AI-DRIVEN RISK SCORING AND ADAPTIVE ACCESS ENFORCEMENT IN CLOUD IDENTITY SYSTEMS
DOI:
https://doi.org/10.70917/ijcisim-2026-2087Keywords:
AI-driven IAM, risk scoring, adaptive access control, Zero Trust, machine learning, cloud securityAbstract
Traditional static access control of cloud identity platforms lacks the real-time behavior risk thereby placing organizations at risk of security breaches. To address this, an AI-based risk-scoring system has been developed that continuously evaluates user behavior, device health, and external threat intelligence to derive dynamically changing risk scores every session. These scores are uploaded to Okta as session tags and alter access controls on both the AWS IAM and Lake Formation. The system renders the access permissions dynamic, which change before the real-time context. High-risk sessions trigger additional security settings, such as Multi-Factor Authentication (MFA) or even the disruption of a session, based on identification of abnormal behavior or broken state of devices. The system becomes continuous risk evaluation with AWG Guard Duty as a threat intelligence feature and Cloud Trail logs as a user activity feature. Decision-making process can also be subdivided by using custom machine learning models, which detect minor patterns and irregularities of user behavior. This dynamical risk analysis applies the value of continuously confirming Zero Trust, where sensitive data and resources access are redefined based on the current security status. The methodology shows how AI-friendly IAM systems can mitigate the risk and provide a more resilient and context-sensitive access control in clouds.