An Improved Mechanism for Access Control using Context Awareness | IJCT Volume 12 – Issue 5 | IJCT-V12I5P59

Access control remains a critical security mechanism in modern computing environments, yet traditional models such as Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role-Based Access Control (RBAC) are increasingly inadequate for dynamic distributed systems and their environments. These conventional approaches rely on static roles and permissions that fail to adapt to contextual factors such as user location, device trust levels, network conditions, and temporal constraints. This paper presents an Improved Context-Aware Access Control Mechanism (ICAACM) that integrates real-time contextual information with fuzzy logic-based decision making to address the limitations of existing access control models. The proposed mechanism employed a four-layer architecture comprising User and Device, Context Acquisition, Decision-Making, and Enforcement layers. The system utilized Mamdani fuzzy inference to compute a Contextual Risk Score (CRS) based on six key parameters: location, time, device trust, network security, user activity, and risk indicators. Experimental evaluation using a simulated dataset of 10,000 access requests demonstrates that the ICAACM achieved superior performance with 95.70% accuracy, 5.20% False Acceptance Rate (FAR), and 6.10% False Rejection Rate (FRR), representing significant improvements of 7.5%, 2.7%, and 4.25% over RBAC, RAdAC, and ABAC respectively. The mechanism maintained computational efficiency with an average decision latency of 7.3ms while consuming reasonable system resources of 13.7% CPU usage, and 230MB memory. Further, the scalability analysis demonstrates linear performance degradation with system load, maintaining sub-10ms response times for up to 1000 concurrent requests. The results indicated that the ICAACM provides a robust, adaptive, and efficient solution for access control in modern distributed computing environments where traditional static models prove insufficient.

The Improved Context-Aware Access Control Mechanism in this paper represents a significant step forward in addressing the security challenges of modern distributed computing environments. By intelligently combining contextual information with traditional access control principles, the ICAACM provides organizations with the adaptive security capabilities necessary to protect resources in dynamic, heterogeneous computing ecosystems. The comprehensive experimental validation demonstrates that context-aware access control is not merely theoretically sound but practically viable for real-world deployment. The mechanism’s ability to improve security effectiveness while maintaining performance efficiency positions it as a valuable tool for organizations seeking to enhance their security posture in an increasingly complex threat landscape. As digital transformation continues to accelerate and new computing paradigms emerge, the principles and techniques developed in this research provide a solid foundation for future security mechanism development. The successful integration of fuzzy logic with traditional access control demonstrates the potential for hybrid approaches that combine the reliability of established methods with the adaptability required for modern computing environments. This research contributes valuable insights to the cybersecurity research community and provides practitioners with a proven framework for implementing next-generation access control mechanisms. The continued evolution of this research direction promises to yield even more sophisticated and effective security solutions for the digital future.

C. Zhonghua, S. Goyal, and A. S. Rajawat, “Smart contracts attribute-based access control model for security & privacy of IoT system using blockchain and edge computing,” The Journal of Supercomputing, vol. 80, pp. 1396-1425, 2024. [2] D. Ajiga, P. A. Okeleke, S. O. Folorunsho, and C. Ezeigweneme, “Designing cybersecurity measures for enterprise software applications to protect data integrity,” Computer Science & IT Research Journal, vol. 5, pp. 1920-1941, 2024. [3] N. Farhadighalati, L. A. Estrada-Jimenez, S. Nikghadam-Hojjati, and J. Barata, “A Systematic Review of Access Control Models: Background, Existing Research, and Challenges,” IEEE Access, vol. 13, pp. 17777-17806, 2025. [4] M. Moravcik and L. Zidekova, “Overview of Access Control Mechanisms in Cloud Environments,” in 2024 International Conference on Emerging eLearning Technologies and Applications (ICETA), 2024, pp. 465-470. [5] S. Parkinson and S. Khan, “A survey on empirical security analysis of access-control systems: a real-world perspective,” ACM Computing Surveys, vol. 55, pp. 1-28, 2022. [6] P. K. Donta, I. Murturi, P. V. Casamayor, B. Sedlak, and S. Dustdar, “Exploring the potential of distributed computing continuum systems,” Computers, vol. 12, p. 198, 2023. [7] M. Adam, M. Hammoudeh, R. Alrawashdeh, and B. Alsulaimy, “A survey on security, privacy, trust, and architectural challenges in IoT systems,” IEEE Access, vol. 12, pp. 57128-57149, 2024. [8] S. Lekkala and P. Gurijala, Security and Privacy for Modern Networks. Milpitas, USA: Apress Berkeley, CA, 2024. [9] R. Kalaria, A. Kayes, W. Rahayu, E. Pardede, and A. Salehi Shahraki, “Adaptive context-aware access control for IoT environments leveraging fog computing,” International Journal of Information Security, vol. 23, pp. 3089-3107, 2024. [10] M. Uddin, S. Islam, and A. Al-Nemrat, “A dynamic access control model using authorising workflow and task-role-based access control,” Ieee Access, vol. 7, pp. 166676-166689, 2019. [11] X. Li, M. Eckert, J.-F. Martinez, and G. Rubio, “Context aware middleware architectures: Survey and challenges,” Sensors, vol. 15, pp. 20570-20607, 2015. [12] Y. A. Marquis, “From theory to practice: Implementing effective role-based access control strategies to mitigate insider risks in diverse organizational contexts,” Journal of Engineering Research and Reports, vol. 26, pp. 138-154, 2024. [13] V. Sundaravarathan, H. Alqalaf, A. Siddiqui, K. Kim, S. Lee, M. Reisslein, et al., “Cross-Domain Solutions (CDS): A Comprehensive Survey,” IEEE Access, 2024. [14] M. P. Singh, S. Sural, J. Vaidya, and V. Atluri, “A role-based administrative model for administration of heterogeneous access control policies and its security analysis,” Information Systems Frontiers, vol. 26, pp. 2255-2272, 2024.

Call for Paper (Hub) Fast Paper Publication IJCT Indexing & Databases Submit Manuscript Call for Paper: Sep–Oct 2025 Call for Paper: Publish Research