Hikmayani, Fitratul (2024) Analisis Keamanan Informasi Website Menggunakan Metode Vulnerability Assessment. Undergraduate thesis, Politeknik Negeri Bengkalis.
Text (Daftar Pustaka)
3. TA-6404201026-Daftar Pustaka.pdf - Submitted Version Available under License Creative Commons Attribution Share Alike. Download (153kB) |
|
Text (Bab I Pendahuluan)
2. TA-6404201026-Bab I Pendahuluan.pdf - Submitted Version Available under License Creative Commons Attribution Share Alike. Download (42kB) |
|
Text (Abstract)
1. TA-6404201026-Abstract.pdf - Submitted Version Available under License Creative Commons Attribution Share Alike. Download (29kB) |
|
Text (Full Text)
4. TA-6404201026-Full Text.pdf - Submitted Version Restricted to Registered users only Available under License Creative Commons Attribution Share Alike. Download (2MB) | Request a copy |
Abstract
Information security on websites is an important aspect in protecting the system, facing potential attacks that can cause damage, data theft and disruption of website functionality. As a marketplace for UMKM, the information security of the Soodu.id website is key in protecting the data and business integrity of UMKM. This research aims to conduct information security analysis on websites using the vulnerability assessment (VA) method. This method involves a process of defining, identifying and classifying the vulnerabilities of a system. VA can identify vulnerabilities on websites and provide recommended solutions to reduce the risk of attacks. The results of this research show that the Vulnerability Assessment process for the soodu.id website contained 18 vulnerabilities from the OWASP ZAP results and 1 vulnerability from the Openvas results. Findings based on the parameters used in OWASP ZAP involve vulnerabilities to Injection, Sensitive Data Exposure, Broken Access Control, Security Misconfiguration, and Using Components with Known Vulnerabilities. Serious security threats were identified in Sensitive Data Exposure with high levels and several low levels. Based on information security aspects (CIA Triad), the identified vulnerabilities have the potential to jeopardize the confidentiality of information through vulnerabilities like PII Disclosure and Application Error Disclosure. They also threaten data integrity from vulnerabilities such as Cross-Site Scripting (XSS) and impact information availability through potential attacks like CSRF and Clickjacking, which can disrupt services.
Item Type: | Thesis (Undergraduate) | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Contributors: |
|
||||||||||||
Uncontrolled Keywords: | Information security, website, Vulnerability Assessment, OWASP ZAP, OpenVAS | ||||||||||||
Subjects: | 410 ILMU TEKNIK > 450 TEKNIK ELEKTRO DAN INFORMATIKA > 458 Teknik Informatika 410 ILMU TEKNIK > 450 TEKNIK ELEKTRO DAN INFORMATIKA > 461 Sistem Informasi |
||||||||||||
Divisions: | Jurusan Teknik Informatika > Sarjana Terapan Keamanan Sistem Informasi > TUGAS AKHIR | ||||||||||||
Depositing User: | Keamanan Sistem Informasi 2024 | ||||||||||||
Date Deposited: | 26 Aug 2024 01:20 | ||||||||||||
Last Modified: | 26 Aug 2024 01:20 | ||||||||||||
URI: | http://eprints.polbeng.ac.id/id/eprint/13248 |
Actions (login required)
View Item |