Hasil Pencarian  ::  Simpan CSV :: Kembali

"This book provides an overview of the most recent developments in Internet of Things (IoT) security and data protection. It presents the results of several international research projects addressing this topic from complementary angles. It starts by analyzing the main privacy and security threats on IoT, as well as the evolution of data protection norms, such as the European General Data Protection Regulation (GDPR), and their impact on IoT. Through a comprehensive and systematic approach, the contributors present new perspectives on IoT & Cloud Computing security requirements. They discuss the most recent approach to support trusted IoT, including new models of privacy risk assessment, labeling and certification, and contractual tools (such as Privacy PACT). Practical implementations, such as in the European Large Scale Pilots on IoT for Smart Cities (Synchronicity), are presented, explaining how they address security, privacy and data protection. Finally, innovative models to secure IoT systems are presented for the network and end-nodes security, including network threats analysis.Shares results from several international research projects on IoT, cybersecurity, and privacy;Combines complementary expertise from top experts in IoT, security, and data protection;Provides a comprehensive view on how to protect IoT deployments and make them comply with the GDPR."

"This book covers various aspects of security, privacy and reliability in Internet of Things (IoT) and Cyber-Physical System design, analysis and testing. In particular, various established theories and practices both from academia and industry are presented and suitably organized targeting students, engineers and researchers. Fifteen leading academicians and practitioners wrote this book, pointing to the open problems and biggest challenges on which research in the near future will be focused."

"Internet of Things adalah seperangkat aplikasi yang melengkapi perangkat dan lokasi untuk menghasilkan informasi dan menghubungkannya untuk analisis data. IoT telah merevolusi cara industri bertindak. Ini memiliki peluang baru yang cukup besar untuk menghasilkan solusi menarik tentang bagaimana perusahaan dapat mengumpulkan dan menganalisis data berbeda yang mungkin mengubah bisnis secara real-time dan lintas waktu. IoT memiliki implementasi yang luas dalam bisnis, termasuk di industri semen, khususnya pada sistem manajemen paletnya. Sistem manajemen palet yang baik diperlukan untuk memastikan kualitas palet yang baik yang digunakan dalam mengangkut produk. Di perusahaan semen, palet diangkut ke gudang dan ritel menggunakan truk. Manual standar untuk menangani palet diperlukan untuk memastikan bahwa palet tidak pecah atau hilang karena penanganan yang buruk. Penelitian ini bertujuan untuk mengkaji alternatif Internet of Things terbaik yang dapat digunakan untuk mempermudah sistem pengelolaan pallet di sebuah perusahaan semen. Dengan menggunakan Best Worst Method (BWM), prioritas kriteria diputuskan. Alternatif terbaik dari teknologi auto-identification dipilih menggunakan Additive Ratio Assessment (ARAS). Hasil dari penelitian ini menunjukkan bahwa RFID merupakan alternatif terbaik dengan nilai utilitas dari RFID, yaitu nilai utilitas 0,9854 indeks kinerja 0,3452.

---

Internet of Things is a set of applications that equip devices and locations to generate information and correlate it for data analysis. IoT has revolutionized how industries to act. It has a considerably new opportunity to generate compelling solutions exploring how a company can collect and analyze disparate data that might transform the business in real-time and across time. IoT has a broad implementation in the business, including in the cement industry, particularly on its pallet management system. A good pallet management system is required to ensure the good quality of pallet used in transporting products. In a cement company, pallets are transported to warehouses and retails using trucks. A standardized manual to handle pallets is required to make sure that it does not break or lost due to poor handling. This study’s main objective is to assess the best alternative of IoT that used to ease pallet management system in a cement company. Using Best Worst Method (BWM), the priority of criteria was decided. The best alternative of auto-identification technology was selected using Additive Ratio Assessment (ARAS). Result of this research shows that RFID is the best alternative with utility score of 0,9854 performance rating index of 0,3452."

