Hasil Pencarian  ::  Simpan CSV :: Kembali

"The authors present a methodology for formally describing security protocols and their environment. This methodology includes a model for describing protocols, their execution model, and the intruder model. The models are extended with a number of well-defined security properties, which capture the notions of correct protocols, and secrecy of data. The methodology can be used to prove that protocols satisfy these properties. Based on the model they have developed a tool set called Scyther that can automatically find attacks on security protocols or prove their correctness. In case studies they show the application of the methodology as well as the effectiveness of the analysis tool."

"Memasuki era transformasi digital, pertukaraan informasi menjadi aspek paling vital bagi hampir seluruh organisasi, terlebih lagi informasi rahasia dan strategis. Beragam preseden buruk tentang kebocoran informasi rahasia dan strategis di Indonesia menjadi tamparan keras yang harus dijawab dengan solusi efektif. Instansi XYZ telah mengembangkan aplikasi enkripsi file ABC pada tahun 2020 untuk menjawab tantangan pengamanan informasi rahasia khususnya yang ditransmisikan pada kanal elektronik. Hingga tahun 2022, aplikasi ABC telah diimplementasikan secara terbatas dan rencananya, skala implementasi akan diperluas secara nasional. Selang 2 tahun masa operasional, Instansi XYZ telah melakukan kajian terhadap keamanan algoritma yang digunakan dalam Aplikasi ABC, namun belum melakukan kajian mendalam terhadap keamanan rangkaian protokol yang digunakan dalam Aplikasi tersebut. Pada peneitian ini dilakukan analisis keamanan protokol registrasi, verifikasi pengguna, pembangkitan kunci, dan permintaan kunci untuk proses enkripsi-dekripsi Aplikasi ABC dengan pendekatan verifikasi formal menggunakan Scyther Tool. Analisis berfokus pada aspek jaminan kerahasiaan informasi dan autentikasi dengan empat kriteria yaitu secrecy, aliveness, synchronization, dan agreement. Hasil percobaan menunjukkan bahwa protokol-protokol tersebut telah menenuhi kriteria secrecy untuk informasi rahasia yang ditransmisikan namun memiliki kelemahan umum pada pada autentikasi khususnya untuk kriteria synchronization dan agreement. Berdasarkan kelemahan tersebut, peneliti mengajukan desain konseptual protokol yang mampu mengatasi kelemahan-kelemahan yang teridentifikasi. Hasilnya, desain protokol yang diajukan peneliti terbukti provably secure berdasarkan hasil pengujian dan memenuhi empat kriteria keamanan pada aspek kerahasiaan informasi dan autentikasi entitas dan isi pesan.

---

In the era of digital transformation, information exchange, especially confidential and strategic information has become the most vital aspect for almost all organizations. Various bad precedents regarding classified and strategic information leaks in Indonesia have become a slap in the face that must be acknowledge and answered with effective solutions. In 2020, XYZ Agency developed a file encryption application (ABC Application) to address the challenge of securing confidential information, especially those transmitted on electronic channels. Until 2022, the ABC Application has been implemented in a limited scope and its implementation is planned to be expanded nationally. After 2 years of operation, the XYZ Agency has conducted a study on the security of the algorithm used in ABC Application, but unfortunately has not conducted an in-depth study regarding the security of the protocol suite used in the Application. In this research, a security analysis of ABC application protocol suites, namely the registration protocol, user verification, key generation, and key request for the encryption-decryption process protocol was conducted through formal verification approach using the Scyther Tool. The analysis focuses on aspects of guaranteeing confidentiality of information and authentication with four criteria, namely secrecy, aliveness, synchronization, and agreement. The experimental results showed that these protocols meet the security criteria for the transmitted confidential information but have general weaknesses in the authentication aspect, especially for synchronization and agreement criteria. Based on these identified weaknesses, We proposed a robust conceptual protocol design to overcome these weaknesses. As a result, the proposed design was proved to be provably secure based on the test results and met the four security criteria in the aspects of information confidentiality and authentication in terms of entity authentication and message content integrity. "

