Yohanes, Emmanuel Maximus (2021) Pengembangan Fitur Multi-factor Authentication untuk Login Melalui Pihak Ketiga pada Aplikasi Web Blibli.com. Project Report. [s.n.], [s.l.]. (Unpublished)
![[thumbnail of 05111840000102-Project_Report.pdf]](http://repository.its.ac.id/style/images/fileicons/text.png) |
Text
05111840000102-Project_Report.pdf - Accepted Version Restricted to Repository staff only Download (2MB) | Request a copy |
Abstract
Proses login pada situs web Blibli.com dapat melalui dua cara, yaitu login konvensional dan login menggunakan layanan pihak ketiga seperti Google, Facebook, dan Apple. Pada kasus login melalui pihak ketiga, terdapat beberapa konsiderasi yang harus dipertimbangkan tentang keamanan. Yakni, bagaimana cara memastikan bahwa pengguna yang melalukan login melalui pihak ketiga, menggunakan akun pihak ketiga miliknya sendiri.
Solusi yang dibawakan untuk permasalahan ini yaitu multifactor authentication. Seorang pengguna yang ingin melakukan login melalui layanan pihak ketiga akan diberikan langkah otorisasi kedua sebelum berhasil login. Langkah ini dapat berupa kode sekali pakai (onetime password) yang dikirim melalui SMS atau email.
Dengan adanya fitur tambahan ini, apabila terdapat akun pihak ketiga yang terkompromi, akun Blibli.com pemilik akun pihak ketiga tersebut tidak ikut terkompromi juga. Akhir kata, fitur multifactor authentication untuk login melalui pihak ketiga ini diimplementasikan pada antarmuka Blibli.com yang sudah berjalan. Sehingga, perlu untuk mengikuti teknologi yang sudah ada untuk tidak merusak sistem yang ada.
=====================================================================================================
There are two possible login processes in the Blibli.com website, conventional login and login by third party services such as Google, Facebook, and Apple. For the latter process, there is a security consideration to be wary of, which is how we can make sure that the user logging in by third party services are using their own accounts, and not someone else's hijacked account.
A solution proposed for this issue is by implementing multi-factor authentication. A user who logs into the website will be given extra authorization steps before logging in successfully. This extra step can be in the form of one-time passwords which are sent via SMS or e-mail.
With this security feature, in a situation where there are compromised third party accounts, the Blibli.com account associated with the third party service will not be compromised as well. In conclusion, the multi-factor authentication feature to log in by third party services is implemented on the existing Blibli.com website interface. Thus, extra care needs to be taken to make sure the technology used is compatible with the existing website.
| Item Type: | Monograph (Project Report) |
|---|---|
| Uncontrolled Keywords: | Blibli.com, Multi-factor Authentication, Login dengan Pihak Ketiga, Login by Third Party |
| Subjects: | Q Science > QA Mathematics > QA76.76.A63 Application program interfaces Q Science > QA Mathematics > QA76.76.A65 Application software. Enterprise application integration (Computer systems) T Technology > T Technology (General) > T58.5 Information technology. IT--Auditing |
| Divisions: | Faculty of Intelligent Electrical and Informatics Technology (ELECTICS) > Informatics Engineering > 55201-(S1) Undergraduate Thesis |
| Depositing User: | Emmanuel Maximus Yohanes |
| Date Deposited: | 09 Dec 2021 02:10 |
| Last Modified: | 09 Apr 2023 21:24 |
| URI: | http://repository.its.ac.id/id/eprint/92083 |
Actions (login required)
 |
View Item |