Analisis Sistem Keamanan Pada Cloud Computing Menggunakan Metode Attack-Centric (Security System Analysis of Cloud Computing Using Attack-Centric Method)
Abstract
Abstrak. Seiring dengan makin pesatnya perkembangan teknologi penyimpanan data, Cloud Computing merupakan salah satu dari beberapa teknologi jaringan penyimpan data yang sedang berkembang pesat saat ini. Tidak menutup kemungkinan data yang tersimpan dalam cloud computing merupakan data penting dan rahasia yang tidak semua orang bisa mengaksesnya. hal ini menyebabkan keamanan data merupakan suatu hal yang sangat penting, Banyak ahli dan praktisi berpendapat bahwa Enterprise Computing adalah suatu masalah yang sudah selesai, cenderung stabil dan statis, serta tidak membutuhkan suatu peningkatan yang signifikan. dibalik kelebihan yang ada pada teknologi Cloud Computing juga ada beberapa ancaman, salah satunya keamanan data yang ada pada sistemasi Cloud Computing. Ancaman ini bisa diartikan seperti kebocoran data penting/rahasia, pencurian credential, peretasan API, pembajakan account, dan kehilangan data secara permanen maupun penyalahgunaan layanan cloud. Untukmenjaga agar data aman dari pengguna yang tidak berhak maka diperlukan Analisis sistem keamanan pada media penyimpanan Cloud Computing. Dalam tulisan ini akan dibahas tentang analisis dan standar sistem keamanan pada Cloud Computing, yang mana penulis juga akan memberikan rekomendasi dan alasan terkait teknik keamanan yang paling tepat untuk diaplikasikan ke dalam arsitektur Cloud Computer dan menentukan standar keamanan pada Cloud Computing. Kata Kunci: Sistem Keamanan, Cloud Computing, Enterprise Computing
Abstract. Along with the rapid development of data storage technology, Cloud Computing is one of several data storage network technologies that is currently growing rapidly. Did not rule out the data stored in cloud computing is important and confidential data that is not accessible to everyone. This causes data security is very important. Many experts and practitioners argue that Enterprise Computing is a problem that has already been resolved, tends to be stable and static, and does not require a significant increase. behind the advantages that exist in cloud computing technology there are also several threat, one of them is data security in cloud computing. this threat can be interpreted as leakage of important / confidential data, credential theft, API hacking, account hijacking, and permanent data loss or misuse of cloud services. to keep data safe from unauthorized users, it is necessary to analyze the security system on Cloud Computing storage media. in this paper we will discuss the analysis and security system standards in Cloud Computing, which the author will also provide recommendations and reasons related to the most appropriate security techniques to be applied to the cloud computer architecture and determine security standards in cloud computing. Keywords: System Security, Cloud Computing, Enterprise Computing
References
Dewannata D. Tujuan, Risiko dan Ancaman pada Keamanan Jaringan Komputer. www.ilmukomputer.com. Tanggal akses terakhir: 28 Juli 2016.
Mell, P., Grance, T. The NIST Definition of Cloud computing Recommendations of the National Institute of Standards and Technology, NIST Spec. Publ. 2011: 80-145.
Sugiyanto. Prototipe Sistem Informasi Haji Untuk Menangani Jemaah Tersesat Menggunakan SMS Gateway. Jurnal Nasional Teknik Elektro dan Teknologi Informasi (JNTETI). 2014; 3(2): 123-128.
Osmond, A. B., Nugroho, L. E., & Kusumawardhani, S. S. Aplikasi Pengumpulan Data Survei Memanfaatkan SMS Gateway. Jurnal Nasional Teknik Elektro dan Teknologi Informasi (JNTETI). 2016; 5(1): 1-5.
Manuaba, I. B. V. H., Hidayat, R., & Kusumawardani, S. S. Evaluasi Keamanan Akses Jaringan Komputer Nirkabel (Kasus: Kantor Pusat Fakultas Teknik Universitas Gadjah Mada). Jurnal Nasional Teknik Elektro dan Teknologi Informasi (JNTETI). 2012; 1(1): 1317.
Steve Hanna. Cloud Computing: Finding the Silver Lining. Juniper Networks. 2009.
Klöti, Rowan. Open flow: A security analysis. Master’s thesis”, Eidgenössische Technische Hochschule Zürich, 2013.
Jelena Mirkovic, Sven Dietrich, David Dittrich, and Peter Reiher. Internet Denial of Service: Attack and Defense Mechanisms. Prentice Hall, 2005.
Gonzalez, N., Miers, C., Redigolo, F., Simplicio, M., Carvalho, T., Näslund, M., & Pourzandi, M. A quantitative analysis of current security concerns and solutions for cloud computing. Journal of Cloud Computing: Advances, Systems and Applications. 2012; 1(1), 11.
Robert Broberg, Matthew Caesar, Douglas Comer, Chase Cotton, Michael J. Freedman, Andreas Haeberlen, Zachary G. Ives, Arvind Krishnamurthy, William Lehr, Boon Thau Loo, David Mazières, Antonio Nicolosi, Jonathan M. Smith, Ion Stoica, Robbert van Renesse, Michael Walfish, Hakim Weatherspoon, dan Christopher S. Yoo. The nebula future internet architecture. Lecture Notes in Computer Science. 2013; 7858: 1–24
Tom Anderson, Ken Birman, Robert Broberg, Matthew Caesar, Douglas Comer, Chase Cotton, Michael Freedman, Andreas Haeberlen, Zack Ives, Arvind Krishnamurthy, William Lehr, Boon Thau Loo, David Mazières, Antonio Nicolosi, Jonathan Smith, Ion Stoica, Robbert van Renesse, Michael Walfish, Hakim Weatherspoon, dan Christopher Yoo. Technical report. nebula - a future internet that supports trustworthy cloud computing. 2011: 1–31.
Naous, J., Walfish, M., Nicolosi, A., Mazières, D., Miller, M., & Seehra, A. (2011, December). Verifying and enforcing network paths with ICING. In Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies. 2011: 1-12.
Mell, P., Grance, T. The NIST Definition of Cloud Computing Recommendations of the National Institute of Standards and Technology, Nist Spec. 2011; 145: 7.
Rashid, F.Y. The dirty dozen: 12 cloud security threats, 2016. [Online]. Available: https://www.infoworld.com/article/3041078/security/the-dirty-dozen-12-cloud-securitythreats.html
Bumpus, W. NIST Cloud Computing Standards Roadmap, NIST Cloud Comput. Stand. 2013: 1-3.
Undang-Undang Nomor 11 Tahun 2008 Tentang Informasi danTransaksi Layanan Elektronik. 2008; 1: 1–29.
Government of Indonesia. PP No. 82/2012 Penyelenggaraan Sistem dan Transaksi Elektronik. 2012: 1–54.
How To Cite This :
Refbacks
- There are currently no refbacks.