A Model For Financing The Process of Education Informatization, Taking Into Account Computer Security Within The Framework Of A Differential Quality Game

1. Introduction

The quality of higher education (HE) plays a crucial role in a nation's progress, forming the foundation for the training of highly qualified specialists capable of ensuring the sustainable development of the economy and society of the Republic of Kazakhstan (hereinafter referred to as RK) for many years to come. In the era of rapid digitalization and the introduction of information technologies (IT) into educational processes, higher educational institutions (HEIs) of Kazakhstan face new challenges, including those caused by cybersecurity (CS) problems and information protection.

The relevance of this project is due to the growing need for innovative approaches to improving the quality of HE in the context of the digital transformation of the RK economy. This transformation not only opens up new opportunities for education but also creates new risks that require careful analysis and management.

In light of these challenges and opportunities, we propose considering the interaction of two key players in the HE system. In our problem formulation, we assume the following. The first player is the Cybersecurity Center (hereinafter referred to as the CSC). It has resources aimed at ensuring CS; for example, it can be assumed that the center has a certain number of CS tools for which financial resources must be allocated. The second player is the Education Financing Center, for example, represented by the Ministry of Education (hereinafter referred to as the EFC). Its main task is to improve the quality of education, including through the introduction of IT into the learning process, such as cloud technologies and other innovative solutions.

It is important to note that the activities of these two players - the CSC and the EFC - are closely interconnected. There is a clear correlation between "digitalization" (the introduction of IT into education) and the need to strengthen the CS of universities. The more resources are directed to the introduction of IT in education, the more attention and funds are required to ensure their CS.

For example, consider situations that are typical for many HEIs in the RK. The introduction of distance learning systems (such as Moodle, Canvas, or others) requires enhanced protection of the personal data of students and teachers, as well as ensuring the security of online exams.

The use of cloud storage for educational materials and research increases the risk of unauthorized access (UA) to confidential information, which requires the implementation of multi-factor authentication and data encryption.

The development of campus Wi-Fi networks to improve access to educational resources increases the likelihood of cyberattacks, necessitating the installation and configuration of modern firewalls and intrusion detection systems.

Conversely, the higher the level of CS, the more incentives there are for the introduction of IT, which, in turn, contributes to improving the quality of education. This can be illustrated by the following examples.

A reliable CS system allows universities to safely introduce virtual laboratories and simulators, which significantly expands the practical training opportunities, especially in technical and natural sciences.

A high level of CS and data protection stimulates the creation and use of extensive digital libraries and databases (DB) of scientific research, which improves the quality and accessibility of information for students and teachers.

A developed CS infrastructure allows universities to actively participate in international educational projects and exchange programs, which contributes to improving the quality of education through global cooperation.

Confidence in the security of systems allows the introduction of advanced methods of knowledge assessment, such as adaptive testing or automated program code verification, which increases the objectivity and efficiency of the educational process.

Thus, investments in CS and the digitalization of education in the RK create a positive feedback cycle, where each aspect reinforces the other, contributing to the overall improvement of the quality of HE.

Given this dynamic relationship, we propose, within the framework of this article, to consider the situation using the approach described from the standpoint of a differential quality game, which will allow us to model and analyze the complex interactions between the introduction of IT and ensuring CS in the light of improving the quality of HE.

In our opinion, the application of game theory to such a problem setting will make it possible to develop optimal strategies for resource allocation, taking into account both the needs for innovative development of education and the need to ensure its security in the digital age, which, in turn, will help to identify the most effective ways to improve the quality of HE in Kazakhstan that meet modern challenges and contribute to the sustainable development of the country.

Indeed, all of the above has determined our interest in this problem statement. The relevance of this problem is due not only to the rapid digitalization of HE in Kazakhstan but also to the increasing CS risks that accompany this process. In conditions of limited resources and the need to make balanced decisions, the optimal allocation of funds between the development of IT infrastructure and ensuring the CS of universities becomes critically important for the sustainable development of the HE system in the RK. And the application of game theory to this problem not only meets the current needs of the HE system in Kazakhstan but also provides a powerful analytical tool for developing effective development strategies in the context of digital transformation and growing cyber threats.

2. Literature Review

A significant number of research publications are devoted to the issues of cybersecurity for universities and other educational institutions, some of which also touch on aspects related to the correlation between the quality of education and the provision of cybersecurity for educational institutions.

