Designing a secure teamwork management system with multi-level authentication based on Django
DOI:
https://doi.org/10.46299/j.isjea.20260503.04Keywords:
Django, multi-level authentication, information security, web-based teamwork management system, access controlAbstract
The growth of remote teamwork and the active use of web platforms in the field of software development make the problem of ensuring secure access to corporate information resources urgent. In modern team interaction management systems, user authentication mechanisms, data access control, and protection against widespread cyber threats are of particular importance. Insufficient security on such platforms can lead to account compromises, the loss of confidential information, and the compromise of work process integrity. In this regard, there is a need to create web-oriented systems that combine team management functionality with modern multi-level protection mechanisms. The purpose of the study is to design a secure teamwork management system based on Django, implementing multi-level authentication and access control mechanisms for information resources. The work analyzes modern approaches to building secure web applications, identifies key requirements for the system architecture, and justifies the selection of a technological stack for implementing the server-side of the software. The methodological basis of the study is system analysis, object-oriented design, functional modeling, and web programming technologies. To implement the software solution, Django and Django REST Framework were used, which provide support for a modular architecture, RESTful interactions, and integrated security mechanisms. The system implemented multi-level authentication, a role-based access model, JWT-based authorization mechanisms, and protection against attacks such as CSRF, XSS, and SQL Injection. As a result of the study, an architectural model of a web system focused on supporting team interaction in a multi-user environment was formed. The developed software solution provides centralized user management, access control to functional modules, action logging, and secure data transfer between the client and server parts of the system. The testing showed an increase in the security of access to information resources and in the system's stability when several users work simultaneously. The results obtained confirm the feasibility of using Django to create secure teamwork management systems. Further research could focus on integrating adaptive authentication mechanisms, using behavioral analysis to detect anomalous user activity, and implementing a microservice architecture to improve system scalability and fault tolerance.References
Список літератури:
Woldman, T.: Hands-on microservices with Django: build cloud-native and reactive applications with Python using Django 5. Packt Publishing, Place of publication not identified (2024).
Melé, A., Melchiorre, P.: Django 5 by example: build powerful and reliable Python web applications from Scratch: updated to Django 5.2 LTS. Packt, Birmingham (2025).
Enhanced Reliability In Iot With Sdn By Multifactor Authentication Approach. (2024). Nanotechnology Perceptions, 20(S14). https://doi.org/10.62441/nano-ntp.v20is14.158.
Klivan, S., Höltervennhoff, S., Huaman, N., Krause, A., Simko, L., Acar, Y., & Fahl, S. (2023). “We’ve Disabled MFA for You”: An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments. In Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (pp. 3138–3152). ACM. CCS ’23: ACM SIGSAC Conference on Computer and Communications Security. https://doi.org/10.1145/3576915.3623180.
Ling, X., Wu, L., Zhang, J., Qu, Z., Deng, W., Chen, X., Qian, Y., Wu, C., Ji, S., Luo, T., Wu, J., & Wu, Y. (2023). Adversarial attacks against Windows PE malware detection: A survey of the state-of-the-art. Computers & Security, 128, 103134. https://doi.org/10.1016/j.cose.2023.103134
Cerny, T., Walker, A., Svacina, J., Bushong, V., Das, D., Frajtak, K., Bures, M., Tisnovsky, P.: Mapping Study on Constraint Consistency Checking in Distributed Enterprise Systems. In: Proceedings of the International Conference on Research in Adaptive and Convergent Systems. pp. 167–174. ACM, Gwangju Republic of Korea (2020). https://doi.org/10.1145/3400286.3418257.
Ghaffari, F., Bertin, E., Crespi, N., Hatin, J.: Distributed ledger technologies for authentication and access control in networking applications: A comprehensive survey. Computer Science Review. 50, 100590 (2023). https://doi.org/10.1016/j.cosrev.2023.100590.
Adesokan, A., Kinney, R., & Tsiropoulou, E. E. (2024). CROWDMATCH: Optimizing Crowdsourcing Matching through the Integration of Matching Theory and Coalition Games. Future Internet, 16(2), 58. https://doi.org/10.3390/fi16020058.
Otta, S. P., Panda, S., Gupta, M., & Hota, C. (2023). A Systematic Survey of Multi-Factor Authentication for Cloud Infrastructure. Future Internet, 15(4), 146. https://doi.org/10.3390/fi15040146.
