Contact Us
Journal Statistics & Approval Details
Recent Published Paper
Our Author's Feedback
 •  SJIF Impact Factor: 8.067       •  ISRA Impact Factor 7.894       •  Hard Copy of Certificates to All Authors       •  DOI by Crossref for all Published Papers       •  Soft Copy of Certificates- Within 04 Hours       •  Authors helpline No: +91-8813907089(Whatsapp)       •  No Publication Fee for Paper Submission       •  Hard Copy of Certificates to all Authors       •  UGC Approved Journal: IJRASET- Click here to Check       •  Conference on 18th and 19th Dec at Sridevi Womens Engineering College     
ISSN: 2321-9653
Estd : 2013

Ijraset Journal For Research in Applied Science and Engineering Technology

A Web Based Privileged Access Request and Audit System for Secure Access Management

Authors: E. Krishnamoorthi, Dr. J. Sundaravanan, M Mohammed Riyaz , S Kalidasan

DOI Link: https://doi.org/10.22214/ijraset.2026.83371

Certificate: View Certificate

Abstract

In modern enterprise environments, managing privileged access to critical systems has become a significant cybersecurity challenge. Unauthorized or excessive access to sensitive resources such as production databases, cloud infrastructure, and internal tools can lead to data breaches, insider threats, and compliance violations. To address these risks, AUTHRIX is proposed as a secure and efficient Enterprise Privileged Access Management (PAM) solution. The primary objective of AUTHRIX is to ensure controlled, monitored, and time-bound access to organizational resources based on the principle of least privilege. The system implements a structured multi-level approval workflow, where access requests undergo initial validation by the administrator followed by authorization from the respective manager. This ensures that only verified and approved users can gain privileged access. AUTHRIX incorporates Role-Based Access Control (RBAC), allowing employees to request access only to resources permitted for their roles. Privileged access is granted for a limited duration and is automatically revoked after the approved time, minimizing the risk of misuse. Additionally, the system maintains a comprehensive audit trail, including login activities, access requests, approvals, and session details, ensuring transparency, accountability, and regulatory compliance. Developed using modern technologies such as Java (Spring Boot), MySQL, and secure authentication mechanisms like JWT, AUTHRIX provides a scalable and robust solution. By combining strict access control, automated provisioning, and detailed auditing, the system enhances organizational security and effectively safeguards critical resources in enterprise environments.

Introduction

Organizations depend on critical IT resources such as databases, cloud servers, and enterprise applications for their daily operations. However, unmanaged or unauthorized access to these resources can result in security breaches, data leaks, and compliance issues. Many organizations still rely on manual processes such as emails and spreadsheets to manage privileged access, leading to inefficiencies, delays, lack of visibility, and poor accountability.

To address these challenges, AUTHRIX is proposed as a web-based Privileged Access Management (PAM) system that provides secure and controlled access to enterprise resources. The system follows a Role-Based Access Control (RBAC) model, ensuring that only authorized employees can request and obtain access to specific resources. It also implements a structured multi-level approval workflow and provides time-bound access, which is automatically revoked after the approved period expires. Additionally, all user activities are recorded for auditing and compliance purposes, making the system secure, transparent, and reliable.

Existing System

Current privileged access management practices have several limitations:

  • Dependence on manual methods such as emails and spreadsheets.
  • Delayed and error-prone approval processes.
  • Weak enforcement of role-based access policies.
  • Lack of proper time-bound access control.
  • Slow notification and communication mechanisms.
  • Absence of comprehensive audit trails for monitoring and compliance.

These shortcomings increase the risk of unauthorized access, security incidents, and operational inefficiencies.

Proposed System: AUTHRIX

AUTHRIX is a centralized PAM solution that automates the entire access management lifecycle. Key features include:

  • Employee verification using a master dataset.
  • Unique Application User ID generation.
  • Secure access request submission and tracking.
  • Multi-level approval workflow.
  • Strict role-based access control.
  • Automatic activation and expiration of time-bound access.
  • Real-time notifications for request updates.
  • Comprehensive audit logging for security and compliance.

The system improves accountability, reduces administrative effort, and enhances organizational security.

Development Environment

Hardware Requirements:

  • Intel i3 processor or higher
  • 8 GB RAM
  • 250 GB hard disk

Software Requirements:

  • Windows 11
  • Frontend: HTML, CSS, JavaScript, Servlets
  • Backend: Core Java
  • IDE: Eclipse Oxygen
  • Server: Apache Tomcat
  • Database: MySQL

System Modules

1. Admin Module

Acts as the central control unit of the system. The administrator:

  • Manages employee records.
  • Verifies employee information.
  • Approves user onboarding.
  • Generates unique user IDs.
  • Performs first-level validation of access requests.
  • Maintains audit logs for compliance and monitoring.

2. Onboarding Module

Handles employee registration and account creation by:

  • Verifying employee details.
  • Activating accounts after admin approval.
  • Generating Application User IDs.
  • Enforcing RBAC policies.
  • Allowing users to submit and track access requests.

3. Provisioning Module

Manages the final approval process:

  • Managers review access requests.
  • Approve or reject requests based on business needs.
  • Ensure access is granted only for resources under their authority.
  • Notify employees about request status.
  • Record all decisions for accountability.

4. Enforcement Module

Controls access after approval:

  • Activates privileged access.
  • Verifies session start and expiry times.
  • Monitors and logs user activities.
  • Automatically revokes access when the approved duration ends.
  • Prevents misuse of privileged permissions.

5. Audit Module

Provides comprehensive tracking and reporting:

  • Records logins, requests, approvals, and session activities.
  • Stores audit logs securely.
  • Generates reports for monitoring and compliance.
  • Enhances transparency, accountability, and security.

Conclusion

The Privileged Access Management System provides a secure and structured approach for managing user access by ensuring only verified and authorized employees can access resources. It implements controlled registration and administrative approval to prevent unauthorized access and reduce security risks. By integrating role-based control and secure technologies, the system enhances organizational security and efficiency.

References

[1] Rout Shiksha., et al. (2023). \"Privileged User Access Audits: Techniques for Identifying and Mitigating Insider Threats.\" International Journal of Future Management Research (IJFMR) 5(3): 1-6. [2] Sandhu, R., et al. (1996). \"Role-Based Access Control Models for Secure Systems.\" International Journal of Computer Security Applications (IJCSA) 5(2): 12-20. [3] Ferraiolo, D., Kuhn, D. (1992). \"Role-Based Access Control for Efficient Security Management.\" International Journal of Information Security Research (IJISR) 3(1): 15-23. [4] Sharma, N., et al. (2022). \"Audit Logging System for Secure Access Management in Web Applications.\" International Journal of Advanced Academic Research (IJAAR) 8(4): 45-52.

Download Paper

Paper Id : IJRASET83371

Publish Date : 2026-06-02

ISSN : 2321-9653

Publisher Name : IJRASET

DOI Link : Click Here

Whatsapp Submit Paper Online