DEVELOPMENT OF WEB-BASED APPLICATION WITH WEB ENGINEERING SECURITY (WES) METHODOLOGY FOR SECURITY ASPECT ENHANCEMENT (CASE STUDY : WEB-BASED SIMAk MM UNPAD APPLICATION)

SIMAk MM UNPAD is a web-based application that manages the academic information on The  Masters of Management Program of Padjadjaran University. Therefore, the application stores a lot of important academic data that some of them are sensitive and confidential. This causes the security aspects becomes a major  oncern in the application development so that the stored data can be properly maintained, disbibuted and utilized. Web Engineering Security (WES) is a methodology in developing an application that focuses on security aspects. WES is a proactive, flexible, process neutral security methodology with customizable components that is based on empirical evidence and used to explicitly integrate security throughout an application development process. The implementation of WES methodology could assist the development of SIMAk MM UNPAD in identifying risk of threats that can attack a web-based application such as SQL Injection and Cross Site Scripting (XSS) and provide guidance in terms of data distribution that occured in the application according to the needsof end-user.

Dibuat oleh :  Dewi Rosmala, S.Si.,M.IT., Gema Ananda

E-mail: d_rosmala@itenas.ac.id

Kata kunci : SIMAk MM UNPAD, WES, web, PHP, sql injection, cross site scripting.

Keterangan :  Makalah ini  dimuat pada  PROCEEDINGS KONFERENSI NASIONAL SISTEM INFORMASI (KNSI)2013

DEVELOPMENT OF WEB-BASED APPLICATION WITH WEB ENGINEERING SECURITY (WES) METHODOLOGY FOR SECURITY ASPECT ENHANCEMENT (CASE STUDY : WEB-BASED SIMAk MM UNPAD APPLICATION)