Abstracted and indexed in:
Future:
This paper presents the research to develop the digital certificate's level of assurance. The level of assurance (LoA) in this paper is a level of assurance which reflects the authenticity degree of digital certificate's ownership. This LoA has a three-level, which define in four LoA standards such as ISO 29115: 2013, NIST SP 800-63-3, STORK, and KANTARA. From the previous researches and initial interview with digital certificate provider from Indonesia Government, this research concludes that information sensitivity measurement should be assessed to select the appropriate LoA. The related works and standards so far were not given any solution to this problem. This paper tries to solve it by offering LoA and its determination guidance model. This solution is achieved by synthesizing the four LoA along with information value and sensitivity measurement, which indicators determined by prioritization with the analytical hierarchy process (AHP). The proposed model-simulated and discussed so the information sensitivity measurement might assist in getting the suitable LoA level of the sensitive information been protected by a digital certificate.
Nikson Badua Putra
Government CSIRT,
Badan Siber dan Sandi Negara
Jakarta, Indonesia
Arry Akhmad Arman
Sekolah Teknik Elektro dan Informatika,
Institut Teknologi Bandung
Bandung, Indonesia