TY - GEN
T1 - Security Evaluating Security of Insurance Agency Portal
T2 - 7th International Conference on Information Technology, Information Systems and Electrical Engineering, ICITISEE 2023
AU - Fadilah, Muhammad Darmawan
AU - Maulidiya, Erika
AU - Rochimah, Siti
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Information systems play a pivotal role in business operations, especially for insurance agency portals that facilitate interactions between agencies and companies, providing services like registration, training, and access to essential reports. This study delves into assessing the quality of these portals by employing the internationally recognized SQuaRE series standards, concentrating specifically on security aspects as measured by ISO/IEC 25023. The choice of ISO/IEC 25023 is strategic, given its comprehensive approach to security metrics and its widespread acceptance, ensuring a thorough security assessment. ISO/IEC 25023 testing is divided into several stages: defining security characteristics, defining attributes measurement and measuring every metric name based on sub criteria. The study evaluates and analyzes based on the results measurements and provide recommendations. The agency portal website must improve integrity and non-repudiation that have low scores, currently compromised by inadequate array access validation and the absence of digital signatures.
AB - Information systems play a pivotal role in business operations, especially for insurance agency portals that facilitate interactions between agencies and companies, providing services like registration, training, and access to essential reports. This study delves into assessing the quality of these portals by employing the internationally recognized SQuaRE series standards, concentrating specifically on security aspects as measured by ISO/IEC 25023. The choice of ISO/IEC 25023 is strategic, given its comprehensive approach to security metrics and its widespread acceptance, ensuring a thorough security assessment. ISO/IEC 25023 testing is divided into several stages: defining security characteristics, defining attributes measurement and measuring every metric name based on sub criteria. The study evaluates and analyzes based on the results measurements and provide recommendations. The agency portal website must improve integrity and non-repudiation that have low scores, currently compromised by inadequate array access validation and the absence of digital signatures.
KW - ISO 25010
KW - Information System
KW - Security Measurement
UR - http://www.scopus.com/inward/record.url?scp=85185552490&partnerID=8YFLogxK
U2 - 10.1109/ICITISEE58992.2023.10404329
DO - 10.1109/ICITISEE58992.2023.10404329
M3 - Conference contribution
AN - SCOPUS:85185552490
T3 - Proceedings - 2023 IEEE 7th International Conference on Information Technology, Information Systems and Electrical Engineering, ICITISEE 2023
SP - 1
EP - 5
BT - Proceedings - 2023 IEEE 7th International Conference on Information Technology, Information Systems and Electrical Engineering, ICITISEE 2023
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 29 November 2023 through 30 November 2023
ER -