On the Management of Courses Information in a University Web

Fulvio Corno, Laura Farinetti, Fabio Maino and Matteo Sonza Reorda
Dipartimento di Automatica e Informatica, Politecnico di Torino - 10129 Torino, Italy
corno@polito.it, farinetti@polito.it, maino@polito.it, sonza@polito.it

Abstract

This paper deals with the design, implementation, and maintenance of the Web server of the Politecnico di Torino, a major technical university in Italy. We focus here on the part of the server devoted to teaching activities. Setting up this part required a deep re-organization of the data-flow within the university, involving teachers, administrative staff, and students. The main goals for this continuous effort are providing students with an easy access to all information about courses, and providing teachers and staff with an up-to-date situation. After a one year experience, we positively evaluate the impact of the server with respect to the resources required for its maintenance.

1. Introduction

The rapidly increasing diffusion of Internet pushed most Universities to build and maintain their own Web server [1]. A great deal of information can normally be found on these servers, concerning all the activities being performed in the University (teaching, research, administration, etc.). Gathering these information items, organizing them so that they can be easily accessed, and guaranteeing their continuous update and consistency with official documents is a challenging task, raising several problems belonging to the technical domain, as well as the organizational one [2].

In this paper we describe the approach followed at Politecnico di Torino [3], one of the most important technical universities in Italy, when designing and building the part of the Web server containing the information on the courses held at the university. Several categories of information are now accessible through the server:

general data, aiming at providing external users with an idea about which courses are held at the Politecnico;
bureaucratic and management information about courses, to be used by the Politecnico students and teachers, e.g., lists of students enrolled for a course lectures or booked for an exam, deadlines and procedures for enrolling and booking, dates of exams, course programs, etc;
teaching material, including transparencies, exercises, text books, etc;

The provision and the maintenance of the different categories of information raises several problems:

an information flow has to be setup and tuned in order to guarantee a continuous update of the provided data;
the information flow must ensure consistency of the Web data with official documents of the University, that are issued by several offices and are only partially available in electronic format;
several data-bases have to be built in order to organize the information items provided by several sources, correlating them with each other, and making them easily accessible on the Web;
the access to some data has to be restricted to particular categories of users, resorting to some security mechanism.

The task of organizing and maintaining such on-line information service is hardened by the broad spectrum of teaching activities taking place at Politecnico. To mention some figures, Politecnico di Torino issues 17 B.S. degrees in different branches of engineering, 15 M.S. degrees in engineering and 2 in architecture, and 23 Ph.D. degrees. The teaching activities are distributed in 9 different locations, not just in Torino, but also in several other towns in the region. The total number of courses is around 1,200, and the total number of students amounts to about 20,000.

In order to tame the size of the task, all courses were properly documented on the Web, while interactive services were developed for a subset, only. We started from the ones with higher computer science contents, in order to make a good experimentation with both teachers and students already accustomed to using computers and Internet services.

One year has passed since most of the Web services described in this paper have been activated, and we report here some evaluation of the advantages for the Politecnico activities coming from the availability of these services. On the other side, the contribution of this paper is also in reporting about the changes in the internal Politecnico organization and information flow we had to introduce in order to allow the setup of these services.

The organization of the paper is as follows: in Section 2 we provide some information about the teaching activities at the Politecnico. Section 3 focuses on the goals we wanted to reach when designing the new Web services. Sections 4 through 6 describe some technical problems we had to face and how we solved them: in particular, Section 4 briefly outlines the different services, Section 5 concentrates on the mechanisms for ensuring data correctness and Section 6 deals with access security. Section 7 performs an evaluation of the benefits coming from the new services. Section 8 eventually draws some conclusions.

2. Information Flow for Teaching Activities in University Organization

In order to make the information available through Internet, we had first to setup an integrated data-base system containing all the information about courses, no matter their source and their type. This system is used by all the information sources to provide data, and allows now the University to own a unique data-base system linking together several data-bases (e.g., the ones containing course codes, courses teachers, courses timetables and locations, courses students, etc.). Thanks to this system, it is easy to correlate and consolidate information items coming from different sources but concerning the same course, as required for example by a student accessing the University web site through Internet, and wishing to know the timetable for a given course, as well as the name of the teacher and the official program.

