| Popis: |
Relevance. Digitalization of education is becoming an increasingly urgent issue today. This is due both to the information transformations taking place all over the world and the online technologies usage trend. The education system as an integral and determinative part of all processes in society is also under the influence of the trend. It is obvious that under the conditions of informational isolation, remote access to educational resources is in demand more than ever. On the one hand, it entails a sharp increase of the importance of information and digital resources in education. But on the other hand, this leads to the wide range of threats and dangers that determine the risks for existing information systems in education and new ones. The aim of the study is to identify the information risk factors in the modern educational environment, on the basis of which it is possible to carry out a probabilistic analysis of its security. The methodological basis of the research combines the theory and practice of information and system approaches; modeling of a probabilistic model of information risks based on scenarios. Results and discussion. The study of the information aspect of education security has shown a fairly significant number of risks for information systems in education. At the same time, the range of such risks is constantly expanding due to the specifics of the information processes in education. It requires to take into account such risks and to assume system based measures aimed to assess the risks in the context of correlating the definitions “asset”, “vulnerability”, “threat” and “damage” in the information educational environment. Accordingly, this scenario-based approach makes it possible to create a general scheme of "security policy" in relation to information risks in education. Its implementation is represented as a risk management based on the analysis of the causes and consequences of an IS violation that also allows to analyze the security of the entire information educational environment. Conclusion. Implementation of the developed method allows to assess existing levels of risk and to conduct regular security analysis for the entire educational environment on the basis of probabilistic model based on the scenario method of educational environment information risks assessment. |
