“SIASAT” UKSW (UNIVERSITAS KRISTEN SATYA WACANA) WEBSITE SECURITY ANALYSIS USING OWASP (OPEN WEB APPLICATION SECURITY PROJECT)

  • Amanda Universitas Kristen Satya Wacana
  • Indrastanti Ratna Widiasari Universitas Kristen Satya Wacana
Keywords: Information Security, OWASP, Open Web Application Security Project

Abstract

Satya Wacana Christian University (UKSW) is one of the private higher education institutions in Indonesia that utilizes the internet network, namely the web as a medium for conveying information, connecting the academic community and others. UKSW has many webs that are used, one of which is the SIASAT web. SIASAT is Satya Wacana Academic Information System. SIASAT contains important information about the community. Web SIASAT provides information in a private manner or only those with an account can view the information. However, not only people who have access can access the information, but other irresponsible parties can access it in the wrong way and misuse the existing information. So that it can cause harm to the person or organization. SIASAT often experiences security problems with SQL Injection, brute force, and so on but there has never been a hacker who can penetrate the SIASAT web, therefore the SIASAT web needs to be tested for security. Factors that need to be considered in determining security are confidentiality is maintaining the confidentiality of information from unauthorized people, integrity maintaining changes in information from unauthorized people, and availability keeping information accessible. Therefore, in overcoming this problem, one of the steps that can be taken is to analyze the UKSW web where the web to be analyzed is the SIASAT web with the Open Web Application Security Project (OWASP) method. The hope is that with the OWASP, the handling of an attack can be carried out earlier and prevent fatal consequences.

Downloads

Download data is not yet available.

References

B. E. Widodo and A. S. Purnomo, "IMPLEMENTASI ADVANCED ENCRPYTION STANDARD PADA ENKRIPSI DAN DESKRIPSI DOKUMEN RAHASIA DITINTELKAM POLDA DIY," Jurnal Teknik Informatika (JUTIF), vol. 1, pp. 69-77, 2020.

D. Hariyadi and F. E. Nastiti, "Analisis Keamanan Sistem Informasi Menggunakan Sudomy dan OWASP ZAP di Universitas Duta Bangsa Surakarta," Jurnal Komtika (Komputasi dan Infromatika), vol. 5, pp. 35-42, 2021.

M. A. Al Hilmi and E. K. , "NETWORK SECURITY MONITORING WITH INTRUSION DETECTION SYSTEM," Jurnal Teknik Informatika (JUTIF), vol. 3, pp. 249-253, 2022.

A. Ramadhani, "KEAMANAN INFORMASI," JILS (Journal of Information and Library Studies), vol. 1, pp. 39-51, 2018.

G. L. Costaner and M. , "ANALISIS KEAMANAN WEB SERVER OPEN JOURNAL SYSTEM (OJS) MENGGUNAKAN METODE ISSAF DAN OWASP (STUDI KASUS OJS UNIVERSITAS LANCANG KUNING)," JIPI (Jurnal Ilmiah Penelitian dan Pembelajaran Informatika), vol. 05, pp. 45-55, 2020.

PDF Archive Files, 2021. [Online]. Available: https://owasp.org/www-pdf-archive/OWASP_Top_10_-_2010_FINAL_Indonesia_v1.0.1.pdf. [Diakses 22 Juni 2021]

D. Aryanti, N. and J. N. Utamajaya, "ANALISIS KERENTANAN KEAMANAN WEBSITE MENGGUNAKAN METODE OWASP (OPEN WEB APPLICATION SECURITY PROJECT) PADA DINAS TENAGA KERJA," Jurnal Nasional Indonesia, vol. 1, pp. 15-25, 2021.

A. Kurniawan, "Penerapan Framework OWASP dan Network Forensics untuk Analisis, Deteksi, dan Pencegahan Serangan Injekasi di Sisi Host-Basec," Jurnal Telematika, vol. 14, pp. 9-18.

R. D. Aji, "Evaluasi Risiko Celah Keamanan Menggunakan Metodologi Open Web Application Security Project (OWASP) Pada Aplikasi WEB Sistem Informasi Mahasiswa (STUDI KASUS: Perguruan Tinggi XYZ)," pp. 1-124, 2016.

A. P. Dewanto, "Penetration Testing Pada Domain UII.AC.ID Menggunakan OWASP 10," pp. 1-162, 2018.

F. Hardiansyah and I. M. M.Kom, "Vulnerability Assesment Dan Kajian Aspek Application Security Pada Aplikasi Skripsi Online (SIPSO) FTI PERBANAS," Seminar Nasional Mahasiswa Ilmu Komputer dan Aplikasinya (SENAMIKA), pp. 1-9, 2020.

M. Y. "Analisis Kerentanan Aplikasi Berbasis Web Menggunakan Kombinasi Security Tools Project Berdasarkan Framework OWASP Versi 4," Jurnal Ilmiah Informatika Komputer Volume 24 No. 1, pp. 38-48, 2019.

A. M. P. M. T, "Aplikasi Pengujian Celah Keamanan Pada Aplikasi Berbasis WEB," pp. 1-69, 2018.

I. M. E. Listartha, I. M. A. P. Mitha, M. W. A. Arta and I. K. W. Y. Arimika, "ANALISIS KERENTANAN WEBSITE SMA NEGERI 2 AMLAPURA MENGGUNAKAN METODE OWASP (OPEN WEB APPLICATION SECURITY PROJECT)," Jurnal Sistem Informasi dan Sistem Komputer, vol. 7, pp. 23-27, 2022.

B. Ghozali, K. and S. , "Mendeteksi Kerentanan Keamanan Aplikasi Website Menggunakan Metode Owasp (Open Web Application Security Project) untuk Penilaian Risk Rating," Citec Journal, vol. 4, pp. 264-275, 2017.

K. H. Dewantara, "Identifikasi, Penilaian, dan Mitigasi Risiko Keamanan Informasi Berdasarkan Standar ISO 27001 : 2005 Dan ISO 27002 : 2013 Menggunakan Metode FMEA (Studi Kasus : ISNET)," pp. 1-122, 2016.

E. Chow, 2011. [Online]. Available: https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.475.3877&rep=rep1&type=pdf. [Diakses 14 Juli 2021]

S. Hidayatulloh and D. Saptadiaji, "Penetration Testing pada Website Universitas ARS Menggunakan Open Web Application Security (OWASP)," Jurnal Algoritma, vol. 19, pp. 77-86, 2021.

Published
2022-06-29
How to Cite
[1]
Amanda and Indrastanti Ratna Widiasari, “ ‘SIASAT’ UKSW (UNIVERSITAS KRISTEN SATYA WACANA) WEBSITE SECURITY ANALYSIS USING OWASP (OPEN WEB APPLICATION SECURITY PROJECT)”, J. Tek. Inform. (JUTIF), vol. 3, no. 3, pp. 763-770, Jun. 2022.