In order to allow the reader to understand the approach we followed for building our Web, we first outline the information flow [4] concerning teaching activities at the Politecnico (Figure 1). The main actors in this flow are:

the Faculty Dean Offices, which dictate course contents and assign courses to teachers;
the Student Office, that acts as the interface towards the students, where they select their study curricula and enroll to courses each year. The Student Office also holds the scores received by each student on each exam;
the Logistic Services Office, that assigns classrooms to both course lectures and exams, by periodically publishing the relevant timetables;
Teachers, that usually provide some additional information and material about their course, and that perform lectures and exams based on the enrolled or booked students;
Students, that are the primary destination for most of the provided information.

Fig. 1: Flow of information concerning teaching activities

3. Goals for a University Web

The main goal we target is twofold:

the first goal is to allow students to have all the information concerning courses available through Internet; the main reason for having all this information available through the net is the fact that Politecnico di Torino is spread over several locations in the region around Torino. Many students do not live in Torino, but go to some of the University branches for lectures and exams. Moreover, the percentage of students having an Internet access is rapidly growing, and the Politecnico di Torino is actively supporting this phenomenon by providing a special financial contribution to students wishing to own such an access. Through the web services, students can access all the material for the course (transparencies, exercises, text books, etc.), have logistic information (timetables, classrooms, rules for passing the exam, etc.), and even book themselves for an exam, send an e-mail to a teacher for rising a question on the course program, or exchange messages with other students of the same course.
the second goal is to allow University employees (teachers and staff) to have at their disposal a data-base system providing them with all the information about teaching activities. This intranet system is clearly very effective in the organization of these activities: teachers can easily know how many students are enrolled for their course, and can have a list of their names. Offices in charge of defining rooms and timetables for courses can retrieve data about the number of students attending each course, and even optimize classroom utilization. Finally, offices in charge of personnel management can monitor the duties of teachers and analyze them. Obviously, most of these data can be accesses by authorized persons, only.

The main input for the development of this service came from the students themselves: their need for accessing courses related information and didactic material in a fast and easy way has been a constant stimulus for our work. The students' interest for web services has grown thanks to similar initiatives in other universities around the world.

4. Services

The need for distributing courses related information through Internet forced us to the reengineering of the information flow in every involved area. In the following we will analyze, for the different provided services, how the interactions among the actors shown in Figure 1 have been modified by this process.

Course Didactic Material: The first service we designed was the distribution of didactic material such as transparencies and handouts of lectures, proposed and solved exercises and other tools for supporting self-teaching and auto-evaluation (forms, hypertexts...). The source of this kind of data is the teaching staff of each course who need to access the information system with writing privileges. This information is directly issued by the teachers, who take the responsibility for its correctness. Each teacher has therefore direct access to the part of the distributed file system that he/she needs to be concerned with. The problem here is to coordinate the teachers' action and to standardize the user interface to help students find the required materials, since different teachers have different skills and their published material may vary from HTML pages to a set of postscript or PDF files. For this purpose an operational unit has been created, which is responsible for the maintenance of the web server and for the interaction with each teacher. The interface we designed [5] uses the metaphor of the traveler Ulysses [6] who guides the student in the navigation through the courses material.
Course Timetables: Another of the main needs of our students, especially the ones that do not live in the town, is the accessibility of courses schedule and location [7]. In order to avoid a simple but tedious post-processing of pre-formatted information, we involved the logistic services office in the redesign of the entire timetable creation process. In this way the output produced by this office can be automatically acquired by the web information system with the advantages of immediate availability and guaranteed consistency.
Course Teachers and Course Programs: Faculty dean offices are responsible for the distribution of the official program [8] of the courses and of the binding between teachers and courses. These data are traditionally published in a book, and we didn't mean to totally change the publishing process. For this reason we provided the offices with a template for writing course programs and we semi-automatically convert it to the suitable format for web distribution. This is not, of course, the best solution, and we are defining a global publishing system, integrated with a database, which will use an intermediate SGML format to allow the production of both paper and electronic versions of courses programs.
Enrolled Students List: The student office provides all the information related to the curriculum of the students such as the examination status or the enrollment to the courses [9]. To preserve the high level of security of personal and confidential data stored in the student office database, direct access to it is not allowed and a mirror of relevant data is kept in a separate database connected to the web server. This allows the offering of several services that range from the management of the enrollment for a student to the extraction of statistical information for each course.
Exam Schedules and Exam Booking: Based upon the indication of teachers, the Logistic Services Office publishes the schedules of exams: time, date, and room for each course are available for each of the scheduled exam session. This information is automatically transferred to the web server database and immediately available on-line.
For some of the exams the teachers require students to book before attending the written and/or oral tests. This booking procedure [10] is fully automated: each student can book for the exams she/he has already attended but not yet passed, and each teacher can monitor the list of students booked for the exams is responsible of. Authentication is based on passwords and on a secure server as we will describe in Section 6.
Statistical Information: The accessibility on the web of these information suggested their use to supply an additional monitoring service to statistical offices. Data such as the total number of enrolled students or the map of used classroom for each weekday are now easily available to support the decisional operational unit of the university.

