ANALISIS DAN IMPLEMENTASI FITUR KEAMANAN APLIKASI PADA FRAMEWORK LARAVEL
DOI:
https://doi.org/10.31000/jika.v8i3.11198Abstract
Dalam era digital yang semakin kompleks, keamanan aplikasi web menjadi salah satu aspek yang paling penting untuk dipertimbangkan. Framework Laravel telah menjadi pilihan utama dalam pengembangan aplikasi web berkat fitur-fitur keamanan yang kuat yang disediakannya. Namun demikian, pemahaman yang mendalam tentang fitur-fitur keamanan Laravel dan implementasi praktis dalam konteks pengembangan aplikasi web yang nyata masih menjadi tantangan bagi banyak pengembang. analisis mendalam terhadap fitur keamanan yang disediakan oleh Laravel dan menerapkannya dalam studi kasus pengembangan aplikasi web. Kami memilih beberapa fitur keamanan utama, termasuk proteksi terhadap SQL injection, Cross-Site Scripting (XSS), dan Cross-Site Request Forgery (CSRF). Hasil analisis menunjukkan bahwa dengan menerapkan fitur keamanan Laravel secara tepat, aplikasi web dapat dilindungi secara efektif dari berbagai serangan keamanan yang umum. Namun, tantangan yang dihadapi dalam implementasi fitur keamanan ini juga terungkap, termasuk kompleksitas konfigurasi dan penyesuaian yang diperlukan untuk mengintegrasikan fitur-fitur keamanan dalam aplikasi web yang kompleks. Dengan demikian, penelitian ini memberikan pemahaman yang lebih baik tentang praktik keamanan aplikasi web menggunakan framework Laravel.
References
Aljawarneh, S. A. (2020). Cybersecurity Risks in Remote Learning: Problems and Solutions. Information Systems Management, 37(4), 299-308.
Halfond, W. G. J., & Orso, A. (2010). Amnesia: analysis and monitoring for neutralizing SQL-injection attacks. ACM Transactions on Software Engineering and Methodology (TOSEM), 19(1), 2-2.
Herdiansah, A., Sugiyani, Y., Fitriawati, N., & Cholid, H. N. (2023). Sistem Informasi Akademik Penilaian Hasil Kegiatan Belajar Mengajar Sekolah Menengah Pertama. JIKA (Jurnal Informatika), 7(3), 364–370. https://doi.org/10.31000/jika.v7i3.8838
Herdiansah, A., Sugiyani, Y., Septarini, R. S., & Mahpud, M. (2022). Penerapan Metode Pemodelan UML (Unified Modelling Language) dan RAD (Rapid Application Development) pada Pembangunan Sistem Informasi Akademik Sekolah (A. Wahdi, Ed.; 1st ed.). CV. Dewa Publishing
Litchfield, D., & Anley, C. (2007). The Database Hacker's Handbook: Defending Database Servers. Wiley Publishing.
Nurofik, A., Rahajeng, E., Munti, N. Y. S., Sutisna, Firmansyah, H., Sani, A., Hendarsyah, D., Adrianto, S., Darma, W. A., Herdiansah, A., Ariestiandy, D., Nurnaningsih, D., Setiawan, I., Wiyono, A. S., & Zaharah. (2021). Pengantar Teknologi Informasi (I. Kusumawati & M. Sari, Eds.; Ed.1). Insania
Mell, P., & Scarfone, K. (2007). Common Vulnerabilities and Exposures (CVE). Journal of Cyber Security and Mobility, 1(1), 107-112.
OWASP. (2017). OWASP Top Ten. OWASP Foundation.
OWASP. (2021). Open Web Application Security Project (OWASP). Diakses dari: https://owasp.org/
Russell, S., Ganguli, S., & Raghunathan, A. (2018). Web Application Security is a Stack: How to CYA (Cover Your Apps) Completely. O'Reilly Media
Stamp, M., Black, U., & Zakin, I. (2016). Web Security: A Beginner's Guide. McGraw-Hill Education.
Susanti, S., & Irawan, C. (2023). Sistem Informasi Fleet Management Menggunakan Framework Laravel pada PT. Sajira Mahardika. JIKA (Jurnal Informatika), 7(4), 415–422. https://doi.org/10.31000/jika.v7i4.8574
Taufiq, R., Heriyanto, H., Destriana, R., Faridi, F., & Nurnaningsih, D. (2023). Perancangan Sistem Informasi Penjualan Roti Kurni Bakeri Berbasis Web Menggunakan Metode Waterfall. JIKA (Jurnal Informatika), 7(3), 292–298. https://doi.org/10.31000/jika.v7i3.8298
Verizon. (2020). Data Breach Investigations Report (DBIR). Verizon Communications.
Yanuarti, E., Sarwindah, S., Perkasa, E. B., & Briliantza, A. (2022). Penerapan Model RAD Dalam Sistem Administrasi Layanan TV Kabel Berbasis Web. JIKA (Jurnal Informatika), 6(3), 220–226. https://doi.org/10.31000/jika.v6i3.6229
Downloads
Published
Issue
Section
License
License and Copyright Agreement
In submitting the manuscript to the journal, the authors certify that:
- They are authorized by their co-authors to enter into these arrangements.
- That it is not under consideration for publication elsewhere,
- That its publication has been approved by all the author(s) and by the responsible authorities – tacitly or explicitly – of the institutes where the work has been carried out.
- They secure the right to reproduce any material that has already been published or copyrighted elsewhere.
- They agree to the following license and copyright agreement.
Copyright
Authors who publish with International Journal of Advances in Intelligent Informatics agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC BY-SA 4.0) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.Â
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
Licensing for Data Publication
International Journal of Advances in Intelligent Informatics use a variety of waivers and licenses, that are specifically designed for and appropriate for the treatment of data:
Open Data Commons Attribution License, http://www.opendatacommons.org/licenses/by/1.0/ (default)
Creative Commons CC-Zero Waiver, http://creativecommons.org/publicdomain/zero/1.0/
Open Data Commons Public Domain Dedication and Licence, http://www.opendatacommons.org/licenses/pddl/1-0/
Other data publishing licenses may be allowed as exceptions (subject to approval by the editor on a case-by-case basis) and should be justified with a written statement from the author, which will be published with the article.
Open Data and Software Publishing and Sharing
The journal strives to maximize the replicability of the research published in it. Authors are thus required to share all data, code or protocols underlying the research reported in their articles. Exceptions are permitted but have to be justified in a written public statement accompanying the article.
Datasets and software should be deposited and permanently archived inappropriate, trusted, general, or domain-specific repositories (please consult http://service.re3data.org and/or software repositories such as GitHub, GitLab, Bioinformatics.org, or equivalent). The associated persistent identifiers (e.g. DOI, or others) of the dataset(s) must be included in the data or software resources section of the article. Reference(s) to datasets and software should also be included in the reference list of the article with DOIs (where available). Where no domain-specific data repository exists, authors should deposit their datasets in a general repository such as ZENODO, Dryad, Dataverse, or others.
Small data may also be published as data files or packages supplementary to a research article, however, the authors should prefer in all cases a deposition in data repositories.
