Security Audit and Mechanism of Protecting e-Learning System at the Faculty of Traffic and Transport Sciences

LMS (Learning Management System) of the Faculty of Transport and Traffic Sciences, called e-Student, was experimentally introduced at the end of 2004 for one subject at the Faculty and was used to carry out a part of the teaching and practical work for about a hundred students. Today the system is used by more than 4800 students. In the period from 2004 to the beginning of March 2007, the system was used more than 145, 000 times. With the fact that e-Student system is a publicly accessible web application has given rise to questions regarding the security of the users interface and the database safety. Although, from the very beginning the system was planned and designed so as to provide security against then known methods of attacks, there are almost daily new failures in the operating systems and database management systems and the methods of attacks and usage of the web application drawbacks. Consequently, the system has to be regularly tested and adequately protected.