2. Pendahuluan
• Informasi menentukan hampir setiap elemen dalam
kehidupan
• Dunia modern melibatkan pengumpulan, penukaran
pembuatan dan pengaksesan informasi
(information-based society)
• Dimungkinkan dengan adanya teknologi komputer
dan telekomunikasi
• Masalah keamanan merupakan aspek terpenting
pada sebuah sistem informasi
3. Pendahuluan.....
• Keamanan kurang mendapatkan
perhatian dari perancang dan
pengelola sistem
• Apabila menggangu performa
sistem, keamanan tidak
dipedulikan/ditiadakan
4. Aspek Keamanan
• Authentication
– any process by which you verify that
someone is who they claim they are
– authentication is commonly done
through the use of logon passwords
• Integrity
– is the assurance that information can
only be accessed or modified by
those authorized to do so
•
5. Aspek keamanan...
• Nonrepudiation
– assurance that someone cannot deny something
– a digital signature is used not only to ensure that a
message or document has been electronically signed by
the person that purported to sign the document, but
also, since a digital signature can only be created by
one person, to ensure that a person cannot later deny
that they furnished the signature.
• Authority
– finding out if the person, once identified, is permitted to
have the resource
– In multi-user computer systems, a system administrator
defines for the system which users are allowed access
to the system and what privileges of use(such as access
to which file directories, hours of access, amount of
allocated storage space)
6. Aspek keamanan...
• Confidentiality
– set of rules or a promise that limits access or
places restrictions on certain types of
information.
• Privacy
– What personal information can be shared
with whom
– Whether messages can be exchanged
without anyone else seeing them
– Whether and how one can send messages
anonymously
• Availability
– Present and ready to use, accessible
7. Aspek keamanan...
– Nines terms
• Acces control
– a system which enables an authority to
control access to areas and resources in
a given physical facility or computer-
based information system
8. Aspek Ancaman
Keamanan
• Interruption
– Data dirusak dan dihapus
– Ancaman availability
• Interception
– Informasi disadap oleh orang yang
tidak berhak
– Ancaman terhadap privacy
9. Aspek Ancaman
Keamanan.......
• Modification
– Mengubah informasi
– Ancaman terhadap integrity
• Fabrication
– Meniru/memalsukan informasi
– Ancaman terhadap integrity
11. Pendekatan
Pendeteksian Serangan
• Anomaly detection
– Prilaku tak lazim
– Serangan berbeda dengan aktifitas
normal
• Misuse detection
– Analisa terhadap aktivitas sistem
– Mencari even yang cocok dengan
pola serangan
– Pola prilaku serangan disebut
signatures
12. Pendeteksian Serangan
• Network monitoring
– Menggunakan protokol SNMP
– Contoh program: snmp collector,
etherboy
• Intrusion detection system
– Pengenalan penyusup
– Log aktivitas dibandingkan dengan pola
serangan
– Warning ke admin
– Tidak mencegah hanya mencatat
serangan
13. Pencegahan Serangan
• Desain sistem
• Aplikasi yang dipakai
• Manajemen
– SOP
– Security policy
• Penjelasan
• Tanggung jawab pihak terlibat
• Bahasa
• Otoritas yang menetapkan
• Perkecualian
• Penilaian ulang