<![CDATA[Purpose – This study aims to design, implement, and evaluate a prototype framework for tamper-evident audit logging in a decentralized single sign-on environment for education-oriented digital services. It addresses the risk that detailed authentication and session records remain stored in mutable off-chain systems, while storing complete audit data on-chain may increase costs and privacy exposure. Methods – The study adopted an artifact-based prototype design and evaluation approach. The prototype combined PostgreSQL-based off-chain audit storage, deterministic snapshot construction, canonical JSON serialization, SHA-256 hashing, Merkle root generation, and blockchain anchoring through the AuditAnchor smart contract on the Polygon Amoy testnet. The evaluation was conducted in a controlled prototype environment through tamper-detection testing, latency benchmarking, snapshot and proof performance measurements, storage-growth observations, and anchoring cost analysis. Findings – Post-anchoring record modification, deletion, and insertion consistently produce root mismatches. Across the evaluated workloads, snapshot construction remained below 0.4 s for up to 5,000 records, proof verification remained lightweight, and anchoring consumed 49,953 gas per transaction under the tested setup. Research implications – The prototype suggests that education-oriented multi-service environments may benefit from keeping detailed audit data off-chain while anchoring compact integrity commitments on-chain to support audit reviews, cross-service access tracing, and post-incident verifications. Originality – This study contributes a prototype-level integration of decentralized SSO, deterministic off-chain audit snapshots, and on-chain Merkle-root anchoring for audit verification]]>
Copyrights © 2026
