EVOLUSI PERANGKAT LUNAK DALAM MENINGKATKAN ASPEK KEANDALAN & KEAMANAN PADA SISTEM INFORMASI AKUNTANSI DAN MANAJEMEN BISNIS WEBERP BERDASARKAN ISO/IEC 25010
DOI:
https://doi.org/10.70079/ekobis.v1i2.65Keywords:
webERP, Peningkatan Aspek Keamanan, ISO/IEC 25010, Burp Suite Community Edition.Abstract
Sistem Informasi webERP adalah perangkat lunak berbasis web yang bersifat open source / sumber terbuka yang dikembangkan oleh sebuah komunitas untuk bisnis skala kecil dan menengah sehingga pelaku bisnis skala kecil dan menengah bisa mendapatkan sebuah sistem dengan budget terjangkau bahkan gratis. Karena bersifat open source / sumber terbuka webERP memiliki beberapa vulnerability / kerentanan terutama dari aspek keamanan. Oleh sebab itu tujuan dari penulisan ini adalah menambahkan kode program agar SQL injection pada CVE-2018-19436 terkait vulnerability / kerentanan tertutup dan sesuai dengan standar ISO / IEC 25010 untuk mencegah kebocoran data pada sebuah unit usaha yang menggunakan sistem informasi webERP.
References
Aghaei, E., Shadid, W., & Al-Shaer, E. (2020). ThreatZoom: Hierarchical neural network for CVEs to CWEs classification. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, 335. https://doi.org/10.1007/978-3-030-63086-7_2
Ally, S. (2014). Security Vulnerabilities of the Web Based Open Source Information Systems: Adoption Process and Source Codes Screening. Huria: Journal of the Open University of Tanzania, 17(1), 1–13.
Barletta, V. S., Caivano, D., Colizzi, L., Dimauro, G., & Piattini, M. (2023). Clinical-chatbot AHP evaluation based on “quality in use” of ISO/IEC 25010. International Journal of Medical Informatics, 170. https://doi.org/10.1016/j.ijmedinf.2022.104951
Chen, S. J., Pan, Y. C., Ma, Y. W., & Chiang, C. M. (2022). The Impact of the Practical Security Test during the Software Development Lifecycle. International Conference on Advanced Communication Technology, ICACT, 2022-February. https://doi.org/10.23919/ICACT53585.2022.9728868
Das, S. S., Serra, E., Halappanavar, M., Pothen, A., & Al-Shaer, E. (2021). V2W-BERT: A Framework for Effective Hierarchical Multiclass Classification of Software Vulnerabilities. 2021 IEEE 8th International Conference on Data Science and Advanced Analytics, DSAA 2021. Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/DSAA53316.2021.9564227
Echefunna, C. C., Osamor, J., Iwendi, C., Owoh, P., Ashawa, M., & Philip, A. (2024). Evaluation of Information Security in Web Application Through Penetration Testing Techniques Using OWASP Risk Methodology. 2024 International Conference on Advances in Computing Research on Science Engineering and Technology (ACROSET), 1–21. IEEE. https://doi.org/10.1109/ACROSET62108.2024.10743903
Fadilah, M. D., & Rochimah, S. (2023). Security Evaluation of Insurance Portal Agency Information System Based on ISO/IEC 25010 Quality Standard Utilizing OWASP ZAP. 2023 3rd International Conference on Intelligent Cybernetics Technology and Applications, ICICyTA 2023, 352–357. Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/ICICyTA60173.2023.10428701
Fauzan, R. (2015). Pemanfaatan Web-Erp Untuk Sistem Informasi Akutansi Di Perusahaan. Jurnal Teknologi Dan Informasi (JATI).
Githa Hidayat, R., Nuryasin, I., & Suharso, W. (2020). Implementasi Sistem Informasi Penjualan dan Persediaan Menggunakan webERP Pada Cribo Inc Malang. REPOSITOR, 2(8), 1067–1074. Retrieved from www.weberp.org.
Martono, A. (2012). E-Business ERP (Enterprise Resources Planning) untuk Kompetisi Bisnis (Vol. 3). Retrieved from www.catcha.com,
Nuryanti, A., & Satria, F. (2023). Analisis Faktor Pendorong Nasabah Perbankan Melakukan Transaksi Digital Menggunakan Mobile Banking. Journal of Comprehensive Science (JCS), 2(12). https://doi.org/10.59188/jcs.v2i12.557
Oriol, M., Marco, J., & Franch, X. (2014). Quality models for web services: A systematic mapping. Information and Software Technology, Vol. 56. https://doi.org/10.1016/j.infsof.2014.03.012
Sinha, S. (2018). Beginning ethical hacking with Kali Linux: Computational techniques for resolving security issues. In Beginning Ethical Hacking with Kali Linux: Computational Techniques for Resolving Security Issues. https://doi.org/10.1007/978-1-4842-3891-2
Sohal, A. S., Gupta, S. K., & Singh, H. (2018). Trust in open source software development communities: A comprehensive analysis. International Journal of Open Source Software and Processes, 9(4). https://doi.org/10.4018/IJOSSP.2018100101
Trenggono, D. H. (2014). Perancangan Sistem Peminjaman Berbasis Web Sebagai Media Layanan di Studio Multimedia SMK 2 Sewon. Skripsi, 10–17.
