keamanan komputer / computer security

2,366 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,366
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
209
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

keamanan komputer / computer security

  1. 1. KEAMANANKOMPUTERKAJK 2011
  2. 2. Pendahuluan• Informasi menentukan hampir setiap elemen dalam kehidupan• Dunia modern melibatkan pengumpulan, penukaran pembuatan dan pengaksesan informasi (information-based society)• Dimungkinkan dengan adanya teknologi komputer dan telekomunikasi• Masalah keamanan merupakan aspek terpenting pada sebuah sistem informasi
  3. 3. Pendahuluan.....• Keamanan kurang mendapatkan perhatian dari perancang dan pengelola sistem• Apabila menggangu performa sistem, keamanan tidak dipedulikan/ditiadakan
  4. 4. Aspek Keamanan• Authentication – any process by which you verify that someone is who they claim they are – authentication is commonly done through the use of logon passwords• Integrity – is the assurance that information can only be accessed or modified by those authorized to do so•
  5. 5. Aspek keamanan...• Nonrepudiation – assurance that someone cannot deny something – a digital signature is used not only to ensure that a message or document has been electronically signed by the person that purported to sign the document, but also, since a digital signature can only be created by one person, to ensure that a person cannot later deny that they furnished the signature.• Authority – finding out if the person, once identified, is permitted to have the resource – In multi-user computer systems, a system administrator defines for the system which users are allowed access to the system and what privileges of use(such as access to which file directories, hours of access, amount of allocated storage space)
  6. 6. Aspek keamanan...• Confidentiality – set of rules or a promise that limits access or places restrictions on certain types of information.• Privacy – What personal information can be shared with whom – Whether messages can be exchanged without anyone else seeing them – Whether and how one can send messages anonymously• Availability – Present and ready to use, accessible
  7. 7. Aspek keamanan... – Nines terms• Acces control – a system which enables an authority to control access to areas and resources in a given physical facility or computer- based information system
  8. 8. Aspek AncamanKeamanan• Interruption – Data dirusak dan dihapus – Ancaman availability• Interception – Informasi disadap oleh orang yang tidak berhak – Ancaman terhadap privacy
  9. 9. Aspek Ancaman Keamanan.......• Modification – Mengubah informasi – Ancaman terhadap integrity• Fabrication – Meniru/memalsukan informasi – Ancaman terhadap integrity
  10. 10. Metodologi Keamanan
  11. 11. PendekatanPendeteksian Serangan• Anomaly detection – Prilaku tak lazim – Serangan berbeda dengan aktifitas normal• Misuse detection – Analisa terhadap aktivitas sistem – Mencari even yang cocok dengan pola serangan – Pola prilaku serangan disebut signatures
  12. 12. Pendeteksian Serangan• Network monitoring – Menggunakan protokol SNMP – Contoh program: snmp collector, etherboy• Intrusion detection system – Pengenalan penyusup – Log aktivitas dibandingkan dengan pola serangan – Warning ke admin – Tidak mencegah hanya mencatat serangan
  13. 13. Pencegahan Serangan• Desain sistem• Aplikasi yang dipakai• Manajemen – SOP – Security policy • Penjelasan • Tanggung jawab pihak terlibat • Bahasa • Otoritas yang menetapkan • Perkecualian • Penilaian ulang

×