Agent based adaptive risk aware access control for air traffic control system

Abstract

The increasing complexity and critical nature of air traffic control systems demand robust and scalable security mechanisms to ensure the safe and efficient management of airspace. This research proposes a novel approach that uses multi-agent systems with adaptive risk-aware access control for air traffic control systems. The framework incorporates real-time risk assessment, past behavior analysis, and current air traffic context to compute an agent's risk profile before granting access to the sensitive air traffic control data. This ensures that agents with higher risk are not granted restricted access to critical resources. Additionally, security features such as non-persistent connections and two factor authentication are incorporated to further enhance the system's resilience against the cyber threats. The proposed framework is evaluated through a case study, demonstrating that it significantly enhances the security of air traffic control systems compared to the traditional approaches. By ensuring that the access rights are dynamically adjusted based on an agent's behavior and current air traffic conditions, the system mitigates potential risks while maintaining operational efficiency.

Keywords

multi-agents air traffic control risk assessment network security

1 Introduction

Systems for Air Traffic Control (ATC), are essential parts of the worldwide aviation network that guarantee the efficient and safe passage of planes through ever-more congested airspace. The requirement for safe and dependable systems that can handle the dynamic and high-stakes nature of air traffic operations is growing along with the complexity of Air Traffic Management (ATM). The ATC environment is now more networked thanks to the incorporation of contemporary technologies like automation, artificial intelligence, and Internet of Things devices, but it is also more susceptible to cyber-attacks. ATC system security is critical because any compromise or illegal access might have disastrous repercussions, including human casualties, financial losses, and disruptions to international transportation networks. Even though they are useful in some situations, traditional access control methods like Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) might not adequately handle the distributed and dynamic nature of contemporary ATC systems. More secure, intelligent, and adaptable solutions that can react to threats and operational changes in real time are needed for these systems. In safety-critical and highly dynamic environments such as air traffic control, centralized access control mechanisms are often insufficient due to their inherent limitations in responsiveness, scalability, and fault tolerance. Centralized systems introduce single points of failure and can become bottlenecks during high-load or emergency scenarios, risking delays in authorization and degrading system resilience. A Multi-Agent System (MAS) paradigm is particularly well-suited for air traffic control access because it enables decentralized, autonomous decision-making where agents representing controllers, systems, and data sources can make real-time, context-sensitive access decisions. MAS inherently supports scalability, allowing the system to evolve as new nodes or functionalities are added, and provides fault tolerance by redistributing control functions in the event of individual agent failure. This distributed intelligence aligns well with the mission-critical and geographically dispersed nature of air traffic control operations, ensuring secure, timely, and risk-aware access control.^1-3 advocates the use of multi-agent paradigm for realtime systems.

In this context, the idea of agent based adaptive risk-aware access control shows promise as a way to improve air traffic control system security. In multi-agent systems, autonomous agents work together and independently to accomplish complicated goals. It is feasible to develop a dynamic, scalable security framework that can adapt to the ever-changing security environment of air traffic control by implementing multi-agent system to control access.

The Figure 1 provides a comprehensive explanation of how an Air Traffic Control System (ATCS) functions. The air traffic control system is a structured procedure that controls aircraft movement both in the air and on the ground. Its main goal is to maintain safe distances between aircraft, prevent collisions, and guide aircraft through different phases of flight. To provide seamless handoffs between units of air traffic control, coordination between them is necessary during the whole flight. The smooth handoff procedure guarantees ongoing aircraft monitoring and management. To guarantee precise tracking of aircraft and prompt decision-making, controllers employ a variety of tools, including radio communication, data linkages, radar systems, and flight plan information. The Figure 2 shows the different components involved in an air traffic control system. Below we discuss the different types of multi-agent access control models that are commonly used.

Figure 1.

Working of air traffic control systems.

Figure 2.

Components of air traffic control system.

Role-Based Access Control: Users are given roles in classical RBAC, and these roles control their access privileges. The same idea holds true for multi-agent systems, however there are frequently several levels of roles involved, including system-wide, collaboration specific, and agent-specific responsibilities. Depending on their role, the work at hand, or the situation, agents may adopt multiple roles.

Attribute-Based Access Control: Access is authorized in ABAC systems according to the resources and agent characteristics (such as identity, role, device, and location). This works effectively in multi-agent systems when access permissions are influenced by complicated and dynamic agent properties.

Trust-Based Access Control: Access can be determined by the trust connections between agents in situations where several agents collaborate and make decisions collectively. One agent may temporarily or conditionally grant another agent access permissions if it “trusts” that agent.

Coalition-Based Access Control: According to this paradigm, coalitions or groups of agents that share access to resources are the foundation for access control. The resources that certain agents seek can only be obtained by them when they unite as a coalition. This is frequently employed in cooperative systems where approval from several stakeholders is required before access is allowed.

Policy-Based Access Control: Policies are essential in establishing the guidelines that direct access decisions in Mandatory Access Control. When agents interact, these policies can be dynamically changed to account for things like mutual dependencies or cooperative activities.

Air traffic control systems are vulnerable to a range of physical and cyberattacks as summarized below.

Cyber-attacks pose a serious risk. Distributed Denial of Service (DDoS) and Denial of Service (DoS) attacks seek to overwhelm the air traffic control systems, rendering them inoperable and perhaps obstructing controller-to-aircraft contact. These attacks may result in delays or the forced grounding of aircraft.

Phishing Attack attempts aim to obtain access to internal systems by targeting air traffic control personnel, whereas data breaches reveal confidential flight information or credentials. Long-term, complex attacks known as Advanced Persistent Threats (APTs) occur when adversaries breach air traffic control systems in order to eavesdrop or disrupt operations.

Data manipulation attacks can alter critical information like flight plans or weather data within air traffic control systems, leading to misrouting or unsafe decisions. Manipulating flight paths or misrepresenting weather conditions can create dangerous situations for planes in flight, increasing the risk of collisions or other accidents. Together, these attack types highlight the vulnerability of air traffic control systems and the need for comprehensive security measures.

