Implementasi Traefik sebagai Reverse Proxy dengan Prinsip Zero Trust
Abstract
Technology and application development are experiencing massive development, without realizing it, cyber crime is also increasing rapidly. The increase in cyber attacks is a concern and makes concerns about important data owned. The impact can make applications or services lose and important data can be stolen and misused. With the application of Treafik as one of the reverse proxies, it aims to be a solution in an effort to increase application security by integrating it with the development of an IP whitelist system that has Zero Trust Security principles. The method used in the development contains several stages of research, namely, system analysis, system design, configuration, and test scenarios. The results of testing and research show that the IP whitelist system runs well according to the system design and the application of traefic can improve the application security system by denying unrecognized access to the IP whitelist system with a "forbidden" message.
Keywords: Traefik; Reverse Proxy; Whitelist IP; Zero Trust Security
Abstrak
Teknologi dan pengembangan aplikasi mengalami perkembangan yang sangat masif, tanpa disadari ternyata kejahatan cyber juga meningkat pesat. Meningkatnya serangan cyber ini menjadi keresahan dan membuat kekhawatiran akan data penting yang dimiliki. Dampaknya dapat membuat aplikasi atau service menjadi loss dan data-data penting dapat dicuri dan disalahgunakan. Dengan penerapan Traefik sebagai salah satu reverse proxy bertujuan untuk dapat menjadi solusi dalam upaya meningkatkan keamanan aplikasi dengan di integrasikan pada pengembangan sistem whitelist IP yang berprinpip Zero Trust Security. Metode yang digunakan dalam pengembangan memuat beberapa tahapan penelitian yaitu, analisis sistem, perancangan sistem, konfigurasi, dan skenario pengujian. Hasil pengujian dan penelitian menunjukkan sistem whitelistIP berjalan dengan baik sesuai rancangan sistem dan penerapan traefik dapat meningkatkan sistem keamanan aplikasi dengan menolak akses masuk yang tidak dikenali pada sistem whitelist IP dengan pesan “forbidden”.
Keywords
References
M. Wahyudi, “Analisis Performa Access Control List menggunakan Metode Firewall Policy Base Performance Analysis of the Access Control List Using the Firewall Policy-Based Method Article Info ABSTRAK,” Matrik: Jurnal Manajemen, Teknik Informatika, dan Rekayasa Komputer, vol. 20, no. 2, pp. 283–292, 2021, doi: 10.30812/matrik.v20i1.1068.
B. S. Renuka and G. T. Prafulla Shashikiran, “Model of Load Distribution Between Web Proxy Servers Using Network Traffic Analysis,” SN Comput Sci, vol. 1, no. 2, pp. 1-8, Mar. 2020, doi: 10.1007/s42979-020-0108-7.
S. M. Hosseini, A. H. Jahangir, and S. Daraby, “Session-persistent Load Balancing for Clustered Web Servers without Acting as a Reverse-proxy,” in 2021 17th International Conference on Network and Service Management (CNSM), 2021, pp. 360–364. doi: 10.23919/CNSM52442.2021.9615592.
W. Ramadhani, M. Arif, and F. Ridha, “Jurnal Politeknik Caltex Riau Perbandingan Kinerja Ingress Controller Pada Kubernetes Menggunakan Traefik Dan Nginx,” vol. 8, no. 2, pp. 289-295 2022. [Online]. Available: https://jurnal.pcr.ac.id/index.php/jkt/
A. Jeffery, H. Howard, and R. Mortier, “Rearchitecting Kubernetes for the Edge,” in EdgeSys 2021 - Proceedings of the 4th International Workshop on Edge Systems, Analytics and Networking, Part of EuroSys 2021, Association for Computing Machinery, Inc, Apr. 2021, pp. 7–12. doi: 10.1145/3434770.3459730.
S. Mandal, D. A. Khan, and S. Jain, “Cloud-Based Zero Trust Access Control Policy: An Approach to Support Work-From-Home Driven by COVID-19 Pandemic,” New Gener Comput, vol. 39, no. 3–4, pp. 599–622, Nov. 2021, doi: 10.1007/s00354-021-00130-6.
O. C. Edo, T. Tenebe, E. Etu, A. Ayuwu, J. Emakhu, and S. Adebiyi, “Zero Trust Architecture: Trend and Impacton Information Security,” International Journal of Emerging Technology and Advanced Engineering, vol. 12, no. 7, pp. 140–147, Jul. 2022, doi: 10.46338/ijetae0722_15.
Lakhno V et al., “Experimental Studies Of The Features Of Using Waf To Protect Internal Services In The Zero Trust Structure,” J Theor Appl Inf Technol, vol. 15, no. 3, pp. 705–721, Feb. 2022, [Online]. Available: www.jatit.org
R. A. Muzaki, O. C. Briliyant, M. A. Hasditama, and H. Ritchi, “Improving Security of Web-Based Application Using ModSecurity and Reverse Proxy in Web Application Firewall,” in 2020 International Workshop on Big Data and Information Security (IWBIS), 2020, pp. 85–90. doi: 10.1109/IWBIS50925.2020.9255601.
Z. Chen, L. Han, Y. Xu, and Z. Yu, “Design and Implementation of A Vulnerability-Tolerant Reverse Proxy Based on Moving Target Defense for E-Government Application,” in 2021 2nd Information Communication Technologies Conference (ICTC), 2021, pp. 270–273. doi: 10.1109/ICTC51749.2021.9441622.
A. Rosyida Zain, I. Muhamad, M. Matin, and D. K. Kautsar, “Analisis Implementasi Modsecurity dan Reverse Proxy Untuk Pencegahan Serangan Keamanan DDoS pada Web Server,” in SNIV: Seminar Nasional Inovasi Vokasi, 2023, pp. 118–127.
I. Yuliarto and E. Kaburuan, “Implementasi Reverse Proxy Server Sebagai Load Balancing Dan Https Proxy Menggunakan Nginx Pada Google Cloud Platform,” Skripsi, Universitas Mercu Buana Jakarta, Jakarta, 2021. [Online]. Available: https://lib.mercubuana.ac.id/
R. Maulana, M. Hatta, and I. Syafrinal, “Analisa Penerapan Filtering Proxy Server Pada Keamanan Jaringan Komputer Untuk Meminimalisr Penyebaran Malware (Studi Kasus Cakrabuana Cruiseship & School Cirebon),” vol. 12, no. 1, pp. 64–73, Sep. 2021, [Online]. Available: https://jurnal.umj.ac.id/index.php/just-it/index
M. Xu, J. Guo, H. Yuan, and X. Yang, “Zero-Trust Security Authentication Based on SPA and Endogenous Security Architecture,” Electronics (Switzerland), vol. 12, no. 4, pp. 1–21, Feb. 2023, doi: 10.3390/electronics12040782.
Jasson Casey, “The rise of Zero Trust authentication,” February 7, 2023. Accessed: Nov. 28, 2023. [Online]. Available: https://aijourn.com/the-rise-of-zero-trust-authentication/
A. Raina, “How To Use Traefik v2 as a Reverse Proxy for Docker,” Collabnix. Accessed: Nov. 28, 2023. [Online]. Available: https://collabnix.com/how-to-use-traefik-v2-as-a-reverse-proxy-for-docker/
How To Cite This :
Refbacks
- There are currently no refbacks.