Security in Virtual Education Environments
Keywords:
TICs in Education, Information Security, Virtual Learning PlatformsAbstract
Over the last years it have been incorporating in the virtual education environments different types of information technologies and communications (ICT), up to become it in essential tools to support the teaching and learning process. As consequence of that, these environments have been exposed to new technological risks, which if they are not identified and mitigated appropriately, could affect the security of educational platforms. The goal of the project was to define a framework to manage information technology risks in virtual education environments which ensure the protection of systems and information involved in educational processes over the Internet. In order to accomplish this objective we have made a survey to know the most important risks associated with virtual educational platforms, and after that, we have defined a set of controls associated to these risks, which finally composes the framework of management. Lastly were have developed two technical models to implement information security technologies in virtual education platforms. These are UTM (Unified Threat Management) for the security of network protocols and PKI (Public Key Infrastructure) to improve the authentication to the platforms.
Downloads
References
[2] Organización Internacional de Normalización (ISO). Tecnología de la Información, Técnicas de seguridad, Código para la práctica de la gestión de la seguridad de la información ISO/IEC 27002:2005. http://www.iso27000.es/, 2015, El portal de ISO 27002 en Español
[3] ISACA Information System Audit and Control Association ISACA, A Business Framework for the Governance and Management of Enterprise IT - Preview Version,2012, http://www.isaca.org/cobit/Documents/COBIT-5-Introduction.pdf
[4] American National Institute of Standards and Technology NIST, 2014, https://www.nist.gov/sites/default/files/documents/cyberframework/cybersecurityframework-021214.pdf
[5] Ministerio de Hacienda y Administraciones Públicas de España, Metodología de Análisis y Gestión de Riesgos de los Sistemas de Información MAGERIT versión 3.0, 2012
[6] Organización Internacional de Normalización (ISO). Gestión de Riesgos - Principios y Guías - ISO 31000:2009
[7] S Assefa, V Solms , An Information Security Reference Framework for e-Learning Management Systems (ISRFe-LMS), 2006, Academy for Information Technology, University of Johannesburg
[8] Mohd Anwar and Jim Greer, Facilitating Trust in Privacy-Preserving E-Learning Environments, 2012, IEEE Transactions on Learning Technologies, VOL. 5, NO. 1
[9] Nikhilesh Barik and Dr. Sunil Karforma, Risks and remedies in e-learning system, 2012, International Journal of Network Security & Its Applications (IJNSA), Vol.4, No.1
[10] S.M. Furnell, P.D. Onions, U. Bleimann, U. Gojny, M. Knahl ,H.F. Röder and P.W. Sanders, A security framework for online distance learning and training, 1998, Internet Research: Electronic Networking Applications and Policy Volume 8 · Number 3
[11] Najwa Hayaati Mohd Alwi, Ip-Shing Fan, E-Learning and Information Security Management,2010, International Journal of Digital Society (IJDS), Volume 1, Issue 2
[12] Nikhilesh Barik, Argha Barik, Dr. Sunil Karforma, On Security Management in Elearning System, 2012 , Research Scholar ,Burdwan University Dept. Of Computer Science ,Burdwan ,India
[13] A. Jalal and Mian Ahmad Zeb, Security Enhancement for E-Learning Portal, 2008, IJCSNS International Journal of Computer Science and Network Security