The increasing complexity of modern air traffic control systems pose significant challenges in maintaining access control, particularly with the growing number of entities being used in the system. Existing access control mechanisms in air traffic control systems based on traditional security mechanisms are insufficient to handle the dynamic nature of agent interactions, evolving security threats, and real-time operational constraints. Furthermore, traditional models do not take into consideration the risk assessments while giving access to resources. The main purpose of this research is to address these challenges by proposing a secure, multi-agent based access control system for air traffic control operations that will use risk assessment scores, non-persistence connections and Zero Trust Architecture (ZTA) principles to implement authorization across various components of air traffic control.

2 Literature review

Algarni et al.⁴ argued that in order to increase the IoT security, this study suggests a decentralized approach that makes use of a multi-agent system and blockchain. However, the use of blockchain increase the computational time of data processing as the number of nodes increases. So the approach is not suitable for air traffic control operations.⁵ explores the revolutionary potential of artificial intelligence in air traffic control, emphasizing how it may improve safety, efficiency, and cost-effectiveness through decreased delays, better usage of airspace, and improved safety protocols. Their approach do not involve any agent based system and human intervention is needed to make decisions in realtime. This puts burden on the decision maker and leads to errors.⁶ examined the benefits, drawbacks, and compliance of the current cloud computing access control systems with regard to security standards. It highlights how important it is to manage resource and data access in order to guarantee user confidence and data security in cloud systems. However, while the research focuses on cloud access control mechanisms (like RBAC, ABAC), which are policy-driven and often static, they lack real-time adaptability and context-awareness—especially under dynamic and critical environments like air traffic control.⁷ discussed that LLM-based web agents often fail at complex, dynamic tasks due to their rigid, expert-designed policies and lack flexibility. To address this problem, WebPilot introduces a multi-agent system that enhances Monte Carlo Tree Search with a dual optimization strategy. This approach improves flexibility and decision-making under difficult circumstances. A major limitation of the approach is that though it improves flexibility in web navigation tasks, its design is still centered around LLM-driven web agents, where decision latency and failure tolerance are acceptable. Hence it is not tailored for real-time constraints and risk-sensitive decisions required in air traffic control.⁸ presents a unique multi-agent recurrent deep deterministic policy gradient algorithm for traffic light control in vehicle networks. In order to optimize traffic flow, the method prioritizes buses while taking into account both vehicles and pedestrians. It does this by utilizing centralized learning and decentralized execution. However, in their approach, the agents are designed for performance-oriented coordination in a physical environment, not for secure decision-making as risk-aware access control.

Baogang et al.⁹ effectively addresses the data heterogeneity, information silos, and cross-domain exchange challenges in air traffic control operational data security. It emphasizes offline data classification and system integration, not dynamic, fine-grained access decisions at runtime. A key drawback lies in its limited focus on static data management and classification, rather than on real-time, adaptive access control and risk-aware decision-making.¹⁰ proposed a dynamic Bayesian game model for air traffic management cyber-physical systems. However, its heavy reliance on abstract game-theoretic assumptions and centralized strategic reasoning limit its practical applicability in real-time, operational air traffic control environments.¹¹ has proposed a blockchain-based role-based access control scheme for multi-organization data sharing. But the issue with their approach is its reliance on a static, role-centric model, which lacks the flexibility, adaptability, and real-time contextual awareness needed for mission-critical environments like air traffic control.¹² provides static privacy-preserving access control based on pre-assigned anonymous identities and cryptographic primitives (e.g., zk-SNARKs and proxy re-encryption), but their approach lacks the capability to adapt access decisions dynamically based on the real-time risk context, user behavior, and task criticality for air traffic control operations.¹³ has proposed S-ATMChain that focuses on static policy enforcement via smart contracts and blockchain immutability. S-ATMChain uses predefined smart contracts to enforce data sharing policies. These contracts are rigid once deployed, offering limited flexibility to adapt to real-time operational risks. But their approach lacks the dynamic, risk-aware, and context-sensitive decision-making capabilities that our proposed framework provides.¹⁴ proposed DRSAE model focusing on enhancing data classification and feature extraction for situational awareness in air traffic management. The deep-related sparse autoencoder enhances situational awareness through improved feature learning. However, deep-related sparse autoencoder does not include any access control, trust evaluation, or dynamic risk-aware decision-making required for explicitly enforcing who can access what information, under what risk conditions, and with contextual awareness of ongoing air traffic control operations.¹⁵ proposed fNIRS-based adaptive decision making method that enhances human-system interaction by adapting to user cognitive states in air traffic control environment. The focus is on improving decision-making by monitoring human cognitive load. But they did not address security, access control, or risk management, which are critical in protecting sensitive operations and data in air traffic control systems.

Anniballi and Cardinali¹⁶ discussed a multi-sensor fusion-based air traffic control architecture to improve detection of non-cooperative targets and low radar cross-section aircraft with primary focus on situational awareness and target detection for improved security in air traffic control. But their approach lacks any form of adaptive access control, user risk evaluation, or policy enforcement, which are essential in the context of increasing cyber-physical threats.¹⁷ proposed an enhanced sensor fusion-based air traffic control architecture that focuses exclusively on improving physical target detection and situational awareness, without addressing cybersecurity, user access control, or adaptive risk management. They do not consider who has access to the system, how access is controlled, or how security threats are mitigated in a cyber-physical context.¹⁸ addresses a real and critical vulnerability in ADS-B communications by proposing a novel signal-based method for distinguishing between legitimate and spoofed aircraft transmissions. They worked on binary classification of messages (legitimate/fake) focusing solely on external intrusions via ADS-B spoofing. They do not assess trustworthiness, behavioral history, or contextual risk of system users or components.¹⁹ presents a promising solution to enhance privacy and security in ADS-B communications—notably using permissioned blockchain, smart contracts, and certificate authorities. They primarily addresses aircraft-to-authority communication, and does not evaluate or control access requests by internal system users, such as controllers, operators, or software agents. The approach lacks real-time risk evaluation, behavioral trust modeling, and adaptive decision-making mechanisms, which are crucial in dynamic, safety-critical environments like air traffic control Table 1.

