Implementasi Zero Trust Architecture pada Sistem Pengaduan Masyarakat Berbasis Web untuk Meningkatkan Keamanan Data dan Akses Pengguna

Authors

  • Dedy Kiswanto Universitas Negeri Medan
  • Gerhard Hasangapon Parapat Universitas Negeri Medan

Keywords:

Zero Trust Architecture, Sistem Pengaduan, Keamanan Sistem, OTP, RBAC

Abstract

Sistem pengaduan masyarakat berbasis web memiliki peran penting dalam meningkatkan kualitas pelayanan publik serta transparansi informasi antara masyarakat dan pemerintah. Namun, permasalahan keamanan data dan akses pengguna masih menjadi tantangan utama, terutama terkait potensi kebocoran data dan penyalahgunaan akses. Oleh karena itu, penerapan konsep Zero Trust Architecture (ZTA) menjadi solusi untuk meningkatkan keamanan sistem melalui mekanisme verifikasi yang ketat. Penelitian ini bertujuan untuk mengimplementasikan dan menganalisis penerapan Zero Trust Architecture pada sistem pengaduan masyarakat berbasis web guna meningkatkan keamanan data dan kontrol akses pengguna. Metode penelitian yang digunakan adalah Research and Development (R&D) dengan tahapan analisis kebutuhan, perancangan arsitektur, implementasi sistem, dan pengujian keamanan. Sistem dikembangkan dengan fitur utama seperti registrasi, login dengan verifikasi OTP, pengaduan masyarakat, serta kritik dan saran, yang dilengkapi dengan mekanisme autentikasi dan otorisasi berbasis peran. Hasil penelitian menunjukkan bahwa penerapan Zero Trust Architecture mampu meningkatkan keamanan sistem melalui validasi berlapis, pembatasan akses, serta perlindungan data pengguna. Temuan ini diharapkan dapat menjadi solusi dalam pengembangan sistem pelayanan publik yang lebih aman, andal, dan terpercaya.

References

S. Rose, O. Borchert, S. Mitchell, and S. Connelly, Zero Trust Architecture, NIST Special Publication 800-207, Aug. 2020.

National Institute of Standards and Technology (NIST), Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53 Rev. 5, Sep. 2020.

OWASP Foundation, OWASP Top 10: The Ten Most Critical Web Application Security Risks, 2021. [Online]. Available: https://owasp.org/www-project-top-ten/

A. Ahmad, J. Hadgkiss, and A. B. Ruighaver, “Incident response teams—Challenges in supporting the organisational security function,” Computers & Security, vol. 31, no. 5, pp. 643–652, 2021.

M. Conti, N. Dragoni, and V. Lesyk, “A Survey of Man in the Middle Attacks,” IEEE Communications Surveys & Tutorials, vol. 18, no. 3, pp. 2027–2051, 2020.

D. Ferraiolo, J. Cugini, and D. R. Kuhn, “Role-Based Access Control (RBAC): Features and Motivations,” NIST Journal of Research, 2020.

Google, BeyondCorp: A New Approach to Enterprise Security, 2021. [Online]. Available: https://cloud.google.com/beyondcorp

A. F. Sallaby dan R. I. Ramadhan, “Perancangan Sistem Informasi Pengaduan Masyarakat Berbasis Web pada Kecamatan XYZ,” Jurnal Teknologi Informasi dan Komunikasi, vol. 8, no. 1, pp. 1–10, 2021.

R. Purba, D. Kiswanto, C. Sinaga, dan P. Waruwu, “Rancang Bangun Sistem Double Authentication dengan Konsep ZTA (Zero Trust Architecture),” JITET (Jurnal Informatika dan Teknik Elektro Terapan), vol. 14, no. 1, pp. 205–212, 2024, doi: 10.23960/jitet.v14i1.8297.

Downloads

Published

2026-04-16

Issue

Vol. 3 No. 1 (2026): April 2026

Section

Articles

License

  1. Authors certify that the work reported here has not been published before and contains no materials the publication of which would violate any copyright or other personal or proprietary right of any person or entity.
  2. Authors dont transfer or license the copyright of publishing to SAKOLA: Journal of Sains Cooperative Learning and Law Research to publish the article in any media format, to share, to disseminate, to index, and to maximize the impact of the article in any databases.
  3. Authors hereby dont agree to transfer a copyright for publishing to SAKOLA: Journal of Sains Cooperative Learning and Law a Publisher of the manuscript. 
  4. Authors reserve the following: 
    1. all proprietary rights other than copyright such as patent rights; 
    2. the right to use all or part of this article in future works of our own such as in books and lectures;
    3. use for presentation in a meeting or conference and distributing copies to attendees; 
    4. use for internal training by author's company;
    5. distribution to colleagues for their research use;
    6. use in a subsequent compilation of the author's works;
    7. inclusion in a thesis or dissertation;
    8. reuse of portions or extracts from the article in other works (with full acknowledgement of final article);
    9. preparation of derivative works (other than commercial purposes) (with full acknowledgement of final article); and
    10. voluntary posting on open web sites operated by author or author’s institution for scholarly purposes, but it should follow the open access license of Creative Common CC BY-NC License.
SAKOLA: Journal of Sains Cooperative Learning and Law