Manajemen Risiko Ancaman Pada Aplikasi Website Sistem Informasi Akademik Politeknik Negeri Batam Menggunakan Metode Octave

Abstract

Website application is a service of information that is often used by Internet users today. Academic Information System (SIA) is a website application that is in Politeknik Negeri Batam. SIA is used to keep record, grade and biographical data from student. Therefore, needs to risk identification and risk management of threats are found on the SIA. Based on the Open Web Application Security Project (OWASP) there are several methods used for risk management threats, one of which is OCTAVE. OCTAVE is a method of systematically managing risk by identifying risk. This research aimed to test the safety and risk management threats that occur at SIA. OCTAVE method aims to provide a stage in managing the risk of threats are found. The Results obtained from this research is found four categories of threats that is category of authentication, encryption, session management and configuration management. Categories of threats which obtained can be used by UPT-SI Politeknik Negeri Batam as a form of preventive measure against weakness in the SIA website application.