Anhari, Fahmi (2024) Analisis Threat Modeling Dengan Pendekatan Stride Dan Dread Untuk Evaluasi Risiko Dan Peningkatan Keamanan Pada Simpeg Kepulauan Meranti. Other thesis, Universitas Islam Riau.
![[thumbnail of Fahmi Anhari.pdf]](https://repository.uir.ac.id/style/images/fileicons/text.png "Fahmi Anhari.pdf") |
Text
Fahmi Anhari.pdf - Submitted Version Restricted to Registered users only Download (4MB) | Request a copy |
Abstract
SIMPEG is a crucial information technology infrastructure that manages employee data but is vulnerable to various security threats such as cyber-attacks and data theft. The issue faced is the potential threats that can compromise the integrity and availability of the data. This study aims to identify potential threats, measure the associated risk levels, and develop effective mitigation strategies. The methodology used includes literature review, interviews with SIMPEG users and administrators, and direct observation of the system. The STRIDE approach is used to identify types of threats such as spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege. The DREAD approach is used to evaluate the risk levels associated with each identified threat. The results show that the use of the STRIDE model successfully identified various potential security threats in SIMPEG, including three threats from each category of spoofing, tampering, repudiation, information disclosure, denial of service, and five threats in the category of elevation of privilege. The DREAD modeling provides a risk value overview, with the Elevation of Privilege category having the highest risk. Recommended mitigation measures include access rights restrictions, the use of multi-factor authentication (MFA), regular system updates, and limiting login attempts. This research is expected to make a significant contribution to improving employee data security and supporting the smooth operation of SIMPEG, as well as serving as a reference for other organizations using similar information systems. Effective implementation of mitigation strategies will help protect data integrity and availability, thereby increasing trust in the information system used.
| Item Type: | Thesis (Other) |
|---|---|
| Contributors: | Contribution Contributors NIDN/NIDK Sponsor Arta, Yudhi 1029078701 |
| Uncontrolled Keywords: | Threat Modeling, STRIDE, DREAD, Data Security, SIMPEG Kepulauan Meranti |
| Subjects: | T Technology > T Technology (General) |
| Divisions: | > Teknik Informatika |
| Depositing User: | Yolla Afrina Afrina |
| Date Deposited: | 23 Sep 2025 01:11 |
| Last Modified: | 23 Sep 2025 01:11 |
| URI: | https://repository.uir.ac.id/id/eprint/30242 |
Actions (login required)
 |
View Item |