Hasil Pencarian  ::  Simpan CSV :: Kembali

"The 12 revised full papers were carefully reviewed and selected from numerous submissions. The papers address all aspects of fault tolerance and exception handling, safety modeling, supporting evolution, resilience in service-oriented computing, and applying formal methods in case studies."

"Skripsi ini membahas mengenai penerapan pasal perlindungan data pribadi yang terdapat dalam Undang-undang No. 11 Tahun 2008 tentang Informasi dan Transaksi Elektronik yang dikaitkan dengan praktik layanan komputasi awan yang saat ini sedang berkembang pesat. Kebutuhan komputasi awan diperkirakan akan mengalami peningkatan yang sangat besar di masa mendatang. Hal tersebut didorong makin banyaknya penggunaan perangkat yang terhubung ke internet dan membutuhkan akses layanan berbasis data secara real time. Sebagai sebuah jenis layanan yang masih tergolong baru di Indonesia, isu keamanan dan perlindungan data pribadi dinilai masih menjadi poin penting yang dikhawatirkan dalam adopsi komputasi awan di Indonesia, menyusul banyaknya kasus pembobolan data yang merugikan pengguna layanan berbasis media elektronik seperti telepon selular dan kartu kredit. Dalam penelitian ini akan dibahas mengenai konsep umum perlindungan data, peraturan perundang-undangan yang mengatur tentang perlindungan data baik di dalam maupun luar negeri, tinjauan umum dari komputasi awan, analisis pasal 26 UU ITE dan tanggung jawab dari penyedia layanan komputasi awan terhadap data pribadi pengguna layanannya.

---

This paper discusses around the application of article about personal data protection that contained in Law No. 11 Year 2008 on Information and Electronic Transaction associated with the practice of cloud computing service that is growing rapidly nowadays. The need of cloud computing are predicted to get a huge increase in the future. It is driven more and more use of the devices that connected to the internet and require access to data-based services in real time. As a kind of the new service in Indonesia, the issue of security and personal data protection is still considered to be an important point of concern in the adoption of cloud computing in Indonesia, following a number of data leaked cases that adverse subject data of electronic media-based services such as mobile phones and credit cards. In this study will be discussed on the general concept of data protection, laws and regulations governing data protection both inside and outside the country, an overview of cloud computing, analysis of article 26 of Law of Information and Electroninc Transactions and responsibilities of providers of cloud computing services to the user's personal data from its services."

"The papers combine topics like modeling, benchmarking, testing, performance evaluation, and dependability, and aim at academic and industrial researchers in these areas as well as graduate students and lecturers in related fields."

"The critical infrastructure protection survey recently released by Symantec found that 53% of interviewed IT security experts from international companies experienced at least ten cyber attacks in the last five years, and financial institutions were often subject to some of the most sophisticated and large-scale cyber attacks and frauds.The book by Baldoni and Chockler analyzes the structure of software infrastructures found in the financial domain, their vulnerabilities to cyber attacks and the existing protection mechanisms. It then shows the advantages of sharing information among financial players in order to detect and quickly react to cyber attacks. Various aspects associated with information sharing are investigated from the organizational, cultural and legislative perspectives. The presentation is organized in two parts: Part I explores general issues associated with information sharing in the financial sector and is intended to set the stage for the vertical IT middleware solution proposed in Part II. Nonetheless, it is self-contained and details a survey of various types of critical infrastructure along with their vulnerability analysis, which has not yet appeared in a textbook-style publication elsewhere. Part II then presents the CoMiFin middleware for collaborative protection of the financial infrastructure."

"This volume constitutes the refereed proceedings of the 6th IFIP WG 11.2 International Workshop on Information Security Theory and Practice: Security, Privacy and Trust in Computing Systems and Ambient Intelligent Ecosystems, WISTP 2012, held in Egham, UK, in June 2012. The 9 revised full papers and 8 short papers presented together with three keynote speeches were carefully reviewed and selected from numerous submissions. They are organized in topical sections on protocols, privacy, policy and access control, multi-party computation, cryptography, and mobile security."

