The demand for E-Learning (Electronic Learning)/ M-Learning (Mobile learning) has changed the way training organisations provide course delivery and training to various learners and employees. Cloud based learning management systems have been implemented in various organisations and educational institutes to improve efficiency and expand educational opportunities. However, there has been multiple challenges relating to security issues and threats within cloud based mobile learning environment. This paper aims to identify the security issues and threats in cloud based learning systems; evaluate IT policies and procedures of LMS(Learning Management Systems); and provide countermeasures for this threats.
Keywords: E-Learning Systems, Cloud computing, E-Learning security and threats, IT policies and procedures
Electronic learning systems referred as E-Learning/M-Learning or LMS (Learning Management Systems) are cloud based learning systems implemented to reduce cost; provide quick deployment; easy utilization; quality of service; automated integration to other systems; continuous availability and the complexity of accessing data (P Pinang., 2016). Electronic Learning Systems incorporates cloud computing technologies in the form applications hosted on remote servers and pivots on the internet in its execution.
The systems deliver content using multiple forms of communication tools such as multimedia (videos, audio); VR (virtual reality); work groups; forums and blogs (A Gabor, et al, 2017). There are two basic approaches to electronic learning, which is self-paced learning and facilitator led learning (blended learning.
The world wide web has become a venue for a new set of illegal activities. The vulnerabilities and threats of electronic learning systems are level out as the same as any web-based application. Cyber criminals and malicious users exploit vulnerabilities in systems to access sensitive organization and user information, as well as insert malicious programs for an example Trojans, Viruses intended to harm the targeted system.
In order to efficiently operate in the digital environment, institutes and developers must implement proper IT policies and procedures; and robust cyber protection systems within the current electronic learning (LMS) environments.
RESEARCH TOPIC JUSTIFICATION AND MOTIVATION FOR STUDYING THE PROBLEM
A lot of educational institutes and private/government entities are moving towards E-Learning as a form of training due to cost and scalability factors. In the development cycle of learning systems focus is put on content delivery and system functionality. In my many years of consulting and developing learning management systems, organizes are not constant with the security aspects of the development of electronic learning systems. This leaves organization exposed to cyber-security threads and vulnerabilities. If this trend persist organizes will have comprised systems and possible law suits due to user personal data sold to 3rd parties. The inclusion of proper IT policies and procedures in the development cycle can be used as best practice when developing learning management systems.
Electronic learning commonly referred as E-Learning is a web-based application software that involves students, teachers/facilitators and administrators (A Gabor., et al, 2017). The close connection between electronic learning platforms and the internet, exposes e-learning platforms to various threats and cyber-attacks. In the development processes of electronic learning systems, emphasis is put on the development of the course and the delivery, less emphasis is placed on the security; user privacy; IT policies and procedures. Electronic learning systems are exposed to the same vulnerabilities as any web-based applications. Security related issues such as lose of user information; content related vulnerabilities; spyware attacks; content integrity, are inherited through the use of cloud based services( YZ An., et al, 2016).
Numerous security challenges arise because cloud computing encompasses myriad technologies such as virtualization; concurrent control; memory management; networks; operating systems and databases. Since data theft is a common issue when using cloud based systems, security challenges arise from lack of awareness when the end-user engages with the E-Learning system provided on the cloud (YZ An., et al, 2016). Lack of policies to ensure safety of user data contributes to privacy challenges and security protection of user information. According to the Cloud Security Alliance 2013 the main attacks on cloud based systems are listed as following data breaches; data loss; account hijacking; insecure APIs; denial of service; malicious insiders; abuse of cloud service. Literature states that cloud based E-Learning systems are prone to vulnerabilities and attacks such as brute force attacks; dictionary attacks; hybrid attacks; SQL injections; XSS injections cross site request forgery; session hijacking; stack smashing attacks. Since the implementation of electronic learning involves user information, issues related to personal user data protection should be taken into consideration and the development of electronic learning systems should use a processes that encapsulates proper policies and procedures.
- How to evaluate security threats of cloud based Learning Management Systems?
- How to enhance security requirements for Cloud based Learning Management systems?
- How to improve IT Policies and Procedures for Cloud based Learning Management Systems?
- RESEARCH GOAL AND RESEARCH OBJECTIVES OF THE STUDY
- To evaluate security threats of cloud based Learning Management Systems
- To enhance security requirements for Cloud based Learning Management systems
- To improve IT Policies and Procedures for Cloud based Learning Management Systems
PREMISES OF RESEARCH
This research will make use of the ISO/IEC 27001:2013 a standard which is an information security standard that makes sure that user information and stakeholder information is secured. ISO/IEC 27032 which emphasizes on the role of divergent securities in the internet and cyberspace. The paper will also make use of SCROM (Sharable Content Object Reference Model) standards, which is a collection of standards and specifications for web based electronic educational technology.
