Article Per Year (5 Year)
p-Index From 2021 - 2026
0.408
P-Index
This Author published in this journals
All Journal Journal of Applied Information, Communication and Technology Eduvest - Journal of Universal Studies
Lim, Charles
Unknown Affiliation
Aerospace Engineering Computer Science & IT Health Professions Neuroscience Social Sciences

Published : 3 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 3 Documents
Search

 1 
Development of API Middleware and Mobile Application for a Job marketplace by Using RESTful API and Mobile Development Framework Wahyudi, Evan Tirta; Erwin, Alva; Lim, Charles
Journal of Applied Information, Communication and Technology Vol. 7 No. 2 (2020)
Publisher : Swiss German University

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.33555/jaict.v7i2.110

Abstract

The research is conducted based on the nationwide goals of Indonesia proposed in the Nawacita document, where one of the big goals is to improve the human resource greatly. Providing a good medium such as a job marketplace can be part of improving the human resource. Since most of Indonesian citizen nowadays has easy access to internet, which can ease their way of using a job marketplace application. Creating a job marketplace application may minimize a number of unemployment in Indonesia. Addition to that, through a focus group discussion, it has been discovered that respondents find job marketplace such as JobStreet and Indeed jobs does not satisfy respondents’ UI and UX view towards the application. The objective of this research is to create a job marketplace mobile application that is useful and easy to use for users. The prototype mobile application is developed using react native, and a middleware that is developed using Express JS is made alongside to bridge data to the mobile application. To assess the prototype mobile application, two evaluation method is used which is User Experience Questionnaire (UEQ) and Questionnaire User Interface Satisfaction (QUIS). 6 respondents were allowed to examine prototype application, and answer the questionnaire. The result of the evaluation both shows positive results from both questionnaires.
Kubernetes Risk Management: A Framework to Assess Kubernetes Security Risk in Bank XYZ Deddy Irawan, Harta; Lim, Charles; A Soetomo, Mohammad
Eduvest - Journal of Universal Studies Vol. 5 No. 10 (2025): Eduvest - Journal of Universal Studies
Publisher : Green Publisher Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.59188/eduvest.v5i10.52071

Abstract

This study aims to design and implement a Kubernetes Risk Management Framework (Kube-RMF) tailored to Bank XYZ’s digital banking environment in compliance with Indonesian financial regulations. Using a qualitative descriptive method, the research integrates industry best practices such as CIS Kubernetes Benchmarks, OWASP Kubernetes Top 10, and NIST SP 800-190 with the requirements of POJK 11/POJK.03/2022. Data collection was conducted through document analysis, in-depth interviews with IT security, DevOps, and compliance teams, and technical vulnerability scanning using tools like Trivy and kube-bench. Risks were identified and assessed by mapping threats and vulnerabilities to Kubernetes assets, defining Key Risk Indicators (KRIs), and applying scenario analysis based on ISACA’s Risk IT Framework. A gap analysis compared current practices to the designed Kube-RMF, followed by a pilot implementation on AWS EKS to evaluate effectiveness. Results show that misconfigurations are the most prevalent security risk, followed by exposed APIs, insufficient access control, and unscanned container images with critical vulnerabilities. Implementation of Kube-RMF reduced high-risk vulnerabilities, improved compliance readiness, and shortened detection time from weeks to hours. Embedding security into CI/CD pipelines also enhanced collaboration across teams without slowing development cycles. Despite challenges such as change resistance, skill gaps, and limited monitoring resources, Kube-RMF effectively bridges regulatory compliance and operational needs, strengthening resilience against evolving cloud-based cyber threats.
Contract Testing: A Framework for Security Evaluation in gRPC Basri, Muhamad Zaenul Hasan; Lim, Charles; Silaen, Kalpin Erlangga
Eduvest - Journal of Universal Studies Vol. 5 No. 10 (2025): Eduvest - Journal of Universal Studies
Publisher : Green Publisher Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.59188/eduvest.v5i10.52074

Abstract

The growth of APIs, including SOAP, REST, and gRPC, has made security a critical priority, with incidents such as those in the 2023 Paloalto report highlighting the financial losses resulting from API breaches. While existing tools focus on REST APIs, gRPC remains underserved, requiring time-consuming manual testing. This research aims to address this gap by proposing a security testing framework tailored to gRPC, integrating automated methods that DevSecOps can use to improve efficiency. gRPC, built on HTTP/2, uses a binary message format and client stubs generated from proto files, creating unique challenges for testing. The methodology involves extracting payloads, generating stubs from proto files, creating test cases, and executing automated tests for vulnerabilities such as SQL Injection and XSS. By analyzing gRPC components and adapting common API security practices, the framework identifies vulnerabilities, streamlines testing, and reduces manual effort. It automates processes such as payload generation and stub generation, enabling faster and more reliable testing compared to traditional methods. Results demonstrate that GSTF reduces testing time by 99% compared to manual methods while maintaining comprehensive coverage. Although some false positives were noted, the framework effectively identifies critical vulnerabilities and integrates seamlessly with DevSecOps pipelines. This approach not only improves testing efficiency by significantly reducing time but also sets a benchmark for secure API development. This study provides a practical solution for enhancing gRPC security, offering significant efficiency gains and establishing a foundation for future advancements in API security automation.
Co-Authors A Soetomo, Mohammad Basri, Muhamad Zaenul Hasan Deddy Irawan, Harta Erwin, Alva Silaen, Kalpin Erlangga Wahyudi, Evan Tirta