The task of defining a web-accessible information system leaded us to a result beyond the initial goals: the definition of responsibilities, activity schedules and interaction between different units of the university that were not clearly defined before.

The need of a central operational unit for the coordination, standardization, and the validation of the informational sources appeared to be mandatory to maintain a high level of quality of the provided services.

5. Information Validation

The didactically related services that our web server offers to all the actors shown in Figure 1 are useful only under the condition that each user is confident of the information supplied: if a student, as an example, discovers at his own expenses that the timetable of the courses is not accurate, he will likely not use the service again.

The reliable quality of the services on one hand implies the need for having a central operational unit for the coordination and the supervision of information, and on the other requires that each source of data is responsible for their accuracy and completeness.

In order to satisfy both the needs of the users and the institutional requirements of the university, information has to be:

correct: it is fundamental that everything published in Internet has this characteristic; sometimes this only affects the degree of confidence of the users, but when data are related to institutional regulations of the university (rules for matriculation, official programs of the courses,...) correctness and accuracy assume a legal aspect. Correctness implies the existence of a validation organ responsible for each kind of information; sometimes this organ is local (the teacher is responsible for the published didactic material, each department for the information about the research projects,...) and sometimes is central, when the kind of information requires the visibility over the entire university.
up-to-date: correctness of information is important, but we need to guarantee also that it is related to the present; the date of last update, present in the bottom of each page, gives the user the degree of accuracy of the updating process. A constant and periodical check of data has to be performed by a central organ, that has to remind the responsible for each source of information the need for keeping them updated.
relevant to the aim of the university: the university is legally responsible for everything that appears on its Internet pages, and therefore it has to check that information is both interesting to the users and not in contrast with the educational purpose.
objective and impartial: most of the Internet pages of the university are accessible also from outside it, and they should give the users a complete and objective picture of its organization and structure.

One more relevant aspect that the validation organ has to keep into account is the degree of accessibility of each published service. Some information can have world-wide interest and relevance, such as the organization of the university and the courses provided; others are relevant only to the actors inside the university (for example timetables and location of classes), thus constituting a sort of intranet. Finally some information is reserved, such as the one related to the curriculum of each student, and should be accessed only by authorized subjects. This situation implies the analysis of each service and its insertion into one of the three categories listed before, and some reflections about information security, that will be the topic of the following section.

6. Information Security

Managing a web server in a university has two contrasting goals:

giving a homogeneous container for official information distributed on Internet;
granting a distributed access to the web server file system with writing privileges to many different users (the publishers of information such as teachers, researchers, employees of different offices,... )

In order to centralize system administration and to have a direct control on published material we chose to use a single web server on a UNIX machine within an Athena [11] system. Athena is a Kerberos [12] based distributed UNIX system that allows secure access to the web server file system using a Kerberized version of NFS (Network File System). This means that each Athena user can be enabled to securely mount a portion of the web server file system directly from his workstation. The Kerberos security framework allows the mounting of the requested file system only if the right granting ticket has been presented to it, avoiding the password exposure on the network.

