Implementation of role-based access control, multi tenancy and audit logging in a single sign-on system

Authors

  • Putranta Aswintama Universitas Janabadra, Indonesia
  • Eri Haryanto Universitas Janabadra, Indonesia
  • Ryan Ari Setyawan Universitas Janabadra, Indonesia

DOI:

https://doi.org/10.35335/mandiri.v14i1.441

Keywords:

Audit Logging, JWT, Laravel, Role-Based Access Control, Single Sign-On

Abstract

As enterprises increasingly require centralized, secure, and efficient authentication mechanisms, Single Sign-On (SSO) has emerged as a strategic approach to managing user access. This study discusses the implementation of an SSO system based on Laravel Livewire with support from JSON Web Token (JWT) and OAuth, developed for PT Radiator Springs Indonesia. The system integrates three main components: Role-Based Access Control (RBAC) for access rights management, a Multi-Tenancy architecture for separating users across organizational units, and Audit Logging to track user activities. The analysis shows significant improvements in security, with 87.5% fewer unauthorized access attempts and enhanced user management efficiency, evidenced by a 71.43% reduction in time to onboard new users. Additionally, the system generates over 300+ audit log entries per day, improving monitoring and compliance capabilities.

References

Adewale, T. (2024). Identity-Centric Security in Cloud Computing: Safeguarding Workloads with Robust Access Controls. https://www.researchgate.net/publication/389546976

Akhtar, A., Bakhtawar, B., & Akhtar, S. (n.d.). EXTREME PROGRAMMING VS SCRUM: A COMPARISON OF AGILE MODELS. International Journal of Technology, Innovation and Management (IJTIM), 2, 2022. https://doi.org/10.54489/ijtim.v2i1.77

AlMaqousi, A. (2024, August). Enhancing Security in Remote Laboratory Environments: A Layered Approach. Proceedings of the 6th International Conference on Statistics: Theory and Applications. https://doi.org/10.11159/icsta24.164

Altulaihan, E. A., Alismail, A., & Frikha, M. (2023). A Survey on Web Application Penetration Testing. In Electronics (Switzerland) (Vol. 12, Issue 5). MDPI. https://doi.org/10.3390/electronics12051229

Barbeau, M., Cuppens, F., Cuppens, N., Dagnas, R., & Garcia-Alfaro, J. (2021). Resilience Estimation of Cyber-Physical Systems via Quantitative Metrics. IEEE Access, 9, 46462–46475. https://doi.org/10.1109/ACCESS.2021.3066108

Chatterjee, S. (2022). Integrating Identity and Access Management for Critical Infrastructure: Ensuring Compliance and Security in Utility Systems. Research Gate, 8(2). https://doi.org/10.5281/zenodo.14540999

Dimitrijević, N., Zdravković, N., Bogdanović, M., & Mesterovic, A. (2024). Advanced Security Mechanisms in the Spring Framework: JWT, OAuth, LDAP and Keycloak. http://ceur-ws.org

Dona, R., & Ciuffo, B. (2022). Virtual Testing of Automated Driving Systems. A Survey on Validation Methods. IEEE Access, 10, 24349–24367. https://doi.org/10.1109/ACCESS.2022.3153722

Fareed, M., & Yassin, A. A. (2022). Privacy-preserving multi-factor authentication and role-based access control scheme for the E-healthcare system. Bulletin of Electrical Engineering and Informatics, 11(4), 2131–2141. https://doi.org/10.11591/eei.v11i4.3658

Farhadighalati, N., Estrada-Jimenez, L. A., Nikghadam-Hojjati, S., & Barata, J. (2025). A Systematic Review of Access Control Models: Background, Existing Research, and Challenges. In IEEE Access (Vols. 13, 2025, pp. 17777–17806). Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/ACCESS.2025.3533145

Fernandes, G. V. O., Costa, B. M. G. N., Trindade, H. F., Castilho, R. M., & Fernandes, J. C. H. (2022). Comparative analysis between extra-short implants (≤6 mm) and 6 mm-longer implants: a meta-analysis of randomized controlled trial. In Australian Dental Journal (Vol. 67, Issue 3, pp. 194–211). John Wiley and Sons Inc. https://doi.org/10.1111/adj.12900

