User Access Rights Research Articles

Data Security and Access Rights Management on Anime Content Management Information System

In the increasingly developing digital era, data security and access rights management have become crucial aspects in information systems, especially on platforms that manage specific content such as anime. The Anime Content Management Information System (SIPKA) requires a robust security mechanism to protect user data, content and access rights in order to prevent security threats such as unauthorized access, data theft and content manipulation. This study discusses various methods and technologies that can be applied to improve data security and access rights management in SIPKA. Through literature analysis and case studies, this research found that implementing data encryption, multifactor authentication, and role-based access rights management (RBAC) systems are effective strategies in maintaining data integrity and confidentiality. It is hoped that the results of this research can provide guidance for SIPKA developers and managers in implementing appropriate security policies and technology to ensure the security and operational continuity of the system.

Pemanfaatan Odoo Untuk Implementasi HRIS Di Perusahaan Roti Menggunakan Metode ASAP

The importance of information technology in the advancement of human resource carriers is gaining momentum in the era of globalization and rapid technological developments today. The impact of information technology on the business environment has resulted in significant changes in the management of human resources in organizations. In the HRD system in a bread flour company, the management of each HRD business process is still done manually using paper as a document and for data storage using Ms. Excel, where HRD still has difficulty in managing employee data. With the method using BPMN, the HRD system business process can be analyzed, and the ASAP method for HRD system optimization using Odoo, the purpose of the study using odoo every business process starting from recruitment, absence, leave, orientation and training, and payroll will facilitate the HRD system in the company because each module is integrated, and data storage already uses a database. Then the results of this study after going through the User Acceptance Testing process using the Black Box Testing technique, the researcher can conclude that the use of Odoo to optimize the HRD system used passes functionally with several notes regarding user access rights that must be adjusted to the jobdesk of each employee.

A Unification of Fog-Cloud Computing for Data Agitation and Guard Intensification in Industrial Health Care Security

The development of Fog computing is a decentralized environment in which the data processing, storage and applications are processed between the located server in a cloud environment. By increasing the Internet of things (IoT) and remote storage, the communication in cloud become more sophisticated by processing the data safely and securely. Healthcare data is important which contains medical information and processed centrality in the public environment through IoT, due to increasing security breaches they need to protect depends on the security applicants. All over the centralized data computing are accessed by virtual environment through remote protocol doesn’t provide safety in healthcare industry. To resolve this problem, to propose as Unification of fog-cloud computing for data agitation and guard intensification (DA-GI) in Industrial Health Care Security. The Medical Data Health-Care (MDHC) records are stored in Cloud datacenters and the Fog layer based on the guard intensity and the key is provoked for ingress the file. The activity logs are controlled and monitoring from cloud serves sustains the Activity Log, Risk Table and Health Records. To introduce a cryptographic approach based on advanced encryption standards (AES) to protect data and authenticity verification server. The key verification process based on security gateway, Fog cloud server depends on user access rights provided to the user. During the key validation, role of permission to the user s verified and agitate to allow access rights to the verified service access. The proposed system produce high security compared to the other system as well in all security concerns of role, authentication and verification to process data safely.

Exam Form Management System

Exams are a scary topic for students and teachers to discuss. The successful operation of the exam depends on administrators establishing the system and establishing a good working relationship with the exam center administrator. Communicate with staff and students simultaneously to ensure everyone is working towards the same goal. Automated systems will reduce all the challenges associated with test management. Academia ERP is a comprehensive system that provides an exam model that includes all activities related to exam management, from direct receipt of registration forms and exam documents to completion of results and hard copy proofing and data analysis. The exam module contains all the necessary information students need to register for the exam. The module is linked to the student database; Therefore ID/name/registration etc. Just fill in the fields. It helps in keeping all the necessary information about the student. Exam Module for Academia provides the following for easy and effective exam management in education - Study or Exam Module ERP followed by Systematization Exam Management Module in Academia is the best automation system that automates and facilitates the quality of planned and executed tests; Make the testing process efficient and paperless. Academia's Exam Management Portal helps you complete the entire exam process, from pre-planning (like creating exam papers, exam schedules, and scoring rubrics), to managing materials and dispatching proctors. Automated systems are designed to manage the access rights of different users to prevent unauthorized users from abusing and controlling legal and legal information as well as many other information, including reviews that are not only for informational purposes. The project aims to create an effective platform for process management. As we mentioned above, it has different modules. Student and test data are stored in the database

