Digital archiving using AES-256 encryption and role-based access control to strengthen data security at Pusdatin
DOI:
https://doi.org/10.35335/mandiri.v14i3.499Keywords:
AES 256, Data Security, Encryption, Role-Based Access ControlAbstract
The rapid development of digital technology requires organizations, particularly government agencies, to implement robust and reliable data security systems. Data security is critical as the information managed is not only operationally valuable but also strategic and sensitive. The Center for Data and Information (Pusdatin) of the Ministry of Defense of the Republic of Indonesia plays a key role in managing and safeguarding defense-related data used for strategic decision-making. Based on observations and interviews, the existing data security system is considered adequate; however, several technical weaknesses remain, particularly in file management mechanisms and unstructured user access controls, which may lead to risks of data leakage and misuse. Therefore, this study aims to enhance data and file security through the implementation of Advanced Encryption Standard (AES-256) encryption and Role-Based Access Control (RBAC). This research employs the Waterfall method for system development, including analysis, design, implementation, and testing stages. System evaluation is conducted using functional testing and access control validation to assess the effectiveness of the implemented security mechanisms. The results indicate that AES-256 successfully ensures data confidentiality and integrity, while RBAC effectively restricts user access according to predefined roles, thereby reducing unauthorized access risks. The proposed system demonstrates improved data security and management efficiency, supporting a secure, efficient, and sustainable defense information system at Pusdatin
The rapid development of digital technology requires organizations, particularly government agencies, to implement robust and reliable data security systems. Data security is critical as the information managed is not only operationally valuable but also strategic and sensitive. The Center for Data and Information (Pusdatin) of the Ministry of Defense of the Republic of Indonesia plays a key role in managing and safeguarding defense-related data used for strategic decision-making. Based on observations and interviews, the existing data security system is considered adequate; however, several technical weaknesses remain, particularly in file management mechanisms and unstructured user access controls, which may lead to risks of data leakage and misuse. Therefore, this study aims to enhance data and file security through the implementation of Advanced Encryption Standard (AES-256) encryption and Role-Based Access Control (RBAC). This research employs the Waterfall method for system development, including analysis, design, implementation, and testing stages. System evaluation is conducted using functional testing and access control validation to assess the effectiveness of the implemented security mechanisms. The results indicate that AES-256 successfully ensures data confidentiality and integrity, while RBAC effectively restricts user access according to predefined roles, thereby reducing unauthorized access risks. The proposed system demonstrates improved data security and management efficiency, supporting a secure, efficient, and sustainable defense information system at Pusdatin
References
Alvi Sholikhatin, S., Prayogo Kuncoro, A., Lutfia Munawaroh, A., & Gilang Aji Setiawan, dan. (2022). Comparative Study of RSA Asymmetric Algorithm and AES Algorithm for Data Security. Edu Komputika Journal, 9(1), 60–67. http://journal.unnes.ac.id/sju/index.php/edukom
Arenas, L. A., Yactayo-Arias, C., Quispe, S. R., & Sandoval, J. L. (2023). Leveraging Security Modeling and Information Systems Audits to Mitigate Network Vulnerabilities. International Journal of Safety and Security Engineering, 13(4), 763–771. https://doi.org/10.18280/ijsse.130420
Arun Kumar Akuthota. (2025). Role-Based Access Control (RBAC) in Modern Cloud Security Governance: An In-depth Analysis. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 11(2), 3297–3311. https://doi.org/10.32628/cseit25112793
Bumalod, M. C., & Velasco, R. M. A. (2024). Synergistic Information Security Design Implementation based on Role-Based Access Control, Information Classification, and AES Cryptographic Encryption. International Journal in Information Technology in Governance, Education and Business, 6(1), 68–85. https://doi.org/10.32664/ijitgeb.v6i1.136
Fatchur Shofyan, & Rizky Tahara Shita. (2024). Implementasi Web Service Restful API dengan Autentikasi Personal Access Tokens dan Algoritma AES 256. Jurnal Ticom: Technology of Information and Communication, 12(3), 108–114. https://doi.org/10.70309/ticom.v12i3.130
Gagan Akhmad Fauzi, & Alam Rahmatulloh. (2025). Kombinasi AES dan HMAC SHA-256 untuk Pengamanan Parameter URL dari Serangan SQL Injection. Jurnal Informatika Dan Multimedia, 17(1), 46–59. https://doi.org/10.33795/jtim.v17i1.6596