Fugkeaw, S., Rattagool, S., Jiangthiranan, P., & Pholwiset, P. (2024). FPRESSO: Fast and Privacy-Preserving SSO Authentication with Dynamic Load Balancing for Multi-Cloud-based Web Applications. IEEE Access, 12, 157888–157900. https://doi.org/10.1109/ACCESS.2024.3485996

Ghadge, N. (2024). Optimizing Identity Management: Key Strategies for Effective Governance and Administration. International Journal of Security, Privacy and Trust Management, 13(3), 01–11. https://doi.org/10.5121/ijsptm.2024.13301

Hron, M., & Obwegeser, N. (2022). Why and how is Scrum being adapted in practice: A systematic review. Journal of Systems and Software, 183. https://doi.org/10.1016/j.jss.2021.111110

MARTIN, A. Q. B., AUVARIQUE, N. T., FIDÈLE, T., & NKENLIFACK, M. J. (2022). Continuous Single-Sign-On (CSSO) method for authentication and authorization in microservices architectures. In Research Square. https://doi.org/10.21203/rs.3.rs-1579462/v1

Nyembe, F. H., van der Poll, J. A., & Lotriet, H. H. (2023). Formal Methods for an Agile Scrum Software Development Methodology. Proceedings of the International Conference on Advanced Technologies. https://doi.org/10.58190/icat.2023.35

Ody, E., Straube, B., He, Y., & Kircher, T. (2023). Perception of self-generated and externally-generated visual stimuli: Evidence from EEG and behavior. Psychophysiology, 60(8). https://doi.org/10.1111/psyp.14295

Olabanji, D., Fitch, T., & Matthew, O. (2023). Multi-tenancy in Cloud-native Architecture: A Systematic Mapping Study. WSEAS TRANSACTIONS ON COMPUTERS, 22, 25–43. https://doi.org/10.37394/23205.2023.22.4

Owen, A., Oye, E., & Owen, A. (2022). User Access Control Strategies in Enterprise Content Management Systems. https://www.researchgate.net/publication/390232582

Putu, N., Ananda, T., Gusti, I., Pramesti, A., Putri, D., & Kusuma, N. (2025). Analysis and Design of Web-Based Inventory Receipt and Management Information Systems at Heycaps.Co Stores Using the Prototype Method. In Jurnal Sistem Informasi dan Ilmu Komputer Prima (JUSIKOMP) (Vol. 8, Issue 2).

PYROH, M., TERESHCHUK, G., & TOROSHANKO, O. (2025). AUTHENTICATION PRINCIPLES AS SECURITY ASPECTS OF WEB DEVELOPMENT. MEASURING AND COMPUTING DEVICES IN TECHNOLOGICAL PROCESSES, 1, 294–301. https://doi.org/10.31891/2219-9365-2025-81-36

Vasudevan, A. (2023). Master’s Programme in Security and Cloud Computing Formal Analysis and Verification of OAuth 2.0 in SSO Modelling and Verification using PSPSP in Isabelle/HOL, and OFMC.

Yu, L., Ma, S., Zhang, Z., Tao, G., Zhang, X., Xu, D., Urias, V. E., Lin, H. W., Ciocarlie, G., Yegneswaran, V., & Gehani, A. (2021). ALchemist: Fusing Application and Audit Logs for Precise Attack Provenance without Instrumentation. 28th Annual Network and Distributed System Security Symposium, NDSS 2021. https://doi.org/10.14722/ndss.2021.24445

Yussuff, A. I. O., Goke, A., Folorunsho, H. B., & Adedoyin, M. A. (2024). Development of Integrated Web-Based Continuous Assessment Management System. UNIOSUN Journal of Engineering and Environmental Sciences, 6(2). https://doi.org/10.36108/ujees/4202.60.0221

Zhang, Y., & Pan, F. (2022). Design and Implementation of a New Intelligent Warehouse Management System Based on MySQL Database Technology. Informatica (Slovenia), 46(3), 355–364. https://doi.org/10.31449/inf.v46i3.3968

Downloads

Published

2025-07-21

How to Cite

Aswintama, P., Haryanto, E., & Setyawan, R. A. (2025). Implementation of role-based access control, multi tenancy and audit logging in a single sign-on system. Jurnal Mandiri IT, 14(1), 119–128. https://doi.org/10.35335/mandiri.v14i1.441

Issue

Vol. 14 No. 1 (2025): July: Computer Science and Field.

Section

Articles

License

Copyright (c) 2025 Putranta Aswintama, Eri Haryanto, Ryan Ari Setyawan

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.