Literature review would be taking in account, on what other scholars and researchers have published on the related topic
- Literature review: an assessment report found in literature related to the selected area of study
- Case studies
- Published dissertations
Primary data collection will be conducted because data will be collect from participants focus group which is a qualitative research will be used because the focus group will be stake-holders participating in development and use of E-Learning systems.
Interviews will be conducted with current E-Learning system users and victims of cyber crime.
Participatory Design will be used as a form of evaluation and getting other stake holders involved in assessing and getting feedback from the current E-Learning systems
Usability Testing will be conducted to get the end-user to interact with the E-Learning systems and analyze the security threats and risks.
Experimental Design will be used to understand the causal processes of developing Learning Management Systems and deploying cloud based systems.
Andrei Marius Gabor, Maruis Constantin Popescu, Antoanela Naaji, ‘Security Issues Related to E-Learning Education’
This paper study focuses on the security challenges faced in Electronic Learning Systems and implements the use of an algorithm that generates strong passwords in order to secure system and personal data (A Gobor., et al, 2017). The paper developed an algorithm by creating a dictionary that is more efficient against brut fore attacks
A Gobor analysis the criteria of creating a password, and creates a database that accumulates passwords in a dictionary for alternative passwords to combat brute force attacks in learning management systems.
YZ An, ZF Zaaba, NF Samsudin, ‘Reviews on Security Issues Challenges in Cloud Computing’
This article lists the architecture of could based computing, then discusses the most common security issues related to using cloud based systems. Therefore, providing some solutions to the security issues.
YZ An provides a list of the top threats according to the Cloud Security Alliance (CSA). The paper provides a foundation in regards to challenges and issues in the cloud computing environment.
M Durairaj, A Manimaran, ‘A Study on Security Issues in Cloud based E-Learning’
This research identifies the different security issues in cloud service delivery model, with the aim of suggesting a solution in the form of security measures relating to cloud based learning (M Durairaj, et al, 2015).
The paper discusses the different types of attacks in service delivery models when using learning management systems proposed by different researchers.
I Bandara, F Loras, K Maher, ‘Cyber Security Concerns in E-Learning Education’
This research paper illustrates the approach to evaluating, understanding, measuring and monitoring cyber security challenges in E-learning Systems.
I Bandara reveals the lack of proper IT policies and procedures when implementing E-Learning systems. The paper recommends the implementation of new services, that are secure, standardized, highly available and centralized application management in the E-Learning environment (I Bandara, et al, 2014).
Kassid Asmaa, EI Kamoun Najib, ‘E-Learning Systems Risks and their Security’
This article aims to identify some key security issues that must be taken into consideration when developing and using E-Learning platforms. (K Asmaa., et al 2016).
K Asmma examines the basic concepts of security in computing and security aspects of a popular E-learning management system ‘Moodle’
Yong Chen, Wu He, ‘Security Risks and Protection in Online Learning: A Survey’
This research article attempts to describe a survey for online learning to determine the awareness of potential security risks and the protection measures.
The paper uses blog mining and literature. The article finds that online Learning providers have not considered security as a top priority and this could be due to only few serious security incidents have taken place in the online Learning environment.
Related work What they did How they did it Claims/results Similarity/difference
Security Issues Related to E-Learning Education paper study focused on the unauthorized access to E-Learning Systems The paper developed an algorithm by analyzing the criteria of creating a password, and creates a database that accumulates passwords in an dictionary for alternative passwords to combat brute force attacks in learning management systems. The research paper claims creating a online password dictionary is much more efficient against brute force attacks in learning management systems The paper falls in the same realm with the intended paper in terms of it too focuses on security issues relating to E-Learning Systems. But our paper goes beyond unauthorized access as a security risk and intends to provide a holistic approach
Reviews on Security Issues Challenges in Cloud Computing The paper provides a foundation in regards to challenges and issues in the cloud computing environment.
The research paper provided a list of the top threats according to the Cloud Security Alliance (CSA), then lists the architecture of cloud composed of several service models, community models and deployment models. The article provides some basis to challenges and problems in cloud computing The paper bares some similarities in regards to cloud based computing, but the intended research will focus on E-learning could based systems with countermeasures as an outcome, rather than a listing of security challenges and issues
A Study on Security Issues in Cloud based E-Learning This research identifies the different security issues in cloud service delivery model, with the aim of suggesting a solution in the form of security measures relating to cloud based learning The paper discusses the different types of attacks in service delivery models when using learning management systems proposed by different researchers.