"

Internet of Things (IoT) tidak hanya mengubah cara perangkat berinteraksi dan terhubung, tetapi juga membawa risiko keamanan serius, seperti kebocoran data. Penelitian ini mengatasi masalah tersebut dengan menggabungkan Advanced Encryption Standard (AES) dan shift left security. AES digunakan untuk mengenkripsi data yang ditransmisikan melalui perangkat IoT dengan mempertimbangkan keterbatasan sumber daya komputasi, khususnya pada perangkat Smart Fan System, yang bekerja dengan mengaktifkan mini fan berdasarkan threshold suhu tertentu yang dapat dimonitor melalui web app. Pada penelitian ini, shift left security diterapkan untuk mengidentifikasi dan mengatasi kerentanan sejak tahap awal pengembangan. Efektivitas integrasi AES dan shift left security diuji dengan membandingkan waktu eksekusi dan kerentanan keamanan. Penetration testing dilakukan terhadap SQL injection, Man in the Middle (MITM) attack, dan Distributed Denial of Service (DDoS) attack. Hasil penelitian menunjukkan peningkatan keamanan sebesar 66.67% dengan waktu eksekusi 485.51 ms pada sistem IoT yang mengintegrasikan AES dan shift left security, tanpa penurunan performa signifikan. Meskipun efektif terhadap SQL injection dan MITM attack, sistem masih rentan terhadap DDoS attack, sehingga diperlukan strategi tambahan yang lebih komprehensif. Penelitian ini diharapkan memberikan kontribusi penting dalam desain perangkat IoT yang lebih aman dan andal di masa depan.

---

The Internet of Things (IoT) not only transforms how devices interact and connect but also brings serious security risks, such as data breaches. This study addresses these issues by combining Advanced Encryption Standard (AES) and shift left security. AES is used to encrypt data transmitted through IoT devices, considering computational resource limitations, particularly in the Smart Fan System, which operates by activating a mini fan based on specific temperature threshold that can be monitored via a web app. In this research, shift left security is applied to identify and address vulnerabilities from the early stages of development. The effectiveness of integrating AES and shift left security is tested by comparing execution time and security vulnerabilities. Penetration testing is conducted against SQL injection, Man in the Middle (MITM) attack, and Distributed Denial of Service (DDoS) attack. The results show a 66.67% increase in security with an execution time of 485.51 ms in the IoT system integrating AES and shift left security, without significant performance degradation. Although effective against SQL injection and MITM attacks, the system remains vulnerable to DDoS attacks, indicating the need for more comprehensive strategies. This research is expected to make a significant contribution to the design of more secure and reliable IoT devices in the future.

"

"Di era yang ditandai oleh kemajuan teknologi yang pesat dan ketergantungan yang semakin meningkat terhadap perangkat terhubung, kebutuhan akan standarisasi Internet of Things (IoT) menjadi sangat mendesak, harena hal tersebut penting untuk memastikan interoperabilitas yang lancar, keamanan yang ditingkatkan, dan penggunaan solusi IoT yang efisien di berbagai industri dan sektor. IoT adalah sistem yang terdiri dari perangkat komputasi, mesin digital dan mekanik, objek, hewan, atau manusia yang saling terhubung dan diberi identitas unik dengan kemampuan untuk mentransfer data melalui jaringan tanpa memerlukan interaksi langsung antara manusia atau antara manusia dan komputer. Penggunaan dan pengoperasian IoT yang begitu meluas dalam berbagai industri dan sektor kehidupan manusia meningkatkan urgensi standarisasi IoT agar terhindar dari risiko-risiko terkait keamanan siber yang tidak diinginkan. Oleh karena itu timbulah pertanyaan mengenai risiko-risiko yang dapat timbul dari penggunaan teknologi IoT dan standar maupun izin yang dapat mengatur agar risiko-risiko tidak terjadi. Dalam penulisan ini akan dijawab mengenai definisi dan cara kerja IoT serta sejauh mana regulasi di Indonesia telah mengatur terkait IoT dalam hal standarisasi dan perizinan usahanya. Penulis juga akan mengkaji salah satu model bisnis terkait IoT yang telah diatur di Indonesia adalah Aktivitas Konsultasi dan Perancangan Teknologi IoT pada PP No. 5 Tahun 2021 tentang Perizinan Usaha Berbasis Risiko. Penulisan ini juga akan menjelaskan peraturan yang terdapat di Uni Eropa yang menjadi tolok ukur peraturan IoT di Indonesia. Penelitian dalam penulisan ini dilakukan dengan pengumpulan data primer melalui wawancara terhadap pemangku kebijakan terkait dan pelaku bisnis bidang IoT, kajian terhadap undang-undang di Indonesia dan Uni Eropa, serta penelusuran terhadap literatur. Penulisan ini sampai kepada kesimpulan bahwa peraturan perundang-undangan maupun peraturan pendukung di Indonesia belum menjelaskan terkait definisi IoT dan mengatur standar IoT. Pengaturan di Indonesia terkait perizinan bisnis terkait IoT hanya mengatur satu jenis model bisnis dan belum fleksibel dalam mendukung maupun menjaga risiko yang dapat timbul dari bisnis yang berhubungan dengan IoT.