Since not all web publishers use a UNIX system, we provided access to distinct parts of the web server file system to authorized users via the SMB [13] protocol (Session Message Block). The SMB server, that runs on the web server machine, allows access to specific file system areas from each Windows PC that runs a SMB client. The access to the server is protected by the username and password couple assigned to each user that needs a writing access to the web server. SMB is a good solution to grant access from Personal Computers and may also avoid exposing the password over the network by using DES encryption. To broaden even further the accessibility of our web services, we are evaluating the use of the OSF DCE File System [14], a Distributed Computer Environment that allows the secure export of file systems to Windows and to many flavors of UNIX.

The great number of users that publish information requires a syntactic check of the HTML pages; for this purpose we invite the non-expert authors to use a supplied Weblint [15] based form.

The network of our university is logically partitioned in several areas with different levels of security:

the lowest level security area, made of all the machines that are distributed all over the campus;
an intermediate level security area that is located in a separated access-protected room in which UNIX servers are protected by the Athena environment. This area hosts the web server and all the others network services;
the highest level security area, behind a screening router, that hosts the database with students' curricula information and the administrative network. The router does not allow unauthorized traffic towards the student office database.

To obtain a partial mirror of the student office database accessible by the web server, we used a computer in the lowest level security area that acts as a gateway from the student office network to the servers area. Through two successive steps, the database is first copied on the gateway and then acquired by the Oracle database that runs on a UNIX server machine in the intermediate security level area. Sensitive data, such as student passwords or private information, are protected by a simple symmetric key based encryption routine. In this way only the upload from higher level security areas to lower ones is allowed and not viceversa, preserving the relative security level of each area. To avoid the problems related to the key-sharing, we are experimenting solutions based on public key framework such as SSLftp [16], a File Transfer Protocol that relays on a secure communication channel using a secure socket layer (SSL) [17].

The mirror of the student office database is used to provide services such as the list of students enrolled for a course or the exams booking service. The only security consideration about the first one is that the access to these data is allowed only within the Politecnico di Torino domain; the management of exam booking on the contrary is protected using an SSL HTTP server [18], so that each teacher can access and modify exam related data (such as the date of an exam) directly through Internet. Using the public key of the web server the SSL web client can transmit the sensitive data, such as the teacher's username and password, on a secure channel, thus preventing unwanted third parties from observing the network traffic.

7. Results Evaluation

The design, implementation and maintenance of the web server continuously keep busy from 3 to 5 persons, not including the time spent by teachers to provide the material for their courses and the cost for all the routine work of the University staff.

However, the evaluation made by the Politecnico di Torino management about the results obtained through the web server and its services is definitely positive. This evaluation is based on a number of quantitative and qualitative parameters we will describe in the following.

A preliminary analysis of the number of accesses to our web server identifies a constant growth, as shown in Figure 2. This is in part due, of course, to the increasing general interest in Internet, but the trend of the graph shows that accesses are strictly related to the didactic activity in the university.

Fig. 2: Number of hits by week

Through the analysis of the source domain of the requests, displayed in Figure 3, we can identify three different user profiles:

the students and the internal staff of Politecnico di Torino represent about the 43% of the accesses; these hits are both from the central site of Torino and from the other campus in Piedmont;
users inside Italy represent about the 37% of the accesses; they include a 5% of students and staff of Politecnico with an Internet connection at home;
users abroad represent the remaining 20%; most of the hits come from other universities, and we can therefore presume that are related to research interests.

Fig. 3: Percentage of requests by domain

We can examine more in details some of the provided services.

