Journal of Information Systems and Informatics (Sep 2024)
Enhancing Network Security in Mobile Applications with Role-Based Access Control
Abstract
In today's dynamic networking environment, securing access to resources has become increasingly challenging due to the growth and progress of connected devices. This study explores the integration of Role-Based Access Control (RBAC) and OAuth 2.0 protocols to enhance network access management and security enforcement in an Android mobile application. The study adopts a waterfall methodology to implement access control mechanisms that govern authentication and authorization. OAuth 2.0, a widely adopted open-standard authorization framework, was implemented to secure user authentication by allowing third-party access without exposing user credentials. Meanwhile, RBAC was leveraged to streamline access permissions based on predefined user roles, ensuring that access privileges are granted according to hierarchical role structures. The main outcomes of this study show significance towards the improvements in security enforcement and user access management. Specifically, the implementation of multi-factor authentication, session timeout mechanisms, and user role-based authorization ensured robust protection of sensitive data while maintaining system usability. RBAC proved effective in controlling access to various system resources, such as database operations which was presented in scenario of physical access to doors, while OAuth 2.0 provided a secure communication channel for authentication events. These protocols, working in tandem, addressed key issues like unauthorized access, data integrity, and scalability in network security policy enforcement. This research deduces that combining RBAC and OAuth 2.0 protocols in mobile applications enhances security posture, simplifies access management, and mitigates evolving threats.
Keywords