penggunaan jaringan internet dan website di pemerintahan secara efektif
TRANSCRIPT
1
Ke tu a Pr o di M a gis t e r Sis t e m In f or m as iU N I K O MP e n e li ti T a t a Ke l o l a d an Ke r an g k a Ke r j aTe kn o l o gi In f or m as i ( P S T K 3 T I ) U N I K O MTr ai n e r di bi d an g Au di t Sis t e mIn f or m as i (C I S A ), d an T a t a Ke l o l a Sis t e mIn f or m as i (C G E I T ), Le an Six Si g m a , A gi l eM an a ge m e n tE- m ai l: ye f fr y hp @ u n i k o m. a c. i d
Pe n g g u n a a n J a r i n g a n I n te r n e t d a n We bs i te d iPe m e r i n t a h a n S e c a r a E fe k t i fDr. I r. Ye f fr y Ha n do ko Pu tr a, M. T-
Hotel Gino �eruci, Bandung, 9 September 2015
•
Availabilitas
What You Search is What You Get
Dapatdipertanggungjawabkan
Kerahasiaan
Availabilitas
Availabilitas
Online
Bandwidth cukup
Handal(Tidak Sibuk, tidak error)
ManajemenLayanan
Bandwidth cukup
• kena pengganggu server(Denial of Services, DoS)• Traffic Control:• Kebijakan pengontrolan /filter situs• Penggunakan cache server• Hotspot yang tidak sporadis• Kolom komentar dengan Captcha
• Pengelolaan Pusat Data denganmanajemen kapasitas
Availabilitas
Su m b e r : A l e x a. c o m , S e p t e m b e r 2 0 1 5
A l e x a. c o m
Availabilitas
Denial of Services
Hacker Malware
Virus
Phishing
Cross-Site Scripting (XSS)
CIA=Confidential Integrity Availability
Phishing
Situs PalsuSitus Peniru
2008 : 55.389 situs phishing hosting di server IndonesiaSumber: Symantec, Viva.co.id, 2009
21 Desember 2011: ID-CERT mulai mengirimkan feed/beritaharian tentang situs pemerintah yang terkena aksiDeface/Phishing.
Cross-Site Scripting (XSS)
Mengatasi Botnet XSS dengan Captcha
Botnet = Robot Network
Availabilitas
Desainer
Mau buatMau buat lagi dan lagi
•BCP (business Continuity Process)•DRP (Disaster Recovery Planning)
Pengguna
Mau pakaiPercaya �Mau pakai/cari lagi
Technology Acceptance Model (TAM)
Availabilitas
Script Berbasis CSS, CMS(Middleware)
Tampilan Standarhanya berganti isi
Su m be r: Da n a Su l is t iy o, , d k k ( 2 0 0 8 ) , A n a l is is Ka j i a n S ta n d a r is a s i Is i S i tu s Pe m e r i n ta h a n ,Se m n a s I F 2 0 0 8
M o bi l eS e r vi c eS e cu r i t yan dR e li a bi li t y
In t e r -a ge n c yc o op e r a ti onV a l u eA d d e dAp p li c a ti onIn t e r a c ti veP a r ti ci p an tC l o u dC o mp u ti n g
M o bi l eS e r vi c eS e cu r i t yan dR e li a bi li t y
In t e r -a ge n c yc o op e r a ti onV a l u eA d d e dAp p li c a ti onIn t e r a c ti veP a r ti ci p an tC l o u dC o mp u ti n g
M o bi l eS e r vi c eS e cu r i t yan dR e li a bi li t yIn t e r a c ti veP a r ti ci p an t
C l o u dC o mp u ti n g
M o bi l eS e r vi c eS e cu r i t yan dR e li a bi li t yIn t e r a c ti veP a r ti ci p an t
C l o u dC o mp u ti n g
Go v e r n m e n t R e g u la t io n, 8 2 / 2 01 2(E le c tr o n i c Sy s te m P r o v i de r a n d E le c tr o n i c Tr a n s a c t i o n )M in is te r ia lC i r c u la t io n M in is te r ia lRe g u la t io nTe l e co m m un i ca t io n A c t, No. 3 6 /1 9 9 9 &In fo r ma t io n a n d T ra n s a c t io n E l e c t ro n i c A c t, No. 1 1 /2 0 0 8Electronic System
Governance and
Risk Management
Electronic
Signature
Trustworthiness
Certification Body
Electronic Agent,
Certification,
System, Transaction
Services Provider
Spam &
DomainName
Through
Development of
Information Security
Awareness
Monitoring,
Compliance and
Enforcement
Awareness Program through continuous Human Resource Training
Kerangka Kerja Keamanan Jaringan
Su m be r: Ya s A l Su ta n ny ( 2 0 1 4 ) , As s e s m e n t o f E-G o ve r n m e n t We a kp o i n tsT o e n c h a n ce C o mp u te r N e t w o r k Se cu r i ty , J o u r n a l o fI n f o r m a t i o n S c i e n ce , 4 ( 1 )