Enhancement Security of Integrated Health Center Information Systems with the Gray-Box Penetration Test Method Using Computer Assisted Audit Techniques
Article Sidebar
Main Article Content
Abstract
Information system security is something the owner must pay attention to in order to avoid cyber crime. Information systems that have security vulnerabilities can threaten an organization's critical infrastructure. Security vulnerabilities are any kind of vulnerability that allows attackers to enter into the system illegally and perform unwanted acts. Penetration tests on information systems need to be carried out to ensure its security. This study aims to improve the security of the integrated health center information system in Payakumbuh City so that data and information is guaranteed its security. The method used is the gray box penetration test using computer assisted audit techniques. The results of this study found 97 high vulnerability categories, 1 medium vulnerability category and 26 low vulnerability categories. The Payakumbuh City Information and Communication Office can take advantage of the penetration test results as a reference to improve the security of the Payakumbuh integrated health center information system.
Article Details
This work is licensed under a Creative Commons Attribution 4.0 International License.
References
[2] Nur, R. M., Na'am, J., Nurcahyo, G. W., & Arlis, S. (2019). Peningkatan Keamanan Website Menggunakan Metode XML dengan Framework Codeigniter. Indonesian Journal of Computer Science, 8(2), 156-163. DOI: https://dx.doi.org/10.33022/ijcs.v8i2.188 .
[3] Votipka, D., Stevens, R., Redmiles, E., Hu, J., & Mazurek, M. (2018). Hackers Vs. Testers: A Comparison of Software Vulnerability Discovery Processes. IEEE Symposium on Security and Privacy (SP), 374-391. DOI: https://dx.doi.org/10.1109/SP.2018.00003 .
[4] Shebli, H. M. Z. A., & Beheshti, B. D. (2018). A Study on Penetration Testing Process And Tools. IEEE Long Island Systems, Applications and Technology Conference (LISAT). DOI: https://dx.doi.org/10.1109/lisat.2018.8378035 .
[5] Setiawan, E. B., & Setiyadi, A. (2018). Web Vulnerability Analysis and Implementation. In IOP Conference Series: Materials Science and Engineering, 407(1). DOI: https://dx.doi.org/10.1088/1757-899X/407/1/012081 .
[6] Simran, T. G., & Sasikala, D. (2019). Vulnerability Assessment of Web Applications using Penetration Testing. International Journal of Recent Technology and Engineering (IJRTE), 8(4), 1552-1556. DOI: https://dx.doi.org/10.35940/ijrte.B2133.118419
[7] Yunus, M. (2019). Analisis Kerentanan Aplikasi Berbasis Web Menggunakan Kombinasi Security Tools Project Berdasarkan Framework OWASP Versi 4. Jurnal Ilmiah Informatika Komputer, 24(1), 37-48. DOI: https://dx.doi.org/10.35760/ik.2019.v24i1.1988 .
[8] Jaber, R. J., & Wadi, R. M. A. (2018). Auditors’ Usage of Computer-Assisted Audit Techniques (CAATs): Challenges and Opportunities. In Conference on e-Business, e-Services and e-Society, 365-375. DOI: https://dx.doi.org/10.1007/978-3-030-02131-3_33 .
[9] Asniarti, A., & Muda, I. (2019). The Effect of Computer Assisted Audit Tools on Operational Review of Information Technology Audits. In 1st International Conference on Social Sciences and Interdisciplinary Studies. DOI: https://dx.doi.org/10.2991/icssis-18.2019.5 .
[10] Wicaksono, A., Laurens, S., & Novianti, E. (2018). Impact Analysis of Computer Assisted Audit Techniques Utilization on Internal Auditor Performance. In 2018 International Conference on Information Management and Technology (ICIMTech), 267-271. DOI: https://dx.doi.org/10.1109/ICIMTech.2018.8528198 .
[11] Ula, M. (2019). Evaluasi Kinerja Software Web Penetration Testing. TECHSI-Jurnal Teknik Informatika, 11(3), 336-352. DOI: https://dx.doi.org/10.29103/techsi.v11i3.1996 .
[12] Clincy, V., & Shahriar, H. (2018). Web Application Firewall: Network Security Models and Configuration. In 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC), 1, 835-836. DOI: https://dx.doi.org/10.1109/COMPSAC.2018.00144 .