"Summary:This third edition of Semantics provides an engaging and accessible introduction to semantics for students new to the field. It covers the basic concepts and methods of the field and discusses some of the most important contemporary lines of research"

"This book offers readers comprehensive coverage of security policy specification using new policy languages, implementation of security policies in Systems-on-Chip (SoC) designs – current industrial practice, as well as emerging approaches to architecting SoC security policies and security policy verification. The authors focus on a promising security architecture for implementing security policies, which satisfies the goals of flexibility, verification, and upgradability from the ground up, including a plug-and-play hardware block in which all policy implementations are enclosed. Using this architecture, they discuss the ramifications of designing SoC security policies, including effects on non-functional properties (power/performance), debug, validation, and upgrade. The authors also describe a systematic approach for “hardware patching”, i.e., upgrading hardware implementations of security requirements safely, reliably, and securely in the field, meeting a critical need for diverse Internet of Things (IoT) devices.- Provides comprehensive coverage of SoC security requirements, security policies, languages, and security architecture for current and emerging computing devices;- Explodes myths and ambiguities in SoC security policy implementations, and provide a rigorous treatment of the subject;- Demonstrates a rigorous, step-by-step approach to developing a diversity of SoC security policies;- Introduces a rigorous, disciplined approach to “hardware patching”, i.e., secure technique for updating hardware functionality of computing devices in-field;- Includes discussion of current and emerging approaches for security policy verification."

"Alat kesehatan merupakan salah satu faktor penting dalam mendukung proses pelayanan kesehatan selain obat. PT. Forsta Kalmedic Global merupakan salah satu perusahaan yang memproduksi alat kesehatan dan diagnostik in-vitro yang berada di bawah naungan Kalbe Group. Mesin Crimper diperlukan dalam proses pengemasan primer pada proses produksi media kultur yang dilakukan di PT. Forsta Kalmedic Global yang berfungsi untuk mengunci tutup vial dengan alumnium cap agar tidak terjadi kebocoran dan memastikan produk kedap udara sehingga terhindar dari adanya kontaminan. Kualifikasi perlu dilakukan untuk membuktian dan mendokumentasikan bahwa suatu mesinsudah terpasang dengan benar, dan/atau bekerja dengan sesuai dan mengarah pada hasil yang diharapkan. Tahapan kualifikasi instalasi (KI) dan kualifikasi operasional (KO) dilakukan setelah pembuatan User Requirement System (URS), dan kualifikasi desain. Pembuatan protokol KI dan KO diperlukan sebelum pelaksanaan KI dan KO, agar kegiatan kualifikasi dapat berlangsung dengan baik, efektif, dan berhasil dilakukan karena dilakukan sesuai dengan pedoman protokol yang telah dibuat. Proses kualifikasi yang dilakukan menjadi salah satu tahapan proses inspeksi dan pengujian agar membuktikan bahwa proses instalasi dan operasional suatu mesin sesuai dengan tujuan dan fungsi operasionalnya. Kualifikasi dan validasi harus dilakukan sesuai dengan protokol yang telah ditentukan sebelumnya, dan wajib didokumentasikan dengan tepat.

---

Medical devices are one of the important factors in supporting the process of health services other than drugs. PT. Forsta Kalmedic Global is a company that manufactures medical devices and in-vitro diagnostics under the Kalbe Group. Crimper machine is needed in the primary packaging process in the culture media production process carried out at PT. Forsta Kalmedic Global which functions to lock the vial cap with an aluminum cap to prevent leakage and ensure that the product is airtight so that contaminants are avoided. Qualification needs to be done to prove and document that a machine has been installed correctly, and/or is working properly and leads to the expected results. The installation qualification (IQ) and operational qualification (OQ) stages are carried out after the creation of the User Requirement System (URS) and design qualification. Making the IQ and OQ protocols is necessary before the implementation of the IQ and OQ, so that the qualification activities can take place properly, effectively, and successfully carried out because they are carried out in accordance with the protocol guidelines that have been made. The qualification process carried out is one of the stages of the inspection and testing process to prove that the installation and operation process of a machine is in accordance with its operational goals and functions. Qualification and validation must be carried out according to pre-defined protocols and must be properly documented."