"Risiko pemeriksaan mempengaruhi standar pekerjaan lapangan dan standar pelaporan dalam pemeriksaan laporan keuangan. Salah satu aspek yang dinilai paling mempengaruhi risiko pemeriksaan di era informasi sekarang ini adalah risiko keamanan informasi. Perlunya penilaian risiko keamanan informasi dari aspek TI kerana teknologi informasi sangat mempengaruhi berbagai macam aktivitas dalam organisasi diantaranya penyusunan laporan keuangan yang merupakan keluaran dari sebuah sistem yang menggunakan teknologi informasi, tidak terkecuali instansi pemerintah. Penelitian ini akan menyusun alat bantu dan kerangka kerja penilaian risiko keamanan informasi di instansi pemerintah yang berbasis ISO 27001. Narasumber yang terdiri dari pengendali teknis, auditor dan pejabat eselon I BPK RI diwawancara untuk memilih aktivitas pengendalian dalam ISO 27001 yang penting dalam penilaian risiko keamanan informasi. Hasil pemilihan aktivitas tersebut dijadikan input dalam perancangan model kerangka kerja, dimana kerangka kerja tersebut akan diuji publik di Pemerintah Kota Tangerang oleh beberapa auditor. Hasil penelitian ini dapat membentuk suatu alat bantu dan kerangka kerja untuk memudahkan para auditor di BPK dalam proses penilaian risiko keamanan informasi untuk menunjang perencanaan pemeriksaan laporan keuangan pemerintah daerah dimana terdiri dari unsur-unsur dalam program audit yakni ruang lingkup audit, tujuan audit, tahap perencanaan, tahap pelaksanaan, dan tahap penyelesaian yang dirumuskan dari aktivitas dan praktik pengendalian di ISO 27001 terpilih. Kerangka kerja dilengkapi dengan indikator dampak dan kecenderungan dari setiap risiko aktivitas yang didapat dari klausal-klausal ISO 27001.

---

Inspection risks affecting standard of field works and standards of examination report of financial statements. One aspect that is considered the most influencing risk in todays information age is a risk of information security covering aspects of IT and non IT aspects. The needs for information risk security assesment of IT aspects which due to the rapid information technology development, which greatly affects wide range of activities within organization including stated financial reports, is the output of a system that uses information technology, including government agencies. This research develop tools and frameworks in the information security risk assesment at government agencies based on ISO 27001. Resource persons consisting of technical controllers, auditor and BPK echelon I are interviewed to select the ISO 27001 control activities which are important in the information security risk assesment.

Election results will serve as input in designing the model framework, which then some auditors will perform public test in Tangerang city government. The results of this study can form a frameowkrs and tools to facilitate the BPK auditors in the process of information security risk assesment to support inspection planning of local government financial reports, which consist of the elements in the audit program such as audit scope, audit objectives, planning phase, stages of implementation, and completion stages of activities and practices defined in the selected ISO 27001. The framework comes with indicators of the impact and trends of each risk activity derived from ISO 27001 clauses."

"Abstract:"Effective security rules and procedures do not exist for their own sake-they are put in place to protect critical assets, thereby supporting overall business objectives. Recognizing security as a business enabler is the first step in building a successful program.Information Security Fundamentals allows future security professionals to gain a solid understanding of the foundations of the field and the entire range of issues that practitioners must address. This book enables students to understand the key elements that comprise a successful information security program and eventually apply these concepts to their own efforts. The book examines the elements of computer security, employee roles and responsibilities, and common threats. It examines the need for management controls, policies and procedures, and risk analysis, and also presents a comprehensive list of tasks and objectives that make up a typical information protection program.The volume discusses organizationwide policies and their documentation, and legal and business requirements. It explains policy format, focusing on global, topic-specific, and application-specific policies. Following a review of asset classification, the book explores access control, the components of physical security, and the foundations and processes of risk analysis and risk management. Information Security Fundamentals concludes by describing business continuity planning, including preventive controls, recovery strategies, and ways to conduct a business impact analysis""