When it comes to security and privacy of an eLearning platform, it becomes vital for every person to be sure of a secured place. Surely it is so important for a client how safe the atmosphere is and to what extent he has privacy. Laramint claims that every client has a secured area and we will support him by our platform with his own privacy in activities and information.
For start, we intend to describe some basic terms in this regard:
A dynamic permission or a dynamic access control will empower the admins to use access control permissions and some limitations according to specific rules. These rules contain the amount of sensitivity in some items such as resources, role of a user, and configuration features. Then by the help of these rules, a client can have the access to various resources.
By using a dynamic access control, the permission of a client changes dynamically without the need to change the programming code. This also happens at the time of changing the client’s role and even his account. In Laramint, you will face a multi dynamic access control. It means that the super admin is able to define multiple roles for a user in order to allow him to do different activities and have different roles (as a learner, a mentor, etc.).
To have a simple definition for authentication, we can say that it verifying who the client is. The identity of the person is of a high importance for our LMS. So it must be clear that our users are a real person. For example, when you enter a hotel, firstly the receptionist check your id card and then he will let you book a room in the hotel.
Some features of authentication are:
- It check who you are
- It is the first level to know your identity and management of access control
- It is visible
- It is changeable by the client
- It works via passwords, biometric information, etc.
At the time that authentication is okay and the user’s identity is verified, we have the authorization process. In this phase, Laramint gives a client permission to have access to different activities and functions. The access happens in relation to the role of the client and the services he is able to use. Consider the hotel example on the top, the step of verifying and using the services of the hotel is called authorization.
Some features of authorization are:
- It defines what resources can a user access
- It happens after authentication
- It is not changeable by the client
- It is not visible