For example, in [1], the authors consider the impact of national cybersecurity strategies on the development of education in this area. The authors analyze how government initiatives and strategies can contribute to improving curricula, training specialists, and raising overall awareness of cyber threats. The importance of integrating cybersecurity into educational systems to ensure national security is also emphasized.

In [2], the author examines approaches to education and research in the field of cybersecurity at universities and universities of applied sciences in Finland. The author analyzes existing curricula, teaching methods, and research initiatives, focusing on the importance of training specialists in this field. The challenges and prospects associated with the development of cybersecurity in the country's education system are also discussed. However, this study is analytical in nature and does not address the correlation between investments in university cybersecurity and the quality of education.

A more interesting approach is proposed in [3], where the authors assess the level of cybersecurity in Saudi Arabian universities using a quality management approach. The study aimed to identify the strengths and weaknesses of existing cybersecurity practices in educational institutions. The authors proposed recommendations for improving cyber protection based on quality management principles, emphasizing the importance of integrating these practices into educational institutions to increase overall security.

In [4], the authors investigate the use of the Blackboard e-learning system in the context of education quality and cybersecurity. They analyze how this platform contributes to educational processes and also discuss the risks associated with cyber threats. In their research, the authors emphasize the importance of ensuring data security and protecting users during online learning, offering recommendations to improve the quality of education when using such technologies. However, the authors do not provide a mathematical justification for their arguments.

As for the use of game theory to assess university development strategies and improve the quality of educational processes, there are also quite a few publications.

For example, in [5], the author applies game theory methods to analyze the education market in Egypt. The author examines the interaction between various participants in the education system, such as students, educational institutions, and government agencies. He considers how competition and cooperation affect the quality and accessibility of education. The article also discusses strategic decisions that can be made by participants to improve educational outcomes and optimize resources.

In [6], the author considers the application of game theory in the organization of HE and the educational process, analyzing how game theory methods can help in understanding the interactions between students, teachers, and educational institutions. The paper emphasizes that theoretical models can be used to optimize learning strategies, improve interaction, and increase the efficiency of the educational process. The main focus of the research is on how the application of these concepts can lead to better results in higher education. However, the connection between the considered strategies and cybersecurity challenges is not traced.

In [7], the authors investigate the application of multi-criteria decision-making (MCDM) in combination with game theory to select strategies in the field of higher education, proposing a method that helps educational institutions evaluate and select the most effective strategies, taking into account various criteria and interactions between participants. The main focus of the article is on how this approach can improve management and resource optimization in higher education, as well as increase the competitiveness of educational institutions. The issue of the correlation between the quality of education and university cybersecurity is not addressed.

In [8], the authors use game theory to analyze the interaction between teachers and students in the educational process. They expand the economic theory of education by considering how the decisions and strategies of both sides affect learning outcomes, i.e., in fact, the quality of education. The study focuses on the interdependence of the actions of teachers and students, emphasizing that understanding these interactions can help improve the effectiveness of learning and the optimization of educational resources. However, as in the previously analyzed works, the issue of the correlation between the quality of education and university cybersecurity is not addressed.

As the analysis of the above works, as well as other publications that we have analyzed [9], [10], has shown, there are currently no works that systematically address the issue of modeling the financial processes of informatization of education, taking into account computer security. That is why the topic of our research seems relevant to us.

3. Research Objective and Tasks

Research Objective. The primary goal is to develop and refine mathematical models that will serve as the foundation for creating a decision support system designed to optimize the allocation of resources (financial, intellectual, personnel, technical) between the processes of education informatization and ensuring cybersecurity.

Research Tasks. During the research, the following tasks were addressed:

Development of a game theory model (differential quality game) to find optimal player strategies. Finding an analytical solution to the game and characteristics of achieving the players' goal when using their optimal strategies.

Conducting computational experiments to test the model.

4. Methods and Models

The quality of higher education (HE) plays a key role in the progress of any state. Innovative approaches to improving the quality of HE in the context of global digitalization not only open up new opportunities but also create, as the analysis of the literature has shown, additional risks that require careful analysis and management. Recognizing these risks and opportunities, we propose considering the interaction of two key players in the HE system. These players are responsible for allocating resources between the processes of education informatization and ensuring computer security in universities. Within our model, we reduce various types of resources (financial, human, intellectual, technical, organizational) to a single financial equivalent. This simplification allows for the creation of a universal resource allocation model and facilitates quantitative analysis. However, we acknowledge the limitations of such an approach and recognize that some qualitative aspects of resources may not be fully reflected in the financial assessment. Therefore, when interpreting the model results, it will be necessary to additionally consider the qualitative characteristics of resources and the specifics of their application.

