Intent Based Access for Policy Control

Abstract

Access control Policies (ACP) are defined as a set of rules that specify who should have access to resources and what resources they should have access to. These ACPs are specific to the organization and are confidential to it. ACPs in Role Based Access Control (RBAC) and Attribute Based Access Control (ABAC) are entirely role-centric and subject-centric. They do not allow management to monitor the user’s fulfilment of work criteria and to analyze the organization’s intentions. This article proposes an Intent Based Access Control (IBAC) model that defines ACPs based on an organization’s intents. It employs classification algorithms to determine an employee’s suitable organization’s intent group and the work behaviour of each Intent Group is analyzed by the admin to redefine the ACPs. IBAC is using ABAC features to form intent groups and RBAC features to associate intents to access privileges for gaining access to the organization’s resources.