Ganesh, R., Khan, B. U. I., Khan, A. R., & Kamsin, A. Bin. (2025). A panoramic survey of the advanced encryption standard: from architecture to security analysis, key management, real-world applications, and post-quantum challenges. In International Journal of Information Security (Vol. 24, Issue 5). https://doi.org/10.1007/s10207-025-01116-x
Gunjal, M. B., & Sonawane, V. R. (2023). International Journal of INTELLIGENT SYSTEMS AND APPLICATIONS IN ENGINEERING Multi Authority Access Control Mechanism for Role Based Access Control for Data Security in the Cloud Environment. International Journal of Intelligent Systems and Applications in Engineering IJISAE, 2023(2s), 250–264. www.ijisae.org
Hussein, Z. A., & Naser, O. A. (2025). Evaluation of AES-256 encryption and machine learning for securing GSM communications against sniffing attacks. Egyptian Informatics Journal, 32(July), 100832. https://doi.org/10.1016/j.eij.2025.100832
Logrippo, L. (2025). Data flow security in Role-based access control. Journal of Information Security and Applications, 90(April), 103997. https://doi.org/10.1016/j.jisa.2025.103997
Mishra, A., & Alzoubi, Y. I. (2023). Structured software development versus agile software development: a comparative analysis. International Journal of System Assurance Engineering and Management, 14(4), 1504–1522. https://doi.org/10.1007/s13198-023-01958-5
Mushtaq, S., & Shah, M. (2025). Threats to the Digital Ecosystem: Can Information Security Management Frameworks, Guided by Criminological Literature, Effectively Prevent Cybercrime and Protect Public Data? Computers, 14(6). https://doi.org/10.3390/computers14060219
Naimnule, F. A., Hanoe, F. A. L., Banusu, M. N., Mano, M. O., Studi, P., Informasi, T., & Timor, U. (2025). Implementation of AES Encryption for Data Security on Web-Based Information Systems in Fafinesu A Village. Sistem Kendali & Jaringan) E-ISSN, 4(3), 2808–3520. https://doi.org/10.58982/krisnadana.v4i3.836https://ejournal.sidyanusa.org/index.php/jkdn/index
Nasrullah, A. H. (2025). Secure Web-Based File Encryption Using AES-128. Journal of Embedded Systems, Security and Intelligent Systems, 6(2), 146–155. https://doi.org/10.59562/jessi.v6i2.8436
Nirwan, S., Hamidin, D., & Azzalea, S. E. (2024). Implementation of AES-256 Algorithm for Encryption on Chatting Platforms. Internet of Things and Artificial Intelligence Journal, 4(4), 616–624. https://doi.org/10.31763/iota.v4i4.804
Nizamuddin Aulia Kafa, & Dolly Virgian Shaka Yudha Sakti. (2024). Implementasi Kriptografi Berbasis Web dengan Algoritma Advanced Encryption Standard (AES) 256 dan Kompresi Huffman untuk Pengamanan File di SMK Satria. Jurnal Ticom: Technology of Information and Communication, 12(2), 50–55. https://doi.org/10.70309/ticom.v12i2.109
Pandu Cahyo Sukoco, & Afwan Anggara. (2022). Web-Based Payroll Data Security Application Using the AES Cipher Method at the Mangga Dua Store Kebumen. International Journal of Engineering Technology and Natural Sciences, 4(1), 42–51. https://doi.org/10.46923/ijets.v3i2.143
Parekh, S., & Maru, M. J. (2025). AES, DES, and RSA in Data Security: A Review. International Journal of Scientific Research and Engineering Development, 8(5). www.ijsred.com
Patterson, C. M., Nurse, J. R. C., & Franqueira, V. N. L. (2023). Learning from cyber security incidents: A systematic review and future research agenda. Computers and Security, 132. https://doi.org/10.1016/j.cose.2023.103309
Prahasti. (2022). Aplikasi Pelayanan Antrian Pasien Menggunakan Metode FCFS Menggunakan PHP dan MySQL. Jurnal Media Infotama, 18(1), 341139.
Saravanos, A., & Curinga, M. X. (2023). Simulating the Software Development Lifecycle: The Waterfall Model. Applied System Innovation, 6(6). https://doi.org/10.3390/asi6060108
Singh, J., Rani, S., & Kumar, V. (2024). Role-Based Access Control (RBAC) Enabled Secure and Efficient Data Processing Framework for IoT Networks. International Journal of Communication Networks and Information Security (IJCNIS), 16(2). https://doi.org/10.17762/ijcnis.v16i2.6697
Talluri, S., Anne, V. P., & Chadalavada, V. S. (2023). Role-Based Access Control (Rbac) in a Centralized Identity and Access Management (Iam) System. International Journal of …, 4(1), 88–95. https://iaeme.com/Home/editorial_board/IJIT
Ujung, A. M., & Nasution, M. I. P. (2023). Pentingnya Sistem Keamanan Database Untuk Melindungi Data Pribadi. Jurnal Sistem Informasi Dan Informatika, 1(2), 44–47. https://doi.org/10.47233/jiska.v1i2.929
Yousefnezhad, N., Malhi, A., Keyriläinen, T., & Främling, K. (2023). A Comprehensive Security Architecture for Information Management throughout the Lifecycle of IoT Products. Sensors, 23(6), 1–21. https://doi.org/10.3390/s23063236
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Muhammad Naufal Arits Fikri, Nisrina Labiba Sarwoko, Sembada Denrineksa Bimorogo, Nadiza Lediwara, Aulia Khamas Heikhmakhtiar
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