4.1. Problem Statement

There are two players: The first player is the Cybersecurity Center (hereinafter referred to as the CSC). It has resources aimed at ensuring cybersecurity, for example, it can be assumed that the center has $\left(n\right)$ cybersecurity tools for which resources must be allocated. These tools can be called the CSC's technological strategies. The second player is the Education Financing Center (hereinafter referred to as the EFC). Its main task is to improve the quality of education, including through the introduction of IT into the learning process, such as cloud technologies and other innovative solutions. It is assumed that the second player has $\left(m\right)$ tools (its technological strategies) that it can use to improve the quality of education.

For example, consider a small list of player strategies, each of which will require corresponding resources that can ultimately be reduced to the dimension of financial resources (RES) with the limitations that were discussed above, see Table 1.

Interdependence in the financing of cybersecurity and education informatization is a complex dynamic mechanism where one player's resources influence the actions and needs of the other. For example, funding the Cybersecurity Center (CSC) directly stimulates additional investments in the informatization of the educational process. This is because the more funds are directed towards introducing IT into education, the more pressing cybersecurity issues become, and consequently, the more resources are required to address them effectively.

On the other hand, a high level of cybersecurity creates attractive conditions for the introduction of new IT. Thus, increasing investments in cybersecurity not only protects existing university information systems but also serves as a powerful incentive for further innovation. This, in turn, will contribute to improving the quality of educational services in universities. This interdependence of financing processes leads to a conflict of interest between the players, as one of them often finds themselves unable to meet the financial demands of the other. A shortage of resources - especially financial ones - can block the implementation of their own technological strategies.

In this regard, in our research, we will use the term "resource" (RES) to denote all the necessary funds allocated by the players. The conflicting relationship between the CSC and the Education Financing Center (EFC) becomes the basis for applying game theory, namely an antagonistic game, in the task of finding optimal strategies for the participants. We consider this interaction as a differential quality game, which allows us to take into account changes and adaptation of player strategies depending on current conditions. The interaction between the players occurs continuously over time, emphasizing its dynamic nature. As already mentioned, the first player (CSC) allocates funding to its technological strategies aimed at protecting cybersecurity, while the second player (EFC) funds its strategies aimed at improving the quality of education through the introduction of IT. The EFC's investment in its technological initiatives, in turn, requires additional funds from the CSC to ensure their protection, creating a closed loop of mutual dependencies and financial obligations.

Let's assume that $i-$is a technological strategy of the EFC that leads to the need for the CSC to spend resources in the amount of ${\rho }_j^1$. Then, $j-$is a technological strategy of the CSC that leads to a cost of resources for the EFC in the amount of ${\rho }_j^1$. Let's give an example.

Suppose the EFC wants to introduce a new online learning system (this $i-$is the technological strategy of the EFC). The EFC invests in a platform for conducting online courses. The introduction of this system will require additional CS measures; accordingly, the CSC needs to allocate additional resources ${\rho }_j^1$ ($i-$) to strengthen the protection of the personal data of students and teachers, as well as to protect against DDoS attacks on online learning servers.

In response, the CSC introduces a multi-factor authentication system (this $j-$is the technological strategy of the CSC). The introduction of this CS system, in turn, will allow the EFC to expand the functionality of the online platform, including conducting online exams and attracting more foreign students due to the increased level of data protection, as well as reducing the risks of financial losses from possible cyberattacks. However, this will require additional investments from the EFC ${\rho }_j^1$ ($j-$) in the development and adaptation of the educational platform for new opportunities provided by the increased level of CS.

Thus, one can clearly see in this small example how the actions of one center (the introduction of a new technology) lead to the need for additional investments from the other center, and vice versa, which, in fact, illustrates the relationship and mutual influence of the strategies of both players in the proposed model.

