Teks
Perancangan proses bisnis diseminasi informasi ancaman siber berbasis STIX dan TAXII pada Subdirektorat Deteksi Potensi Ancaman Badan Siber dan Sandi Negara
Indonesia
Cyber Threat Intelligence (CTI) adalah sistem pengelolaan pengetahuan berbasis bukti yang dapat ditindaklanjuti. CTI dibagi menjadi 3 (tiga) bagian besar, yaitu pengumpulan informasi, analisis, serta pemanfaatan dan diseminasi. Untuk melakukan diseminasi dalam CTI, telah dikembangkan Structured Threat Information Expression (STIX) dan Trusted Automated Exchange of Intelligence Information (TAXII) sebagai standar dari platform diseminasi CTI. CTI yang efektif adalah CTI yang dapat terintegrasi ke dalam proses bisnis security operations organisasi. Salah satu metode untuk menggambarkan proses bisnis adalah dengan menggunakan Business Process Modelling & Notation (BPMN). CTI di BSSN menjadi tugas dari Subdirektorat Deteksi Potensi Ancaman (D143). D143 menjalankan CTI dengan mekanisme pelaporan dan distribusi informasi pada proses diseminasi atau dikenal dengan cyber threat information sharing yang berefek terhadap kinerja D143. Dalam penelitian ini dilakukan User Requirements Analysis dan perancangan proses bisnis cyber threat information sharing pada D143. Dari hasil analisis kebutuhan, akan dirancang rekayasa proses bisnis yang sesuai untuk D143 menggunakan notasi BPMN untuk menggambarkannya. Pengujian proses bisnis yang dirancang dilakukan dengan cara melakukan simulasi terhadap proses bisnis, serta validasi kesesuaian rancangan proses bisnis dengan kebutuhan D143. Hasil dari penelitian ini menunjukkan proses bisnis yang dirancang dapat dijalankan pada platform berbasis STIX dan TAXII, namun belum sepenuhnya terotomasi dalam melakukan proses cyber threat information sharing.
English
DESIGN OF BUSINESS PROCESS OF CYBER THREAT INFORMATION SHARING BASED ON STIX AND TAXII ON SUBDIREKTORAT DETEKSI POTENSI ANCAMAN BADAN SIBER DAN SANDI NEGARA
Cyber Threat Intelligence (CTI) is an evidence-based knowledge management system that can be acted upon. CTI is divided into 3 (three) major phases, that are information gathering, analysis, also utilization and dissemination. In the dissemination of CTI, Structured Threat Information Expression (STIX) and Trusted Automated Exchange of Intelligence Information (TAXII) has been developed as standards for the CTI dissemination platform. Effective CTI is the one that can be integrated into an organization's security operations business process. One of several methods that can be used for describing business processes is by using Business Process Modeling & Notation (BPMN). CTI at Badan Siber dan Sandi Negara (BSSN) is the task of Subdirektorat Deteksi Potensi Ancaman (D143). D143 runs the CTI with reporting and distributing information mechanisms in dissemination process, known as cyber threat information sharing which has an effect on D143's performance. This research conducted a User Requirements Analysis and design of cyber threat information sharing business processes on D143. From the results of the User Requirements Analysis, a suitable business process engineering for D143 will be designed using BPMN notation to describe it. The testing of the designed business process is carried out by simulating the business processes, also validating the suitability of the business process design with D143 requirements. The results of this research indicate that the designed business process can be run on platforms based on STIX and TAXII, but has not been fully automated in carrying out the process of cyber threat information sharing.
No copy data
No other version available