Role of Machine Learning in change of Identity and Access Management: A proposed design of IAM for University System

Contributed by Subhrodip Roy Chowdhury
In recent years, machine learning is revolutionizing almost every field of science due to its unique properties like adaptability, scalability and ability to handle unknown challenges. It is targeted towards reducing human effort and intervention. Identity and Access Management (IAM) is also not an exception and currently it is in a critical juncture to handle social media, online transactions, cloud and web technologies and IoT devices. Reviewing the literature for the current Identity and Access Management systems and utilizing the knowledge appropriately to extend the existing models in the light of Artificial Intelligence especially Machine Learning will be an immensely valuable addition. Access Control system is currently moving from Role Based Access Control (RBAC) models to Attribute Based Access Control (ABAC) models. In ABAC models, environment attribute can be easily modeled with machine learning to provide user access. Machine learning can also be used to determine the role and policies by combining both RBAC and ABAC models. The present strategies like credential based, two-factor or token based authentication is not sufficient enough for user access. Malicious activities should be tracked during and after authentication. Hence, there is a research gap which can be bridged by effectively using machine learning to study user behavior and work pattern and therefore monitor activities even after user access is granted. This paper proposes a design of Identity and Access Management for University System using machine learning for access control. It also highlights the advantages and disadvantages of using machine learning techniques in ABAC models and suggest a discretionary mechanism before the system is matured and stabilized by itself.
This document is in PDF format. To view it click here.

Rate this article: 
No votes yet