Assessing and Improving e-learning Platform Security in Africa: From Deep Vulnerability Analysis to the Development of “OSSEP” LMS Security Framework
摘要
The security of e-learning platforms is an essential pillar for protecting sensitive user data and ensuring the sustainability of digital education systems, particularly in Africa. This study aims to assess the security of 40 learning management systems (LMSs) from 18 African countries. For vulnerability detection and compliance analysis, we used many advanced and recognized tools. The e-learning platforms were analyzed by region and typology (governmental, private, academic), highlighting significant disparities. The results revealed critical vulnerabilities, such as remote code execution flaws and obsolete SSL/TLS configurations, as well as shortcomings linked to players’ lack of knowledge of standards, limited budgets and low prioritization of security at the design stage, to the detriment of good functional coverage. To meet these challenges, we propose the OSSEP (open-source security for educational platforms) framework, a model created and adapted to the African context, that integrates open-source tools and recommendations aligned with international standards and security practices. These practices are aligned with LMS using artificial intelligence. To assess the operational relevance of OSSEP protocol, we conducted a pre-validation process applied to an e-learning platform widely used in higher education. Qualitative feedback obtained via a focus group confirmed the relevance of OSSEP while calling for practical, longitudinal experimentation to validate its effectiveness in real-life contexts. Our study highlights the vulnerabilities of LMSs in Africa and proposes a structured, cost-effective solution for improving their security, thereby helping to increase confidence in digital education on the continent.