Specification and Visualization of Policy Model in RBAC

Abstract

The application of the State Civil Apparatus Information System is an application that manages all stages of civil service management of the state civil apparatus, in line with technological developments and the needs of the state civil apparatus for digital data, the State Civil Apparatus Information System needs to be developed. There are 18 application developments, one of which is the user management function. The problem with this function is that the user has quite a lot of roles, where 1 user can have access to several applications. Therefore, a clear user management is needed to manage this, namely using access control with an RBAC (Role Based Access Control) approach. The purpose of this study is to produce a role model on user management features using XACML and produce an RBAC policy design on user management access control in the state Civil Apparatus Information System application. The research method consists of: (1) Literature Review, (2) Role Modeling Using XACML, (3) Result Visualization, and (4) Merge Operation Process. This research has produced 6 role models, where the six models have been visualized in the form of a graph in the form of images, visualization is carried out to detect if there is an error in defining roles in the State Civil Apparatus Information System service. and secondly, this research has produced an RBAC policy written using the XACML scheme as its specification.