The research concluded with solutions for attacks in service delivery models, in the form of a security layer established to encrypt data between a server and client The paper falls in the same realm with the intended paper in terms of it too focuses on security issues relating to E-Learning Systems. But the intended paper looks at improving IT policies and procedures in E-Learning systems
Cyber Security Concerns in E-Learning Education This research paper illustrates the approach to evaluating, understanding, measuring and monitoring cyber security challenges in E-learning Systems.
The paper implements a security management model for E-Learning The paper recommended the implementation of new services, that are secure, standardized, highly available and centralized application management in the E-Learning environment The paper only touches on IT policies and procedures when implementing Learning Management Systems
E-Learning Systems Risks and their Security This article aimed at identifying some key security issues that must be taken into consideration when developing and using E-Learning platforms The paper describes some security aspects of electronic learning platforms and internal cyberattacks by examining the Moodle platform. The paper concluded learning management systems need to implement security services such as encryption, authentication, access control The paper falls in the same realm with the intended paper in terms of it too focuses on security issues relating to E-Learning Systems, but only focuses on Moodle. When our paper will be looking at Blackboard, Moodle and Sakai
Security Risks and Protection in Online Learning: A Survey This research article attempts to describe a survey for online learning to determine the awareness of potential security risks and the protection measures.
The paper uses blog mining and literature as a form of survey. The research used a tool called Leximancer to analysis and map data The article finds that online Learning providers have not considered security as a top priority and this could be due to only few serious security incidents have taken place in the online Learning environment the paper only provides findings and doesn’t include recommendations
- Involving participants in research without their knowledge
- Participants consent is required before they participate in research and evaluation
- Exposing participants to mental stress
- Participants should not be exposed to risks greater than or additional strain to those encountered in the normal work/school environment
- Use of deception
- Participants must be properly briefed of the nature of the research
Total a List Total R13 540,00 Activity Cost Springer & BMJ Journals subscription R1 440,00 Uncapped data R4 800,00 Ithenticate 1 yr Subscription R4 500,00 Proof Reader R1 600,00 -13208036893500Travel R1 200,00
- Y. Z. An, Z. F. Zaaba, N. F Samsudin, 2016, ‘Reviews on Security Issues and Challenges in Cloud Computing’, International Engineering Research and Innovation Symposium.
- A. M. Gabor, M. C. Popescu, A. Naaji, 2017, ‘Security Issues Related to E-Learning Education’, International Journal of computer Science and Network Security, Vol. 17 No. 1, January. 2017.
- I. Bandara, F. Ioras, K. Maher, 2014, ‘Cyber Security Concerns in E-Learning Education’, Buckinghamshire New University.
- M. Durairaji, A. Manimaran, 2015, ‘A Study on Security Issues in Cloud based E-Learning’ Indian Journal of Science and Technology, Vol. 8. 757-765, April. 2015.
- K Asmma, E. K Najib, 2016, ‘E-Learning Systems Risks and their Security’ International Journal of Computer Science and information Security, Vol. 14. No. 7, July. 2016.
- B. T. Adetoba, O Awodele, S. O Kuyoro, 2016, ‘E-Learning Security Issues and Challenges: A Review’ Journal of Scientific Research and Studies, Vol. 3. PP. 96-100, May. 2016.
- S. Mahalingam, M. F. Abdollah, S. Sahibuddin, 2014, ‘Designing Ensemble based security framework for M-learning System’, international journal of Distance technologies, June. 2014.
- V. Khandelwal, S. Magesh. ‘Security Framework for Cloud Based E-Learning System’, International journal of Engineering development and Research, Vol. 2. No 1.
- S. K. Sood, 2012.’ Phishing Attacks: A Challenge Ahead. E-Learning papers’, April. 2012. [Online]. Available: [Accessed 31.08.2019]
- L. B. A. Rabai, N. Rjaibi, 2012, ‘Quantifying Security Threats for E-Learning Systems. Education and E-Learning Innovation’.
- M. M. Saleh, F. A Wahid, 2015, ‘A Review of Security Threats by the Unauthorized in the E-Learning, International Journal of Computing Technology. Vol 14 no. 11.
- S. H. HASAN, D. M. Alghazzawi, A. Zafar. ‘E-Learning Systems and their Security’ BRIS Journal of ADV, Vol. 2. No 3, PP. 8392,2014.
Cite this essay
Evaluation of Security Threats and Countermeasures for Cloud. (2019, Dec 02). Retrieved from https://studymoose.com/evaluation-of-security-threats-and-countermeasures-for-cloud-essay