Let us denote by $p_{ij}^1$the ratio ${\rho }_i^1/{\rho }_j^2$, and by $p_{ij}^2$the ratio ${\rho }_j^2/{\rho }_i^1$. If ${\rho }_i^1=0$is very large for some $i$ and j, or ${\rho }_j^2=0$is very large for some $j$, then such strategies are excluded from consideration.

Let's assume that $S_1$is a matrix of size $m\times n$, consisting of elements $s_{ij}^1$. The number of rows of the matrix $S_1$is the number of technological strategies of the EFC. In the matrix $S_1$, the number of each row is the technological strategy of the EFC. The column numbers of $S_1$are the technological strategies of the CSC. Then $S_2$ is a matrix of size $n\times m$. In $S_2$, the row numbers are the technological strategies of the CSC. The column numbers of $S_2$ are the technological strategies of the EFC. We obtain that the elements $s_{ij}^2$ mean that they are located in the $j-oй$ row and $i-oм$ column.

Let us denote by$p_{ij}^1$ the ratio, and by the ratio. If it is very large for some and j or is very large for some, then such strategies are excluded from consideration.

To make further calculations more compact, we introduce the following notations:

${\delta }_j(j=1,\mathrm{...},m)-$ Elements of a diagonal matrix $\Xi$ order $m$: ${\delta }_j\ge 0,{\displaystyle \sum _{j=1}^m{\delta }_j=1}$. Matrix $\Xi$ characterizes the 'structure' of the EFC's resources.

"${\delta }_j$represents a portion $j-$ of the CSC's resource set, which is transformed into $j-$ a component of the same size within the EFC's resource set. What does this situation correspond to? If we have a CSC resource set $(w_1,\mathrm{...},w_n)$ of size $j-$, then the y-component of the EFC's resource set of the same magnitude is transformed into a CSC resource set equivalent to ${\delta }_j\cdot (w_1,\mathrm{...},w_n)$."

${\theta }_j(j=1,\mathrm{...},n)-$The elements of the diagonal matrix $\Psi$ are ordered by $n$:${\theta }_j\ge 0,{\displaystyle \sum _{j=1}^n{\theta }_j=1}$: XX:X. Matrix $\Theta$ describes the structure of the CSC's resource set. Each element in ${\theta }_j$represents a share $j-$ of the EFC's resource set, which is transformed into a corresponding component $j-$ in the CSC's resource set.

This means that if there is a resource set in the EFC represented by $(g_1,\mathrm{...},g_m)$, then in the $j$component, the resource set magnitude of the CSC is transformed to match the resource set magnitude of the CFO, also represented by ${\theta }_j\cdot (g_1,\mathrm{...},g_m)$."

We assume that there exists a set of resources, $w=(w_1,\mathrm{...},w_n)$, available to the Central Design Bureau (CDB) for operation. $\left(S_1\cdot w\right)$represents $m-$ a multidimensional vector, which is intended to indicate the full set of CFO resources. However, in practice, this product only allows for determining a single component of the CFO's resource vector. This is because the entirety of vector $w=(w_1,\mathrm{...},w_n)$is effectively “spent” on this one component. There are no additional resources from the CSC that are “resource-equivalent” to this component within the EFC’s resources.

The complete set of CSC resources has been utilized to “equalize” its “resource equivalence” with just one component of the EFC’s resource set. Essentially, the CSC’s resources have been directed towards additional funding for one specific EFC strategy. Consequently, the CSC lacks any remaining resources to support further allocations or funding of other EFC strategies.

In other words, all available CSC resources have been expended on a single EFC strategy. As a result, the EFC is in a position to continue its financing process using its remaining resources and strategies, thereby placing the CSC in a vulnerable position, as its resource (financial) capacity has already been depleted in support of only one of the multiple EFC strategies.

Therefore, it becomes necessary to divide the set of resources $m$ into separate parts. This partitioning would enable the "equalization" of the efficiency of the EFC’s resource sets across all components, matching them with proportional shares of the CSC’s resources. To facilitate this, a set of elements within ${\delta }_j$ is introduced. This same approach can be applied to the set of EFC resources.

In this work, the reasoning is conducted from the perspective of the first player-ally. This implies that no assumptions are made about the level of awareness of the Education Financing Center (EFC), which is equivalent to a situation where the EFC has complete information. Thus, the EFC may have a complete understanding of the state of the Cybersecurity Center (CSC), as well as all of its actions and strategies.

