IMPLEMENTATION OF SINGLE SIGN ON INTEGRATED WITH PUBLIC KEY INFRASTRUCTURE AND ROLE BASED ACCESS CONTROL AUTOMATION
ABSTRACT IMPLEMENTATION OF SINGLE SIGN ON INTEGRATED WITH PUBLIC KEY INFRASTRUCTURE AND ROLE BASED ACCESS CONTROL AUTOMATION By Farhan Ardiya Fernanda NIM: 18118026 (Telecommunication Engineering Program) In the digital era, the use of web-based applications is growing. Many entities requir...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/66372 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | ABSTRACT
IMPLEMENTATION OF SINGLE SIGN ON INTEGRATED
WITH PUBLIC KEY INFRASTRUCTURE AND ROLE BASED
ACCESS CONTROL AUTOMATION
By
Farhan Ardiya Fernanda
NIM: 18118026
(Telecommunication Engineering Program)
In the digital era, the use of web-based applications is growing. Many entities
require various web-based applications for operational activities. This makes
centralized access management for web-based applications very much needed.
Currently, access management is often implemented using Single Sign On (SSO)
with password authentication method. Security considerations arise against the use
of passwords. This is because passwords have a vulnerability to brute forcing using
a password list, and human nature often uses repeated or uncomplicated
passwords. There is an alternative authentication method, namely Mutual TLS
which utilizes Public Key Infrastructure (PKI). Users authenticate with X.509
digital certificates, so the authentication factor becomes something you have.
This final project aims to implement an integrated PKI SSO system and RBAC
access automation. The approach of this project is research, design,
implementation, and testing. The entire system is built with open source software
and implemented on a cloud infrastructure. The system has three subsystems,
namely registration, login and RBAC access automation. All subsystems are tested
according to the specified flow. The test results show that the registration subsystem
has been successfully carried out as evidenced by the success of filling in personal
data, approval flow, and downloading of certificates. The login subsystem was also
successfully implemented, as evidenced by the existence of mTLS authentication
with certificate validation. In testing the RBAC access automation subsystem, it is
shown that the script created can perform access checks and access remediation if
needed. So it is concluded that the entire subsystem has been functioning properly
and meets the defined system criteria.
Keywords: SSO, PKI, RBAC. |
|---|