Implementation of Role-Based Access Control (RBAC) to Manage Access Rights in a Multi-User Kindergarten Information System
Implementation of Role-Based Access Control Mechanism in Multiuser Environment
Keywords:
RBAC, Multiuser Information System, Kindergarten, Access RightsAbstract
This study aims to design and implement a multiuser information system based on Role-Based Access Control (RBAC) in a kindergarten (TK) environment to manage user access rights in a structured and secure manner. In multiuser-based school information systems, improper access control can lead to unauthorized data access, role conflicts, and security vulnerabilities. To address this issue, this research applies RBAC as the main authorization mechanism, where access rights are granted based on predefined user roles. The system is developed using a software engineering approach with a descriptive methodology, following stages of requirements analysis, system design, implementation, and testing. Three primary roles are defined in the system: Super Admin, School Admin, and Operator, each with different access privileges. The system is implemented using PHP with the CodeIgniter framework and MySQL as the database management system. To enhance responsiveness and accuracy in access control enforcement, a real-time mechanism using Pusher.js is integrated to synchronize access right changes without requiring manual page refresh. System testing is conducted using black-box testing to verify access restrictions, menu visibility, and data isolation between schools. The results show that the RBAC mechanism functions effectively in restricting access according to user roles, preventing unauthorized actions, and ensuring data separation across institutions. This research demonstrates that RBAC can be reliably applied as a foundational access control model for multiuser school information systems, particularly in early childhood education environments, and can be further developed for real-world implementation.
Downloads
References
[1] S. Winar, E. Rizki Putra, and I. Muslem R., “Sistem Informasi Kalkulasi Zakat Pada Kantor Baitul Mal Kabupaten Bireuen Berbasis Android,” Jurnal TIKA, vol. 7, no. 3, 2022, doi: 10.51179/tika.v7i3.1584.
[2] P. E. Pemberdayaan and E. Perempuan, “Perancangan sistem autentikasi multi-role berbasis rbac pada platform e-learning pemberdayaan ekonomi perempuan 1) 1,2,3),” vol. 11, no. 1, pp. 1094–1104, 2026.
[3] A. Muliani Harahap, “Implementasi Metode Role-Based Access Control Pada Aplikasi E-Raport di MIN 15 Langkat Berbasis Android,” 2024.
[4] A. S. Khairi, M. Alda, U. Islam, N. Sumatera, S. Utara, and H. Akses, “Implementasi Role Based Access Control dalam Pengelolaan Hak Akses Koperasi Berbasis Mobile,” vol. 09, pp. 85–95, 2024.
[5] M. Noor and H. Siregar, “Analisis Keamanan Data pada Sistem Informasi Menggunakan Metode ISO / IEC 27001,” vol. 1, no. 2, pp. 58–64, 2025.
[6] P. Y. Agung and D. Manongga, “Role-based access control (rbac) untuk sistem otorisasi terpusat berbasis flask studi kasus pt. xyz,” vol. 9, no. 4, pp. 1768–1778, 2024.
[7] I. Artikel and A. Info, “Implementasi OWASP untuk Analisis Kerentanan dan Keamanan pada Sistem Informasi Akademik Terintegrasi Universitas Bina Darma,” vol. 4, no. 1, pp. 1–7, 2025.
[8] E. Islam, R. Islam, M. Chetty, S. Lim, and M. Chadhar, “User authentication and access control to blockchain based forensic log data,” EURASIP Journal on Information Security, 2023, doi: 10.1186/s13635-023-00142-3.
[9] N. B. Adinugroho, P. Hendradi, and D. Sasongko, “ANALISIS KEAMANAN E-LEARNING MENGGUNAKAN OPEN WEB APPLICATION SECURITY PROJECT ( OWASP ) ( STUDI KASUS : MOCA UNIMMA ),” vol. 22, no. 02, pp. 132–138, 2022.
[10] U. Merangin, “PERANCANGAN SISTEM INFORMASI PERPUSTAKAAN DIGITAL BERBASIS ROLE-BASED ACCESS CONTROL (RBAC) PERPUSTAKAAN UNIVERSITAS MERANGIN Ichsandi 1 , Ranita Nurhidayah 2,” vol. 2, no. 2, pp. 72–82, 2025.
