Regresar

Evaluation of university informatic security systems: Teacher evaluation system a case study

Abstract:

This work details the security evaluation process of Técnica del Norte University teacher evaluation system, in order to establish objectives and controls that minimize the vulnerabilities of the management system. Information was collected through surveys, interviews and work meetings. Next, the Magerit methodology was applied through the PILAR software, which allowed information and assets collection, such as hardware, software, and human assets, and then, an assessment according to its incidence in integrity, confidentiality, availability, authenticity and traceability, was made. The factorial structure of the survey was designed using exploratory factor analysis and the results were validated by means of confirmatory factor analysis. In addition, a review of ISO / IEC2001: 2013 and an evaluation of compliance based on ISO / IEC 2700: 2017 was performed. To detect the security of this system, penetration tests were made on the detected vulnerabilities, by means of SQLmap and Nmap tools.

Año de publicación:

2019

Keywords:

  • ISO/IEC 27002:2017
  • validity
  • Factorial exploratory analysis
  • Fiability
  • Informatic security system evaluation

Fuente:

scopusscopus

Tipo de documento:

Article

Estado:

Acceso restringido

Áreas de conocimiento:

  • Ciencias de la computación

Áreas temáticas:

  • Ciencias de la computación

Contribuidores:

Israel D. Herrera-GrandaIsrael D. Herrera-Granda
Erick P. Herrera-GrandaErick P. Herrera-Granda
Daisy E. Imbaquingo-EsparzaDaisy E. Imbaquingo-Esparza
MacArthur Ortega-BustamanteMacArthur Ortega-Bustamante
Verónica L. GuamánVerónica L. Guamán
Silvia R. ArciniegaSilvia R. Arciniega