An Intelligent Role-Based Access Control Model Enhanced with Risk-Based Multi-Factor Authentication
Authors
Department of Information Systems and Technology Southern Delta University, Ozoro (Ethiopia)
Department of Information Systems and Technology Southern Delta University, Ozoro (Ethiopia)
Department of Data Science Southern Delta University, Ozoro (Ethiopia)
Article Information
DOI: 10.51584/IJRIAS.2026.110400057
Subject Category: Computer Science
Volume/Issue: 11/4 | Page No: 898-907
Publication Timeline
Submitted: 2026-05-11
Accepted: 2026-05-16
Published: 2026-05-04
Abstract
This study presents an Intelligent Role-Based Access Control model enhanced with Risk-Based Multi-Factor Authentication (R-MFA) to overcome the limitations of traditional Role-Based Access Control (RBAC) and standard role-based access control with Multi-Factor Authentication (MFA) approaches. The model combines structured authorization with adaptive, context-aware authentication to achieve a better balance between security and system performance. Its effectiveness was assessed by comparing it with traditional role-based access control and role-based access control integrated with multi-factor authentication using key performance metrics such as authentication time, access success rate, false acceptance rate (FAR), system throughput, and security strength index. The findings reveal that traditional role-based access control offers the fastest authentication time (1.2 seconds) and highest throughput (120 requests per second), but suffers from weaker security, with a 6.5% FAR and a security strength index of 68.0%. The introduction of standard multi-factor authentication improves security, increasing the success rate to 96.2% and reducing FAR to 3.1%, although it leads to higher authentication time (3.8 seconds) and lower throughput (95 requests per second). In contrast, the Intelligent role-based access control model enhanced with risk-based multi-factor authentication achieves a more balanced outcome, delivering a 97.8% success rate, a low FAR of 1.2%, moderate authentication time of 2.4 seconds, throughput of 110 requests per second, and the highest security strength index of 94.2%. Overall, the results highlight the model’s ability to enhance security without significantly compromising system efficiency.
Keywords
Access Control, Role-Based Access Control
Downloads
References
1. Abdulrahman, M., & Chen, X. (2021). Hybrid access control models integrating RBAC and ABAC for dynamic environments. Journal of Information Security and Applications, 58, 102–115. [Google Scholar] [Crossref]
2. Ahmed, M., Mahmood, A. N., & Hu, J. (2020). A survey of network anomaly detection. Journal of Network and Computer Applications, 60, 19–31. https://doi.org/10.1016/j.jnca.2015.11.016 [Google Scholar] [Crossref]
3. Akpan, E. J., Okon, B. E., & Udoh, M. S. (2026). Enhancing system security using multi-factor authentication in role-based access control systems. International Journal of Cybersecurity Research, 12(2), 45–60. [Google Scholar] [Crossref]
4. Alshamrani, A., Myneni, S., Chowdhury, A., & Huang, D. (2021). A survey on advanced authentication techniques for healthcare systems. Healthcare Informatics Research, 27(1), 1–15. [Google Scholar] [Crossref]
5. Anazia, E. K., Ubrurhe, O., Idama, R. O., & Maduabuchukwu, C. [Google Scholar] [Crossref]
6. (2025). An optimized encryption model for a robust and efficient information security system. Nigerian Journal of Science and Environment, 23(3). [Google Scholar] [Crossref]
7. Anazia, E. K., Idama, R. O., Adigwe, W., & Ifeose, J. [Google Scholar] [Crossref]
8. (2026). FOODCARDQR: A secured student food card management and payment system using QR code authentication. FUDMA Journal of Sciences (FJS), 10(1), 333–339. https://doi.org/10.33003/fjs-2026-0912-4341 [Google Scholar] [Crossref]
9. Anazia, K. E., Maduabuchukwu, C., Francis, O. I., Benafa, C, F., Idama, R., & Eti, F. I. [Google Scholar] [Crossref]
10. (2025). A novel mobile-based blood donation model for emergency situations. International Journal of Engineering and Computer Science, 14(10). https://doi.org/10.18535/ijecs/v14i10.5288 [Google Scholar] [Crossref]
11. Anazia, K. E. (2026). Smart governance in Nigerian higher education: Integrating artificial intelligence for integrity and effective university leadership. International Journal of Innovative Science and Research Technology, 11(2), 66–74. https://doi.org/10.38124/ijisrt/26feb106 [Google Scholar] [Crossref]
12. Anazia, K. E., Ubrurhe, O., Eti, I. F., Okeke, V. O., & Francis, O. I., [Google Scholar] [Crossref]
13. (2025). A hybrid algorithm for improving recognition system in human activities. International Journal of Multidisciplinary Research and Growth Evaluation, 6(3), 584–591. https://doi.org/10.54660/IJMRGE.2025.6.3.584-591 [Google Scholar] [Crossref]
