Mereview paper

Corat-coret Anto S. Nugroho

Catatan dari kuliah Research Methodology, yg saya sampaikan di Jur.IT-SGU, 23 September 2008

Hal-hal yang perlu diperhatikan saat melakukan literature review, adalah sbb.

  1. Jangan pernah percaya bahwa sebuah paper itu perfect. Nasehat yang sering diberikan: terhadap data yang disajikan, mungkin bisa saja 70% anda percaya, tetapi untuk bagian diskusinya, jangan lebih dari 50%.
  2. Bacalah bagian introduction, dan coba cari informasi berikut:
    1. Objective dari riset yang dilakukan
    2. Mengapa author memilih problem itu ? Sisi manakah yang menarik dan signifikan ?
    3. Dimana letak originality penelitian tsb. ? Apakah penelitian itu mengemukakan satu pendekatan baru terhadap masalah yang sudah ada, ataukah memakai metode yang sudah ada untuk memecahkan satu aplikasi baru yang menarik, ataukah baik pendekatan maupun aplikasinya semua baru ?
    4. Masalah apakah yang ingin dijawab oleh author ? (problem formulation)
  3. Bacalah bagian diskusi, dan coba cari informasi berikut:
    1. Solusi apakah yang dipakai oleh author untuk menjawab pertanyaan riset di atas ?
    2. Bagaimana…

Lihat pos aslinya 150 kata lagi


Smart Cards – Contact vs. Contactless

Tx Systems

The term smart card is used frequently to describe many different types of cards in the marketplace. In recent years it has become a blanket term used to describe literally thousands of cards made by dozens of card manufacturers. If you are ever tasked with finding a smart card solution, the first and most important aspect of information that you need to attain is the type of smart card you need to find. Smart cards are divided into two main categories: Contact and Contactless Smart Cards

Contact Smart Cards

Image Image by Smart Card Alliance

Contact smart cards are identified by a gold or silver chip that is visible on the card body. Much like a computer, this chip contains its own operating system, profile and card file structure that varies from application to application. These cards are named contact due to the fact that they physically need to be inserted…

Lihat pos aslinya 175 kata lagi

How to Increase Security in Active Directory Federation Services using Two Factor Authentication

Tx Systems


Active Directory Federation Services (ADFS) is a Windows service that allows for single sign on to many applications. This solves a unique problem in enterprise business as the number of accounts and credentials employees use daily increases. During a given morning, I myself log into Salesforce, Gmail, Dropbox, Outlook, WordPress and many other accounts that allow me to do my job effectively. ADFS saves users from having to remember or write down 50 different credentials and ties all of these logon credentials to a single Windows Active Directory credential. From a user perspective, this is great. Now I only need to login once, and ADFS will automatically log me into every account that I wish.

While ADFS is great as a convenience tool, it actually makes companies more vulnerable to security risks. As we discussed in a previous blog, usernames and passwords are not secure. They can be lost…

Lihat pos aslinya 349 kata lagi

CyberSecurity for Healthcare and Electronic Prescriptions of Controlled Substances

Tx Systems

Cyber security has become a top concern for organizations worldwide, recently highlighted by the WannaCry ransomware that crippled hospitals, universities and businesses. Since a multitude of powerful Windows hacking tools have been released on the dark web, experts fear more impending cyber attacks and data breaches. The best way to prevent suffering from cyber attacks and compromising electronic health records is to have a robust 2-factor authentication system in place utilizing Public Key Infrastructure (PKI).  PKI serves your organization through secure Windows Logon, VPN/remote authentication, email encryption and digitally signing documents.

Hospitals and healthcare providers should have 2-factor authentication implemented to comply with the HIPAA mandate for electronic protected healthcare information.  2-Factor Authentication is the proven method to secure devices, electronic health records (eHR) and medical systems. 2 factor authentication is not only mandated for HIPAA but also for practitioners and pharmacies issuing electronic prescriptions for controlled substances (EPCS). According…

Lihat pos aslinya 158 kata lagi

RSA cryptography in PHP (How To?)

bckurera's thoughts

Being security is one of the utmost considerations in current web site/ application development process, I am sure you have spent a lot of time writing codes to handle encryption in your applications.

In this article I am trying to present one of my favorite ways to solve this issue, the RSA encryption/ decryption handling in your PHP development.

This is quite straight forward as I am using PHPSecLib package. I was using openSSL library for PHP for few years and recently started dealing with this package. It is pretty cool implementation so I started loving it.

First of all you need to get the package, it is available to download[1] and it comes with MIT license[2], GPL compatible[3].

If your intention is to use PHPSecLib only for RSA encryption and decryption I suggest including only two directories which are Crypt and Math in your production environment.

First step towards…

Lihat pos aslinya 198 kata lagi

Filtering statements with MySQL proxy

Assorted Techie Stuff

For some time I have wondered just how secure publicly accessible systems can be made when it is reported so often that something new has been compromised. This post certainly is not intended to address such a mammoth security topic but instead to delve into a particular crevice.

The crevice of choice here is the database server and in particular MySQL / SQL injection. I am also not going to cover in this post the subject of setting user permissions, though it is exceptionally important and from experience rarely done. This post is intended to detail how to control access to MySQL that MySQL does not offer. What I mean is that there are certain restrictions you may want to apply that MySQL can not impose, for example disallowing use of particular SQL statements or querying particular tables.

These extra restrictions are not so necessary if the system architecture is…

Lihat pos aslinya 542 kata lagi

Mysql-proxy installation and filter “SHOW TABLES”

AI Rumman - with the Databases

What is Mysql-proxy?
MYSQL Proxy is a simple program that sits between the client and MySQL server(s) that can monitor, analyze or transform their communication. Its flexibility allows for unlimited uses; common ones include:
• load balancing
• failover
• query analysis
• query filtering and modification
• … and many more

Reason for mysql-proxy installation

I have been maintaining a 150 GB Mysql 5.1 Community Version Database with 1300000 tables. The database consists of all MYISAM tables. So, whenever a “SHOW TABLES” command is executed in the Database the server gets halt. As Mysql 5.1 has no privilege for SHOW TABLES, I used mysql-proxy between the web server and DB server.
Download required software
I downloaded mysql-proxy binary distribution for “Linux – Generic” from as my server’s operating was Centos 5.
LUA is a scripting language which is required for mysql-proxy scripting. I downloaded the following lua rpms…

Lihat pos aslinya 735 kata lagi