Article Per Year (5 Year)
p-Index From 2020 - 2025
0.408
P-Index
This Author published in this journals
All Journal Journal Innovations Computer Science
Asrori, Muhamad Umar Hassan
Unknown Affiliation
Computer Science & IT

Published : 2 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 2 Documents
Search

 1 
Implementation of Defense In Depth and IAM Best Practices Based on Segmented VPC Architecture Using Amazon Web Services (AWS) for Small Business Network Security Asrori, Muhamad Umar Hassan; Said, Fadillah
Journal Innovations Computer Science Vol. 4 No. 2 (2025): November
Publisher : Yayasan Kawanad

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.56347/jics.v4i2.318

Abstract

This study presents the design, implementation, and validation of a cloud security architecture on Amazon Web Services (AWS) that integrates Defense in Depth strategies with Identity and Access Management (IAM) Best Practices, tailored for small and medium-sized enterprises (SMEs). Using the AWS Free Tier, an experimental cloud infrastructure was constructed to evaluate the effectiveness of multi-layered protection encompassing network segmentation, least-privilege access control, and real-time monitoring. The architecture employed a segmented Virtual Private Cloud (VPC) with public and private subnets, controlled by Security Groups (SGs) and Network Access Control Lists (NACLs), while IAM policies and Multi-Factor Authentication (MFA) enforced identity-level security. Centralized monitoring through CloudTrail and CloudWatch enabled anomaly detection and event logging with high accuracy. Test results showed that unauthorized access was effectively blocked, suspicious activities were detected promptly, and all administrative actions were recorded reliably. The findings indicate that combining layered network defenses and IAM governance significantly enhances the resilience, visibility, and security posture of SMEs adopting AWS environments. Beyond its technical effectiveness, the model offers scalability, auditability, and cost-efficiency—demonstrating that enterprise-grade protection can be achieved even within the resource constraints of SMEs. Future work is encouraged to integrate automation and advanced AWS tools such as GuardDuty and Config to strengthen real-world adaptability and compliance.
Implementation of Defense In Depth and IAM Best Practices Based on Segmented VPC Architecture Using Amazon Web Services (AWS) for Small Business Network Security Asrori, Muhamad Umar Hassan; Said, Fadillah
Journal Innovations Computer Science Vol. 4 No. 2 (2025): November
Publisher : Yayasan Kawanad

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.56347/jics.v4i2.318

Abstract

This study presents the design, implementation, and validation of a cloud security architecture on Amazon Web Services (AWS) that integrates Defense in Depth strategies with Identity and Access Management (IAM) Best Practices, tailored for small and medium-sized enterprises (SMEs). Using the AWS Free Tier, an experimental cloud infrastructure was constructed to evaluate the effectiveness of multi-layered protection encompassing network segmentation, least-privilege access control, and real-time monitoring. The architecture employed a segmented Virtual Private Cloud (VPC) with public and private subnets, controlled by Security Groups (SGs) and Network Access Control Lists (NACLs), while IAM policies and Multi-Factor Authentication (MFA) enforced identity-level security. Centralized monitoring through CloudTrail and CloudWatch enabled anomaly detection and event logging with high accuracy. Test results showed that unauthorized access was effectively blocked, suspicious activities were detected promptly, and all administrative actions were recorded reliably. The findings indicate that combining layered network defenses and IAM governance significantly enhances the resilience, visibility, and security posture of SMEs adopting AWS environments. Beyond its technical effectiveness, the model offers scalability, auditability, and cost-efficiency—demonstrating that enterprise-grade protection can be achieved even within the resource constraints of SMEs. Future work is encouraged to integrate automation and advanced AWS tools such as GuardDuty and Config to strengthen real-world adaptability and compliance.
Co-Authors Said, Fadillah