期刊名称:International Journal of Electrical and Computer Engineering
电子版ISSN:2088-8708
出版年度:2020
卷号:10
期号:1
页码:346-352
DOI:10.11591/ijece.v10i1.pp346-352
出版社:Institute of Advanced Engineering and Science (IAES)
摘要:Electronic Integrated Antenatal Care (e-iANC) was built as a web-based application to assist midwives in recording Antenatal Care (ANC) data including Patient Registration; Anamnesis; Physical Examination; Laboratory Test, Screening of Risk Pregnancy; Communication, Information and Education; Treatment and follow-up; Patient Disposition. To ensure e-iANC becomes a safe system, security system testing was needed. Our goals were to test the security system by using the Open Web Application Security Project (OWASP). It was conducted in computer laboratory at Universitas Esa Unggul Jakarta in August 2017. The OWASP detect include Injection, Broken Authentication and Session Management, Cross-Site Scripting (XSS), Insecure Direct Object References, Security Misconfiguration, Sensitive Data Exposure, Missing Level Access Control, Cross Site Request Forgery (CSRF), Using Known Vulnerable Components, Unvalidated Redirects and Forwards. The results indicated the risk level of e-iANC was the low category in the aspect of Cross-Domain JavaScript Source File Inclusion, Private IP Disclosure, XSS Protection Not Enabled Web Browser.
