TY - GEN
T1 - A COBIT-Based Critical Asset Evaluation of Electronic Certificate Management in Central, Urban, and Rural Government Agencies
T2 - 2018 International Conference on ICT for Rural Development, IC-ICTRuDEv 2018
AU - Yulandi,
AU - Suryanto, Yohan
AU - Ramli, Kalamullah
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2019/5/3
Y1 - 2019/5/3
N2 - The authority for digital procurement certification in Indonesia, known as Otoritas Sertifikat Digital Pengadaan Secara Elektronik (OSD PSE), is provided by a unit at National Cyber and Crypto Agency. This is an in-demand service for many sectors that require secure electronic procurement. Our study analyzes and identifies the vulnerability of electronic certificate assets using COBIT 5.0 framework. There are four assets that are at high risk when OSD PSE services are interrupted: OSD PSE Private Key Compromise, Spamkodok Auditor Application, EJBCA Application, and Hardware Security Module. We evaluated these assets using COBIT 5's goals cascade mechanism, which is designed to achieve enterprise and IT goals and to determine domain processes. Based on our evaluation, the EDM03, APO12, APO13, and BAI06 domain processes require deeper study. Additionally, we identified 10 secondary priority processes.
AB - The authority for digital procurement certification in Indonesia, known as Otoritas Sertifikat Digital Pengadaan Secara Elektronik (OSD PSE), is provided by a unit at National Cyber and Crypto Agency. This is an in-demand service for many sectors that require secure electronic procurement. Our study analyzes and identifies the vulnerability of electronic certificate assets using COBIT 5.0 framework. There are four assets that are at high risk when OSD PSE services are interrupted: OSD PSE Private Key Compromise, Spamkodok Auditor Application, EJBCA Application, and Hardware Security Module. We evaluated these assets using COBIT 5's goals cascade mechanism, which is designed to achieve enterprise and IT goals and to determine domain processes. Based on our evaluation, the EDM03, APO12, APO13, and BAI06 domain processes require deeper study. Additionally, we identified 10 secondary priority processes.
KW - COBIT 5
KW - Domain Process
KW - Enterprise Goals
KW - IT Goals
UR - http://www.scopus.com/inward/record.url?scp=85065956679&partnerID=8YFLogxK
U2 - 10.1109/ICICTR.2018.8706851
DO - 10.1109/ICICTR.2018.8706851
M3 - Conference contribution
AN - SCOPUS:85065956679
T3 - Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018
SP - 98
EP - 104
BT - Proceeding - 2018 International Conference on ICT for Rural Development
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 17 October 2018 through 18 October 2018
ER -