[11] N. Ramadhanty and K. Informasi, “Implementasi Kerangka Keamanan NIST Dan ISO / IEC 27001 Dalam Menghadapi Ancaman Risiko Siber,” no. 4, pp. 1–9, 2024.
[12] H. F. Atlam, M. A. Azad, M. O. Alassafi, A. A. Alshdadi, and A. Alenezi, “Risk-Based Access Control Model : A Systematic Literature Review,” pp. 1–23.
[13] O. Houhou, S. Bitam, and A. Hamida, “HyARBAC : A New Hybrid Access Control Model for Cloud Computing,” vol. 1, no. 1, 2024.
[14] K. V Brw, J. S. Supriadi, and N. Sukun, “SECURITY ANALYSIS OF COLLEGE WEBSITES,” vol. 2, no. 1, pp. 13–20, 2025.
[15] S. Track and W. Product, “eXtensible Access Control Markup,” no. January, pp. 1–154, 2013.
[16] Y. Zhang, “A ribute-based Encryption for Cloud Computing Access Control : A Survey Attribute-based Encryption for Cloud Computing Access Control : A Survey,” vol. 53, no. 4, 2026, doi: 10.1145/3398036.
[17] W. Jansen, T. Grance, W. Jansen, and T. Grance, “Guidelines on Security and Privacy in Public Cloud Computing”.
[18] M. Al Morsy, J. Grundy, and I. Müller, “An Analysis of the Cloud Computing Security Problem”.
[19] A. Renaldy, A. Fauzi, A. N. Shabrina, and H. N. Ramadhan, “Peran Sistem Informasi dan Teknologi Informasi Terhadap Peningkatan Keamanan Informasi Perusahaan,” vol. 2, no. 1, pp. 15–22, 2023.
[20] J. Park and U. States, “The UCONABC usage control model,” vol. 7, no. 1, 2026, doi: 10.1145/984334.984339.
[21] I. K. Phan, “The Implementation of Role Based Access Control in a Cloud-Based Supply Chain Management System Penerapan Role Based Access Control dalam Sistem Supply Chain Management Berbasis Cloud,” vol. 3, no. October, pp. 339–348, 2023.
[22] M. K. Kabier, A. A. Yassin, Z. A. Abduljabbar, and S. Lu, “Role Based Access Control Using Biometric the in Educational System,” vol. 49, no. 1, pp. 85–101, 2023.
[23] E. R. Susanto et al., “Analisis Implementasi Sistem Keamanan Basis Data Berbasis Role-Based Access Control ( RBAC ) pada Aplikasi Enterprise Resource Planning,” vol. 5, no. 1, pp. 105–116, 2025, doi: 10.54259/satesi.v5i1.3997.
[24] I. P. Microgrids, S. Shin, M. Park, T. Kim, and H. Yang, “Architecture for Enhancing Communication Security with RBAC,” pp. 1–18, 2024.
[25] V. C. Hu, K. Scarfone, R. Kuhn, and K. Sandlin, “Guide to Attribute Based Access Control ( ABAC ) Definition and Considerations NIST Special Publication 800-162 Guide to Attribute Based Access Control ( ABAC ) Definition and Considerations”.
[26] N. Rahma and N. Mayesti, “Pengendalian Hak Akses pada Electronic Document and Records Management System di Kementerian Kelautan dan Perikanan Republik Indonesia,” vol. 5, no. 1, pp. 33–48, 2019, doi: 10.14710/lenpust.v5i1.23578.
[27] O. M. Oluoha, A. Odeshina, O. Reis, V. Attipoe, and O. H. Orieno, “A Privacy-First Framework for Data Protection and Compliance Assurance in Digital Ecosystems,” vol. 7, no. 4, pp. 620–646, 2023.
Downloads
Published
How to Cite
Issue
Section
Categories
License
Copyright (c) 2026 Aceh Journal of Computer Science
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
This journal is an open access journal that provides direct, barrier-free national access to the full text of all published articles without any cost to readers or their institutions. Readers are entitled to read, download, copy, distribute, print, search, or link to the full text of all articles in the ILKA Journal. This journal provides open access to its content on the principle that making research freely available to the public supports greater global knowledge exchange.