14. Atlam, H. F., Alenezi, A., Alharthi, A., Walters, R. J., & Wills, G. B. (2020). Integration of cloud computing with internet of things: Challenges and open issues. Future Internet, 12(6), 103. https://doi.org/10.3390/fi12060103 [Google Scholar] [Crossref]
15. Behl, A., Jayawardena, C., & Pereira, V. (2021). Cybersecurity resilience through multi-factor authentication. Computers & Security, 102, 102152. https://doi.org/10.1016/j.cose.2020.102152 [Google Scholar] [Crossref]
16. Cobrado, L., Ferreira, J., & Antunes, M. (2024). Limitations of traditional RBAC in cloud and IoT environments. Journal of Cloud Computing, 13(1), 1–14. [Google Scholar] [Crossref]
17. Eti, I. F., Anazia, K. E., Okeke, V. O., Benafa, F. C., & Orugba, K. [Google Scholar] [Crossref]
18. (2025). A secured blockchain database management model for medical based organization. International Journal of Advances in Engineering and Management (IJAEM), 7(5), 312–323. https://doi.org/10.35629/5252-0705312323 [Google Scholar] [Crossref]
19. Gasser, O., Stransky, C., & Holz, T. (2021). Security implications of adaptive authentication. IEEE Security & Privacy, 19(2), 54–61. https://doi.org/10.1109/MSEC.2021.3050064 [Google Scholar] [Crossref]
20. Khan, M. A., Salah, K., & Jayaraman, R. (2022). Blockchain-based access control. IEEE Access, 10, 12345–12360. https://doi.org/10.1109/ACCESS.2022.3145678 [Google Scholar] [Crossref]
21. Kumar, R. (2025). Role-based access control: Principles, challenges, and future directions. International Journal of Information Security, 24(3), 210–225. [Google Scholar] [Crossref]
22. Li, X., Jiang, Q., Chen, Y., Luo, X., & Wen, Q. (2020). Efficient dynamic access control for cloud computing. Future Generation Computer Systems, 95, 652–666. https://doi.org/10.1016/j.future.2018.12.021 [Google Scholar] [Crossref]
23. Mao, Y. (2025). Zero trust architecture: Principles and implementation in modern networks. IEEE Security & Privacy, 23(2), 34–42. [Google Scholar] [Crossref]
24. Okpor, M. D., Anazia, K. E, & Ukpenusiowho, D. (2024). A novel hybrid database security management technique. International Journal of Science and Research Archive, 11(2), 1555–1565. https://doi.org/10.30574/ijsra.2024.11.2.0652 [Google Scholar] [Crossref]
25. Oluoha, U. C., Eze, P. C., & Nwankwo, C. (2022). Risk-based access control models for adaptive security systems. African Journal of Computing and ICT, 15(4), 78–90. [Google Scholar] [Crossref]
26. Pranggono, B., & Arabo, A. (2020). Cyber security challenges and solutions in cloud computing environments. Future Internet, 12(3), 45–60. [Google Scholar] [Crossref]
27. Sharma, V., & Gupta, R. (2023). Machine learning approaches for risk-based authentication and access control. Journal of Cybersecurity Technology, 7(2), 89–105. [Google Scholar] [Crossref]
28. Suleski, J., Novak, M., & Petrovic, S. (2023). Multi-factor authentication: A comprehensive review of methods and applications. Computers & Security, 124, 102–118. [Google Scholar] [Crossref]
29. Talasila, M. (2025). Adaptive multi-factor authentication using contextual risk analysis. Journal of Information Security, 16(1), 55–70. [Google Scholar] [Crossref]
30. Verma, R., & Hossain, M. S. (2021). Risk-aware access control model for cloud computing. Journal of Network and Computer Applications, 178, 102981. https://doi.org/10.1016/j.jnca.2021.102981 [Google Scholar] [Crossref]
31. Wiefling, S., Lo Iacono, L., & Dürmuth, M. (2021). More than just good passwords? A study on multi-factor authentication usability. Financial Cryptography and Data Security. https://doi.org/10.1007/978-3-662-64331-0_5 [Google Scholar] [Crossref]
32. Zhang, Y., Liu, J., & Chen, X. (2021). Context-aware access control for distributed systems. IEEE Access, 9, 35369–35381. https://doi.org/10.1109/ACCESS.2021.3062845 [Google Scholar] [Crossref]
33. Zerkouk, M., Lefebvre, G., & Cheriet, M. (2020). Behavioral biometrics for continuous authentication. IEEE Access, 8, 109187–109205. https://doi.org/10.1109/ACCESS.2020.3001853 [Google Scholar] [Crossref]
34. Zisad, M., & Hasan, K. (2026a). Intelligent access control systems using artificial intelligence techniques. Journal of Artificial Intelligence and Security, 9(1), 25–40. [Google Scholar] [Crossref]
Metrics
Views & Downloads
Similar Articles
- What the Desert Fathers Teach Data Scientists: Ancient Ascetic Principles for Ethical Machine-Learning Practice
- Comparative Analysis of Some Machine Learning Algorithms for the Classification of Ransomware
- Comparative Performance Analysis of Some Priority Queue Variants in Dijkstra’s Algorithm
- Transfer Learning in Detecting E-Assessment Malpractice from a Proctored Video Recordings.
- Dual-Modal Detection of Parkinson’s Disease: A Clinical Framework and Deep Learning Approach Using NeuroParkNet