Analysis of Risks and Vulnerabilities in a University-Level LMS System

Abstract

The growing development of LMS (Learning Management System) in higher education institutions raises several among which is the increase in security problems that affect confidentiality, integrity and availability in information systems. Therefore, it has become necessary to identify vulnerabilities in these systems to ensure information security. It is essential to use vulnerability scanners to examine the security of web applications.

In this article, we present the results obtained through the analysis method, Open Web Security Project (OWASP), which focuses on identifying risks while providing information on probability and technical impact; will need a reliable value judgment at a quantitative and qualitative level, regarding the vulnerabilities of the Academic Management System (SGA) platform of the State Technical University of Quevedo (UTEQ) of Ecuador, and conclude with security recommendations on the protection of relevant information from the actors involved in this process, in the university context.