Table 1.
Summary of the limitations of existing approach of security in air traffic control systems.

Method/Model Description Limitations

BSAC-IoT model. Algarni et al. (2021)⁴. WebPilot framework. Zhang et al (2025)⁷. Blockchain or computationally heavy methods not fit for safety-critical, time-sensitive ATC tasks. High Latency / Not Suitable for Real-Time ATC.

BACS-ZT framework. Gai et al (2023)¹¹. BFOD model. Li et al (2023)¹². S-Atmchain framework. Lu et al (2025)¹³. Access decisions based on fixed policies (RBAC/ABAC) with no dynamic risk or context handling. Static Access Control / No Risk Awareness.

DRSAE model. Wu et al (2022)¹⁴ Multi-Sensor Fusion for ATC Security. Anniballi et al (2011)^16,17. ADS-B phase-pattern based aircraft classification method. Leonardi et al (2017)¹⁸. Permissioned blockchain framework for ATM authentication and privacy. Reisman et al (2019)¹⁹. Focuses on detection/classification or cognitive modeling without enforcing or regulating access. No Access Control or Risk Evaluation.

AI-based conceptual framework for improving air traffic management efficiency. Whig et al (2024)⁵. fNIRS-based adaptive human-centered decision-making framework. Li et al (2021)¹⁵. No agent-based real-time decision making and relies on manual decisions under pressure. Lack of Agent Autonomy / Human-Centric Decision Burden.

ATMCPS model. Wu et al (2022)¹⁰. Idealized models (like game theory) not directly applicable in operational ATC. Theoretical Approaches with Limited Operational Use

MARDDPG framework. Wu et al (2020)⁸. Multisource Heterogeneous ATC Operational Data Security Automatic Classification Model. Baogang et al (2024)⁹. Multi-agent systems optimized for flow or operations, not for secure, risk-aware access. Focus on Performance, Not Security.

Method/Model	Description	Limitations
BSAC-IoT model. Algarni et al. (2021)⁴. WebPilot framework. Zhang et al (2025)⁷.	Blockchain or computationally heavy methods not fit for safety-critical, time-sensitive ATC tasks.	High Latency / Not Suitable for Real-Time ATC.
BACS-ZT framework. Gai et al (2023)¹¹. BFOD model. Li et al (2023)¹². S-Atmchain framework. Lu et al (2025)¹³.	Access decisions based on fixed policies (RBAC/ABAC) with no dynamic risk or context handling.	Static Access Control / No Risk Awareness.
DRSAE model. Wu et al (2022)¹⁴ Multi-Sensor Fusion for ATC Security. Anniballi et al (2011)^16,17. ADS-B phase-pattern based aircraft classification method. Leonardi et al (2017)¹⁸. Permissioned blockchain framework for ATM authentication and privacy. Reisman et al (2019)¹⁹.	Focuses on detection/classification or cognitive modeling without enforcing or regulating access.	No Access Control or Risk Evaluation.
AI-based conceptual framework for improving air traffic management efficiency. Whig et al (2024)⁵. fNIRS-based adaptive human-centered decision-making framework. Li et al (2021)¹⁵.	No agent-based real-time decision making and relies on manual decisions under pressure.	Lack of Agent Autonomy / Human-Centric Decision Burden.
ATMCPS model. Wu et al (2022)¹⁰.	Idealized models (like game theory) not directly applicable in operational ATC.	Theoretical Approaches with Limited Operational Use
MARDDPG framework. Wu et al (2020)⁸. Multisource Heterogeneous ATC Operational Data Security Automatic Classification Model. Baogang et al (2024)⁹.	Multi-agent systems optimized for flow or operations, not for secure, risk-aware access.	Focus on Performance, Not Security.

In this section, we highlighted and discussed the limitations of already implemented approaches to improve the security in air traffic control systems. Moreover, the review also emphasizes how cutting-edge technologies like simulation-based training and reinforcement learning are increasingly being used to enhance automation, controller performance, and air traffic communication. Additionally, it emphasizes how crucial privacy-preserving techniques like blockchain and cryptographic protocols are to guaranteeing safe data exchange and robust communication in air traffic control and unmanned aerial vehicle systems. However, all of these observations point to the necessity of an adaptive risk-aware real-time access control system that has the autonomy of agents with low-latency execution of tasks, and provides coverage from other internal and external threats.

3 Proposed secure access for agent based adaptive risk-aware access control framework

The Figure 3 shows the working of our proposed Agent based Adaptive Risk-aware Access Control (AARAC) framework. There are three main components of the agent based adaptive risk-aware access control i.e., Air Traffic Flow Management (ATFM), Air Traffic Service (ATS) and Air Space Management (ASM). The complete working of our system is divided into sections i.e., computation of risk assessment scores and implementation of rules/policies. The computations will be used to devise an accessibility matrix to give access of the system's information/resources to only those agents having at least a minimum decided threshold. The policies/rules will be implemented for zero trust architecture.

Figure 3.

Proposed secure access for air traffic control systems framework.

We have an agent deployed on each of the entity. All the communication between the entities will take place between these agents. The Figure 4 shows the flowchart of the proposed framework.

Figure 4.

Flowchart demonstrating the working of the proposed framework.

3.1 Details of agents working in AARAC framework

Below we provide details about the communication protocol, agent type and agent architecture.

3.1.1 Communication protocol

In our system, agents collaborate using Foundation for Intelligent Physical (FIPA)-Agents Agent Communication Language (ACL). Using the FIPA-ACL provides a standardized set of performative message types that enable structured and interoperable dialogue between agents. The agents will mostly communicate to request access to airspace resources, share and respond to real-time risk data, negotiate priorities based on role, urgency, and risk score.

