Threat model for the information security of the moodle distance learning system
Abstract
This paper examines the information security threats faced by Moodle, the most widely used distance learning system in Ukrainian higher education institutions. The study outlines the primary categories of threats that may arise during the implementation and operational use of this system in academic settings. Key areas of analysis include unauthorized physical access to data processing and storage equipment, breaches in access control and role-based management policies, software errors and malfunctions, introduction of computer viruses and malware, as well as both intentional and unintentional actions by personnel, and emergency situations. Each threat's impact on critical security attributes – confidentiality, integrity, availability, and observability – is detailed and summarized in tabular form. To prevent information security incidents within the system, the authors offer targeted recommendations to counteract each identified threat. The developed threat model for Moodle-based distance learning systems can serve as a foundation for creating a comprehensive information security system (CISS) or conducting security audits in line with international standards. Implementing a CISS or conducting an audit enhances the security and reliability of this educational platform in academic environments, ensuring compliance with Ukrainian legislation.
References
2. Про вищу освіту: Закон України [Електронний ресурс] . № 34. 2014.
3. Про затвердження Положення про дистанційне навчання [Електронний ресурс]. Наказ МОН № 466. 2013.
4. Про основні засади забезпечення кібербезпеки України [Електронний ресурс] . Закон України № 45. 2017.
5. Панасенко І. В. Дистанційне навчання в Україні: аналіз загроз і викликів. [Електронний ресурс]. Бізнес Інформ. 2021.
Abstract views: 2 PDF Downloads: 1