The CSC, at time $t\in [0,+\infty )$$w(t)\in R_{+}^n$, converts its resources into resources of magnitude $Q\cdot w(t)$. Here, $Q$ represents a resource transformation matrix for the CSC, which is of order $n$ and consists of positive elements. The CSC then makes a strategic move by choosing the quantity of resources $U(0)\cdot Q\cdot w(t)$, where $U(0)$ is a diagonal matrix composed of elements $u_i(t):0\le u_i(t)\le 1$. This magnitude of CSC resources leads to additional financing for the EFC, amounting to $\Xi \cdot S_1\cdot U(0)\cdot Q\cdot w(t)$.

Similarly, the EFC, at time $t\in [0,+\infty )$$g(t)\in R_{+}^m$, converts its resources into resources of size $H\cdot g(t)$. Here, $H$ is the resource transformation matrix for the EFC, also of order $m$ and consisting of positive elements. The EFC then makes its strategic move by choosing its resource amount $V(0)\cdot H\cdot g(t)$, where $V(0)$ is a diagonal matrix of order $m$, containing elements $v_i(t):0\le v_i(t)\le 1$. This magnitude of the EFC's resources also leads to additional financing for the EFC, amounting to $\Theta \cdot S_2\cdot V(t)\cdot H\cdot g(t)$.

At time $t\in [0,+\infty )$, the resources of both players, the EFC and CSC, satisfy the following system of differential equations:

$$\begin{array}{l}dw(t)/dt=-w(t)+Q\cdot w(t)-U(t)\cdot Q\cdot w(t)-\Theta \cdot S_2\cdot V(t)\cdot H\cdot g(t);\\ dg(t)/dt=-g(t)+H\cdot g(t)-V(t)\cdot H\cdot g(t)-\Xi \cdot S_1\cdot U(t)\cdot Q\cdot w(t).\end{array}$$

(1)

At the moment of time $t\in [0,+\infty )$ The following variants are possible:

$$\left(w\left(t\right),g\left(t\right)\right)\in G_2$$

(2)

$$\left(w\left(t\right),g\left(t\right)\right)\in G_3$$

(3)

$$\left(w\left(t\right),g\left(t\right)\right)\in G_4$$

(4)

$$\left(w\left(t\right),g\left(t\right)\right)\in G_5$$

(5)

where

$$G_2={\displaystyle \underset{i=1}{\overset{m}{\cup }}\{(w,g):(w,g)\in R^{n+m},w\succ 0,g_i=0\}},$$

$$G_3={\displaystyle \underset{i=1}{\overset{n}{\cup }}\{(w,g):(w,g)\in R^{n+m},g\succ 0,w_i=0\}}.$$

$$G_4=\left\{{\displaystyle \underset{i=1}{\overset{n}{\cup }}\{(w,g):(w,g)\in R^{n+m},w_i=0\}\}\cap }\right\{{\displaystyle \underset{i=1}{\overset{m}{\cup }}\{(w,g):(w,g)\in R^{n+m},g_i=0\}\}},$$

$$G_5=\mathrm{int}{R}_{+}^{n+m}.$$

Condition (2) indicates that the Cybersecurity Center (CSC) has sufficient resources to interact with the Education Financing Center (EFC), while the EFC lacks resources. In this case, the interaction ends.

Condition (3) indicates a situation where the EFC has sufficient resources to interact with the CSC, while the CSC lacks resources. In such a case, the interaction also ceases.

Condition (4) states that both players do not have enough resources to continue the interaction, which also leads to its completion.

If condition (5) is met, the interaction process between the players continues.

The financing process described in system (1) is considered within the framework of a positional differential game of quality with several terminal surfaces [11,12]. We focus on analyzing the problem from the perspective of the first allied player, given the symmetry of the conditions. The problem, considered from the position of the second allied player, is solved in a similar way.

Let's denote by $T^{*}=[0,+\infty )$ – time interval

Definition. 