---

In an era marked by rapid technological advancement and increasing dependence on connected devices, the need for standardization of the Internet of Things (IoT) becomes extremely urgent. This is because it is important to ensure smooth interoperability, enhanced security, and efficient utilization of IoT solutions across various industries and sectors. The widespread use and operation of IoT in different industries and sectors of human life raise the urgency of IoT standardization to avoid unwanted cybersecurity risks. Therefore, questions arise regarding the risks associated with IoT technology use and the standards and permissions that can regulate and mitigate these risks. This writing will address the definition and workings of IoT, as well as the extent to which regulations in Indonesia have addressed IoT standardization and licensing. The author will also examine one of the regulated IoT business models in Indonesia, namely IoT Technology Consultation and Design Activities under Regulation No. 5 of 2021 on Risk-Based Business Licensing. This writing will also explain the regulations in the European Union that serve as benchmarks for IoT regulations in Indonesia. The research for this writing is conducted through primary data collection, including interviews with relevant policymakers and IoT business practitioners, a study of laws in Indonesia and the European Union, as well as literature review. This writing concludes that the legislation and supporting regulations in Indonesia have not yet provided a clear definition of IoT or regulated IoT standards. The regulations in Indonesia regarding IoT business licensing only cover one type of business model and are not flexible enough to support or mitigate the risks associated with IoT-related businesses."

"Operator telekomunikasi kini telah mulai mengubah arah bisnis yang tidak lagi bergantung pada pendapatan dari layanan legacy seperti SMS dan voice, mereka mulai beralih ke layanan digital. Dengan kemampuan operator dalam hal konektivitas, mereka menaruh harapan pada layanan digital seperti Internet of Things (IoT). Banyak akademisi dan konsultan memprediksi bahwa IoT dapat meningkatkan pendapatan bagi operator telekomunikasi. Namun di balik potensi besar IoT, ada masalah penting dalam IoT yaitu masalah keamanan yang bisa menurunkan kepercayaan terhadap adopsi IoT. Melihat fakta-fakta ini, evaluasi tingkat kematangan pada sistem keamanan operator telekomunikasi perlu dilakukan untuk meminimalkan risiko dan ancaman keamanan. Penelitian ini bertujuan untuk mengevaluasi tingkat kematangan keamanan dan memberikan rekomendasi peningkatan keamanan di satu operator telekomunikasi di Indonesia. Metode penilaian yang digunakan penelitian ini menggunakan kerangka kerja IoT Security Maturity Model yang dikeluarkan oleh IIC. Hasil dari assessment maturity level yang dilakukan menunjukkan adanya kesenjangan pada maturity level untuk supply chain, incident dan event handling and recovery, identity access management, patch management, dan monitoring.

---

Telco operators have now begun to shift the direction of the business, which no longer relies on revenues from legacy services such as SMS and voice, they now shift to digital services. With its capabilities in terms of connectivity, the operator put hope to digital service such as the Internet of Things (IoT). Many academics and consultants predict IoT could boost revenue streams for telco operators. But behind the huge potential of IoT, there is a crucial issue in IoT which is security issues that could bring down confidence in the adoption of IoT. Looking at these facts, the evaluation of the maturity level on the telco operators security system needs to be done to minimize risks and security threats. This study aims to evaluate the security maturity level and give recommendation security improvement of one telco operator in Indonesia. The method for assessment which this study uses is the IoT Security Maturity Model framework issued by IIC. The results of the assessment maturity level indicate a gap in the maturity level for supply chain, incident, and event handling and recovery, identity access management, patch management, and monitoring."

