A COBIT-Based Critical Asset Evaluation of Electronic Certificate Management in Central, Urban, and Rural Government Agencies

Study and Analysis

Yulandi, Yohan Suryanto, Kalamullah Ramli

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

The authority for digital procurement certification in Indonesia, known as Otoritas Sertifikat Digital Pengadaan Secara Elektronik (OSD PSE), is provided by a unit at National Cyber and Crypto Agency. This is an in-demand service for many sectors that require secure electronic procurement. Our study analyzes and identifies the vulnerability of electronic certificate assets using COBIT 5.0 framework. There are four assets that are at high risk when OSD PSE services are interrupted: OSD PSE Private Key Compromise, Spamkodok Auditor Application, EJBCA Application, and Hardware Security Module. We evaluated these assets using COBIT 5's goals cascade mechanism, which is designed to achieve enterprise and IT goals and to determine domain processes. Based on our evaluation, the EDM03, APO12, APO13, and BAI06 domain processes require deeper study. Additionally, we identified 10 secondary priority processes.

Original languageEnglish
Title of host publicationProceeding - 2018 International Conference on ICT for Rural Development
Subtitle of host publicationRural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages98-104
Number of pages7
ISBN (Electronic)9781538677810
DOIs
Publication statusPublished - 3 May 2019
Event2018 International Conference on ICT for Rural Development, IC-ICTRuDEv 2018 - Bali, Indonesia
Duration: 17 Oct 201818 Oct 2018

Publication series

NameProceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018

Conference

Conference2018 International Conference on ICT for Rural Development, IC-ICTRuDEv 2018
CountryIndonesia
CityBali
Period17/10/1818/10/18

Fingerprint

government agency
certification
assets
electronics
evaluation
management
hardware
vulnerability
compromise
Indonesia
demand
analysis
services

Keywords

  • COBIT 5
  • Domain Process
  • Enterprise Goals
  • IT Goals

Cite this

Yulandi, Suryanto, Y., & Ramli, K. (2019). A COBIT-Based Critical Asset Evaluation of Electronic Certificate Management in Central, Urban, and Rural Government Agencies: Study and Analysis. In Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018 (pp. 98-104). [8706851] (Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICICTR.2018.8706851
Yulandi ; Suryanto, Yohan ; Ramli, Kalamullah. / A COBIT-Based Critical Asset Evaluation of Electronic Certificate Management in Central, Urban, and Rural Government Agencies : Study and Analysis. Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 98-104 (Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018).
@inproceedings{7d61780fdd4e42c5ba498d83275274b0,
title = "A COBIT-Based Critical Asset Evaluation of Electronic Certificate Management in Central, Urban, and Rural Government Agencies: Study and Analysis",
abstract = "The authority for digital procurement certification in Indonesia, known as Otoritas Sertifikat Digital Pengadaan Secara Elektronik (OSD PSE), is provided by a unit at National Cyber and Crypto Agency. This is an in-demand service for many sectors that require secure electronic procurement. Our study analyzes and identifies the vulnerability of electronic certificate assets using COBIT 5.0 framework. There are four assets that are at high risk when OSD PSE services are interrupted: OSD PSE Private Key Compromise, Spamkodok Auditor Application, EJBCA Application, and Hardware Security Module. We evaluated these assets using COBIT 5's goals cascade mechanism, which is designed to achieve enterprise and IT goals and to determine domain processes. Based on our evaluation, the EDM03, APO12, APO13, and BAI06 domain processes require deeper study. Additionally, we identified 10 secondary priority processes.",
keywords = "COBIT 5, Domain Process, Enterprise Goals, IT Goals",
author = "Yulandi and Yohan Suryanto and Kalamullah Ramli",
year = "2019",
month = "5",
day = "3",
doi = "10.1109/ICICTR.2018.8706851",
language = "English",
series = "Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "98--104",
booktitle = "Proceeding - 2018 International Conference on ICT for Rural Development",
address = "United States",