A pure strategy $U(.,.,.)$ for the first player (ally) is defined as a set of functions $u_i(.,.,.):T^{*}\times R_{+}^{n+m}\to [0,1],(i=1,\mathrm{...},n),$ such that $u_i(t,(w,g)\in [0,1],(t\in T^{*},(w,g)\in R_{+}^{n+m}).$. Specifically, a pure strategy for the first player (ally) is a predetermined set of actions or decisions made to protect cybersecurity. The second player (opponent) then chooses their strategy $V(.)$. Based on any information. For example, a pure strategy of the CSC (player-ally). Suppose the CSC decides to implement a comprehensive protection system that includes: a) Installing a modern firewall; b) Implementing a multi-factor authentication system; c) Implementing a SIEM. This is a specific set of actions that represents a pure strategy of the CSC. Then, the strategy of the EFC (player-opponent) is determined based on the fact that the EFC, knowing about the actions of the CSC, can choose its own strategy. For example, implement such strategies: a) increase funding for the implementation of a new online learning system; b) invest in cloud storage for educational materials; c) expand communication opportunities with students using social networks. Accordingly, the CSC seeks to determine such initial conditions (for example, the initial budget, the number of personnel, the current level of protection) under which it will be able to ensure the required level of cybersecurity, despite the actions of the EFC.

For example, the CSC might seek answers to questions such as: 1) With what minimum initial budget can we ensure protection from all major cyber threats? 2) What is the minimum number of cybersecurity specialists that the university initially needs to cope with the increased load due to new IT systems? 3) What level of basic protection should we have initially so that we can successfully resist new threats arising from the expansion of the university's digital infrastructure? In fact, the CSC seeks to find such initial conditions under which it can ensure the necessary level of cybersecurity, regardless of which strategy the EFC chooses to expand the use of IT in education. That is, the first allied player seeks to find a set of its initial states that have the following property.

Property: If the game starts from the initial states, the first allied player can choose a strategy $U_{*}(.)$that ensures the fulfillment of condition (2) at a specific point in time $t$. Moreover, this chosen strategy prevents the EFC from fulfilling condition (3) at previous points in time. In other words, this property indicates that the first allied player can select a strategy guaranteeing that, at some moment in time $t$, the EFC will lack sufficient resources to fund its technological strategies further. Thus, the first allied player's strategy should be such that it reduces the resource capabilities of the EFC to a level where additional financing of its technological strategies becomes impossible.

A set of such states represents the preferences of the first allied player, $Y_1$, whose strategies we will denote as $U_{*}(.)$'s strategies. The CSC, with its specified properties, represents $U_{*}(.)$'s optimal strategies."

The goal of the first allied player is to find preference sets. They also find strategies that, when applied, will lead to the fulfillment of condition (2).

The described model is a bilinear differential quality game with multiple terminal surfaces [11].

The following paragraph presents the conditions that will allow us to find a solution to the game. That is, we can find 'preference' sets.$Y_1$ and optimal strategies $U_{*}(.)$ of the first player-ally (CSC).

4.2. Solution to Problem 1

A brief outline of the analytical solution to problem 1 is presented in this article for one of the variants of the game's parameter ratio. Solutions for other variants can be found similarly, utilizing the potential of cybernetic modeling tools.

Let us introduce the following notation:$B_1=Q$, $B_2=H$, $D_1=\Xi \cdot S_1$, $D_2=\Theta \cdot S_2$

Solution to problem 1 depends on the ratio of parameters that determine the interaction between the first player-ally and the second player-opponent.

All cases of the ratio of parameters, we will present in the form of two cases.

• Case 1.

$D_1\cdot B_1\cdot D_2\le B_2$, $B_2\cdot D_1\ge D_1\cdot B_1$, $D{}_2\succ 0$ (these are matrix inequalities),

$D_2\cdot B_2\cdot D_1$ – Diagonal matrix;

$\begin{array}{l}[\{\{[{\displaystyle \sum _{\theta =1}^m{(D_2\cdot B_2)}_{i\theta }/({\displaystyle \sum _{j=1}^m{(D_2\cdot B_2)}_{ij})]\cdot [{(D_1\cdot B_1)}_{\theta 1}+\mathrm{...}+{(D_1\cdot B_1)}_{\theta n}}\}/}\\ [{(D_2\cdot B_2)}_{i1}+\mathrm{...}+{(D_2\cdot B_2)}_{\theta i}]{\}}^{0.5}\ge \max ({\varphi }_i,f_i)\end{array}$,

${\varphi }_i=\underset{j}{{\displaystyle \max }}[{(D_2\cdot B_2)}_{ij}/[{\displaystyle \sum _{j=1}^m{(D_2\cdot B_2)}_{ij}]}/{(D_2)}_{ij}]$,

$f_i={(D_2\cdot B_2\cdot D_1)}_{ii}/[{\displaystyle \sum _{j=1}^m{(D_2\cdot B_2)}_{ij}]}$.

