SECURITY ASSEMENT ON ACADEMIC INFORMATION SYSTEM AND ARCHITECTURE DEVELOPMENT USING WEB SERVICE AT UNIVERISTY AL AZHAR INDONESIA

Pesan Sponsor Kami

LETTER OF ENDORSEMENT

Thesis Title : SECURITY ASSESSMENT ON ACADEMIC INFORMATION SYSTEM AND ARCHITECTURE DEVELOPMENT USING WEB SERVICE AT UNIVERSITY AL AZHAR INDONESIA
Name : Marion Renaldo Rotensulu
NIM : 0103505009
Major : Electrical Engineering
Date : 18th April 2009

Is approved and accepted as a proposal for thesis in Electrical Engineering in University Al Azhar Indonesia.

Thesis Advisor

(Dr. Ade Jamal)

Head of Electrical Engineering Department

(Dr. Ary Syahriar, DIC)

1. Background
University Al Azhar Indonesia has implemented Academic Information System (SIA), which consists of modules such as, Study Plan Card, Time Table, and Study Result Card. The existing SIA has been developed based on client-server system, which make the existing system is rigil to be improved and extended.

In order to improve the client-server system to the multi tier system, it is compulsory to plan a new architecture. Furthermore the security of the system is important that have to give more attention because the current architecture is unreliable in security if the system is going to migrate to the multi tier system.

The objective is to improve quality of information service and reliability of the system to keep the validity of data when the migration occurred. Furthermore, to improve in accessibility and adaptability of future change.

In Network security planning, it is compulsory for the architect to conduct a trade-off between user comfortability and the level of the security asked. The solution architecture approach for decrease the gap between comfortability is always equal with the reverse of security [SAP00].

The new architecture, that will be implemented in University Al Azhar Indonesia using Web Services as the “middleware” of the data exchange. Furthermore, this system has to be able to keep the validity of data and the security of central database and the security while transaction.

2. Problem Statement
Based on the background which we have mentioned above, there are some problems that will be discussed in this thesis. The main problem is how the academic information system in University Al Azhar Indonesia can have wide range of access(at Cell phone, Web, Desktop Application, etc), easy to expand, while the data security is kept. This problem can be specified into 3 specific problems:
2.1. How to improve the current SIA of University Al Azhar Indonesia?
2.2. What is the security planning of the new architecture of SIA?
2.3. How to implement the new architecture in the running current system?

3. Objectives
The objective of this thesis is to produce a new architecture which able to guarantee the security of transaction and easy to expand in future.

4. Scope
These are the boundaries that going to be the guidelines in this thesis:
4.1. Network Design and Securing Data Technique while transaction that going to be implemented in SIAK.
4.2. The development of Library web services will server for study final result information only.

5. Writing Systemacy
The systemacy of writing this thesis is going to be as follows:
• Chapter I: Background
Consist of problem background, problem statement, research objective, and writing systemacy.

• Chapter II: Principles
Consist of principles that support the development of new architecture of SIAK of University Al Azhar Indonesia, involve OSI Layer, Web Service as the protocol that going to be used and the System Security in Internetwork.

• Chapter III: Analysis and Design
Consist of analysis and design of the architecture of SIAK that able to guarantee the security of data while transaction.

Analysis involve the general system description, architecture of academic information system that being developed, academic information system requirements analysis, library requirements and system protocol analysis, and analysis of the security that going to be implemented. Result of the analysis will be used as the resources for designing the new architecture of SIAK.

Analysis and design of the system is going to be use object oriented method with Unified Modelling Language (UML) tool.

• Chapter IV: Implementation and Testing
This chapter will talk all about the implementation and testing of the software that produced based on the analysis and design from the chapter III.

• Chapter V: Conclusion and Future Work
Consist of the conclusion of the thesis and the future work that has to be learn and develop based on the implementation of this thesis.

6. Research Methodology :
1. Literature Study: Read and Learn all information resource (textbook, journal, paper, article, etc) had correlated with Web Service and SIA Development.
2. Analyze the standard communiacation protocol where used by web services for SIA.
3. Produce the new architecture of SIA that have the wide range accessibility.
4. Plan the security system of SIA that can guarantee the security of transaction.
5. Implement the new architecture in current running SIA.
6. Test and debug the new architecture.

7. Reference :
[CAS02]Castello, Roger L. 2002. REST (Representational State Transfer) http://www.xlfront.com/REST.ppt

[IWA02] Iwan Pahendra Anto Saputra.2002.Keamanan Data Dalam Data Warehouse(Penggunaan Standar Keamanan Berlapis).Institut Teknologi Bandung.

[LUC08] Lucky.2008.XML Web Service Aplikasi Desktop, Internet & Hanpdhone. Jasokom:Jakarta.

[PRES02]Prescod, Paul.2002. Second Generation of Web Service. http://www.xml.com/pub/a/2002/02/06/rest.html

[ROY02] Roy T. Fielding dan Richard N. Taylor. 2002. Principled Design of the Moder Web Architecture. ACM Transactions on Internte Technology : New York.

[STA04] William Stallings.2008.Data and Computer Communications. Prentice Hall:New Jersey.

[SUR08] Suryo Pranoto Utomo.2008.Sliding Window Algorithm. http://pranotoutomo.wordpress.com/2008/07/30/sliding-window-algorithm/.

[TAN02] Andrew S. Tannembaum.2002.Distributed System Principal and Paradigms.Prentice Hall:New Jersey.

8. Work Schedule