Student Result Management System

Student Result Management System (SRMS) is a website designed to store student results at the institution. On this website, HTML, CSS, and JavaScript are used as advanced tools. The project aims to automate semester results management. as it is a system for the management of computerized test results of student examination records. It will simplify and accelerate outcomes planning, management processes, and activities such as a craft reduction tool, providing us with advanced preparation for both students and administrative authorities to achieve results. The project aims to provide student test results in an effortless way. It works for students and institutions to get results in an uncomplicated way. Being a result analysis that reflects the nature of the subjects and grades helps students to look at the results. A program designed for students whose rights have been granted to students to read and practice their results by providing usernames and passwords for secure access. In the case of new students, the registration system is ready for use, and the guest user has the right to read only. The full results system (SRMS) will be under the control of the administrator or admin and the administrator or admin has full access to write, read, and show the result. The guide or admin also grants Teacher and students access and guest user access rights. The reader can share or publish his or her result. Keyboard :- 1. Academic performance tracking 2. Data management 3. Educational technology 4. Student records 5. Administrative efficiency 6. Analytics 7. Reporting 8. Decision support 9. User interface 10. Stakeholder communication

Revolutionizing Hospital IT Security through ISO 27001 Launched in Indonesia

This study examines the security of the E-HOS System at RSUD Ibnu Sina Kab. Gresik, identifying critical threats and vulnerabilities, and offering mitigation strategies. Using qualitative methods, including interviews, observations, and documentation, data was collected from December 2022 to May 2023. The OCTAVE framework revealed 17 potential risk events, with user-related risks being the most significant, showing an RPN as high as 162 for access rights abuse. The study recommends implementing ISO 27001 controls—Access Control, Human Resource Security, and Communications Security—to enhance system security. These findings highlight the importance of robust IT security governance in healthcare settings. Highlight: Critical Risks: 17 events, highest risk in user access rights abuse. Methodology: Used OCTAVE framework, interviews, observations, documentation. Recommendations: Implement ISO 27001 controls: Access Control, HR Security, Communications Security. Keyword: E-HOS System, SIMRS security, OCTAVE method, risk assessment, ISO 27001

Blockchain-based self-sovereign identity solution for aerial base station integrated networks

Identity and access management frameworks address user access rights and data governance for organizations, vendors and users. In response to the problems associated with centralized authorities (e.g. single point of failure, limited scalability, lack of user control), new identity management models have emerged, such as Self-Sovereign Identity (SSI), which relies on verifiable data registers to validate Decentralized Identifier (DIDs) and can be achieved in many different ways, e.g. through Distributed Ledger Technology (DLT), distributed databases or other decentralized systems. The main goal of SSI is to enable users to take control of managing their data shared with different services. In this paper, we examine a possible application of the SSI concept to aerial base station (ABS)- integrated networks. The paper presents the effective use of DID implementation to provide a secure and decentralized way to create, associate and verify credentials and identities of ABSs, ensuring secure communication between Ground Base stations (GBSs) and other nodes in the network in a multi-operator scenario. In the numerical results, the average values of various metrics (namely, the average credential presentation time, the average credential offer time, the average DIDcomm connection creation time, the average DIDcomm signing time, and the average DIDcomm revoke credential time) related to credential operations in a DID management system are given for three different number of requests (50 K, 75 K, and 100 K). We have also provided the values of the different status codes that occurred in 100 K operations in the same DID management system. Towards the end of the paper, a comparison is made between SSI-based and Non-fungible token (NFT)-based blockchain solutions, also discussing the challenges and future directions of SSI solutions in the context of ABS-integrated networks.

Architecture of the system for vulnerabilities detection and prediction in information systems based on artificial intelligence methods

Network security is one of the most active research directions in the field of information security. This direction includes many approaches, one of which is the construction of attack graphs. When building attack graphs, each device in the network is a node of the graph, while the ability to move across the graph is defined by a network policy as well as by the intruder’s possibility to compromise the corresponding devices. In turn, the possibility of compromising the device is determined by the presence of vulnerabilities in them. The exploitation of vulnerabilities leads to the impact on the attacked system and/or the obtaining of user or admin access rights by the intruder. At the same time, open database data is used to analyze if devices are vulnerable. The problem is that data on many devices is not described in open databases, while the information in such databases may contain errors, be inconsistent and incomplete. The solution to this issue lies in the use of artificial intelligence methods to detect and predict the vulnerabilities of information systems. This paper presents the original architecture of the system that solves this task. The key features of the proposed solution are the use of artificial intelligence methods for predicting unknown results of vulnerability metrics based on known ones, as well as for predicting vulnerability categories for not known as vulnerable devices configurations based on their configuration similarity with vulnerable devices.