Kruzikova, A., Muzik, M., Knapova, L., Dedkova, L., Smahel, D., Matyas, V.: Two-factor authentication time: How time-efficiency and time-satisfaction are associated with perceived security and satisfaction. Computers & Security. 138, 103667 (2024). https://doi.org/10.1016/j.cose.2023.103667.
Rahaman, M. S., Tisha, S. N., Song, E., & Cerny, T. (2023). Access Control Design Practice and Solutions in Cloud-Native Architecture: A Systematic Mapping Study. Sensors, 23(7), 3413. https://doi.org/10.3390/s23073413
Venčkauskas, A., Kukta, D., Grigaliūnas, Š., & Brūzgienė, R. (2023). Enhancing Microservices Security with Token-Based Access Control Method. Sensors, 23(6), 3363. https://doi.org/10.3390/s23063363
Samuel, B., & Kasturi, K. (2024). A secure authentication and collaborative data-sharing model based on a blockchain network in the cloud. Journal of Control and Decision, 11(4), 730–745. https://doi.org/10.1080/23307706.2023.2293965
Petcu, A., Pahontu, B., Frunzete, M., & Stoichescu, D. A. (2023). A Secure and Decentralized Authentication Mechanism Based on Web 3.0 and Ethereum Blockchain Technology. Applied Sciences, 13(4), 2231. https://doi.org/10.3390/app13042231
Mostafa, A. M., Ezz, M., Elbashir, M. K., Alruily, M., Hamouda, E., Alsarhani, M., & Said, W. (2023). Strengthening Cloud Security: An Innovative Multi-Factor Multi-Layer Authentication Framework for Cloud User Authentication. Applied Sciences, 13(19), 10871. https://doi.org/10.3390/app131910871
Zhu, Y., Wang, J., Li, B., Zhao, Y., Zhang, Z., Xiong, Y., & Chen, S. (2024). MicroIRC: Instance-level Root Cause Localization for Microservice Systems. Journal of Systems and Software, 216, 112145. https://doi.org/10.1016/j.jss.2024.112145
Onile, A. E., Petlenkov, E., Levron, Y., & Belikov, J. (2024). Smartgrid-based hybrid digital twins framework for demand side recommendation service provision in distributed power systems. Future Generation Computer Systems, 156, 142–156. https://doi.org/10.1016/j.future.2024.03.018
Vasudhar Sai Thokala. (2023). Enhancing Test-Driven Development (TDD) and BDD Methodologies in Full-Stack Web Applications. International Journal of Science and Research Archive, 10(1), 1119–1129. https://doi.org/10.30574/ijsra.2023.10.1.0815
Hashmi, I. F., Iqbal, Z., Munir, E., Kryvinska, N., Ivanochko, I., & Sampedro, G. A. (2024). SAAC: Secure Access Control Management Framework for Multi-User Smart Home Systems. IEEE Access, 12, 133339–133355. https://doi.org/10.1109/access.2024.3446180
Siddiqui, F., Khan, R., Sezer, S., McLaughlin, K., Masing, L., Dorr, T., Schade, F., Becker, J., Ahlbrecht, A., Zaeske, W., Durak, U., Adler, N., Sailer, A., Weber, R., Wilhelm, T., Nemeth, G., Morales, V., Gomez, P., Keramidas, G., Antonopoulos, C.P., Mavropoulos, M., Kelefouras, V., Antonopoulos, K., Voros, N., Panagiotou, C., Karadimas, D.: XANDAR: A holistic Cybersecurity Engineering Process for Safety-critical and Cyber-physical Systems. In: 2022 IEEE 95th Vehicular Technology Conference: (VTC2022-Spring). pp. 1–5. IEEE, Helsinki, Finland (2022). https://doi.org/10.1109/VTC2022-Spring54318.2022.9860859.
Manoj Kumar, & Dr Rainu Nandal. (2024). Python’s Role in Accelerating Web Application Development with Django. International Research Journal on Advanced Engineering and Management (IRJAEM), 2(06), 2092–2105. https://doi.org/10.47392/irjaem.2024.0307
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Yurii Tulashvili, Viktor Kosheliuk, Bohdan Morozyuk
This work is licensed under a Creative Commons Attribution 4.0 International License.
