Design of Machine Learning and Rule Based Access Control System with Respect to Adaptability and Genuineness of the Requester

INTRODUCTION: Access control system (ACS) plays a major role in data security. It becomes more challenging for the system to provide accurate ACS, if data is huge and data requesters are not fixed. This is very predominant in the era of big data where new data are adding to the system very frequently. The main issue here is to justify adaptability in ACS.

OBJECTIVE: The objective of this research is to have a comparative analysis of machine learning based access control methods with Rule based access control methods. Propose the most suitable method in detail.

METHODS: Role based access control methods are highly robust and works effectively under known scenarios. We need additional methods to handle unknown scenarios. A decision-making method is used to identify the certainty of the rules and Mamdani fuzzy model is used to evaluate the situation based on current environmental factors. For machine learning based access control method Random Forest is used.

RESULTS: Limitations of machine learning methods are discussed with respect to imbalanced data and bias in the algorithm. The proof of concept for rule-based access control method is tested for all the three modules involved in the framework. Certainty of the rules were accessed with the help of domain experts and accuracy of fuzzy rules were evaluated. Under critical conditions our framework was found to be accurate.

CONCLUSIONS: Machine learning systems are not suitable for access control if they suffer with imbalance data problem. Rule based system are consistent and highly adaptable to unknown situations. Rule based systems have evaluated the genuineness of the requester based on sensitivity of information, time, location, previous history and emergency parameters.