3.1.2 Agent type

Additionally, all agents in our system are reactive. This is intentional due to the time-sensitive nature of air traffic control operations, where response time is critical and complex deliberation could introduce unacceptable delays. These agents will continuously monitor environmental inputs like aircraft proximity, weather conditions, traffic load. And if needed trigger any predefined actions such as granting, denying, or escalating access requests in response to sensed changes.

3.1.3 Architecture for real-time intelligent systems (ARTIS) agent architecture

We use the ARTIS agent architecture²⁰ in the proposed framework. It is particularly well-suited for dynamic, mission-critical environments like air traffic control due to the features of autonomic and real-time. While primarily reactive, ARTIS agents apply context-aware logic and predefined rules for decision-making. It supports coordination among multiple agents and seamless integration with the external air traffic control systems. In our implementation, ARTIS agents process incoming messages via FIPA-ACL and execute rapid, reactive decisions based on local observations and risk-aware rules.

3.1.4 Conflict resolution and risk score sharing

Agents calculate or retrieve dynamic risk scores for each access request based on factors such as aircraft status, operational load, and environment conditions. These scores are shared using FIPA-ACL INFORM messages in a structured format that includes: Agent Id, Resource requested, Calculated risk score, Timestamp. When two or more agents request the same resource (e.g., runway), the Access Agent acts as a referee. It uses predefined priority policies and thresholds to resolve conflicts: If the difference in risk scores exceeds a threshold, the resource is granted to the lower-risk agent. If scores are close or ambiguous, additional contextual data (such as aircraft class or emergency status) is considered.

3.2 Working of air space management

This module plays a crucial role in ensuring the safe and efficient use of airspace within the air traffic control system. It involves the strategic planning and allocation of airspace resources to accommodate various types of air traffic, balancing demand between diverse airspace users. Its main functions are airspace allocation (for organizing the airspace into different sectors or volumes, which can be dynamically managed), conflict resolution (by managing the allocation of airspace, reducing the risk of conflicts between different airspace users), capacity management (it ensures that the available airspace is used to its maximum capacity without compromising safety) and safety/regulatory compliance (it ensures that all airspace management actions comply with international and national safety regulations).

3.3 Working of air traffic flow management

This module plays a critical role in ensuring the smooth and efficient movement of air traffic by balancing airspace demand and capacity, minimizing delays, and optimizing the use of airspace resources. Its main functions are traffic optimization, efficient use of airspace, pre-tactical and tactical planning, collaborative decision-making, and crisis management.

3.4 Working of air traffic service

This module contains the following components.

3.4.1. Air traffic control

This module has the following components:

Aerodrome Control Service: This service is focused on aircraft on the ground or in the vicinity of the aerodrome.

Approach Control Service: This service links the aerodrome control and the area control and is focused on the climb, descent and approach phases of the flight.

Area Control Service: This service is focused on the cruising part of the flight.

3.4.2 Alerting service (AS)

This service is provided in order to inform the Search and Rescue facilities of aircraft in distress.

3.5 Computation of risk assessment

Our proposed framework uses a risk assessment approach combined with zero trust architecture. Each agent, whether human or automated, in the air traffic control system is treated as a potential risk point. We will continuously assesses the risk level of each agent by considering variables such as their role, real-time activity, past behavior, and the current air traffic context. Access to sensitive resources is granted only if the cumulative risk score of an agent remains below a predefined threshold. High-risk agents may require additional security verification steps. We will implement non-persistent connections that will require all users, whether in or outside the air traffic control network, to be continuously authenticated, authorized, and validated before being granted access to air traffic control applications and data. Below we discuss how the risk assessment scores are computed.

3.5.1 Real-time activity assessment

Real-time activity refers to the ongoing actions and behaviors of an agent during its interaction within the air traffic control system. This aspect is crucial in understanding the current context of an agent's behavior. We have devised the Current Tasks Performance to assess an agent's real-time performance. We will analyze the tasks an agent is executing and their conformance to expected norms. For example, an air traffic control operator managing aircraft separation should adhere to defined safety margins. Deviations from expected behavior trigger alerts or increased scrutiny.

T_i : Current task being performed by the air traffic control agent A_i (e.g., aircraft separation management).

N_i : Expected norm or standard for task T_i (e.g., minimum aircraft separation).

ρ(T_i, A_i) : Performance of agent A_i on task T_i, measured in real-time.

Δ(T_i) : Deviation of the agent's performance from the norm, computed in Equation 1.

\begin{aligned} Δ (T_{i}) = | ρ (T_{i}, A_{i}) - N_{i} | \end{aligned}

(1)

α: Acceptable threshold for deviation from the norm (e.g., 0.5 nautical miles).

If the air traffic control agent is managing multiple tasks, the overall task performance can be computed as the sum of deviations across all tasks as shown in Equation 2.

\begin{aligned} P (A_{i}) = \sum_{Ti \in T} Δ (T_{i}) \end{aligned}

(2)

The less this value is, the more will be the performance of the agent.

3.5.2 Past behavior analysis

Past behavior refers to an agent's historical interactions within the system. Analyzing this helps establish whether an agent's actions typically align with their expected roles, allowing for better long-term risk modeling. We will use the historical performance metrics to track and record the outcomes of tasks performed by the agent in the past. For example, track how frequently air traffic controllers meet safety metrics (e.g., no near-miss incidents) or whether a particular pilot frequently failed to comply with directives.

Let T (A_i) = {T₁, T₂, …, T_n} represent the set of tasks that agent A_i has completed.

Let C_m(A_i, T_j) represent the compliance rate of agent A_i for task T_j, where C_m(A_i, T_j) is a percentage. Assuming 1 for a 100%, (1 − C_m(A_i, T_j)) will represent the non-compliance value. The complete computations are shown in Equation 3.

\begin{aligned} H P S (A_{i}) = \frac{\sum_{T_{j} \in T (A_{i})} (1 - C_{m} (A_{i}, T_{j}))}{| T (A_{i}) |} \end{aligned}

(3)

The less this value shall be, the better will be historical performance of the agent.

