Integrasi RBAC, AES-256, dan Audit-log untuk Keamanan dan Auditabilitas Sistem Inventori UMKM
https://doi.org/10.36309/goi.v32i1.447
Andik Prakasa Hadi(1*)
Affiliation
(1) Fakultas Studi Akademi, Universitas Sains dan Teknologi Komputer, Semarang
(2) Fakultas Studi Akademi, Universitas Sains dan Teknologi Komputer, Semarang
(3) Fakultas Studi Akademi, Universitas Sains dan Teknologi Komputer, Semarang
(*) Corresponding Author
How to Cite
Abstract
Micro and small enterprises face inventory management issues, including stock recording errors, weak access control, and lack of data change traceability. This study develops a web-based inventory system integrating Role-Based Access Control (RBAC), AES-256 encryption, and audit logs. The system was built using the Laravel framework with a Design Science Research (DSR) approach. Functional testing achieved a 100% success rate. Usability evaluation using the System Usability Scale (SUS) with six respondents produced a mean score of 87.5 (excellent category). AES-256 encryption effectively protects sensitive data, while audit logs support system accountability. Verification also confirms compliance with the NIST SP 800-171 standard. This study contributes an integrated three-mechanism security system ready for adoption by garment-sector SMEs.
Keywords
Full Text:
PDF HAL. 35-46References
D. E. R. Hidayatullah, R. Kunthi, and R. Harwahyu, “Design and Analysis of Information Security Risk Management Based on ISO 27005: Case Study on Audit Management System (AMS) XYZ Internal Audit Department,” Int. J. Electr. Comput. Biomed. Eng., vol. 2, no. 3 SE-Computer Engineering, pp. 395–413, Sep. 2024, doi: 10.62146/ijecbe.v2i3.81.
A. Ali, M. Ahmed, and A. Khan, “Audit logs management and security - A survey,” Kuwait J. Sci., vol. 48, no. 3 SE-Computer Science, Jun. 2021, doi: 10.48129/kjs.v48i3.10624.
S. Mishra, J. Sah, and B. Sharma, “DIGITALIZATION AS A COMPETITIVE DIFFERENTIATOR: ERP ADOPTION CHALLENGES IN INDIAN GARMENT SME CLUSTERS,” Int. J. Eng. Technol. Manag. Res., vol. 12, no. 4 SE-Articles, pp. 123–127, Apr. 2025, doi: 10.29121/ijetmr.v12.i4.2025.1708.
A. Susanty, N. B. Puspitasari, G. S. Siahaan, S. Setiawan, and M. Syafrudin, “Factors influencing the intention of textile and garment SMEs to adopt digital technologies and its impact on performance,” Sci. Rep., vol. 15, no. 1, p. 20807, 2025, doi: 10.1038/s41598-025-94625-7.
C.-C. Wang, Y.-T. Hsu, and H.-Y. Kuo, “Enhancing Supply Chain Resilience in Textile SMEs: A Human-Centric Customer-to-Manufacturer Framework Using Public E-Commerce Data,” 2026. doi: 10.3390/jtaer21040123.
A. Darmawi, R. Istikowati, and G. Y. Astrini, “Optimizing inventory management in the textile industry: a comprehensive evaluation of UHF-RFID technology integration,” Int. J. Adv. Appl. Sci., vol. 14, no. 4, pp. 1411–1419, 2025, doi: 10.11591/ijaas.v14.i4.pp1411-1419.
R. R. A. Tisza-Vargas, “Lean-Based Operations Management for Inventory Optimization: A Case Study in Peruvian Textile SMEs,” pp. 121–134, 2025, doi: 10.46254/gc02.20240032.
C. Blundo and S. Cimato, “Role mining under User-Distribution cardinality constraint,” J. Inf. Secur. Appl., vol. 78, p. 103611, 2023, doi: https://doi.org/10.1016/j.jisa.2023.103611.
David Fitrianto and W. Y. Sulistyo, “Penerapan Role Based Access Control untuk Keamanan Data Multi Tenant SIMPEL Lazismu,” Insect (Informatics Secur. J. Tek. Inform., vol. 12, no. 01 SE-Articles, pp. 1–10, Mar. 2026, doi: 10.33506/insect.v12i01.5009.
P. Patil, “Design and Performance Analysis of a Secure Multi-User Database with Role- Based Access Control and Audit Trail,” Int. J. Innov. Sci. Res. Technol., vol. 10, no. 7, pp. 2184–2184, 2025, doi: 10.38124/ijisrt/25jul1399.
D. A. Purba et al., “Implementasi Role - Based Access Control ( RBAC ) pada Sistem Informasi Manajemen Stok Obat Implementation of Role - Based Access Control ( RBAC ) in a Drug Stock,” vol. 15, pp. 684–698, 2026, doi: https://doi.org/10.32520/stmsi.v15i2.5958.
