Security Assessment Aplikasi Mobile Pemerintahan dengan Acuan OWASP Top 10 Mobile Risks
Abstract
Keywords
Full Text:
PDFReferences
K. S. RI, “Perpres,” Menteri Huk. Dan Hak Asasi Mns. Republik Indones., p. 110, 2018.
Badan Siber dan Sandi Negara, “Peraturan Badan Siber Dan Sandi Negara Nomor 4 Tahun 2021 Tentang Pedoman Manajemen Keamanan Informasi Sistem Pemerintahan Berbasis Elektronik Dan Standar Teknis Dan Prosedur Keamanan Sistem Pemerintahan Berbasis Elektronik,” Bssn.Go.Id, 2021.
Pemerintah Kabupaten Kebumen, “Peraturan Daerah Kabupaten Kebumen Nomor 4 Tahun 2018 Tentang Penyelenggaraan Sistem Pemerintahan Berbasis Elektronik Di Lingkungan Kabupaten Kebumen,” 2018.
Pemerintah Kabupaten Kebumen, “TATA KELOLA SISTEM PEMERINTAHAN BERBASIS ELEKTRONIK DI LINGKUNGAN PEMERINTAH KABUPATEN KEBUMEN,” p. 6, 2021.
D. Kebumen, “APLIKASI E-KINERJA,” Kabupaten Kebumen, vol. 1, p. 5, 2018.
A. Elanda and R. L. Buana, “Analisis Kualitas Keamanan Sistem Informasi E-Office Berbasis Website Pada Stmik Rosma Dengan Menggunakan Owasp Top 10,” CESS (Journal Comput. Eng. Syst. Sci., vol. 6, no. 2, pp. 37–43, 2021.
The OWASP®Foundation, “OWASP Mobile Top 10,” OWASP Mobile Top 10. 2011, [Online]. Available: https://owasp.org/www-project-mobile-top-10/.
Umasankar, “Analysis of latest vulnerabilities in android,” in 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), 2017, pp. 1236–1241, doi: 10.1109/ICACCI.2017.8126011.
V. R. Kebande, I. Kigwana, H. S. Venter, N. M. Karie, and R. D. Wario, “CVSS Metric-Based Analysis, Classification and Assessment of Computer Network Threats and Vulnerabilities,” in 2018 International Conference on Advances in Big Data, Computing and Data Communication Systems (icABCD), 2018, pp. 1–10, doi: 10.1109/ICABCD.2018.8465420.
B. Yankson, K. Javed Vali, P. C. K. Hung, F. Iqbal, and L. Ali, “Security Assessment for Zenbo Robot Using Drozer and mobSF Frameworks,” 2021 11th IFIP Int. Conf. New Technol. Mobil. Secur. NTMS 2021, 2021, doi: 10.1109/NTMS49979.2021.9432666.
H. Darvish and M. Husain, “Security Analysis of Mobile Money Applications on Android,” Proc. - 2018 IEEE Int. Conf. Big Data, Big Data 2018, pp. 3072–3078, 2019, doi: 10.1109/BigData.2018.8622115.
A. Mendoza and G. Gu, “Mobile Application Web API Reconnaissance: Web-to-Mobile Inconsistencies & Vulnerabilities,” Proc. - IEEE Symp. Secur. Priv., vol. 2018-May, pp. 756–769, 2018, doi: 10.1109/SP.2018.00039.
P. R. Chernenko and M. M. Orlova, “Security Vulnerabilities in Android OS Applications,” Visnyk Vinnytsia Politech. Inst., vol. 150, no. 3, pp. 43–50, 2020, doi: 10.31649/1997-9266-2020-150-3-43-50.
H. W. Kim, “A Study on the Mobile Application Security Threats and Vulnerability Analysis Cases,” Int. J. Internet, Broadcast. Commun., vol. 12, no. 4, pp. 180–187, 2020.
A. Abdel-Aziz, “Scoping Security Assesment- A Project Management Approach,” SANS Inst., 2011, [Online]. Available: https://www.sans.org/white-papers/33673/.
J. Wi. Bernhard Mueller, Sven Schleier, “Mobile Security Testing Guide,” Area, pp. 1–8, 2001.
CERT C Secure Coding, “CWE-276 - Basis Data Keamanan.” MITRE, 2009, [Online]. Available: https://www.security-database.com/cwe.php?name=CWE-276.
MITRE, “CWE - CWE-922: Insecure Storage of Sensitive Information (2.11).” 2020, [Online]. Available: https://cwe.mitre.org/data/definitions/922.html.
Plover, “CWE - CWE-312: Cleartext Storage of Sensitive Information (4.5).” pp. 7–19, 2006, [Online]. Available: https://cwe.mitre.org/data/definitions/312.html.
PLOVER, “CWE-319: Transmisi Cleartext dari Informasi Sensitif.” 2006, [Online]. Available: https://cwe.mitre.org/data/definitions/319.html.
D. S. Craig de Stigter, “HTTP authentication leak in redirects - CVE-2018-1000007.” 2018, [Online]. Available: https://curl.se/docs/CVE-2018-1000007.html.
DOI: http://dx.doi.org/10.26418/jp.v8i3.58192
Refbacks
- There are currently no refbacks.