keamanan komputer / computer security
TRANSCRIPT
Slide 1
KEAMANAN KOMPUTER
KAJK 2011
Pendahuluan
Informasi menentukan hampir setiap elemen dalam kehidupan
Dunia modern melibatkan pengumpulan, penukaran pembuatan dan pengaksesan informasi (information-based society)
Dimungkinkan dengan adanya teknologi komputer dan telekomunikasi
Masalah keamanan merupakan aspek terpenting pada sebuah sistem informasi
Pendahuluan.....
Keamanan kurang mendapatkan perhatian dari perancang dan pengelola sistem
Apabila menggangu performa sistem, keamanan tidak dipedulikan/ditiadakan
Aspek Keamanan
Authentication
any process by which you verify that someone is who they claim they are
authentication is commonly done through the use of logon passwords
Integrity
is the assurance that information can only be accessed or modified by those authorized to do so
Aspek keamanan...
Nonrepudiation
assurance that someone cannot deny something
a digital signature is used not only to ensure that a message or document has been electronically signed by the person that purported to sign the document, but also, since a digital signature can only be created by one person, to ensure that a person cannot later deny that they furnished the signature.
Authority
finding out if the person, once identified, is permitted to have the resource
In multi-user computer systems, a system administrator defines for the system which users are allowed access to the system and what privileges of use(such as access to which file directories, hours of access, amount of allocated storage space)
Aspek keamanan...
Confidentiality
set of rules or a promise that limits access or places restrictions on certain types of information.
Privacy
What personal information can be shared with whom
Whether messages can be exchanged without anyone else seeing them
Whether and how one can send messages anonymously
Availability
Present and ready to use, accessible
Aspek keamanan...
Nines terms
Acces control
a system which enables an authority to control access to areas and resources in a given physical facility or computer-based information system
Aspek Ancaman Keamanan
Interruption
Data dirusak dan dihapus
Ancaman availability
Interception
Informasi disadap oleh orang yang tidak berhak
Ancaman terhadap privacy
Aspek Ancaman Keamanan.......
Modification
Mengubah informasi
Ancaman terhadap integrity
Fabrication
Meniru/memalsukan informasi
Ancaman terhadap integrity
Metodologi Keamanan
Pendekatan Pendeteksian Serangan
Anomaly detection
Prilaku tak lazim
Serangan berbeda dengan aktifitas normal
Misuse detection
Analisa terhadap aktivitas sistem
Mencari even yang cocok dengan pola serangan
Pola prilaku serangan disebut signatures
Pendeteksian Serangan
Network monitoring
Menggunakan protokol SNMP
Contoh program: snmp collector, etherboy
Intrusion detection system
Pengenalan penyusup
Log aktivitas dibandingkan dengan pola serangan
Warning ke admin
Tidak mencegah hanya mencatat serangan
Pencegahan Serangan
Desain sistem
Aplikasi yang dipakai
Manajemen
SOP
Security policyPenjelasan
Tanggung jawab pihak terlibat
Bahasa
Otoritas yang menetapkan
Perkecualian
Penilaian ulang