PENTESTING BASED RISK ASSESSMENT USING OCTAVE ALLEGRO APPROACH IN EDUCATIONAL INSTITUTION CLOUD SYSTEMS
In the rapidly evolving digital era, educational institutions have become key components in technological transformation, where cloud systems serve as the backbone for storing critical data, managing academic systems, and providing online education services. As information has become a highly ass...
Saved in:
| Main Author: | |
|---|---|
| Format: | Theses |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/86563 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:86563 |
|---|---|
| spelling |
id-itb.:865632024-11-15T14:11:30ZPENTESTING BASED RISK ASSESSMENT USING OCTAVE ALLEGRO APPROACH IN EDUCATIONAL INSTITUTION CLOUD SYSTEMS Husein Ramadhani Baharzah, M. Indonesia Theses Risk, Information Security, Penetration Testing, Educational Institutions, Cloud Systems, OCTAVE Allegro. INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/86563 In the rapidly evolving digital era, educational institutions have become key components in technological transformation, where cloud systems serve as the backbone for storing critical data, managing academic systems, and providing online education services. As information has become a highly asset, securing cloud systems is essential to maintain data integrity and confidentiality, especially considering rising cyber threats such as hacking and data breaches. This research proposes the integration of the OCTAVE Allegro (OA) approach with findings from penetration testing (pentesting) activities as a method for evaluating information security in educational institutions cloud systems. Through greybox pentesting, this study identifies existing vulnerabilities, while the OA framework is used to analyze risks in greater depth, involving interviews with relevant personnel to gain a comprehensive view of information security. The eight-step OA methodology is applied to assess scenarios impacting the confidentiality, integrity, and availability of data in the cloud. The evaluation results reveal that the cloud-integrated LMS system at Institution X contains several critical vulnerabilities. Based on these identified vulnerabilities, mitigation strategies were developed to reduce the identified risks, thereby strengthening Institution X's information security posture against increasingly complex cyber threats in the modern era. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
In the rapidly evolving digital era, educational institutions have become key
components in technological transformation, where cloud systems serve as the
backbone for storing critical data, managing academic systems, and providing
online education services. As information has become a highly asset, securing
cloud systems is essential to maintain data integrity and confidentiality, especially
considering rising cyber threats such as hacking and data breaches. This research
proposes the integration of the OCTAVE Allegro (OA) approach with findings from
penetration testing (pentesting) activities as a method for evaluating information
security in educational institutions cloud systems. Through greybox pentesting, this
study identifies existing vulnerabilities, while the OA framework is used to analyze
risks in greater depth, involving interviews with relevant personnel to gain a
comprehensive view of information security. The eight-step OA methodology is
applied to assess scenarios impacting the confidentiality, integrity, and availability
of data in the cloud. The evaluation results reveal that the cloud-integrated LMS
system at Institution X contains several critical vulnerabilities. Based on these
identified vulnerabilities, mitigation strategies were developed to reduce the
identified risks, thereby strengthening Institution X's information security posture
against increasingly complex cyber threats in the modern era. |
| format |
Theses |
| author |
Husein Ramadhani Baharzah, M. |
| spellingShingle |
Husein Ramadhani Baharzah, M. PENTESTING BASED RISK ASSESSMENT USING OCTAVE ALLEGRO APPROACH IN EDUCATIONAL INSTITUTION CLOUD SYSTEMS |
| author_facet |
Husein Ramadhani Baharzah, M. |
| author_sort |
Husein Ramadhani Baharzah, M. |
| title |
PENTESTING BASED RISK ASSESSMENT USING OCTAVE ALLEGRO APPROACH IN EDUCATIONAL INSTITUTION CLOUD SYSTEMS |
| title_short |
PENTESTING BASED RISK ASSESSMENT USING OCTAVE ALLEGRO APPROACH IN EDUCATIONAL INSTITUTION CLOUD SYSTEMS |
| title_full |
PENTESTING BASED RISK ASSESSMENT USING OCTAVE ALLEGRO APPROACH IN EDUCATIONAL INSTITUTION CLOUD SYSTEMS |
| title_fullStr |
PENTESTING BASED RISK ASSESSMENT USING OCTAVE ALLEGRO APPROACH IN EDUCATIONAL INSTITUTION CLOUD SYSTEMS |
| title_full_unstemmed |
PENTESTING BASED RISK ASSESSMENT USING OCTAVE ALLEGRO APPROACH IN EDUCATIONAL INSTITUTION CLOUD SYSTEMS |
| title_sort |
pentesting based risk assessment using octave allegro approach in educational institution cloud systems |
| url |
https://digilib.itb.ac.id/gdl/view/86563 |
| _version_ |
1822011093417984000 |