Security Requirement untuk Perancangan Aplikasi Smart Tracking System pada Bus Sekolah
DOI:
https://doi.org/10.52661/j_ict.v6i1.247Abstract
Keamanan data dalam pengembangan aplikasi perangkat lunak merupakan hal yang terpenting dan mendasar. Dalam membuat rancangan hingga realisasi dibutuhkan suatu requirement terkait keamanan yang harus ada dalam aplikasi. Untuk mengintegrasikan keamanan dengan requirement yang diinginkan maka perlu dibuat suatu Security requirement. Security requirement menjadi hal yang penting agar masalah keamanan dapat diatasi lebih awal serta menghindari kemungkinan terjadinya pengerjaan ulang atas masalah yang terjadi. Makalah ini mengusulkan suatu Security requirement untuk aplikasi smart tracking system pada bus sekolah yang dihasilkan dari kombinasi dan adopsi publikasi NIST Special Edition (SP) 800-160 dengan metode Security requirement engineering framework MOSRE-WebApp selain itu Security requirement ini didapat dari hasil analisis aset dan ancaman menggunakan threat modeling STRIDE. Hasil analisis yang telah dilakukan menghasilkan 15 Security requirement untuk aplikasi smart tracking system pada bus sekolah. Diharapkan Security requirement ini dapat mengurangi celah keamanan yang mungkin terjadi dalam implementasi aplikasi sistem yang dirancang.
References
Haley CB, Moffett JD, Laney R, Nuseibeh B. Security requirements engineering: a framework for representation and analysis. IEEE Trans Software Eng 2008;34(1):133–53.
Elky, S., 2006. An Introduction to Information System Risk Management. SANS Institute InfoSec Reading Room.copyright©SANS Institute
P. Salini, S. Kanmani, “Security requirement Engineering Process for Web Application”, Procedia Engineering, vol. 38, pp. 2799 - 2807, 2012.
Abomhara, Mohamed & Køien, Geir & Gerdes, Martin. (2015). A STRIDE-Based Threat Model for Telehealth Systems.
Adam Shostack, “Threat Modeling: Design for Security”, Wiley Publisihing, 2014.
J. Meier, A. Mackman, M. Dunner, S. Vasireddy, R. Escamilla, and A. Murukan, Improving web application security: threats and countermeasures. Microsoft Redmond, WA, 2003.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Rana Zaini Fathiyana, Arif Rahman Hakim; Hakim Giraldi Saputra
![Creative Commons License](http://i.creativecommons.org/l/by-nc-sa/4.0/88x31.png)
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.