"ABSTRAKInternet of Things IoT merupakan salah satu teknologi yang sedang berkembang dimana memungkinkan setiap benda seperti alat kesehatan, mesin produksi, mobil, TV, benda lainnya dapat saling terhubung melalui internet. Namun, terdapat beberapa tantangan yang perlu menjadi perhatian semua pihak, salah satunya adalah potensi ancaman terhadap keamanan data dan privasi.Di Indonesia sendiri, sudah ada regulasi yang mengatur keamanan data dan transaksi elektronik. Regulasi tersebut antara lain PP No. 82 Tahun 2012, UU No. 11 Tahun 2008, dan Permen Kominfo No. 4 Tahun 2016. Namun ketiga regulasi tersebut tidak secara spesifik mengatur masalah keamanan data dan privasi pada layanan Internet of Things IoT . Sehingga di perlukan sebuah regulasi yang khusus mengatur masalah keamanan data dan privasi pada layanan IoT.Penelitian ini menggunakan metode Privacy Impact Assessment PIA dan mengambil salah satu domain IoT, yakni Smart Healthcare. Sebagai hasil dari penelitian, di dapat 5 faktor yang perlu di atur dalam regulasi terkait aspek keamanan data dan privasi pada layanan Internet of Things Smart Heathcare , yakni security compliance, device security, secure communication, virtualization security, dan application security. Untuk security compliance, di rekomendasikan untuk menerapkan sertifikasi ISO/TC 215 Health Informatics. Untuk aspek device security, direkomendasikan untuk menerapkan Trusted Computing Base TCB . Untuk aspek secure communication di haruskan menggunakan Virtual Private Network VPN . Untuk aspek virtualization security, di haruskan menerapkan beberapa mitigasi seperti provisioning, hardening, firewall, access control, dan IDPS. Dan untuk aspek application security, di haruskan untuk menerapkan beberapa mitigasi seperti secure programming, static code analysis, automated pentest, dan web application firewall.

---

ABSTRACTInternet of Things IoT is one of the emerging technologies which allow any objects such as medical equipment, production machinery, cars, TVs, and other objects can be interconnected through the Internet. However, there are several challenges that need to be considerate of all parties, one of which is a potential threat to data security and privacy.In Indonesia, there are some existing regulations governing the security of data and electronic transactions. PP No. 82 Tahun 2012, UU No. 11 Tahun 2008, and Permen Kominfo No. 4 Tahun 2016 about Information Security Management System ISMS . However, these three regulations are not specifically control the issue of data security and privacy on the services of Internet of Things IoT . Thus, required a special regulation governing the data security and privacy on services of Internet of Things IoT .This research using Privacy Impact Assessment PIA methods and take one of the IoT domain, Smart Healthcare. As a result, there are 5 factors that need to be set in regulations related aspects of data security and privacy on the Internet of Things services Smart Heathcare security compliance, device security, secure communications, virtualization security, and application security. For security compliance, it 39 s recommended to apply ISO TC 215 Health Informatics. For the aspects of security devices, it is recommended to implement the Trusted Computing Base TCB . For secure communication aspects in required to use a Virtual Private Network VPN . For security aspects of virtualization, in required to apply some mitigation such as provisioning, hardening, firewalls, access control, and IDPS. And for aspects of application security, be required to implement some mitigation such as secure programming, static code analysis, automated pentest, and web application firewall."

"Infrastruktur jaringan Internet of Things (IoT) saat ini mengalami perkembangan danpertumbuhan yang sangat signifikan, seiring dengan semakin banyaknya perangkat pintaryang digunakan dalam kehidupan sehari-hari. Salah satu kendala dalam infrastrukturjaringan IoT adalah banyaknya halangan pada area tertentu di jaringan IoT. Halangantersebut dapat berupa adanya tembok atau dinding ataupun ketiadaan router dalam areatertentu. Berbagai pengembangan algoritma routing dalam menghadapi permasalahantersebut telah banyak dilakukan, akan tetapi belum ada algoritma routing yang dapatmenembus halangan dalam jaringan IoT. Penelitian ini mengembangkan metodePhysarum Routing Algorithm with Adaptive Power Control (PRA-APC) untukmenyelesaikan permasalahan halangan dalam jaringan IoT. Rancangan model PRA-APCakan mengidentifikasi semua informasi dalam jaringan kemudian memberikan powerpada node terakhir sebelum halangan. Algoritma routing PRA-APC akan dibandingkandengan algoritma routing lainnya yaitu Physarum inspired Routing Protocol (P-iRP) danRobust Selection Physarum-inspired Routing Protocol (RS-PRP). Protokol routing PRAAPCmampu menghasilkan jalur routing terpendek (shortest path) 70% lebih baikdibandingkan dengan RS-PRP dan P-iRP. Delay yang dihasilkan lebih kecil, masa hidupjaringan (network lifetime) lebih lama dan nilai throughput yang dihasilkan jauh lebihbaik dibandingkan dengan protokol algoritma routing lainnya. Peningkatan kinerjarouting PRA-APC menghasilkan efisiensi dan keseimbangan sumber daya dalam jaringansehingga dapat memperpanjang masa hidup jaringan IoT yang memiliki keterbatasansumber daya dalam infrastruktur jaringan lokal IoT. Peningkatan kinerja routing PRAAPCdapat memberikan solusi untuk mengatasi permasalahan halangan yang terdapatpada jaringan IoT.

