Analisis Keamanan Sistem Informasi Tokopedia Menggunakan Pendekatan CIA Triad dan Risk Assessment

Authors

  • Aditya Saputra Darmawan Universitas Amikom Purwokerto
  • Fadila Nur Syifa Universitas Amikom Purwokerto
  • Akbar Priyanto Universitas Amikom Purwokerto
  • Gustin Setyaningsih Universitas Amikom Purwokerto

DOI:

https://doi.org/10.61132/uranus.v4i2.1652

Keywords:

CIA Triad, E-Commerce, Information System Security, Risk Assessment, Tokopedia

Abstract

Information system security plays an important role in maintaining the confidentiality, integrity, and availability of data in e-commerce platforms. Tokopedia, as one of the largest e-commerce platforms in Indonesia, manages a large amount of user data and faces various cybersecurity threats such as data breaches, phishing attacks, account theft, and service disruptions. This study aims to analyze Tokopedia's information system security using the CIA Triad and Risk Assessment approaches. The research employed a qualitative descriptive method through a literature review of scientific journals, research articles, and related documents. The results indicate that the Confidentiality aspect is the most vulnerable due to previous user data breach incidents. In terms of Integrity, potential threats include unauthorized data modification, while Availability is exposed to risks such as DDoS attacks and infrastructure failures. The Risk Assessment results show that data breaches, account theft, and phishing are the highest-priority risks. The study concludes that implementing multi-factor authentication, data encryption, periodic security audits, and user awareness programs can improve information system security in e-commerce platforms.

References

Andri, D. P. S., & Rahmaniar. (2026). A systematic review of security challenges in distributed cloud computing based on the CIA triad. Journal of Applied Computer Science and Software Engineering, 3(1), 112–125. https://doi.org/10.31284/j.jacsee.2026.v3i1.4012

Ardius, E., & Syamsuar, D. (2023). Assessment risk terhadap penggunaan sistem informasi akademik Universitas EA menggunakan metode ISO 27001. Jurnal Teknologi Informasi, 15(1), 85–94. https://doi.org/10.32767/jti.v15i1.1948

Ayu, S. S., & Nasution, M. I. P. (2023). Analisis kebocoran data privacy pada e-commerce Tokopedia. JUEB: Jurnal Ekonomi dan Bisnis, 2(3), 21–24. https://doi.org/10.57218/jueb.v2i3.716

Easttom, C. (2022). Computer security fundamentals (5th ed.). Pearson.

Faza, M. A., & Suroso, J. S. (2021). Analisis risiko keamanan informasi pada sistem e-commerce menggunakan metode OCTAVE Allegro. Jurnal Sistem Informasi dan Teknologi Informasi, 10(2), 143–154. https://doi.org/10.36774/jsiti.v10i2.812

Harahap, A. H., et al. (2023). Pentingnya peranan CIA triad dalam keamanan informasi dan data untuk pemangku kepentingan atau stakeholder. Jurnal Manajemen dan Pemasaran Digital, 1(2), 73–83. https://doi.org/10.58230/jmpd.v1i2.34

Hasan, M. A., & Astuti, P. (2022). Evaluasi manajemen risiko keamanan informasi e-commerce menggunakan framework NIST SP 800-30. Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi), 6(4), 589–597. https://doi.org/10.29207/resti.v6i4.4105

Kim, D., & Solomon, M. G. (2022). Fundamentals of information systems security (4th ed.). Jones & Bartlett Learning.

Newhouse, W. (2019). Multifactor authentication for e-commerce (NIST Special Publication 1800-17). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.1800-17

Nugraha, R. A., & Ramadhani, S. (2021). Dampak kebocoran data konsumen e-commerce terhadap reputasi perusahaan digital di Indonesia. Jurnal Studi Komunikasi dan Media, 25(2), 165–178. https://doi.org/10.31445/jskm.2021.4302

Pradana, A. W., & Saputra, R. (2022). Analisis serangan distributed denial of service (DDoS) pada infrastruktur aplikasi e-commerce. Jurnal Tekno Kompak, 16(1), 34–45. https://doi.org/10.33365/jtk.v16i1.1510

Putra, Y. M., & Setiawan, A. (2023). Penerapan konsep CIA triad dalam mengukur tingkat keamanan transaksi online di marketplace nasional. Jurnal Edukasi dan Penelitian Informatika, 9(1), 56–64. https://doi.org/10.26418/justin.v9i1.52103

Qadir, S., & Quadri, S. M. K. (2016). Information availability: An insight into the most important attribute of information security. Journal of Information Security, 7(3), 185–194. https://doi.org/10.4236/jis.2016.73014

Ramadhani, N., & Nasution, M. I. P. (2024). Tantangan dan solusi keamanan siber dalam transaksi e-commerce. Jurnal Penelitian Sistem Informasi, 2(2). https://doi.org/10.54066/jpsi.v2i2.1930

Stallings, W. (2021). Computer security: Principles and practice (5th ed.). Pearson.

Sugiyono. (2022). Metode penelitian kualitatif: Untuk penelitian yang bersifat eksploratif, interpretif, interaktif, dan konstruktif. Alfabeta.

Suharsono, T. N., Choi, J., Agusiady, R. R., Saepudin, D., Sukadwilinda, Purwanto, H., Savitri, P., & Munastha, K. A. (2025). A CIA-based sustainable security risk mitigation model for e-certificate systems. Advance Sustainable Science, Engineering and Technology, 8(3). https://doi.org/10.26877/asset.v8i3.2912

Wardani, K. S., & Wijaya, A. (2024). Analisis efektivitas multi-factor authentication (MFA) dalam mencegah ancaman phishing pada akun pengguna marketplace. Jurnal Cyber Security dan Forensik Digital, 7(2), 89–98. https://doi.org/10.21512/jcsfd.v7i2.9234

Whitman, M. E., & Mattord, H. J. (2022). Principles of information security (7th ed.). Cengage Learning.

Yin, L., Fang, B., Guo, Y., Sun, Z., & Tian, Z. (2020). Hierarchically defining Internet of Things security: From CIA to CACA. International Journal of Distributed Sensor Networks, 16(1). https://doi.org/10.1177/1550147719899374

Downloads

Published

2026-06-29

How to Cite

Aditya Saputra Darmawan, Fadila Nur Syifa, Akbar Priyanto, & Gustin Setyaningsih. (2026). Analisis Keamanan Sistem Informasi Tokopedia Menggunakan Pendekatan CIA Triad dan Risk Assessment. Uranus: Jurnal Ilmiah Teknik Elektro, Sains Dan Informatika, 4(2), 17–33. https://doi.org/10.61132/uranus.v4i2.1652

Similar Articles

1 2 3 4 5 6 7 8 9 > >> 

You may also start an advanced similarity search for this article.