IPBAC: Interaction Provenance-Based Access Control for Secure and Privacy-Aware Systems
Sharif Noor Zisad, Ragib Hasan
TL;DR
This paper addresses limitations of traditional access control by proposing IPBAC, which couples interaction provenance with adaptive fuzzy decisions. IPBAC defines core primitives (Principal, Event, Interaction, Interaction Provenance) and provides a system architecture that uses a two-model decision flow to decide access. Key contributions include formal definitions, a concrete system design, and experimental evidence showing IPBAC achieves stable performance and improved adaptability relative to RBAC. The framework supports auditable, context-aware access control suitable for privacy-sensitive environments and compliance requirements.
Abstract
Traditional access control systems, including RBAC, face significant limitations such as inflexible role definitions, difficulty handling dynamic scenarios, and lack of detailed accountability and traceability. To this end, we introduce the Interaction Provenance-based Access Control (IPBAC) model. In this paper, we explore the integration of interaction provenance with access control to overcome these limitations. Interaction provenance refers to the detailed recording of actions and interactions within a system, capturing comprehensive metadata such as the identity of the actor, the time of an action, and the context. IPBAC ensures stronger protection against unauthorized access, enhances traceability for auditing and compliance, and supports adaptive security policies. This provenance-based access control not only strengthens security, but also provides a robust framework for auditing and compliance.