3.5.3 Current air traffic context

The current air traffic context represents the situational variables that will influence the level of access or action needed by the agents. This adds environmental and operational awareness to the risk assessment. We will use the parameter of traffic density to calculate the risk associated with air traffic. High-density air traffic situations increase the risk associated with errors or miscommunication. Agents handling high volumes of tasks in busy airspaces will be assigned different security profiles.

Let:

N(t): The number of aircraft in a specific airspace at time t.

A: The area of the airspace under consideration.

ρ(t): The traffic density at time t, defined in Equation 4.

\begin{aligned} ρ (t) = \frac{N (t)}{A} \end{aligned}

(4)

where ρ(t) is in units of aircraft per square kilometer. To compute the Risk Score based on traffic density, we define: ρmax: The maximum allowable safe traffic density.

α and β: Scaling parameters to adjust the sensitivity of the risk score to traffic density.

The Risk Score R(t) at time t is calculated in Equation 5.

\begin{aligned} R (t) = {\begin{array}{ll} 0, & i f ρ (t) \leq ρ_{m a x,} \\ α \cdot e^{β (ρ (t) - ρ_{m a x})}, & i f ρ (t) > ρ_{m a x,} \end{array} \end{aligned}

(5)

The risk increases exponentially when the traffic density exceeds the safe threshold ρ_max. We want the risk score of traffic density to be as low as possible.

3.5.4 Overall score of risk assessment

The overall risk score for an agent a_i can be computed using the Equation 6.

\begin{aligned} R i s {k_{S c o r e}}_{(a_{i})} = w_{1} x P (A_{i}) + w_{2} \; x\; H P S (A_{i}) + w_{3} \; x\; R (a_{i}, t) \end{aligned}

(6)

3.6 Integration of ZTA in proposed framework

The proposed framework integrates zero trust architecture principles by dynamically evaluating agents in the air traffic control system. The following activities will be performed to ensure secure access in the system.

3.6.1 Non-persistence connections

All the HTTP based connections will be non-persistence by default in the system. This will ensure that the nodes establish a new connection for each request. The system assumes no user, device, or agent is trustworthy by default. Non-persistence connections ensure that agent-service connections are established on demand and terminated after the task is completed.

Let:

\begin{aligned} C_{i} & = Connection between agent A_{i} and service S_{j} \end{aligned}

(7)

\begin{aligned} t_{connect} & = Time when connection is established \end{aligned}

(8)

\begin{aligned} t_{terminate} & = Time when connection is terminated \end{aligned}

(9)

The condition for non-persistence is shown in Equation 10.

\begin{aligned} t_{terminate} - t_{connect} \leq Δ t \end{aligned}

(10)

where Δt is the maximum allowable connection duration.

3.6.2 Two factor authentication

The system will implement two factor authentication. This will require that the device is registered in the system and is capable of receiving an email based or cellular network based request.

Let:

\begin{aligned} α_{k} (A_{i}) & = Authentication based on password or PIN \end{aligned}

(11)

\begin{aligned} α_{p} (A_{i}) & = Authentication based on token \end{aligned}

(12)

\begin{aligned} γ (A_{i}, S_{j}) & = 1 if and only if α_{k} (A_{i}) \land α_{p} (A_{i}) \end{aligned}

(13)

This ensures that access to service S_j is only granted if both authentication factors are satisfied for agent A_i.

The major reason of using the zero trust architecture in the proposed framework is because of its principle of “never trust, always verify”. We do not trust on any agent deployed on any component of air traffic control. Hence, every agent when sends a request to the access agent for data, it needs to authenticate itself (via two-factor authentication). This rigorous authentication leads to temporary grant of trust access that narrows down the attack window for inside and outside attacks. Additionally, an agent's performance is continuously monitored for the calculation of risk score to check its deviations using behavioral baselines derived from historical data (e.g., consistent underperformance or abnormal task execution patterns). These deviations will be used to detect anomalous activity when task-level inconsistencies are analyzed across agents of similar roles e.g., for a task an agent is sending hundred requests per minute whereas other agents have only sent five request per minute. Analyzing task-level inconsistencies across agents of similar roles, using statistical thresholds to detect anomalous activity. These mechanisms ensure that threats whether inside or outside are not solely identified by cumulative risk scores, but also through context-sensitive anomaly detection.

3.7 Working of the AARAC framework

In this section, we provide an algorithm to show step by step the working of the proposed framework.

4 Application of the proposed AARAC framework

In this section, we will demonstrate the working of our proposed framework using a case study.

4.1 Experimental setup

The Figure 5 presents an airspace in which multiple aircrafts are traveling. These aircrafts are assigned different type of tasks like maintaining speed, keeping safe distance from other aircrafts, adopting directional commands from the control tower, giving signals to aircrafts when required. All of these tasks require these aircrafts to contact the access agent for the required information. The scenario is modeled in Anylogic 8.9.5. We have shown the task performance score, historical performance score and current air traffic congestion along with the aircraft number that can be viewed when we click on an aircraft. These attributes are used to compute the risk score for each aircraft. The access agent will only provide the requested information if the risk score of an aircraft is less than the defined threshold. Each aircraft is an agent with speed of 20 meters/second with animation rotating towards the movement. The space type is defined as continuous. The screen data will be refreshed after every one minute. We have created a cyclic event named ‘clock’ to control the movement of aircrafts. The aircrafts journey is defined in hours and the event triggers after simulated time of one hour. In the simulation we have also created a database that contains every aircraft number, flights information and cities. We set the execution mode as realtime with scale of 50 with infinite animation. The optimization engine is OptQuest DEMO with 500 iterations and minimize objective. No external library is required for executing the simulation.

Figure 5.

Complete air traffic control system.

We have created a table risk_score-table as shown in Figure 6 in the simulation tool so the values required for the calculation of risks can be updated and computed during the simulation. All the aircraft agents have access to this agent and update the values. We have fixed the historical compliance rate for each aircraft but all the other values can be retrieved/updated dynamically.