---

The Internet of Things (IoT) network infrastructure is currently growing at a significant

rate, as is the number of smart devices being used in everyday life. The existence of

obstacles in the IoT network area is the biggest challenge in the IoT network

infrastructure. This obstacle in the IoT network can be a wall or the absence of a router

in a specific area. Routing development to face problems with obstacles has often been

done; however, there is no routing algorithm that can overcome that obstacle. This

research proposed a Physarum Routing Algorithm with Adaptive Power Control (PRAAPC)

to solve the problem of IoT obstacles in the network. The PRA-APC method

identifies the information for each node and the position of the obstacle in the network,

providing sufficient power to the last node before the obstacle so it can pass through the

obstacle to the final destination node. The PRA-APC routing method will be compared

with other routing algorithms, such as the Physarum-inspired Routing Protocol (P-iRP)

and Robust Selection Physarum-inspired Routing Protocol (RS-PRP). The PRA-APC

routing protocol can develop the shortest routing path, 70% better than P-iRP and RSPRP.

The result of the delay is greater efficiency: network lifetime is longer and

throughput is much better than other routing algorithm protocols. The PRA-APC routing

performance improvement results in efficiency and balance of resources in the network

so that it can extend the life span of IoT networks that have limited resources in the local

IoT network infrastructure. The new development of the PRA-APC routing protocol can

provide solutions to overcome the problem of obstacles in the IoT network"

"Perangkat Internet of Things (IoT) telah mengalami peningkatan signifikan dalam beberapa tahun terakhir, pada tahun 2020 diketahui bahwa terdapat sekitar 11.3 miliar perangkat IoT yang terhubung di seluruh dunia dan akan terus berkembang setiap tahun. Salah satu tantangan yang dapat timbul pada penggunaan perangkat IoT adalah pada aspek keamanan dimana terdapat beberapa pendekatan untuk melakukan peningkatan keamanan, salah satunya adalah pada sisi kode sumber yang digunakan untuk menjalankan perangkat IoT. Penelitian ini akan melakukan analisis terhadap efektivitas peningkatan keamanan melalui metode shifting left security yaitu kode sumber atau hasil kompilasi kode sumber akan dianalisis sebelum dirilis pada perangkat IoT serta pengujian perangkat IoT dalam lingkungan internal sebelum dirilis ke publik. Pada penelitian ini telah dilakukan percobaan terhadap serangan SQL Injection, Broken Authentication, dan Denial of Service serta diketahui bahwa terdapat peningkatan sebesar 66% pada implementasi metode shifting left security dalam pengembangan perangkat IoT yaitu terdapat serangan SQL Injection dan Broken Authentication yang dapat dicegah serta serangan Denial of Service yang masih ditemukan setelah metode shifting left security diterapkan.

---

Internet of Things (IoT) devices have had significant increase during the last few years, in 2020 it is known that there were approximately 11.3 billion connected devices around the world and is continuing to develop throughout each year. One of the challenges that may occur when implementing IoT devices is security in which there are several approaches that can be taken for increasing security, one of the approaches is through analyzing the source code that is used for running the device. This research will conduct an analysis upon the effectiveness of shifting left security where the source code or the binary will be analyzed before it is deployed onto the IoT device as well as testing the IoT device in an internal environment prior to public release. Based on the tests conducted in this research through several attacks such as SQL Injection, Broken Authentication, and Denial of Service it is known that the security of IoT devices can be improved by 66% when implementing the shifting left security method in which SQL Injection and Broken Authentication are two of the attacks that can be mitigated while Denial of Service attack still persists after the shifting left security method had been implemented."

"This book discusses the challenges in the convergence of technologies as the Internet of Things (IoT) evolves. These include sensing, computing, information processing, networking, and controlling intelligent technologies. The contributors first provide a survey of various assessment and evaluation approaches available for successful convergence. They then go on to cover several operational ideas to apply. The contributors then discuss the challenges involved bridging gaps in computation and the communication process, hidden networks, intelligent decision making, human-to-machine perception and large-scale IoT environments. The contributors aim to provide the reader an overview of trends in IoT in terms of performability and traffic modeling and efforts that can be spent in assessing the graceful degradation in IoT paradigms.- Provides a survey of IoT assessment and evaluation approaches;- Covers new and innovative operational ideas that apply to the IoT industry and the industries it affects;- Includes chapters from researchers and industry leaders in IoT from around the world."