Article Per Year (5 Year)
p-Index From 2021 - 2026
0.23
P-Index
This Author published in this journals
All Journal Journal of Vocational, Informatics and Computer Education
Amri, Yufan
Unknown Affiliation
Computer Science & IT Education

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
A Tamper-Evident Audit Logging Framework for Decentralized Single Sign-On: Prototype Design and Evaluation in Education-Oriented Digital Services Amri, Yufan; Harwahyu, Ruki
Journal of Vocational, Informatics and Computer Education Vol 4, No 1 (2026): March 2026
Publisher : Academic Bright Collaboration

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.66053/voice.v4i1.479

Abstract

Purpose – This study aims to design, implement, and evaluate a prototype framework for tamper-evident audit logging in a decentralized single sign-on environment for education-oriented digital services. It addresses the risk that detailed authentication and session records remain stored in mutable off-chain systems, while storing complete audit data on-chain may increase costs and privacy exposure. Methods – The study adopted an artifact-based prototype design and evaluation approach. The prototype combined PostgreSQL-based off-chain audit storage, deterministic snapshot construction, canonical JSON serialization, SHA-256 hashing, Merkle root generation, and blockchain anchoring through the AuditAnchor smart contract on the Polygon Amoy testnet. The evaluation was conducted in a controlled prototype environment through tamper-detection testing, latency benchmarking, snapshot and proof performance measurements, storage-growth observations, and anchoring cost analysis. Findings – Post-anchoring record modification, deletion, and insertion consistently produce root mismatches. Across the evaluated workloads, snapshot construction remained below 0.4 s for up to 5,000 records, proof verification remained lightweight, and anchoring consumed 49,953 gas per transaction under the tested setup. Research implications – The prototype suggests that education-oriented multi-service environments may benefit from keeping detailed audit data off-chain while anchoring compact integrity commitments on-chain to support audit reviews, cross-service access tracing, and post-incident verifications. Originality – This study contributes a prototype-level integration of decentralized SSO, deterministic off-chain audit snapshots, and on-chain Merkle-root anchoring for audit verification
Co-Authors Harwahyu, Ruki