Figure 6.

Table to store and update risk values of aircrafts.

4.2 Working of agent 1 (aircraft number: 10008)

The realtime values of agent 1 are shown in Figure 4. This aircraft is part of the flight BA0819. Its task performance score, historical performance score and current air traffic congestion are displayed when it is clicked. Currently, the agent only has one task assigned to it but other tasks can be assigned as per need. Below we show how these values are computed.

T₁: Maintain safe distance from other aircrafts.

N₁: Minimum 5 nautical miles between aircraft.

p(T₁, A₁): Agent A₁ is maintaining a separation of 4.8 nautical miles.

Δ(T₁): Deviation from the norm.

Agent A1 has a historical compliance rate of 92% on aircraft separation tasks.

15 aircraft in a 500 square kilometer region in which Agent 1 is in air. Safe maximum traffic density is 0.025 aircraft/km².

4.2.1 Real-time activity assessment

Based on the above specifications, we compute the task performance for A1 as shown in Equation 14.

\begin{aligned} Δ (T_{1}) = | p (T_{1}, A_{1}) - N_{1} | = | 4 .8 - 5 | = 0 .2 \end{aligned}

(14)

Overall Task Performance for Agent 1:

\begin{aligned} P (A_{1}) = 0 .2 \end{aligned}

(15)

4.2.2 Past behavior analysis

Now we calculate the historical performance score based on the given data for A1.

Historical Compliance Rate:

\begin{aligned} C_{m} (A_{1}, T_{1}) = 0 .92 \end{aligned}

(16)

Historical Performance Score for Agent 1:

\begin{aligned} HPS (A_{1}) = 1 - 0 .92 = 0 .08 \end{aligned}

(17)

4.2.3 Current air traffic context

We now calculate the traffic density for A1.

\begin{aligned} ρ (t_{1}) = 15/500 = 0 {.03 aircraft/km}^{2} \end{aligned}

(18)

Since the traffic density exceeds ρ_max = 0.025, we compute the risk score for Agent 1 as shown in Equation 19.

\begin{aligned} R (t_{1}) = α \cdot {e^{β (ρ (t_{1}}}^{) - ρ max)} = 1 \cdot e^{2(0 .03 - 0 .025)} = 1 \cdot e^{0 .01} \approx 1 .01005 \end{aligned}

(19)

4.2.4 Overall risk score of agent 1

Below we calculate the overall risk score of Agent 1 in Equation 20.

\begin{aligned} Risk Score (A_{i}) & = w_{1} \times P (A_{1}) + w_{2} \times HPS (A_{1}) + w_{3} \times R (A_{1}, t) \end{aligned}

(20)

\begin{aligned} Risk\_Score (A_{1}) & = 0.4 \times 0.2 + 0.3 \times 0.08 + 0.3 \times 1.01005 = 0.08 + 0.04 + 0.303015 = 0.407015 \end{aligned}

(21)

4.3 Working of agent 2 (aircraft number: 10004)

The realtime values of agent 2 are shown in Figure 4. Below are the specifications of the working of A2.

The realtime values of agent 2 are shown in Figure 4. This aircraft is part of the flight BA0759. Below we show how these values are computed.

T₂: Resolve conflicts with neighboring aircrafts.

N₂: Conflict resolution time should not exceed 2 min.

p(T₂, A₂): Average conflict resolution time is 2.5 min.

Δ(T₂): Deviation from the norm.

Agent A2 has a historical compliance rate of 85% for conflict resolution tasks.

Current traffic density is 25 aircraft in a 500 square kilometer region. Safe maximum traffic density is 0.025 aircraft/km².

As shown for A1, we can compute the overall risk score of A2 which is shown in Equation 22.

\begin{aligned} Risk\_Score (A2) = 0.4 \times 0.5 + 0.3 \times 0.15 + 0.3 \times 1.05127 = 0.2 + 0.045 + 0.315381 = 0.560381 \end{aligned}

(22)

4.4 Working of access agent 3 (aircraft number: 10029)

The realtime values of agent 3 are shown in Figure 4. This aircraft is part of the flight BA0879. Below we show how these values are computed. Below are the specifications of the working of A3.

T₃: Obtaining takeoff clearance within the deadline.

N₃: Takeoff clearance time should not exceed 2 min.

p(T₂, A₃): Agent A₃ takeoff clearance time of 1.8 min.

Δ(T₃): Deviation from the norm.

Agent A3 has a historical compliance rate of 88% for conflict resolution tasks.

Current traffic density is 20 aircraft in a 400 square kilometer region. Safe maximum traffic density is 0.025 aircraft/km².

We can compute the overall risk score of A3 which is shown in Equation 23.

\begin{aligned} Risk\_Score (A3) = 0.4 \times 0.2 + 0.3 \times 0.12 + 0.3 \times 1.05127 = 0.08 + 0.06 + 0.315381 = 0.431381 \end{aligned}

(23)

4.5 Accessibility matrix based on risk assessment

We compute access to critical ATC data based on the risk assessment scores of agents A₁, A₂ and A₃. The data includes the routing information, aircraft data, collision avoidance, communication, and flight schedule. Now we define the risk score thresholds for access control. Low risk (RiskScore ≤ 0.4) means we will grant access to all types of data. Medium risk (0.4 < RiskScore ≤ 0.6) means we will grant limited access to critical components. High risk (RiskScore > 0.6) means we will grant very minimal access.

Based on the risk scores, the access control for the agents is defined in Table 2.

Table 2.
Accessibility matrix for the three agents.

