Article Per Year (5 Year)
p-Index From 2019 - 2024
0.444
P-Index
This Author published in this journals
All Journal GEMA TEKNOLOGI Jurnal Sistem Komputer Jurnal Pengabdian Vokasi
Manan, Saiful
Program Studi Diploma III Teknik Elektro Fakultas Teknik Universitas Diponegoro
Computer Science & IT Engineering Languange, Linguistic, Communication & Media Law, Crime, Criminology & Criminal Justice

Published : 3 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 3 Documents
Search

 1 
Implematasi Aeschipper Class Untuk Enkripsi URL di Sistem Informasi Akademik Fakultas Teknik Universitas Diponegoro Subari, Arkhan; Manan, Saiful
Jurnal Sistem Komputer Vol 4, No 2 (2014)
Publisher : Jurnal Sistem Komputer

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.14710/jsk.v4i2.70

Abstract

In web programming GET method can use to send data from client to server. Weaknees of the GET method is the appearance of transmitted data or variables in the URL. Users can easily change variables used and when it is executed, variable data will also be executed. It is very vulnerable to attack by malicious users with some techniques such as XSS or SQL injection. These weaknesses can be resolved with use encryption techniques to URLs that use the GET method, such as AES encryption. The process is encrypt variables on client side and decrypt on server side to retrieve actual data. Thus variable is not shown in the URL, so if there will be an attack attempt difficult. Academic Information System (AIS) of Engineering Faculty, as a web-based application also uses several modules that use the GET method for sending data. Thus addition of the security level using the URL encryption is needed to improve security of system and data on the AIS. The result is a variable that is sent with GET method is not display on URL on three modules, namely the main menu page, change the password and a link out of the syste . The encryption process adds time access to system by an average of 0:05 s, so that the outline does not affect system performance . Keywords: web applications, POST and GET, URL, encryption, AES, academic information system.
PEMANFAATAN METODE WAVS (WEB APPLICATION SECURITY SCANNERS) MENGGUNAKAN BURP SUITE TOOLS DALAM AUDIT TEKNIS KEAMANAN SISTEM INFORMASI SURAT TUGAS SEKOLAH VOKASI UNDIP Arkhan Subari; Saiful Manan; Eko Ariyanto; Adnan Fauzi
Gema Teknologi Vol 21, No 4 (2022): October 2021 - April 2022
Publisher : Vocational School Diponegoro University

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.14710/gt.v21i4.46828

Abstract

An official travel assignment letter is a type of assignment letter needed by an employee in carrying out work assignments. In many ways, the assignment letter information system is built based on web-programming. In web-programming there are two methods to send data from client to server. The two methods are the POST method and the GET method. Information security is an important aspect that needs to be considered in design a information system. There are many attacker spying data on information system daily. Usually the attacker uses the loopholes in the data transmission method to attack the system. There are many techniques used to attack information systems likes WAVs (Web Application Security Scanners). WAVs is a program that is used to find security holes in web-based information systems using several methods, such as XSS, SQL Injection, Intercept and Bruteforce. One program that can be used is Burp Suite. Burp Suite is often used by security auditors, researchers, and testers for analysis of different systems. Burp's core functionality is to intercept and display HTTP requests in a structured manner. The Vocational School of Diponegoro University has developed an information system that is used to manage this assignment letter. The information system is design using a web-based application. However, the system has never been technically audited on its security level. Therefore, it is necessary to audit the information system security techniques so that the level of information system security can be ascertained and corrective steps can be taken if there are security holes found. This study is intended to conduct a technical audit of the security of the UNDIP Vocational School assignment letter information system. The audit was conducted using the WAVs (Web Application Security Scanners) method with the Burp Suite application. The results of the brutefoce test using Burpsuite showed that there was no suitable password. However, the fact that an attacker can attack 30,0006 times is a weakness that needs to be fixed.
Implementasi Sistem Informasi Warga Berbasis Web Menggunakan Opensid Di Desa Kangkung, Kecamatan Mranggen, Kabupaten Demak Arkhan Subari; Heru Winarno; Saiful Manan
Jurnal Pengabdian Vokasi Vol 2, No 1 (2021): Juni 2021
Publisher : Sekolah Vokasi Universitas Diponegoro

Show Abstract | Download Original | Original Source | Check in Google Scholar | Full PDF (199.492 KB) | DOI: 10.14710/jpv.2021.11175

Abstract

Kangkung Village is one of the villages in Mranggen District, Demak Regency, which is one of the villages directly adjacent to Semarang, in the east. Because it is on the border with Semarang, Kangkung village is a village with a dense population. It is located in a busy main route area and is in the middle of an industrial area. The total population in Kangkung Village is approximately 1,400 families. The average education level of the people of Kangkung Village is high school and college. Kangkung Village is located in the border area between Semarang and Demak Regency, so it is a relatively developed area but population administration information and file services have not been provided fully effectively, therefore it requires a population data information system that is quite easy to access, fast, accurate and up to date. With these conditions, this service is carried out to help the people of Kangkung Village, Mranggen District, Demak Regency in terms of population information system applications which include population information based on age, sex, occupation and information on former population administration including family card information and also ID cards that are accurate, fast and up to date. Thus users of this information can be immediately served when data requests from residents of Kangkung Village, Mranggen District, Demak District. The service is carried out through the following stages: licensing the implementation of activities to related parties, collecting related data, designing and creating an information system application for residents of Kangkung Village, Mranggen District, Demak District based on the data obtained, testing the application to find out whether the application according to need. The result of this activity is that there is a web-based citizen information system that can present population data that is often needed quickly, accurately and up to date. With this information system, population data can be presented faster than the manual method.
Co-Authors Arkhan Subari Eko Ariyanto Fauzi, Adnan Heru Winarno