Text

Analisis keamanan pada website milik Dinas Kesehatan Kabupaten Oku Timur berdasarkan open web application security project (OWASP) Top 10 2021

---

Abstrak:
Dinas Kesehatan kabupaten OKU Timur, Sumatera Selatan memiliki sebuah website yang disediakan untuk pelayanan publik bagi masyarakat OKU Timur. Web tersebut menyediakan berbagai fitur seperti berita, jejaring, dan informasi publik terkait perizinan tenaga kesehatan di daerah OKU Timur. Website ini masih dalam tahap pengembangan dan belum pernah dilakukan analisis keamanan. Analisis keamanan merupakan proses penilaian keamanan pada web. Analisis keamanan dilakukan untuk memahami dan mengantisipasi adanya risiko yang mungkin dihadapi kedepannya. Tahapan analisis keamanan pada web terdiri atas tiga tahapan utama yakni vulnerability assessment, penetration testing, dan reporting yang juga akan diberikan rekomendasi perbaikan terhadap website milik Dinas Kesehatan Kabupaten OKU Timur. Dalam penelitian ini dilakukan pencocokan kerentanan dari hasil scanning berdasarkan Open Web Application Security Project (OWASP) Top 10 2021. Hasil dari penelitian ini pada tahap scanning ditemukan sebelas kerentanan dengan sembilan diantaranya dapat dieksploitasi dan bernilai true-positive. Penilaian tingkat kerentanan dari sembilan kerentanan yang ditemukan tersebut dilakukan menggunakan OWASP Risk Assessment Calculator yang mengacu pada OWASP Risk Rating Methodology dengan hasil empat kerentanan berkategori medium dan lima kerentanan berkategori low. Pada penelitian ini juga disusun rekomendasi perbaikan untuk setiap kerentanan yang ditemukan pada website milik Dinkes OKU Timur.

Abstract:
The Health Office of East OKU district, South Sumatra has a website that is provided for public services for the people of East OKU. The website provides various features such as news, networking, and public information related to licensing of health workers in the East OKU area. This website is still under development and has never been subjected to security analysis. Security analysis is the process of assessing security on the web. Security analysis is carried out to understand and anticipate any risks that may be faced in the future. The stages of security analysis on the web consist of three main stages, namely vulnerability assessment, penetration testing, and reporting which will also be given recommendations for improvements to the website of the East OKU Regency Health Office. In this study, vulnerability matching was carried out from the scanning results based on the Open Web Application Security Project (OWASP) Top 10 2021. The results of this study in the scanning stage found eleven vulnerabilities with nine of them exploitable and true-positive. The assessment of the vulnerability level of the nine vulnerabilities found was carried out using the OWASP Risk Assessment Calculator which refers to the OWASP Risk Rating Methodology with the results of four vulnerabilities categorized as medium and five vulnerabilities categorized as low. In this study, recommendations for improvement were also prepared for each vulnerability found on the website of the East OKU Health Office.

---

Availability

Detail Information

Series Title

--

Call Number

2023 AYU a

Publisher

Bogor : Politeknik Siber dan Sandi Negara., 2023

Collation

xv, 72 halaman

Language

Indonesia

ISBN/ISSN

--

Classification

Rekayasa Keamanan Siber

Content Type

-

Media Type

-

Carrier Type

-

Edition

--

Subject(s)

Analisis Keamanan
Penetration Testing
OWASP Top 10 2021
OWASP WSTG v4.2
Website
vulnerbility assessment

Specific Detail Info

--

Statement of Responsibility

Ayu Choiriyah

Other version/related

File Attachment

Comments

---

You must be logged in to post a comment