Machine learning in identity and access management systems: Survey and deep dive

被引:9
作者
Aboukadri, Sara [1 ]
Ouaddah, Aafaf [1 ]
Mezrioui, Abdellatif [1 ]
机构
[1] Inst Natl Postes Telecommun, STRS Lab, CEDOC 2TI, Rabat 10000, Morocco
关键词
Identity and access management; Authentication; Authorization; Monitoring; Machine learning; Privacy; AUTHENTICATION; CLASSIFICATION; INTERNET;
D O I
10.1016/j.cose.2024.103729
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The evolution of identity and access management (IAM) has been driven by the expansion of online services, cloud computing, and the Internet of Things (IoT). The proliferation of remote work, mobile applications, and interconnected devices has intensified the demand for robust identity protection and access control. As digital interactions and data sharing become more prevalent across industries, IAM has gained prominence, compelled by the need to safeguard sensitive information, prevent unauthorized access, and adhere to increasingly stringent regulatory frameworks. In parallel with IAM's evolution, the integration of artificial intelligence (AI) has emerged as a pivotal avenue for enhancing IAM effectiveness. This survey delves into the fusion of machine learning (ML) techniques to fortify IAM, with a specific focus on its core processes: authentication, authorization, and auditing. Addressing fundamental questions regarding ML's role in enhancing IAM processes, we begin by proposing a comprehensive definition of IAM within a unified layered-wise reference model, highlighting Authentication, Authorization, and Auditing functions (with focus on monitoring). Furthermore, our survey comprehensively explores ML-based solutions within IAM systems, presenting a taxonomy of state-of-the-art methodologies categorized by their application in IAM processes. Drawing from both qualitative and quantitative insights from cited references, we investigate how ML enhances the performance and security of IAM processes. Additionally, by investigating challenges in implementing ML in IAM systems, we shed light on issues such as data privacy concerns and the interpretability of ML-driven decisions. In conclusion, this paper makes a substantial contribution to the IAM landscape by providing comprehensive insights into the transformative role of ML. Addressing pivotal questions, our survey offers a roadmap to leverage ML's potential for enhancing the performance, security, and efficacy of IAM systems.
引用
收藏
页数:28
相关论文
共 106 条
[1]   ProFact: A Provenance-Based Analytics Framework for Access Control Policies [J].
Abu Jabal, Amani ;
Davari, Maryam ;
Bertino, Elisa ;
Makaya, Christian ;
Calo, Seraphin ;
Verma, Dinesh ;
Williams, Christopher .
IEEE TRANSACTIONS ON SERVICES COMPUTING, 2021, 14 (06) :1914-1928
[2]   Polisma - A Framework for Learning Attribute-Based Access Control Policies [J].
Abu Jabal, Amani ;
Bertino, Elisa ;
Lobo, Jorge ;
Law, Mark ;
Russo, Alessandra ;
Calo, Seraphin ;
Verma, Dinesh .
COMPUTER SECURITY - ESORICS 2020, PT I, 2020, 12308 :523-544
[3]   An analysis of zero-trust architecture and its cost-effectiveness for organizational security [J].
Adahman, Zillah ;
Malik, Asad Waqar ;
Anwar, Zahid .
COMPUTERS & SECURITY, 2022, 122
[4]   Finger-vein biometric identification using convolutional neural network [J].
Ahmad Radzi, Syafeeza ;
Khalil-Hani, Mohamed ;
Bakhteri, Rabia .
TURKISH JOURNAL OF ELECTRICAL ENGINEERING AND COMPUTER SCIENCES, 2016, 24 (03) :1863-1878
[5]   Network intrusion detection system: A systematic study of machine learning and deep learning approaches [J].
Ahmad, Zeeshan ;
Shahid Khan, Adnan ;
Wai Shiang, Cheah ;
Abdullah, Johari ;
Ahmad, Farhan .
TRANSACTIONS ON EMERGING TELECOMMUNICATIONS TECHNOLOGIES, 2021, 32 (01)
[6]   A Password-Based Authentication System Based on the CAPTCHA AI Problem [J].
Alajmi, Masoud ;
Elashry, Ibrahim ;
El-Sayed, Hala S. ;
Faragallah, Osama S. .
IEEE ACCESS, 2020, 8 :153914-153928
[7]  
Albak L.H., 2021, TELKOMNIKA (Telecommun. Comput. Electron. Control), V19, P851, DOI [/10.12928/TELKOMNIKA.V19I3.16573, DOI 10.12928/TELKOMNIKA.V19I3.16573]
[8]   A Deep Learning Approach for Extracting Attributes of ABAC Policies [J].
Alohaly, Manar ;
Takabi, Hassan ;
Blanco, Eduardo .
SACMAT'18: PROCEEDINGS OF THE 23RD ACM SYMPOSIUM ON ACCESS CONTROL MODELS & TECHNOLOGIES, 2018, :137-148
[9]   Towards Explainable Ear Recognition Systems Using Deep Residual Networks [J].
Alshazly, Hammam ;
Linse, Christoph ;
Barth, Erhardt ;
Idris, Sahar Ahmed ;
Martinetz, Thomas .
IEEE ACCESS, 2021, 9 :122254-122273
[10]   Threat Alert Prioritization Using Isolation Forest and Stacked Auto Encoder With Day-Forward-Chaining Analysis [J].
Aminanto, Muhamad Erza ;
Ban, Tao ;
Isawa, Ryoichi ;
Takahashi, Takeshi ;
Inoue, Daisuke .
IEEE ACCESS, 2020, 8 (08) :217977-217986