CYBERSECURITY ASPECTS OF E-LEARNING PLATFORMS

Abstract

The subject of study in the article is the platforms used to organize the educational process in the context of distance learning. The following platforms are selected: learning content management systems (open source systems and individual development), Google Classroom service, e-mail, and cloud data storage. The objects of the educational process for which the security state must be provided are shown. Such assets are files (lectures, tasks for laboratory work), a bank of questions (a total set of questions from which tests are created to control knowledge), and grades (for laboratory work and modular control of knowledge). The goal of the work is a comparative analysis of distance learning platforms in the aspect of cybersecurity. The main threats are a violation of the availability and confidentiality of data in the educational process. It is also possible to modify marks due to the exploitation vulnerabilities of the system or gaining access to the functions of the learning content management system administrator. The probability of data being compromised is higher than the probability of modification, as evidenced by information from vulnerability databases about numerous vulnerabilities in learning content management systems. An accessibility violation is a result of a denial of service, that is, the resource on which the necessary files are located becomes inaccessible to users. The method of expert evaluation with variables of fuzzy logic is used. As a result of the analysis, it was revealed that the most flexible and convenient platform is the learning content management system of individual development, at the same time it is the most unsecure among the platforms considered. An open-source learning content management system is a more secure platform due to the presence of a global community that can identify security problems faster than attackers. Using Google Classroom and using email with cloud storage is safer, but these approaches are inferior in usability and functionality. Conclusions. Choosing a distance-learning platform is about finding a compromise between security and convenience in the form of a wide functionality of the system. When deploying a centralized learning content management system, it is important to remember that this system is an object of critical information infrastructure, and the requirements for critical systems must be met for it.