THE DESIGN OF SECURITY OPERATION CENTER (SOC) ON APPLICATION PROGRAMMING INTERFACE (API)
The development of information technology is increasingly rapid, the need for companies and organizations to use information technology is a necessity to facilitate routine work activities. This makes more and more applications that are connected. Information security is a crucial issue in the ma...
Saved in:
| Main Author: | |
|---|---|
| Format: | Theses |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/54509 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:54509 |
|---|---|
| spelling |
id-itb.:545092021-03-18T07:44:25ZTHE DESIGN OF SECURITY OPERATION CENTER (SOC) ON APPLICATION PROGRAMMING INTERFACE (API) Yuliana, Frentina Indonesia Theses Security Operation Center (SOC), design, information security, Application Program Interface (API), ISO/IEC 27001: 2013, OWASP API Security TOP 10 INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/54509 The development of information technology is increasingly rapid, the need for companies and organizations to use information technology is a necessity to facilitate routine work activities. This makes more and more applications that are connected. Information security is a crucial issue in the management of data centers owned by state administering agencies. The existence of strategic electronic systems demands serious security. One of the efforts made in maintaining information security is using an Application Program Interface (API), an API is a program or system that can be accessed by other programs. API has brought about revolutionary changes in current applications. However, API has several vulnerabilities that pose a threat. for data confidentiality, one of which is the abuse of access rights. This can be minimized by monitoring and detection of the API. This monitoring is related to information security with an emphasis on confidentiality, integrity and availability of information. This activity can be applied to a special work function responsible for information security, namely the Security Operation Center (SOC). SOC is a work unit with competence in information security, both in terms of the process and the technology used, so it is hoped that SOC can secure the API during the interaction process. The design begins with an analysis of the existing risks in the API and calculating information security index (KAMI), followed by designing an organizational structure using an analysis of the ideal situation. The business process is carried out using ISO 27001: 2013 and OWASP API Security TOP 10 and followed by designing technology using GAP analysis. The research methodology used is a case study with the Design Research Methodology (DRM) approach. Data collection in the form of interviews, document studies, and observations. This study's results are the design of the SOC and the roadmap for implementing the SOC to fulfil the objectives of ensuring information security on the API. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
The development of information technology is increasingly rapid, the need for companies and
organizations to use information technology is a necessity to facilitate routine work activities. This
makes more and more applications that are connected. Information security is a crucial issue in the
management of data centers owned by state administering agencies. The existence of strategic
electronic systems demands serious security. One of the efforts made in maintaining information
security is using an Application Program Interface (API), an API is a program or system that can
be accessed by other programs. API has brought about revolutionary changes in current
applications. However, API has several vulnerabilities that pose a threat. for data confidentiality,
one of which is the abuse of access rights. This can be minimized by monitoring and detection of
the API. This monitoring is related to information security with an emphasis on confidentiality,
integrity and availability of information. This activity can be applied to a special work function
responsible for information security, namely the Security Operation Center (SOC). SOC is a work
unit with competence in information security, both in terms of the process and the technology used,
so it is hoped that SOC can secure the API during the interaction process. The design begins with
an analysis of the existing risks in the API and calculating information security index (KAMI),
followed by designing an organizational structure using an analysis of the ideal situation. The
business process is carried out using ISO 27001: 2013 and OWASP API Security TOP 10 and
followed by designing technology using GAP analysis. The research methodology used is a case
study with the Design Research Methodology (DRM) approach. Data collection in the form of
interviews, document studies, and observations. This study's results are the design of the SOC and
the roadmap for implementing the SOC to fulfil the objectives of ensuring information security on
the API. |
| format |
Theses |
| author |
Yuliana, Frentina |
| spellingShingle |
Yuliana, Frentina THE DESIGN OF SECURITY OPERATION CENTER (SOC) ON APPLICATION PROGRAMMING INTERFACE (API) |
| author_facet |
Yuliana, Frentina |
| author_sort |
Yuliana, Frentina |
| title |
THE DESIGN OF SECURITY OPERATION CENTER (SOC) ON APPLICATION PROGRAMMING INTERFACE (API) |
| title_short |
THE DESIGN OF SECURITY OPERATION CENTER (SOC) ON APPLICATION PROGRAMMING INTERFACE (API) |
| title_full |
THE DESIGN OF SECURITY OPERATION CENTER (SOC) ON APPLICATION PROGRAMMING INTERFACE (API) |
| title_fullStr |
THE DESIGN OF SECURITY OPERATION CENTER (SOC) ON APPLICATION PROGRAMMING INTERFACE (API) |
| title_full_unstemmed |
THE DESIGN OF SECURITY OPERATION CENTER (SOC) ON APPLICATION PROGRAMMING INTERFACE (API) |
| title_sort |
design of security operation center (soc) on application programming interface (api) |
| url |
https://digilib.itb.ac.id/gdl/view/54509 |
| _version_ |
1822929634968207360 |