Optimizing Educational Institutions: Web-Based Document Management

Documents, which consist of written or printed materials, play a crucial role in educational activities. Private schools in Tangerang still face challenges in efficiently storing, accessing, and managing educational documents. Manual document storage consumes a significant amount of time and physical space. Therefore, a technology-based solution is required to address this issue. This research aims to develop a web-based Document Management System (DMS) that allows teachers and school staff to easily manage, store, and access educational documents digitally. The software development method employed is the Waterfall model, involving a series of stages ranging from needs analysis to testing and implementation. The outcome is a web based DMS application accessible to teachers in the school. This application enables teachers to view, upload, edit, and download teaching materials effortlessly. Additionally, teachers can manage their teaching schedules and user access rights. The usability of DMS has been tested through User Acceptance Testing (UAT), and users have provided positive feedback on the application. This web based DMS effectively addresses the issues related to document storage in schools, enhancing the efficient management of educational documents, reducing dependence on physical documents, and increasing productivity in the learning process. Consequently, this DMS holds great potential as a valuable tool in the educational context of the school.

Evaluating the potential impact of National Health Insurance on medical scheme members' rights to have access to health-care services in South Africa

The National Health Insurance Bill proposes to establish a national health insurance scheme that aims to provide universal access to health-care services for everyone. Section 33 of the Bill also proposes to limit the provision of parallel services by medical schemes if such services are provided or covered by the tabled NHI scheme. The establishment of the NHI scheme is likely to have a negative effect on the existing access rights of general private health-care users, particularly members of medical schemes. The NHI scheme may enhance access to and the quality of health-care services for millions; however, enabling large portions of the population to access services currently provided by costly private practitioners - services at present almost exclusive to a minority - is not without its perils. It risks negatively impacting on existing access rights and reducing the quality currently enjoyed by users of private health-care services. The propriety of these potential infringements is not necessarily suspect, and may in fact be justifiable. However, this contribution argues that the limitation proposed under section 33 of the NHI Bill is cause for concern. The contribution explores the state's constitutional duty to observe and respect the right of members of medical schemes to access health-care services. It uncovers the constitutional shortcomings of the limitation, and argues that it does not appear to serve any particular legitimate economic or legal purpose.

Rancang Bangun Aplikasi Pengadaan Barang dan Jasa Universitas Negeri XYZ dengan Metode Extreme Programming

The Indonesian government has provided the LKPP application in procuring goods and services for government agencies. However, several procurement processes at XYZ State University still do not use the LKPP application. Some of the reasons that are often stated are that the goods available in LKPP are not complete and the location of suppliers in LKPP is outside the city and the province. It is required to create an application for them at XYZ State University to promote digitization and transparency in procuring products and services at XYZ University. This application development uses the extreme programming method. This research succeeded in identifying the functionality requirements required in e-purchasing applications. The results of this research were able to realize 91.6% of all the necessary features. Some features that can be recognized include dashboard features, user access rights sharing features, goods/services requirements features, goods/services offering features, goods/services offer approval features, payment features, and specification features. The feature that has not been fulfilled is the direct purchase feature. The applications produced in this research may be adapted at universities or other government agencies.

Pengembangan Aplikasi Audit Satuan Pengawasan Internal UIN Sunan Kalijaga Yogyakarta

In carrying out internal supervision duties, SPI UIN Sunan Kalijaga Yogyakarta innovates by carrying out digital document-based supervision using the Google Drive service. SPI auditors often felt problems in using Google Drive, namely having to check the completeness of financial accountability documents manually one by one by opening a file on Google Drive. One of the goals of developing this application is to facilitate SPI auditors in checking the completeness of financial accountability report documents. The problems can be solved by creating an audit application. The audit application has been developed using the FAST method. Central admin, SPI admin, operator, superior operator, auditor, team leader, technical controller, and Head of SPI are user access rights in this application. The developed application has met the minimum requirements of SPI UIN Sunan Kalijaga Yogyakarta. Other universities can adopt this application.