ATC Data Agent A₁ (Low Risk) Agent A₂ (Medium Risk Agent A₃ (Medium Risk)

Routing Information Full Access Full Access Full Access

Aircraft Data Full Access Full Access Full Access

Collision Avoidance Full Access Restricted Restricted

Communication Full Access Full Access Full Access

Flight Schedules Full Access Restricted Restricted

ATC Data	Agent A₁ (Low Risk)	Agent A₂ (Medium Risk	Agent A₃ (Medium Risk)
Routing Information	Full Access	Full Access	Full Access
Aircraft Data	Full Access	Full Access	Full Access
Collision Avoidance	Full Access	Restricted	Restricted
Communication	Full Access	Full Access	Full Access
Flight Schedules	Full Access	Restricted	Restricted

Agent A₁'s risk score is below the threshold of 0.3, so the agent is assigned full access to all air traffic control system components. Agents A₂ and A₃ have risk scores between 0.3 and 0.6. They are granted full access to less sensitive components such as routing data, aircraft data, and communication systems. However, access to critical components like collision avoidance and flight schedules is restricted, due to the increased risk associated with their behavior. This ensures they can perform essential functions but are not exposed to high-risk tasks. A visual representation of the accessibility matrix is shown in Figure 7.

Figure 7.

Granting access to different agents.

By implementing these access levels based on agents’ risk scores, the system ensures that only those with proven reliability are allowed to access critical and sensitive data, enhancing the security and safety of the air traffic control system.

4.6 Preventing attacks using risk values

In this section we will discuss how different type of attacks that can be prevented using the proposed risk based approach.

4.6.1 DDOS attack

In this attack the purpose is to exhaust the access agent's resources to cause delay or deny service to legitimate aircrafts. For this we can set the max requests that can be sent during a certain period and once an agent crosses this threshold, it enters a high-risk state and its access is temporarily throttled. To simulate this we created an event in the aircraft agent that one in tenth aircraft shall send the request to the access agent for routing information. It will send the 100 requests within a minute. The threshold is set at a maximum of two requests a minute. The access agent will block this agent for 5 min. In the simulation, there is a red cross displayed against the aircraft that has been blocked by the access agent as shown in Figure 8.

Figure 8.

Aircraft agent blocked by the access agent.

In our case study we utilized three aircraft agents to validate the core functionality of the proposed framework using AnyLogic. Though the simulated scenarios only use three aircraft agents but it effectively demonstrates the working of the risk evaluation mechanism and the policy enforcement by the access agent. The architecture itself is inherently designed to scale to handle large agent populations. The use of agents and decentralized risk evaluation logic ensures that adding more aircrafts—such as dozens or even hundreds of aircraft—does not require redesign of the core decision-making mechanism. The method of giving access to sensitive information based on risk score will remain the same. In high-traffic air traffic control scenarios, we can even group the agents logically (e.g., by sector, phase of flight, or geographic zone), and give distributed access across these zones to maintain local decision-making autonomy while coordinating through standardized inter-agent communication protocols (e.g., FIPA-ACL). The modularity of the multi-agent system design enables parallel and asynchronous processing of access requests, which is critical for scalability and fault tolerance. To integrate with real-world air traffic control infrastructure, our AARAC framework can be interfaced with System Wide Information Management architecture via APIs, enabling real-time exchange of contextual and trust-related information. It depends on the system designer and the abstraction level at which level of the air traffic control he wants the access agent to be interfaced with hardware components.

5 Discussion

In this section, we will present a detailed comparison of the proposed framework against the previous approaches as shown in Table 3, focusing on how the proposed work surpasses traditional and existing security approaches in several ways.

Table 3.
Comparison of traditional methods vs. AARAC Framework.

Traditional Methods (e.g., RBAC,

Aspect Perimeter based Security) AARAC Framework

Risk-Based Access Control Access is based on predefined roles (e.g., ATC operator, pilot) with static permissions. Real-time performance or changing air traffic conditions are not considered. Access is determined based on dynamic risk assessment, considering real-time activity, past behavior, and current air traffic context.

Adaptability Limited adaptability, as access is predefined based on roles and does not change with context or performance. High adaptability. Access controls change dynamically in real-time based on agent performance and current air traffic conditions.

Historical Behavior Analysis No historical behavior tracking. Access is determined without regard for past compliance or performance issues. Includes past behavior analysis, where historical compliance and non-compliance are factored into risk scores and future access decisions.

Zero Trust Architecture Traditional systems often trust agents within the perimeter by default, leading to vulnerabilities like insider threats. ZTA eliminates implicit trust, requiring continuous verification through non-persistent connections, two-factor authentication (2FA), and micro segmentation.

Two-Factor Authentication (2FA) Not widely implemented in older systems, leaving the network vulnerable to unauthorized access from compromised credentials. Fully implemented, providing an extra layer of security by requiring both credentials and a second authentication factor for access.

Current Air Traffic Context Does not account for current air traffic density or situational context when determining access levels. Incorporates real-time traffic density analysis. Higher risks are accounted for in access control decisions, especially during high-density traffic situations.

Granularity of Risk Assessment Basic role-based access; lacks granularity in evaluating agent-specific performance and situational risks. Fine-grained risk assessment based on the agent's real-time activities, past compliance, and contextual factors, providing more tailored access control.

	Traditional Methods (e.g., RBAC,
Risk-Based Access Control	Access is based on predefined roles (e.g., ATC operator, pilot) with static permissions. Real-time performance or changing air traffic conditions are not considered.	Access is determined based on dynamic risk assessment, considering real-time activity, past behavior, and current air traffic context.
Adaptability	Limited adaptability, as access is predefined based on roles and does not change with context or performance.	High adaptability. Access controls change dynamically in real-time based on agent performance and current air traffic conditions.
Historical Behavior Analysis	No historical behavior tracking. Access is determined without regard for past compliance or performance issues.	Includes past behavior analysis, where historical compliance and non-compliance are factored into risk scores and future access decisions.
Zero Trust Architecture	Traditional systems often trust agents within the perimeter by default, leading to vulnerabilities like insider threats.	ZTA eliminates implicit trust, requiring continuous verification through non-persistent connections, two-factor authentication (2FA), and micro segmentation.
Two-Factor Authentication (2FA)	Not widely implemented in older systems, leaving the network vulnerable to unauthorized access from compromised credentials.	Fully implemented, providing an extra layer of security by requiring both credentials and a second authentication factor for access.
Current Air Traffic Context	Does not account for current air traffic density or situational context when determining access levels.	Incorporates real-time traffic density analysis. Higher risks are accounted for in access control decisions, especially during high-density traffic situations.
Granularity of Risk Assessment	Basic role-based access; lacks granularity in evaluating agent-specific performance and situational risks.	Fine-grained risk assessment based on the agent's real-time activities, past compliance, and contextual factors, providing more tailored access control.

