رسالة مقدمة لنيل درجة الدكتو ا رة في عموم الحاسوب تأمين نظم التعليم الإلكتروني المبنية على نظم إدارة المحتوى التعليمي مفتوحة المصدر

اسم الطالب : محمد عوض محمد عطا
المشرف : د.مضوى مختار المشرف
تاريخ النشر : 2015-01-01
الدرجة العلمية : دكتوراة
Abstract

This research aims to find out how the presence of threats in the core of Moodle code, and system default settings faults. Designing an algorithm to search for security risks in Moodle Code. Finally The possibility of patching these threats and system faults to prevent the hacking of the system and protect the data therein; For this purpose it was necessary to see the culture of those in charge of e-learning in Sudanese universities with regard to this aspect; to which extent the system administrators in Sudanese universities websites know about internal protection for Moodle system and deal with it. To find results of the theoretical study, the researcher used the descriptive analytical approach, using the first research tool (questionnaire No (1)) and the second research tool (questionnaire No (2)), which distributed to a sample carefully selected for the study, and through analysis of the sample responses, the researcher found that the level of security cognitive aspects and confidentiality of the information and data to those who on the order of e-learning in Sudan is considered average; But with regard to knowledge and cope with internal protection system for Moodle, the result is weak and in some cases, completely lacking among Sudanese universities system administrators. The researcher designed an algorithm to search for SQL Injection and XSS vulnerabilities in MOODLE code. The researcher also found out a number of software vulnerabilities and loopholes in MOODLE code, and system default settings faults; Eventually the researcher patched these vulnerabilities through using of practical approach, which depend on the researcher experience in dealing with Moodle and PHP programming language, as well as using the Acunetix Web Vulnerability Scanner tool. The study was applied to Open University of Sudan, Khartoum region web site, where MOODLE is used as a main platform.