{"title":"漏洞评估网站电子政务登安NIST SP 800-115丹OWASP孟古那坎Web漏洞扫描器","authors":"Esti Zakia Darojat, Eko Sediyono, Irwan Sembiring","doi":"10.21456/vol12iss1pp36-44","DOIUrl":null,"url":null,"abstract":"E-Government is one of the local government's means of implementing service-oriented values and public information disclosure by providing the local government's official website. Vulnerability Assessment (VA) is a vulnerability assessment method by testing security vulnerabilities to find out all potential critical weaknesses of e-government websites, the aims is to support convenience and service improvement when using e-government websites. The method is using descriptive quantitative to analyze and evaluate security level of both e-government websites based on the NIST SP 800-115 method regarding technical guidelines for testing and assessing information security parameters and OWASP using two web vulnerability scanners. This study is to analyze and evaluate the results of vulnerability scanning on two different types of e-government web, namely the e-government web belonging to the local government and village government, the sample assessment using the semarangkab.go.id website belonging to the local government of Semarang Regency, Central Java Province. and gunungtumpeng.id which is the official e-government website owned by the Gunung Tumpeng Village Government, Suruh District, Semarang Regency, Central Java Province, Indonesia. Hasil penelitian menunjukkan ditemukan persamaan penilaian dalam hal kategori level ancaman dan jumlah kerentanan menggunakan kedua alat web vulnerability scanner, dan hasil yang berbeda terdapat pada durasi, kecepatan pemindaian, dan jenis temuan kerentanan. Kedua parameter OWASP dapat memberikan petunjuk dan penjelasan kompleks untuk membantu pengembang atau pihak pemerintah daerah melakukan pengambilan keputusan mengenai keamanan informasi pada web e-government yang dikelola.","PeriodicalId":123899,"journal":{"name":"Jurnal Sistem Informasi Bisnis","volume":"152 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-09-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Vulnerability Assessment Website E-Government dengan NIST SP 800-115 dan OWASP Menggunakan Web Vulnerability Scanner\",\"authors\":\"Esti Zakia Darojat, Eko Sediyono, Irwan Sembiring\",\"doi\":\"10.21456/vol12iss1pp36-44\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"E-Government is one of the local government's means of implementing service-oriented values and public information disclosure by providing the local government's official website. Vulnerability Assessment (VA) is a vulnerability assessment method by testing security vulnerabilities to find out all potential critical weaknesses of e-government websites, the aims is to support convenience and service improvement when using e-government websites. The method is using descriptive quantitative to analyze and evaluate security level of both e-government websites based on the NIST SP 800-115 method regarding technical guidelines for testing and assessing information security parameters and OWASP using two web vulnerability scanners. This study is to analyze and evaluate the results of vulnerability scanning on two different types of e-government web, namely the e-government web belonging to the local government and village government, the sample assessment using the semarangkab.go.id website belonging to the local government of Semarang Regency, Central Java Province. and gunungtumpeng.id which is the official e-government website owned by the Gunung Tumpeng Village Government, Suruh District, Semarang Regency, Central Java Province, Indonesia. Hasil penelitian menunjukkan ditemukan persamaan penilaian dalam hal kategori level ancaman dan jumlah kerentanan menggunakan kedua alat web vulnerability scanner, dan hasil yang berbeda terdapat pada durasi, kecepatan pemindaian, dan jenis temuan kerentanan. Kedua parameter OWASP dapat memberikan petunjuk dan penjelasan kompleks untuk membantu pengembang atau pihak pemerintah daerah melakukan pengambilan keputusan mengenai keamanan informasi pada web e-government yang dikelola.\",\"PeriodicalId\":123899,\"journal\":{\"name\":\"Jurnal Sistem Informasi Bisnis\",\"volume\":\"152 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-09-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Jurnal Sistem Informasi Bisnis\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.21456/vol12iss1pp36-44\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Jurnal Sistem Informasi Bisnis","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21456/vol12iss1pp36-44","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
摘要
电子政务是地方政府通过提供地方政府官方网站实现服务型价值观和公共信息公开的手段之一。脆弱性评估(VA)是一种脆弱性评估方法,通过测试安全漏洞,发现电子政务网站所有潜在的关键弱点,目的是支持用户在使用电子政务网站时提供便利和改善服务。该方法是基于NIST SP 800-115关于测试和评估信息安全参数的技术指南的方法和使用两个web漏洞扫描仪的OWASP,使用描述性定量分析和评估两个电子政务网站的安全级别。本研究以中爪哇省三宝垄县地方政府的semarangkabo .go.id网站为样本,对地方政府和村政府两种不同类型的电子政务网站的漏洞扫描结果进行分析和评价。和gunungtumpeng。id是印尼中爪哇省三宝垄县Suruh区Gunung Tumpeng村政府拥有的官方电子政务网站。web漏洞扫描器,web漏洞扫描器,web漏洞扫描器,web漏洞扫描器,web漏洞扫描器。Kedua参数OWASP成员kan petunjuk dan penjelasan kompleks untuk membantu pengembang atau pihak petunjuk daerah melakukan pengambilan keputusan mengenai keamanan informasaspaada web电子政务yang dikelola。
Vulnerability Assessment Website E-Government dengan NIST SP 800-115 dan OWASP Menggunakan Web Vulnerability Scanner
E-Government is one of the local government's means of implementing service-oriented values and public information disclosure by providing the local government's official website. Vulnerability Assessment (VA) is a vulnerability assessment method by testing security vulnerabilities to find out all potential critical weaknesses of e-government websites, the aims is to support convenience and service improvement when using e-government websites. The method is using descriptive quantitative to analyze and evaluate security level of both e-government websites based on the NIST SP 800-115 method regarding technical guidelines for testing and assessing information security parameters and OWASP using two web vulnerability scanners. This study is to analyze and evaluate the results of vulnerability scanning on two different types of e-government web, namely the e-government web belonging to the local government and village government, the sample assessment using the semarangkab.go.id website belonging to the local government of Semarang Regency, Central Java Province. and gunungtumpeng.id which is the official e-government website owned by the Gunung Tumpeng Village Government, Suruh District, Semarang Regency, Central Java Province, Indonesia. Hasil penelitian menunjukkan ditemukan persamaan penilaian dalam hal kategori level ancaman dan jumlah kerentanan menggunakan kedua alat web vulnerability scanner, dan hasil yang berbeda terdapat pada durasi, kecepatan pemindaian, dan jenis temuan kerentanan. Kedua parameter OWASP dapat memberikan petunjuk dan penjelasan kompleks untuk membantu pengembang atau pihak pemerintah daerah melakukan pengambilan keputusan mengenai keamanan informasi pada web e-government yang dikelola.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
