Our first time users must read the privacy policy before they can use the app. They are required to answer some short questions in order to demonstrate knowledge of the data that we require for our user study and of the data that we exclude from communications with our server.
1. we only collect anonymous research IDs, only instructors can correlate attendance logs with actual student names
2. we do not continously collect information, students send us information only when they click one of two specific buttons
3. we never transmit images through the network; QR codes within the image are decoded and the payload of the QR code is sent instead of the image itself
We use transport layer security (TLS, footnote: this used to be done with a now-obsolete technology known as SSL) in order to preserve data confidentiality (prevent snooping) as our application communicates with our server. This means that anyone "listening in" on the user's network traffic would only see a stream of random data, which could only be decrypted by our server.
The Qt networking library (We use networking libraries in order to send and receive data from our server.) helps us achieve encrypted communication on the iOS and MacOS platforms and the mbedtls networking library does the same on Linux and Android. Ideally, we would've used the Qt networking library for all of our platforms, but incompatibilities between Qt and Android prevented us from doing so.
My debugging sessions led me to discover that Android would load the of OpenSSL networking library present on the Android device instead of the OpenSSL networking library that we packaged for the Android application. This means that Android would prefer to use the software located on the user's phone (these are wildly different networking libraries), as opposed to loading a version of software that would be compatible with the Qt networking library.
So mbedtls, a cross-platform TLS networking library, became our Android and Linux networking library. Due to difficulties with the iOS build system, we continued to use the Qt networking library on Apple devices.
- Hugo
Wednesday, April 26, 2017
Development Update (04/26)
We have deployed and continue to maintain a complex program with about 40
users. Although data collection for our user study is still ongoing, this project taught us many valuable lessons regarding software engineering, user interfaces, and most importantly: communication.
The following blog posts are a report of the code I have written for this research project. We continue using the Qt framework to write a cross-platform application in the C++, QML, and Javascript programming languages. Our attendance taking application consists of about 1,800 lines of C++ code that is used for efficient networking, cryptography, QR code decoding, and other data processing; and about 2,700 lines of QML and Javascript code for describing the graphical layout and interactive elements of our app.
We share our code by uploading to our school's gitlab code versioning server and we discuss issues by using the Riot messenger and our school's issue tracking service.
- Hugo
users. Although data collection for our user study is still ongoing, this project taught us many valuable lessons regarding software engineering, user interfaces, and most importantly: communication.
The following blog posts are a report of the code I have written for this research project. We continue using the Qt framework to write a cross-platform application in the C++, QML, and Javascript programming languages. Our attendance taking application consists of about 1,800 lines of C++ code that is used for efficient networking, cryptography, QR code decoding, and other data processing; and about 2,700 lines of QML and Javascript code for describing the graphical layout and interactive elements of our app.
We share our code by uploading to our school's gitlab code versioning server and we discuss issues by using the Riot messenger and our school's issue tracking service.
- Hugo
Development Update: 03/16
We have been performing stress tests on our server. Eugene and I designed and implemented a testing script that starts 20 parallel threads that send various requests to the server as fast as possible. The tester sends correct and incorrect information, such as login requests and dummy attendance reports. The testing data is randomly generated --- for example, the script sends extremely large payloads (1MB) or valid and invalid usernames.
We have run the test concurrently on at most 4 machines (80 total connections). Our server has a response time of 100ms with a standard deviation of 50ms and max/min response times of 1000ms and 7ms. We'll use our newly developed stress testing script to evaluate several upcoming server-side changes and optimizations.
- Hugo
We have run the test concurrently on at most 4 machines (80 total connections). Our server has a response time of 100ms with a standard deviation of 50ms and max/min response times of 1000ms and 7ms. We'll use our newly developed stress testing script to evaluate several upcoming server-side changes and optimizations.
- Hugo
Sunday, April 23, 2017
Update 4/23/17
Work accomplished:
Our group's poster presentation at the Student Research Symposium was a success!
Our project received a lot of positive feedback. One thing instructors would like to see in the application is a quiz authentication method -- where the instructor can ask a question and receive a response as an evidence type. Another instructor also suggested some form of integration with the iClicker system.