• Case 2.

When analyzing the interaction between the CSC and the EFC, several scenarios can be distinguished, depending on the ratio of their parameters and initial conditions.

Scenario 1:

CSC Advantage. In this situation, the CSC has the opportunity to achieve its goal of ensuring the necessary level of cybersecurity if the initial conditions are favorable. For example, the CSC may start with a significant advantage in resources, such as: 1) a substantial initial budget for cybersecurity; 2) The presence of highly qualified specialists; 3) The use of advanced data protection technologies. At the same time, the EFC may face limitations that prevent it from fully realizing its goals for digitalizing education. For example, limited funding for the implementation of new IT systems or a lack of technical specialists to deploy new educational platforms.

Scenario 2:

Equal Opportunities. In this scenario, both the CSC and the EFC start with comparable resources and capabilities. For example: 1) both centers have similar budgets for implementing their strategies; 2) both have access to modern technologies in their respective fields; 3) the teams of both centers have a comparable level of expertise in decision-making. In such a situation, the success of each center will depend on their ability to effectively utilize available resources and adapt to the actions of each other. The CSC can focus on developing flexible cybersecurity systems and data protection systems that can quickly respond to new threats arising from the introduction of IT innovations by the EFC. In turn, the EFC can focus on selecting educational technologies that initially have a high level of built-in security. It should be noted that these scenarios are extreme cases, and the real situation may be somewhere in between them or have a more complex structure of interaction between the CSC and the EFC.

Further, we introduce the following notations:

$$\begin{array}{l}{W}_1=\{(w(0),g(0)):(w(0),g(0))\in R_{+}^{n+m},[(B_2^{i,\Sigma })/{(D_1\cdot B_1)}^{i,\Sigma }]\cdot {[g(0)]}_i\prec \\ {\displaystyle \sum _{j=1}^n(D_1\cdot B_1}{\}}_{ij}\cdot w_j(0),\exists i:i=1,\mathrm{...},n;\}\end{array}$$

$$\begin{array}{l}{W}^{*}=\{(w(0),g(0)):(w(0),g(0))\in R_{+}^{n+m},{(q_{*})}_i\cdot {(w(0))}_i\ge \\ [{\displaystyle \sum _{\theta =1}^n{(D_2\cdot B_2)}_{i\theta }\cdot {(g(0))}_{\theta }]/[}{\displaystyle \sum _{j=1}^n{(D_2\cdot B_2)}_{ij}],\forall i=1,\mathrm{...},n;\}}\end{array}$$

Here ${(q_{*})}_i={[D_2^{i,\Sigma }/D_1\cdot B_1)}^{i,\Sigma }]$,

$(B_2^{i,\Sigma })$– sum of elements $i$- The strings of the matrix $B_2$,

${(D_1\cdot B_1)}^{i,\Sigma }$– sum of elements $i$- The strings of the matrix $D_1\cdot B_1$,

$Y_1=W_1\cap W_1^{*}$.

The outcome of the players' interaction is represented in a theorem that describes the preference set $Y_Y$ of the first player (ally), which reflects the advantage of this player over the opponent. This advantage is expressed in the following ways:

The quantity of resources available.

The efficiency of resource allocation, represented in matrices $S_1$and $\Xi$.

The implementation of the optimal strategy $U^{*}(.,.):R_{+}^n\times R_{+}^m\mapsto R_{+}^n,U^{*}(w,g)=E,$ where $E-$ is the identity matrix of order $n,$\times $(w,g)\in Y_1$ and is undefined otherwise.

It is important to note that the methodology for determining optimal strategies and preferred initial conditions is applicable to both the CSC and the EFC, despite their different roles in our model. For the CSC, the process of determining optimal strategies and the most favorable initial conditions is based on the analysis of various scenarios for the development of the cybersecurity situation in the educational environment. In this case, the CSC assesses which initial resources and which strategic decisions will allow it to most effectively ensure cybersecurity and protect the information infrastructure of universities, taking into account the possible actions of the EFC to digitalize education.

