Design Considerations and Architecture for a Resilient Risk based Adaptive Authentication and Authorization (RAD-AA) Framework. (arXiv:2208.02592v1 [cs.CR])

A strong cyber attack is capable of degrading the performance of any
Information Technology (IT) or Operational Technology (OT) system. In recent
cyber attacks, credential theft emerged as one of the primary vectors of
gaining entry into the system. Once, an attacker has a foothold in the system,
they use token manipulation techniques to elevate the privileges and access
protected resources. This makes authentication and authorization a critical
component for a secure and resilient cyber system. In this paper we …

architecture authentication authorization design framework risk