SECURITY ANALYSIS ON ONLINE EXAM SYSTEM BASED ON ATTACK TREE
An examination is intended to measure the knowledge of a person or student. The exam is also used as an evaluation tool to assess how far the knowledge has been mastered and the skills that have been acquired. This Thesis describes how to make security analysis of a secure exam based on an attack tr...
Saved in:
| Main Author: | |
|---|---|
| Format: | Theses |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/39671 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | An examination is intended to measure the knowledge of a person or student. The exam is also used as an evaluation tool to assess how far the knowledge has been mastered and the skills that have been acquired. This Thesis describes how to make security analysis of a secure exam based on an attack tree, how to make risk assessment of a secure exam, discussing how a penetration test can be used as a verification in making an attack and attack-defense tree. There is little research on the secure exam. One of the papers discussing the secure exam is entitled "Designing a Secure Exam Management System (SEMS) for m-Learning Environment". This paper is able to answer all the challenges that exist in a secure exam, whether mobile or not. There is no further research on SEMS. This is expected to be one of the further studies on SEMS or the overall secure exam.
Intended Results is a security analysis of the secure exam, which can be used by researchers or organizations in order to plan to build a secure exam, so everythings can be anticipated in making the secure exam. Using Design Reasearch Methodology, the security analysis starting from making a risk assessment, making an attack tree, making an attack-defense tree, building a secure exam server, performing penetration testing, and analysis. Finding of this thesis is attack and attack-defense tree of the secure exam as a security analysis. Attack and attack-defense trees can be verified by penetration testing on case study. |
|---|