Siagian, Irwin Lawrencius and Lukas, Lukas and Lim, Charles (2016) Development of Application Security Standard for Compliance to Information Security Standard, PT. XYZ, Jakarta. Masters thesis, Swiss German University.
|
Text
Irwin Siagian 22014112 TOC.pdf Download (1MB) | Preview |
|
Text
Irwin Siagian 22014112 1.pdf Restricted to Registered users only Download (1MB) |
||
Text
Irwin Siagian 22014112 2.pdf Restricted to Registered users only Download (3MB) |
||
Text
Irwin Siagian 22014112 3.pdf Restricted to Registered users only Download (2MB) |
||
Text
Irwin Siagian 22014112 4.pdf Restricted to Registered users only Download (6MB) |
||
Text
Irwin Siagian 22014112 5.pdf Restricted to Registered users only Download (328kB) |
||
|
Text
Irwin Siagian 22014112 Ref.pdf Download (676kB) | Preview |
Abstract
Application is a critical part on business process. Unfortunately, most of organization only concern with security control on infrastructure and general security control on logical access. There are many threats to application exist today that targeted the confidentiality, integrity, and availability of data especially on internet application. Security control on infrastructure and logical access is not enough to ensure the information or data is well protected on business process. Application security becomes a very important aspect in order to defence or protecting sensitive data, assets, and reputation against threats to business process. To ensure the security on the application from design phase until production phase, it is needed a standard that contains a security requirements for application and it is called Application Security Standard. To develop an application security standard, author using a hybrid threat modeling analysis process to identify and categorize threats on application. Also, with threat modeling analysis, security control against threats can be defined. Hybrid threat modeling is a combination and modification from some threat modeling process.
Item Type: | Thesis (Masters) |
---|---|
Uncontrolled Keywords: | Application; Application Security Standard; Hybrid Threat Modeling; Threat; STRIDE; OWASP; Data Flow Diagram |
Subjects: | T Technology > T Technology (General) > T58.5 Information technology |
Divisions: | Faculty of Engineering and Information Technology > Department of Information Technology |
Depositing User: | Atroridho Rizky |
Date Deposited: | 13 Jul 2020 14:53 |
Last Modified: | 13 Jul 2020 14:53 |
URI: | http://repository.sgu.ac.id/id/eprint/1143 |
Actions (login required)
View Item |