BSAF: A blockchain-based secure access framework with privacy protection for cloud-device service collaborations

In an open Internet-of-Things (IoT) environment, cloud-device collaborative development brings more functional services to users. However, privacy disclosure risks concerning service provision and users’ accessing behavior also increase. Traditional privacy protection approaches involve a centralized system with a third-party administrative server, which has the risk of single-point failures and overlooks the issue of privacy information leakage concerning users’ behaviors. Blockchain is a decentralized and traceable technology that provides a reliable solution for secure access by users. This paper proposes a novel blockchain-based secure access framework (BSAF) for cloud-device service collaborations with privacy protection. Specifically, a key matrix encryption mechanism is used to protect the privacy of users’ behaviors, and a fully homomorphic encryption mechanism is designed to protect the privacy of service content. Two smart contracts are designed: a request verification smart contract to verify the access rights of users, and a behavior punishment smart contract to audit users’ access behaviors. Comprehensive experiments on the Ethereum blockchain network show that the proposed BSAF framework outperforms existing schemes in latency reduction and cost saving, and is more suitable for low-profile IoT devices.

Development of a Target-Based Configurable Business-to-Business Model for Electronic Wholesale Information System in East Java

Until the end of 2021, most of the electronics wholesale market in East Java has found obstacles in contract administration and monitoring of consumers’ sales targets managed conventionally in contract management and sales target monitoring aspects. This phenomenon becomes complicated because most wholesaler systems have specific rules of management. The research discusses information systems that can be configured for various business processes in the wholesale sale of electronic goods. The case-study approach is applied by analyzing, designing, constructing, and validating the new proposed system based on three case studies with different business processes. The result of the analysis phase explains minimum sales value, the number of item variants in sales, verification rules for sales supervisors, and the configuration of user access rights that are highly flexible when applied. This system is developed as web-based to make easy access to multiple platforms to accommodate flexibility. The result summarizes that companies have the power of freedom to customize their target and help them to monitor wholesale store sales to meet sales target achievement. Alternatively, suppose companies create their new sub-companies with different targets and segments. In that case, they can easily configure target sales rules without spending significant money on developing another application.

IMPLEMENTASI PENGOLAHAN SISTEM PENJUALAN FURNITURE MENGGUNAKAN METODE DESIGN THINKING (STUDI KASUS : FURNITURE JATI SUNGU BANDAR LAMPUNG)

Teak Sungu furniture in the process of processing sales transactions is still manual so that it produces inaccurate and irrelevant information. Staff also have difficulty in making monthly sales reports, because reports are recapitulated based on daily sales transactions, through sales notes, if left continuously it will take up data storage space and time only for notes and sales reports. Manual data processing is also vulnerable to data manipulation, so that the data or sales reports produced are not necessarily reliable. From these problems, the researchers developed a website-based sales information system. The sales information system was developed using the system development method, namely design thinking. A website-based sales information system can help Jati Sungu Furniture Bandar Lampung in recording and managing sales transaction data better than the previous system, so that previously poor quality data becomes accurate and relevant information. the system that has been developed also helps in making monthly sales reports more easily and quickly, the data is also difficult to manipulate because there are user access rights with a login system. the system has also been tested with ISO 25010. The test results of ISO 25010 have a percentage value of 92.9% and are very feasible to be implemented on Teak Sungu Furniture Bandar Lampung

ENSURING THE SECURITY OF CORPORATE USERS ACCOUNTS

Today, the need to protect user accounts of network operating systems is beyond doubt, as unauthorized changes to them in the system can negate the operation of software and hardware tools to protect corporate information. User access rights to the corporation's information resources are established in accordance with the organization's information security policy in order to maintain the confidentiality, integrity and availability of corporate information. With this in mind, the article discusses the rules for creating users accounts for a corporate network and explores ways to ensure their security based on Windows network operating systems. The basic list of rules for creating, assigning and using credentials is defined, namely: setting the maximum restriction of administrative rights for users with administrator rights, providing users and support groups with only those rights that they need to perform their daily tasks, using the organization's domain administrator accounts only to manage domain controllers. An installation file is organized that contains a set of the most common Active Directory (AD) administration utilities. The core of this package is made up of the following utilities: Account Lockout Examiner, Netwrix Auditor, SolarWinds Permissions Analyzer, Active Directory Health Profiler, and Semperis DS Protector. Modeling of AD security diagnostics has shown that using the collected tools in a single installation file greatly simplifies the process of monitoring the AD security status and diagnosing the established user access rights. It has been established that the highest level of security for accounts of privileged users and system administrators using Active Directory is achieved starting with Windows Server 2012 R2, since this OS and later versions implement the functionality of a protected user group, which provides additional protection against compromising their credentials during the authentication procedure.

