Analisis Keamanan pada Aplikasi Her-registrasi Online Mahasiswa Universitas Diponegoro

Hilal Afrih Juhad* -  Program Studi Sistem Komputer, Universitas Diponegoro, Indonesia
R. Rizal Isnanto -  Program Studi Sistem Komputer, Universitas Diponegoro, Indonesia
Eko Didik Widianto -  Program Studi Sistem Komputer, Universitas Diponegoro, Indonesia
Open Access Copyright (c) 2016 Jurnal Teknologi dan Sistem Komputer
The security aspect is often forgotten in the application of Information Technology. The attacks were caused by the negligence of the developer causes damage to the system used. SQL Injection attacks, Cross Site Scripting attacks, and no use of encrypted channels lead to the exposure of sensitive data users. Objectives of this research is to perform an audit and analysis of the security aspects against the Her-registration Colege Students Online Application of Diponegoro University. Audit and security analysis is prevention step so that the vulnerabilities found not to be a entrances to the system hackers. The results of this research are a security audit report that contains the vulnerability Her-registration College Students Online Application of Diponegoro University. The audit report will be used as a reference for application developers Her-registration Colege Students Online Application of Diponegoro University to improve the system.

Note: This article has supplementary file(s).

Keywords
security; web application; sql injection; xss; acunetix;

How to cite:

Full Text: Supp. File(s):
Analisis Keamanan pada Aplikasi Her-registrasi Online Mahasiswa Universitas Diponegoro
Subject security; web application; sql injection; xss; acunetix;
Type Research Results
  Download (110KB)    Indexing metadata

Article Metrics:

Article Info
Submitted: 2016-07-22
Published: 2016-08-21
Section: Articles
Language: ID
Statistics: 530 181
  1. Acunetix, "Acunetix Web Vulnerability Scanner," 2005
  2. M. Syafrizal, "ISO 17799: Standar Sistem Manajemen Keamanan Informasi"
  3. FIRST, Common Vulnerability Scoring System v3.0: User Guide, 2014
  4. A. Singh, Metasploit Penetration Testing Cookbook, Birmingham: Packt Publishinf, 2012
  5. B. Rahardjo, “Keamanan Sistem Informasi Berbasis Internet,” PT Insan Komunikasi Indonesia, Bandung, 2002
  6. ISO, "Information technology -- Security techniques -- Information security management systems -- Requirements," ISO Organization, 2005
  7. ---, Registrasi Online Mahasiswa, http://reg- online.undip.ac.id/index.php, 19 Oktober 2015
  8. ---, Penetration Testing Overview, http://www.coresecurity.com/penetration-testing- overview, 28 Oktober 2015
  9. ---, Mitre. About CWE, http://cwe.mitre.org/about/index.html, 2 Februari 2016
  10. ---, Mitre. Common Vulnerability and Exposures, https://cve.mitre.org/about/index.html, 8 Februari 2016.