
resource. [10] D. Mills , K. Wang, B. Malone , et al, “Distributed Ledger Technology
in Payments, Clearing, and Settlement,” Finance and Economics
Discussion Series, 2016.
VI. CONCLUSION AND FUTURE WORK
[11] M. Rashid & K. Deo, et al, “TEduChain: A Platform for Crowdsourcing
On an online learning platform, there are some common Tertiary Education Fund using Blockchain Technology,” 2019:1-5.
threats, such as the loss of confidentiality, data exposure and [12] L. Allison and W. Brent, “Decentralizing Attribute-Based Encryption,”
tampering. In order to resist these security attacks, we propose EUROCRYPT 2011: 568-588.
a trusted data management scheme for e-learning based on
blockchain. In the scheme, the institutions with high credibility

94

Authorized licensed use limited to: UNIVERSITY OF LECCE. Downloaded on June 14,2021 at 09:29:09 UTC from IEEE Xplore. Restrictions apply.