For the EFC, a similar approach is used, as the EFC also conducts an analysis to determine its optimal strategies and preferred initial conditions. However, the focus here shifts to assessing which initial resources and which strategic decisions will allow for the most effective implementation of innovative educational technologies, taking into account the need to ensure their cybersecurity and the possible response actions of the CSC.

Thus, although the goals of the CSC and the EFC are different, the methodological approach to determining their optimal strategies and preferred initial conditions is similar, which will allow for the analytical creation of a balanced model that takes into account the interests of both parties in the process of digital transformation of the higher education system of the Republic of Kazakhstan.

4.3. Constraints Adopted in the Game for the Given Problem Statement

• Time-Invariant System Parameters.

The current model assumes that parameters affecting the system remain constant throughout the analysis. This simplification has allowed us to focus on the interactions between players, but it limits the model's accuracy in a dynamically changing environment where time-varying factors can significantly influence outcomes.

2.

Bilinearity of the System of Differential Equations.

The proposed model is based on a bilinear structure, which implies linear dependencies between variables within certain limits. While this simplification makes the model more manageable, it may not fully reflect the complex nonlinear interactions that are often observed in real-world scenarios of university financing and informatization.

3.

Schematic Nature of the Problem Statement.

The formulation of the problem in the model is schematic, which has allowed us to highlight the key aspects of the interaction between the participants. However, this also leads to the neglect of some important factors, such as cultural, organizational, or technical features that can significantly influence the decision-making process.

Taking into account these limitations and their potential removal is an important direction for future research. In particular, in future works, we propose to consider the possibility of introducing time dynamics into the model, as well as studying the influence of nonlinear dependencies and taking into account more detailed aspects of the interaction between participants. This will allow us to increase the accuracy and applicability of the model in real-world conditions.

5. Computational Experiment for Evaluating Player Resources in the Process of Improving Education Quality

A computational experiment was conducted to evaluate the resources of both players on a set of synthetic data, and the strategies described earlier were analyzed. The model was implemented in Python using the PyCharm development environment, and the results of the players' interaction are visualized in Figure 1.

The experiment plan included the following stages: 1) defining the initial positions of the players; 2) constructing, based on the proposed model, colored hyperplanes indicating the boundaries of the preference region of the first player-ally; 3) identifying the set of player states located below the hyperplanes in the positive orthant, indicating that when starting interaction from these points, the first player-ally can choose a strategy leading to the desired result; 4) determining the intersection of the hyperplanes and finding the balance ray, on which the states of both platforms are in equilibrium; 5) analyzing the resources of both players; 6) evaluating the effectiveness of achieving goals by both players with the chosen strategies and analyzing the trajectories of changes in their states relative to the balance ray.

6. Discussion of the Results of the Computational Experiment

The preference set of the first allied player is depicted in the positive orthant of a three-dimensional space. It represents a set of player states located "under" hyperplanes of different colors. The blue hyperplane $\left(g=3\cdot w_1\right)$ shows the ratio between the resources of the EFC and the first strategy of the CSC, while the pink hyperplane $\left(g=4\cdot w_1\right)$ reflects the ratio between the resources of the EFC and the second strategy of the CSC. The orange hyperplane $\left(g=2\cdot w_1+5\cdot w_2\right)$ represents a combined strategy that takes into account both CSC strategies. The area beneath all three colored planes indicates states where the CSC has an advantage over the EFC. The intersection of the hyperplanes defines the boundaries of the preference region for the first allied player and allows for the determination of balance rays.

These balance rays have the following property: if the interaction between players begins from states along these rays, each player has strategies that enable them to remain on these rays for as long as desired. In this context, the CSC and EFC maintain a balance between cybersecurity and a sufficient level of education quality.

7. Conclusions

In the course of the research, a game-theoretic model for financing the informatization of education was developed, taking into account aspects of computer security, with a focus on the financial interaction between players. The novelty of the model lies in the use of a differential quality game with a bilinear structure, where the financial states of the players are described by a system of differential equations. In this formulation, the model allows for the determination of preference sets and optimal strategies for players, which was demonstrated in a computational experiment. The conducted analysis confirms that the proposed model effectively evaluates strategic interactions between participants, ensuring consideration of cybersecurity. Visualization of the preference set for the first player, the CSC, demonstrates the applicability of the model for solving practical problems of financing the informatization of the educational process. In the future, it is possible to expand the model to integrate real data and more complex strategic scenarios.