P. Aswintama, E. Haryanto, and R. A. Setyawan, “Implementation of role-based access control, multi tenancy and audit logging in a single sign-on system,” J. Mandiri IT, vol. 14, no. 1 SE-Articles, pp. 119–128, Jul. 2025, doi: 10.35335/mandiri.v14i1.441.
J. A. Sitanggang, B. H. Saputra, A. Hidayati, and H. Saragih, “Design and development of the spacelog web application for inventory management and asset tracking using QR codes at the Cyber Defense Center of the Ministry of Defense,” J. Mandiri IT, vol. 14, no. 3 SE-Articles, pp. 283–293, Jan. 2026, doi: 10.35335/mandiri.v14i3.481.
Laravel, “Laravel Documentation,” 30/11/2015, p. 1, 2015, [Online]. Available: http://web.archive.org/web/20140920185439/http://laravel.com/docs/introduction
N. Matas Ali and V. Haripriya, “Enhancing Data Protection through Advanced Encryption or Improving Data Security with Advanced Encryption,” Int. J. Innov. Res. Comput. Commun. Eng., vol. 12, no. 03, pp. 1710–1715, 2024, doi: 10.15680/ijircce.2024.1203056.
M. Yusuf, A. Arizal, and I. R. Hikmah, “Implementation Cryptography and Access Control on IoT-Based Warehouse Inventory Management System,” MATRIK J. Manajemen, Tek. Inform. dan Rekayasa Komput., vol. 22, no. 1 SE-Articles, pp. 37–50, 2022, doi: 10.30812/matrik.v22i1.1849.
A. Asgap Putra Zulian, K. Kartarina, and I. M. Y. Dharma, “Analisis Pengamanan File Menggunakan Enkripsi dan Dekripsi dengan Algoritma AES-GCM-SIV,” Edu Elektr. J., vol. 13, no. 1, pp. 15–23, 2026, doi: 10.15294/eduel.v13i1.26826.
J. Lee, “DPTracer: Integrating Log-Driven Accountability into Data Provision Networks,” 2024. doi: 10.3390/app14188503.
C. H. Saputra, “Integrasi Audit Trail dan Teknik Clustering untuk Segmentasi dan Kategorisasi Aktivitas Log,” J. Teknol. Inf. dan Ilmu Komput., vol. 11, no. 1 SE-Ilmu Komputer, pp. 209–214, Feb. 2024, doi: 10.25126/jtiik.20241118071.
Pemerintah Pusat, “Undang-undang (UU) Nomor 27 Tahun 2022 tentang Pelindungan Data Pribadi,” Pemerintah Pus., no. 016999, p. 1, 2022, [Online]. Available: https://peraturan.bpk.go.id/Download/224884/UU Nomor 27 Tahun 2022.pdf
R. Ross, V. Pillitteri, K. Dempsey, M. Riddle, and G. Guissanie, “NIST Special Publication 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” Natl. Inst. Stand. Technol. Spec. Publ. 800-171, 2020, [Online]. Available: https://doi.org/10.6028/NIST.SP.800-171r2
J. Akoka, I. Comyn-Wattiau, and V. C. Storey, “Design Science Research: Progression, Schools of Thought and Research Themes BT - Design Science Research for a New Society: Society 5.0,” A. Gerber and R. Baskerville, Eds., Cham: Springer Nature Switzerland, 2023, pp. 235–249. doi: https://doi.org/10.1007/978-3-031-32808-4_15.
K. Peffers, T. Tuunanen, M. A. Rothenberger, and S. Chatterjee, “A Design Science Research Methodology for Information Systems Research,” J. Manag. Inf. Syst., vol. 24, no. 3, pp. 45–77, Dec. 2007, doi: 10.2753/MIS0742-1222240302.
B. Takawira and B. Duri, “Integrating IoT and Blockchain for Real-Time Inventory Visibility and Traceability: A Bibliometric–Systematic Review,” 2026. doi: 10.3390/logistics10030057.
J. R. Lewis, “The System Usability Scale: Past, Present, and Future,” Int. J. Human–Computer Interact., vol. 34, no. 7, pp. 577–590, Jul. 2018, doi: 10.1080/10447318.2018.1455307.
J. R. Lewis, “Sample sizes for usability tests: mostly math, not magic,” Interactions, vol. 13, no. 6, pp. 29–33, 2006, doi: 10.1145/1167948.1167973.
N. Clark, M. Dabkowski, P. J. Driscoll, D. Kennedy, I. Kloo, and H. Shi, “Empirical Decision Rules for Improving the Uncertainty Reporting of Small Sample System Usability Scale Scores,” Int. J. Human–Computer Interact., vol. 37, no. 13, pp. 1191–1206, Aug. 2021, doi: 10.1080/10447318.2020.1870831.
Article Metrics
Refbacks
- There are currently no refbacks.

Ciptaan disebarluaskan di bawah Lisensi Creative Commons Atribusi-Berbagi Serupa 4.0 Internasional
DOI: 10.36309 Visitor Number: View Go Infotech stats