Course didactic material: we evaluate the success of the service looking at the number of teachers that publish material on the web; since this task requires a minimum of confidence with the computer medium, teachers from the departments related to computer science use this opportunity more than the others, covering the 30% of the global number of courses.
Exam booking: this service obtained a good success in the case of courses hosted in the decentralized sites, allowing the teachers to manage the enrollments wherever they are; in the site of Vercelli, for example, the service covers about the 40% of courses.
Course programs: since this service is coordinated and validated by a single organ, the faculty dean office, the complete and updated description of the course is available through Internet. During the month of November 96, when students needed information about courses to design their curricula, this service was one of the three most requested ones.
Enrolled student list: in this case too the coverage of the courses is complete. Since teachers are the only users of this service, the number of accesses is a small percentage of the total. The success of this initiative is demonstrated by the fact that the student office does not distribute any more the enrolled student list on paper.

A positive side effect due to the publishing of courses material on Internet is a general quality improvement of didactic support: the constraint of using an electronic format and the increasing broadness of the audience helped the gathering and organizing of notes, handouts and exercises.

A further symptom of success of our web server is the constant growth of requests for information publishing by the students' associations. This is an unofficial channel of information provided and managed by the students themselves: here a student can find notes from lectures, proposed and solved exercises or simply a corner for discussion on courses and teachers.

8. Conclusions

The paper describes the services concerning teaching activities provided through the web server of the Politecnico di Torino and addresses from an organizational and technical point of view the problems we faced to establish and maintain the server itself.

A deep re-organization of the university flow of data and decisions was required and a University Information System has been setup, which is the backbone of the web server. Details have been reported about the provided services and the technical solutions we adopted to guarantee security. After a one-year experience, we positively evaluate the impact of the server availability on the University life: students and teachers increasingly access to it to get information about courses, the university management can more easily access to updated information teaching activities, and teachers are stimulated to provide more effective material to their students.

At the moment, work is being done to extend the web services to the university administration, in order to setup an intranet covering most of the activities carried out at the Politecnico di Torino.

References

[1] P. Andrew, G. Hart, "Impact of the introduction of Web-based teaching on academic staff", in Proceedings of WebNet 96, World Conference of the WWW, Internet and Intranet, San Francisco, CA, October 15-19, 1996.

[2] J. Cossel Rice, P. F. Merril, C. L. Hawkins, "Procedures for creating useful Web sites", in Proceedings of WebNet 96, World Conference of the WWW, Internet and Intranet, San Francisco, CA, October 15-19, 1996.

[3] Politecnico di Torino web server
http://www.polito.it/

[4] Politecnico di Torino, Regolamento Didattico di Ateneo (university didactic regulation)

[5] Ulysses home page
http://www.polito.it/Ulisse/

[6] Homer, The Odyssey

[7] Courses schedule and location service
http://www.polito.it/Ulisse/ORARI/

[8] Courses official programs
http://www.polito.it/corsi/

[9] Enrolled students list
http://www.polito.it/sds/

[10] Exam schedules and booking service
http://www.polito.it/appelli/prenotazione/insmatricola.html/

[11] G. A. Champine , D. E. Geer, W. N. Ruh, "Project Athena as a Distributed Computer System", IEEE Computer, pp. 40-51, Sep. 1990

[12] J. G. Steiner, C. Neuman, J. I. Schiller, "Kerberos: An Authentication Service for Open Network Systems", in Proceeding of the Winter 1988 Usenix Conference, Dallas, TX, 1988

[13] A. Tridgell, "SAMBA: a LanManager like fileserver for UNIX".
http://lake.canberra.edu.au/pub/samba/

[14] N. Leser, "Towards a Worldwide Distributed File System",
Open Software Foundation Technical Paper, September, 1996.
http://www.osf.org/comm/lit/DEV-DCE-TP4-1.pdf

[15] N. Bowers, "Weblint: Quality assurance for the World Wide Web", in Proceedings of the Fifth International WWW Conference, Paris, May 6-10, 1996.

[16] T. J. Hudson, E. A. Young, "SSLeay and SSLapps FAQ".
http://psych.psy.uq.oz.au/~ftp/Crypto/

[17] A. O. Freier, P. Karlton, P. C. Kocher, "The Secure Socket Layer protocol - Version 3.0", Internet Draft , March 1996.
http://home.netscape.com/eng/ssl3/index.html

[18] Apache-SSL HTTP Server
http://arachnet.algroup.co.uk/Apache-SSL/

Return to Top of Page
Return to Posters Index