IndonesianClear Cookie - decide language by browser settings

ANALISIS KEAMANAN WEBSITE PEMERINTAH KABUPATEN RAJA AMPAT MENGGUNAKAN METODE VULNERABILITY ASSESSMENT

Yau, Fahril and Nurdin, Ismail (2024) ANALISIS KEAMANAN WEBSITE PEMERINTAH KABUPATEN RAJA AMPAT MENGGUNAKAN METODE VULNERABILITY ASSESSMENT. Other thesis, IPDN.

[img]
Preview
 Text
Repository_Fahril Yau.pdf
Download (263kB) | Preview

Abstract

Problem Statement/Background (GAP): Website security testing is crucial due to the increasing threats of cybercrime and the importance of information protection in governmental systems, including local government websites that contain a significant amount of personal data and public information. One of the regions in Indonesia that requires this is Raja Ampat Regency. Purpose: The main objectives of this research are to analyze the security level of the Raja Ampat Regency Government's website using the Vulnerability Assessment method, to evaluate the quality of human resource management (HRM) in the Information Technology (IT) sector that affects the website's security level, and to identify the efforts that have been made to enhance this security. Method: This research uses a mix of methods and a Vulnerability Assessment method approach. It involves automated testing through network security scans to identify vulnerabilities and potential threats. Data was collected from vulnerability evaluation reports and performance documents of relevant government agencies. Results/Findings: The study identified 19 vulnerabilities on the Raja Ampat Regency Government website that can affect the security of the data contained on the website. Some of these vulnerabilities include PII Disclosure, Absence of An-CSRF Tokens, Content Security Policy (CSP) Header Not Set, HTTP to HTTPS Insecure Transaction in Form Post, Missing An-clickjacking Header, Secure Pages Include Mixed Content, Strict-Transport-Security Header Not Set, Timestamp Disclosure - Unix, X-Content-Type-Options Header Missing, Charset Mismatch, Information Disclosure - Suspicious Comments, Modern Web Application, Re-examine Cache-control Directives, and User Controllable HTML Element Attribute (Potential XSS). Additionally, an evaluation of the quality of human resources in IT revealed that the lack of experts with higher education in information technology affects the effectiveness of website management and security. Conclusion: The main conclusion of this study is the need for greater attention to increasing the capacity and competence of human resources in the IT field as well as the implementation of more stringent and structured security policies to protect government information systems from cyber threats. The results of this research are expected to contribute to the improvement and development of information security systems in the local government environment. Keywords: Cybercrime Threats; Quality of IT Personnel; Vulnerability Assessment; Website Security ABSTRAK Latar Belakang (GAP): Pengujian keamanan website penting untuk dilakukan karena semakin meningkatnya ancaman kejahatan dunia maya dan pentingnya perlindungan informasi dalam sistem pemerintahan, termasuk pada website pemerintah daerah yang banyak memuat data pribadi dan informasi masyarakat. Salah satu daerah di Indonesia yang membutuhkan perhatian khusus dalam hal ini adalah Kabupaten Raja Ampat. Tujuan: Tujuan utama penelitian ini adalah untuk menganalisis tingkat keamanan website Pemerintah Kabupaten Raja Ampat menggunakan metode Vulnerability Assessment, mengevaluasi kualitas manajemen sumber daya manusia (SDM) di bidang Teknologi Informasi (TI) yang mempengaruhi tingkat keamanan website, dan mengidentifikasi upaya yang telah dilakukan untuk meningkatkan keamanan tersebut. Metode: Penelitian ini menggunakan pendekatan metode Mix Methods dan Vulnerability Assessment. Penelitian ini melibatkan pengujian otomatis melalui pemindaian keamanan jaringan untuk mengidentifikasi kerentanan dan potensi ancaman. Data dikumpulkan dari laporan evaluasi kerentanan dan dokumen kinerja instansi pemerintah terkait. Hasil/Temuan: Hasil penelitian menunjukkan terdapat 19 kerentanan pada website Pemerintah Kabupaten Raja Ampat yang dapat mempengaruhi keamanan data yang terdapat pada website. Beberapa kerentanan tersebut antara lain PII Disclosure, Absence of Anti-CSRF Tokens, Content Security Policy (CSP) Header Not Set, HTTP to HTTPS Insecure Transaction in Form Post, Missing Anti-clickjacking Header, Secure Pages Include Mixed Content, Strict-Transport-Security Header Not Set, Timestamp Disclosure - Unix, X-Content-Type-Options Header Missing, Charset Mismatch, Information Disclosure - Suspicious Comments, Modern Web Application, Re-examine Cache-control Directives, dan User Controllable HTML Element Attribute (Potential XSS). Selain itu, evaluasi terhadap kualitas sumber daya manusia di bidang TI menunjukkan bahwa kurangnya tenaga ahli dengan pendidikan tinggi di bidang teknologi informasi mempengaruhi efektivitas pengelolaan dan keamanan situs web. Kesimpulan: Kesimpulan utama dari penelitian ini adalah perlunya perhatian yang lebih besar terhadap peningkatan kapasitas dan kompetensi sumber daya manusia di bidang TI serta penerapan kebijakan keamanan yang lebih ketat dan terstruktur untuk melindungi sistem informasi pemerintah dari ancaman siber. Hasil penelitian ini diharapkan dapat memberikan kontribusi terhadap perbaikan dan pengembangan sistem keamanan informasi di lingkungan pemerintah daerah. Kata Kunci: Ancaman Kejahatan Dunia Maya, Kualitas SDM TI, Penilaian Kerentanan, Keamanan Website

Item Type: Thesis (Other)
Subjects: H Social Sciences > HS Societies secret benevolent etc
Divisions: Campus > IPDN Kampus Jatinangor
Depositing User: Teknologi Rekayasa Informasi Pemerintahan FMP
Date Deposited: 12 Jul 2024 07:49
Last Modified: 12 Jul 2024 07:49
URI: http://eprints.ipdn.ac.id/id/eprint/19609

Actions (login required)

View Item View Item
Repository IPDN is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.