Software Security Hardening Pada Virtual Private Server Berdasarkan NIST SP 800-123 di Universitas XYZ

Abstract

The current level of technological development is very rapid. The most prominent example is the use of websites in industry and government environments. The website provides convenience in supporting ongoing business processes and can assist work in solving problems that occur in an organization. In using the website, of course, a server is needed to process data requests or provide information to users. The XYZ Faculty at XYZ University has a virtualxyz server which contains a website that is used to support academic and administrative activities. However, the development of technology will of course be accompanied by the development of vulnerabilities or attacks against these applications. Therefore, on the virtualxyz server, it is necessary to carry out a Security Hardening process based on the National Institute of Standards and Technology (NIST) Special Publication 800-123. This is done because the virtualxyz server has never done a security check based on certain standards on the server software. The purpose of this research is to analyze the security of the virtualxyz software server to minimize attacks that occur. The results of this study can be used as a reference to strengthen the security of the server software on the virtualxyz server. The results obtained from the analysis on the server software based on NIST SP 800-123 found 6 procedures that have not been implemented on the virtualxyz server.