Our group's poster presentation at the Student Research Symposium was a success!
 |
| Our group with our poster |
 |
| Explaining our project to a group of our peers |
 |
| Presenting to a NMT professor |
Goal:
Begin the unguided attendance sessions.
Outcome:
From these unguided sessions, we will ultimately gain an understanding of how the users feel about the system in a real-world situation.
-- Eugene
-- Eugene
Sunday, April 16, 2017
Update 4/16/17
Work accomplished:
Nico and I have demonstrated the PIN and password authentication methods. We allowed the study participants to ask any questions they might've had regarding the two methods. Our group has also completed the poster we will present at the SRS.
Goal:
In this next week we will demonstrate the two remaining methods. We will also be at the SRS on 4/20 from 11:20 - 12:30.
Outcome:
The participants will be familiar with the pattern and QR authentication methods. We will strengthen our presenting skills from our presentation at the SRS.
-- Eugene
Nico and I have demonstrated the PIN and password authentication methods. We allowed the study participants to ask any questions they might've had regarding the two methods. Our group has also completed the poster we will present at the SRS.
Goal:
In this next week we will demonstrate the two remaining methods. We will also be at the SRS on 4/20 from 11:20 - 12:30.
Outcome:
The participants will be familiar with the pattern and QR authentication methods. We will strengthen our presenting skills from our presentation at the SRS.
-- Eugene
Sunday, April 9, 2017
Update 4/9/17
Work accomplished:
I have created a password generation script that will create random passwords for each study participant. The participants will be able to change their password once they have logged into the application. I have also wrote some code that inserted the user/password combinations into our database. We attempted to use the application on Monday, however there were some underlying issues that rendered the app unusable. After we thought all issues had been fixed, we attempted to test the application again on Wednesday with no luck. The server-side and client-side issues have been resolved and we had a successful test session on Friday.
Side note -- Our paper is now available here on the learntechlib website!
Goal:
Nico and I will demonstrate the PIN and password methods to the classes.
Outcome:
The participants will have a better idea of how to use the system and they will have the opportunity to ask any questions they might have.
-- Eugene
I have created a password generation script that will create random passwords for each study participant. The participants will be able to change their password once they have logged into the application. I have also wrote some code that inserted the user/password combinations into our database. We attempted to use the application on Monday, however there were some underlying issues that rendered the app unusable. After we thought all issues had been fixed, we attempted to test the application again on Wednesday with no luck. The server-side and client-side issues have been resolved and we had a successful test session on Friday.
Side note -- Our paper is now available here on the learntechlib website!
Goal:
Nico and I will demonstrate the PIN and password methods to the classes.
Outcome:
The participants will have a better idea of how to use the system and they will have the opportunity to ask any questions they might have.
-- Eugene
Sunday, April 2, 2017
Update 4/2/17
Work accomplished:
We started the experiment on Monday and we began collecting data. For the first week of the experiment the instructors will use traditional attendance-taking methods. One of the classes used a "quiz" method -- the instructor hands out a piece of paper with questions on it at the beginning of class, and collects them at the end of class. The other class used an attendance sheet method, where a piece of paper is passed around and students write their name. The data we collected this past week looks promising.
Goal:
This week we will begin using our system. I will also begin working on the poster that we will present at New Mexico Tech's Student Research Symposium (SRS).
Outcome:
I have learned what it is like to be a researcher in a classroom environment.
-- Eugene
We started the experiment on Monday and we began collecting data. For the first week of the experiment the instructors will use traditional attendance-taking methods. One of the classes used a "quiz" method -- the instructor hands out a piece of paper with questions on it at the beginning of class, and collects them at the end of class. The other class used an attendance sheet method, where a piece of paper is passed around and students write their name. The data we collected this past week looks promising.
Goal:
This week we will begin using our system. I will also begin working on the poster that we will present at New Mexico Tech's Student Research Symposium (SRS).
Outcome:
I have learned what it is like to be a researcher in a classroom environment.
-- Eugene
Subscribe to:
Posts (Atom)