TOWARDS THE SECURITY OF THE E-LEARNING IN THE OPEN SOURCE CLOUDS

Abstract

In the last years, Cloud Computing was adopted as a large scale technology in various domains of activity and e-learning is not an exception from this rule. In the meanwhile, many universities have developed now their own private clouds in local datacenters, for training and educational purposes by using open source technologies like Eucalyptus, OpenNebula or Nimbus on the infrastructure service side, or other solutions like Apache Hadoop on the platform as a service side. Together with the public interest information stored in the private cloud, there is a lot of confidential data involved in the E-learning process, like exams, students personal data and many more, that must be safely kept inside the boundaries of the private cloud. In the absence of a strong security management, a single vulnerability could contaminate the entire private cloud and could lead to data and application exploitation, together with the perturbation of the entire E-learning process. We highlight that the main threats for the private cloud security are the data interception during the transfer to and from the cloud, and the unauthorized access of the data in the cloud. The specific architecture of the private cloud, involving virtualization and multitenace introduces new approaches in safety consideration. This paper explores the challenges that face the open source cloud and reviews the general and particular threats existent in such environment closely related to the E-learning activities. Some comparisons with existent standards are also emphasized. As a conclusion we offer possible solutions and recommendations for a safe and highly available E-learning process.