Penerapan Tanda Tangan Digital dan Secure Coding Berdasarkan OWASP pada Sistem E-Control Tugas Akhir

Search by :

ALL Author Subject ISBN/ISSN Advanced Search

Last search:

Image of Penerapan Tanda Tangan Digital dan Secure Coding Berdasarkan OWASP pada Sistem E-Control Tugas Akhir

Text

Penerapan Tanda Tangan Digital dan Secure Coding Berdasarkan OWASP pada Sistem E-Control Tugas Akhir

Herman Kabetta - Personal Name; Nurul Qomariasih - Personal Name; I Komang Setia Buana - Personal Name; Dhana Arvina Alwan - Personal Name;

Abstrak:
Teknologi sangat penting dalam kehidupan sehari-hari manusia, terutama dalam bidang pendidikan di mana teknologi dapat mempermudah proses pendidikan. Salah satu manfaat teknologi dalam pendidikan adalah sistem e-control tugas akhir. Namun, sistem ini masih memiliki kekurangan dalam hal keamanan aplikasi web dan kebutuhan aktual dari Jurusan Kriptografi Poltek SSN. Oleh karena itu, penulis melakukan penelitian untuk memperbaiki sistem dengan menerapkan praktik keamanan berdasarkan panduan OWASP Secure Coding Practices Quick Reference Guide dan menyesuaikan alur bisnis sistem dengan kebutuhan terbaru dari Jurusan Kriptografi. Penulis juga akan menerapkan tanda tangan elektronik pada mahasiswa melalui API Balai Sertifikasi Elektronik untuk memperbaiki efisiensi penggunaan sistem. Praktik keamanan yang diterapkan meliputi input validation, output encoding, authentication and password management, session management, access control, cryptographic practices, error handling and logging, data protection, communication security, system configuration, database security, file management, memory management, dan general coding practices. Hasil akhir dari penelitian ini adalah terciptanya Sistem E-Control Tugas Akhir yang aman dengan fitur notifikasi, pengajuan ICP, proposal, tugas akhir, tanda tangan elektronik dokumen, broadcast message pada email, unggah-unduh dokumen, dan manajemen pengguna. Hasil dari penelitian ini, didapatkan bahwa penerapan TTE dan penyempurnaan alur bisnis sistem pada e-control tugas akhir dapat memenuhi kebutuhan Jurusan Kriptografi dengan hasil User Acceptance Test sebesar 99,5%. Selain itu, penerapan keamanan berdasarkan OWASP Secure Coding Practices Quick Reference Guide yang telah dilakukan terbukti dapat mengurangi risiko kerentanan sebesar 48,15%.
Abstract:
Technology is very important in human daily life, especially in the field of education where technology can simplify the education process. One of the benefits of technology in education is the e-control system for final projects. However, this system still has shortcomings in terms of web application security and the actual needs of the Cryptography Department of Poltek SSN. Therefore, the author conducted research to improve the system by applying security practices based on the OWASP Secure Coding Practices Quick Reference Guide and adapting the system's business flow to the latest needs of the Cryptography Department. The author will also implement electronic signatures for students through the Balai Sertifikasi Elektronik API to improve the system's efficiency. The security practices applied include input validation, output encoding, authentication and password management, session management, access control, cryptographic practices, error handling and logging, data protection, communication security, system configuration, database security, file management, memory management, and general coding practices. The end result of this research is the creation of a secure E-Control System for Final Projects with notification features, ICP submission, proposals, final projects, electronic document signatures, email broadcast messages, document upload and download, and user management. As a result of this research, it was found that the application of digital signatures and improvement of the system business flow in the final project e-control can meet the needs of the Cryptography Department with a User Acceptance Test result of 99.5%. In addition, the application of security based on the OWASP Secure Coding Practices Quick Reference Guide that has been carried out is proven to reduce the risk of vulnerability by 48.15%.

Availability

No copy data

Detail Information

Series Title: --
Call Number: 2023 DHA p
Publisher: Bogor : Politeknik Siber dan Sandi Negara., 2023
Collation: xv, 107 halaman
Language: Indonesia
ISBN/ISSN: --
Classification: Rekayasa Perangkat Lunak Kriptografi
Content Type: -
Media Type: -
Carrier Type: -
Edition: --
Subject(s): Tanda Tangan Elektronik
Secure Coding
Tugas Akhir
pemrograman web
Specific Detail Info: -
Statement of Responsibility: Dhana Arvina Alwan

Other version/related

No other version available

File Attachment

No Data

Comments

You must be logged in to post a comment