Analysis on NSAW Reminder Based on Big Data Technology

NSAWS is an intelligent and real-time large database management system. By analyzing the user identity data and access rights contained in the collected information, the NSAWS finds out the potential risks and issues an alarm notice in a timely manner. This paper mainly studies how to strengthen the prevention of network attacks in BD environment from the following aspects. This paper first introduces the common technology on the Internet in our country and its application status; secondly, it expounds the architecture, deployment mode and operation mode of the large database system based on the basic security facilities such as cloud computing platform and firewall. Then the traditional NSAWS is analyzed and the simulation platform is tested. The results show that the platform has high accuracy and stability in alerting network security hazards and can effectively protect network security.

CRITERIA FOR SELECTING A CLOUD-BASED LEARNING MANAGEMENT SYSTEM FOR A HIGHER EDUCATION INSTITUTION

The paper explores the essence of the criteria and indicators which can be used to select a cloud-oriented learning support system for a higher education institution. The following criteria with corresponding indicators are identified: design criterion (reliability, accessibility, multilinguality, security, adaptability, ease of use and administration, free use); technological criterion (user access rights differentiation, cloud storage of data, integration with other cloud-based services, ability to download different types of files); communication criterion (user registration, communication between registered users, creating groups, creating forums and chats); information-didactic criterion (structuredness, calendar, assessment of student achievement, file sharing, testing and surveys, group and individual modes of work; analytics for a particular course). The most downloaded LMS are shown based on the results published by LMS Market Share. The paper offers an analysis of a number of cloud-based learning management systems (Google Classroom, Moodle, Edmodo, Studyboard, Oracle, Learner Nation, iSpring, Canvas, Schoology, Blackboard, NeoLms) in terms of the above-mentioned criteria and indicators. The systems were selected based on the method of expert evaluation. The expert evaluation showed that the most convenient and high-quality cloud-based learning management system for building a cloud-oriented learning environment of a higher education institution which best meets all the criteria are NeoLMS, Canvas and Google Classroom. These LMS offer all the functionalities which are essential in the educational process. We see the development of methodological recommendations for higher education regarding the high-quality and successful implementation of such learning management systems in the educational process as prospects for further research.

An Efficient Accountable Oblivious Transfer With Access Control Scheme in the Public Cloud

In an oblivious transfer with access control (AC-OT) scheme, the database provider (DBP) can define different access control policies for each data record, and users are allowed to hide their choices from the DBP when accessing data. An accountable AC-OT (AAC-OT) scheme is an enhanced version of AC-OT that allows the DBP to revoke the access rights of malicious users. However, existing AAC-OT schemes have defects in their security model definition, malicious user revocation mechanism, and user-side performance. Therefore, the authors proposed an improved AAC-OT scheme that applies to the public cloud environment. In the definition of the security model, the definitions of access authorization and revocation are considered. By modifying the user tracing mechanism, the DBP can independently revoke the access rights of fraudulent users. In addition, the number of bilinear pairing operations performed by users in the transfer phase is kept constant by optimizing the generation of the underlying zero-knowledge proofs.

A blockchain-based keyword search scheme with dual authorization for electronic health record sharing

Electronic health record is an electronic file that records people’s medical treatment and physical examination information in an all-around way which is an important branch of building a smart medical system. The sharing of electronic health records not only helps people use medical resources anytime and anywhere to deal with tricky physical conditions but also provides valuable and true reference materials for medical practitioners in related research. However, the current electronic health record sharing schemes have the problems of electronic health record data leakage, access authorization mechanism incomplete, inflexible operation of electronic health record data, low search efficiency, and untrustworthy cloud server provider. To solve these challenging problems, we propose a new blockchain-based keyword search scheme with dual authorization for electronic health record sharing. The certificateless cryptosystem avoids certificate management and key escrow. The construction of the authorization matrix realizes the dual authorization of the identities of users and the corresponding searchable departments. Also, the matrix can manage the access rights of users. The signal value of the ciphertext index can realize the authority management of ciphertext index. The ciphertext MAC verification code stored in the blockchain can verify the legality of ciphertext, and the smart contract is used to ensure fair transactions. Therefore, our scheme is more suitable for sharing confidential and sensitive electronic health records. The security proof concludes that the proposed scheme is indistinguishability under the keyword guessing attack. Besides, the result of performance analysis and comparison simulations show that the proposed scheme has higher performance than some related schemes.