Implementasi Autentikasi dan Otorisasi pada Sistem Informasi Berbasis Web

Abstract

The rapid development of web-based information systems demands security mechanisms capable of protecting data and effectively controlling user access. One of the main problems that often occurs is a weak authentication and authorization system, potentially leading to unauthorized access and data leaks. This research aims to design a security system model based on authentication and authorization for web-based information systems.The method used is a system design research approach, which includes requirements analysis, formulation of design principles, system architecture design, and development of authentication and authorization flows. The proposed system model applies the Role-Based Access Control (RBAC) concept to manage access rights, and hashing techniques to secure user passwords.The results show that the designed model can improve system security by separating authentication and authorization processes, limiting user access based on roles, and protecting login data from potential leaks. Furthermore, the use of session management on the backend helps maintain the stability of user access while interacting with the system.Thus, the proposed model can be a solution in improving the security of web-based information systems and can be used as a basis for developing a system that is more secure, structured, and easy to implement.