}

Yulandi, Suryanto, Y & Ramli, K 2019, A COBIT-Based Critical Asset Evaluation of Electronic Certificate Management in Central, Urban, and Rural Government Agencies: Study and Analysis. in Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018., 8706851, Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018, Institute of Electrical and Electronics Engineers Inc., pp. 98-104, 2018 International Conference on ICT for Rural Development, IC-ICTRuDEv 2018, Bali, Indonesia, 17/10/18. https://doi.org/10.1109/ICICTR.2018.8706851

A COBIT-Based Critical Asset Evaluation of Electronic Certificate Management in Central, Urban, and Rural Government Agencies : Study and Analysis. / Yulandi; Suryanto, Yohan; Ramli, Kalamullah.

Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018. Institute of Electrical and Electronics Engineers Inc., 2019. p. 98-104 8706851 (Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018).

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

TY - GEN

T1 - A COBIT-Based Critical Asset Evaluation of Electronic Certificate Management in Central, Urban, and Rural Government Agencies

T2 - Study and Analysis

AU - Yulandi,

AU - Suryanto, Yohan

AU - Ramli, Kalamullah

PY - 2019/5/3

Y1 - 2019/5/3

N2 - The authority for digital procurement certification in Indonesia, known as Otoritas Sertifikat Digital Pengadaan Secara Elektronik (OSD PSE), is provided by a unit at National Cyber and Crypto Agency. This is an in-demand service for many sectors that require secure electronic procurement. Our study analyzes and identifies the vulnerability of electronic certificate assets using COBIT 5.0 framework. There are four assets that are at high risk when OSD PSE services are interrupted: OSD PSE Private Key Compromise, Spamkodok Auditor Application, EJBCA Application, and Hardware Security Module. We evaluated these assets using COBIT 5's goals cascade mechanism, which is designed to achieve enterprise and IT goals and to determine domain processes. Based on our evaluation, the EDM03, APO12, APO13, and BAI06 domain processes require deeper study. Additionally, we identified 10 secondary priority processes.

AB - The authority for digital procurement certification in Indonesia, known as Otoritas Sertifikat Digital Pengadaan Secara Elektronik (OSD PSE), is provided by a unit at National Cyber and Crypto Agency. This is an in-demand service for many sectors that require secure electronic procurement. Our study analyzes and identifies the vulnerability of electronic certificate assets using COBIT 5.0 framework. There are four assets that are at high risk when OSD PSE services are interrupted: OSD PSE Private Key Compromise, Spamkodok Auditor Application, EJBCA Application, and Hardware Security Module. We evaluated these assets using COBIT 5's goals cascade mechanism, which is designed to achieve enterprise and IT goals and to determine domain processes. Based on our evaluation, the EDM03, APO12, APO13, and BAI06 domain processes require deeper study. Additionally, we identified 10 secondary priority processes.

KW - COBIT 5

KW - Domain Process

KW - Enterprise Goals

KW - IT Goals

UR - http://www.scopus.com/inward/record.url?scp=85065956679&partnerID=8YFLogxK

U2 - 10.1109/ICICTR.2018.8706851

DO - 10.1109/ICICTR.2018.8706851

M3 - Conference contribution

T3 - Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018

SP - 98

EP - 104

BT - Proceeding - 2018 International Conference on ICT for Rural Development

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Yulandi, Suryanto Y, Ramli K. A COBIT-Based Critical Asset Evaluation of Electronic Certificate Management in Central, Urban, and Rural Government Agencies: Study and Analysis. In Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018. Institute of Electrical and Electronics Engineers Inc. 2019. p. 98-104. 8706851. (Proceeding - 2018 International Conference on ICT for Rural Development: Rural Development through ICT: Concept, Design, and Implication, IC-ICTRuDEv 2018). https://doi.org/10.1109/ICICTR.2018.8706851