Generating the responses
-
Upload
idsecconf -
Category
Technology
-
view
770 -
download
0
description
Transcript of Generating the responses
![Page 1: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/1.jpg)
eBanking: Genera,ng The Responses
by k1m0ch1’s
Denpasar, 16 Oktober 2010
![Page 3: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/3.jpg)
![Page 4: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/4.jpg)
Sesuai Peraturan Bank Indonesia No. 9/15/PBI/2007 tentang penerapan manajemen resiko dalam penggunaan teknologi informasi oleh bank umum, maka diperlukan audit terhadap aplikasi perbankan untuk menjamin keamanan nasabah dalam melakukan kegiatan perbankan.
“Security Token” sebagai pengaman tambahan bagi aplikasi perbankan, terutama bagi aplikasi transaksi finansial.
![Page 5: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/5.jpg)
Menurut wikipedia, bentuk dari Security Token diantaranya adalah :
![Page 6: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/6.jpg)
![Page 7: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/7.jpg)
![Page 8: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/8.jpg)
![Page 9: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/9.jpg)
Prinsip dari Mobile Token
![Page 10: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/10.jpg)
“Two Factor Authentification Security Device”
![Page 11: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/11.jpg)
“Something You Know… Something You Have… Something You Are…”
![Page 12: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/12.jpg)
“Challengen and Response” (C/R) Mode for Authentification
![Page 13: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/13.jpg)
Weak Algorithm Response tidak OTP Easly decompile
![Page 14: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/14.jpg)
Decompile
![Page 15: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/15.jpg)
Alternatif Solusi Pengamanan
![Page 16: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/16.jpg)
Obfuscated Code
![Page 17: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/17.jpg)
Encrypted Jar or Class
Use a tools to encrypt jar file Easier than obfuscated
![Page 18: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/18.jpg)
Parameter Setting pada Server
![Page 19: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/19.jpg)
![Page 20: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/20.jpg)
![Page 21: Generating the responses](https://reader038.fdocuments.net/reader038/viewer/2022103116/558e68731a28ab7c218b47d3/html5/thumbnails/21.jpg)