We compare the AARAC framework with two our related work in terms of performance, scalability and security Table 4.

Table 4.

Comparison of AARAC framework with state of the art.

		BFOD (Blockchain-based Flight	ZT-RBAC (Zero Trust Role-Based
Feature	AARAC Framework	Operation Data Sharing)¹²	Access Control)¹¹
Scalability	High as agents operate autonomously and in parallel.	Medium as blockchain consensus overhead increases with aircraft count.	Medium as latency increases with more non-agent roles or access policies.
Performance	Low latency as the risk is computed locally and access is granted per agent.	High latency as it relies on zk-SNARKs and proxy re-encryption.	Medium as execution of smart contracts and role evaluation create delays.
Security	Security is provided via behavioral trust, real-time risk detection, and dynamic access policies.	Strong cryptographic access guarantees, but lacks behavioral insight.	Strong authentication but lacks contextual behavior evaluation.

6 Conclusion and future work

In this research, we proposed a framework for enhancing the security of air traffic control systems through the use of agent bases Adaptive Risk-aware Access Control system. Our approach incorporates real-time activity assessment, past behavior analysis, and current air traffic context to compute a risk score for each agent. This risk score is then used to make informed access control decisions, ensuring that agents handling sensitive air traffic control functions are continuously monitored and evaluated based on their current performance and historical compliance. By integrating zero trust architecture principles such as non-persistent connections, micro-segmentation, and two-factor authentication, we significantly increased the difficulty for potential attackers to exploit the system. This approach provides stronger protection against insider threats, unauthorized access, and lateral movement within the system, thereby mitigating the risks associated with cybernetics in air traffic control systems. We demonstrated the application of the proposed approach using scenarios of real world case study. Lastly, we discussed how the proposed approach has superior security benefits in comparison with traditional multi-agent based or blockchain based access control models for air traffic control systems.

Currently, the designer of the system needs to specify the static policies governing access control decisions for agents based on the overall risk score. For better adaptability, we can implement automated policy updating. This means that we will adjust the security policies based on evolving conditions within the air traffic control environment, such as sudden increases in traffic density, changes in agent roles, or the discovery of new vulnerabilities. By taking into account the current environmental context, we can improve the efficiency of the complete system.

Footnotes

ORCID iDs

Hanaa Nafea

Awais Qasim

Syed Mustaghees Abbas

Funding

The authors received no financial support for the research, authorship, and/or publication of this article.

Declaration of conflicting interests

The authors declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Author Biographies

Hanaa Nafea received the master's degree in computer science from Nottingham Trent University (NTU), Nottingham, UK, in 2012. She received a PhD degree from Liverpool John Moores University (LJMU), UK in 2020. She is also an assistant professor at Taibah University, Al-Madinah, Al-Munawwarah, Saudi Arabia. Her current research interests include network security, the security of complex systems, intrusion detection, secure service composition, privacy-preserving data aggregation, cryptography computer science, and cloud security.

Awais Qasim received the MS degree in Computer Science from Lahore University of Management Sciences (LUMS), Lahore, Pakistan, in 2011. After that, he worked as a Software Engineer in Industry and developed a number of iPhone and Android applications. He completed his PhD in Computer Science in 2017 and did Post-doc from the University of Salford in 2020. Currently, he is working as an assistant professor in the Computer Science Department, Government College University. His research interests include model checking, multi-agent systems, real-time systems, self-adaptive systems, and robotics for blockchain, and disaster resilience. He is the author of 38 research articles.

Syed Mustaghees Abbas received his MS degree in Computer Science from Government College University (GCU), Lahore, Pakistan, in 2024. He is currently serving as a Lecturer in the Department of Computer Science & IT at The University of Lahore. His research interests include formal methods for model checking, multi-agent systems, real-time systems, and self-adaptive systems.

Waqas Ali earned his MS degree in Computer Science with distinction from Government College University Lahore, Pakistan in 2021. He is serving as a lecturer at the department of Computer Science, University of Engineering and Technology, Lahore. He is also working as an AI Research Engineer at AL-Khwarizmi Institute of Computer Science, KICS, Lahore. His research interests are in machine reasoning, machine learning, multi agent self-adaptive systems, and trustworthy real time systems.

References

Qasim

Bilal

Munawar

, et al. Blockchain based intrusion detection in agent-driven flight operations. Multiagent Grid Syst 2024; 20: 161–183.

Qasim

Ghouri

Munawar

. An effective approach for reducing data redundancy in multi-agent system communication. Multiagent Grid Syst 2024; 20: 69–88.

Nafea

Qasim

Hussain

, et al. Blockchain-based reputation model for vehicle platooning with common global goal. Multiagent Grid Syst 2025; 21: 21–37.

Algarni

Eassa

Almarhabi

, et al. Blockchain-based secured access control in an IoT system. Appl Sci 2021; 11: 1772.

Whig

Kasula

Yathiraju

, et al. Transforming aviation: the role of artificial intelligence in air traffic management. In: Khalid S and Siddiqui NN (eds) New innovations in AI, aviation, and air traffic technology. Hershey, PA: IGI Global, 2024, pp.60–75.

El Sibai

Gemayel

Bou Abdo

, et al. A survey on access control mechanisms for cloud computing. Trans Emerg Telecommun Technol 2020; 31: e3720.

Zhang

, et al. Webpilot: a versatile and autonomous multi-agent system for web task execution with strategic exploration. In: Proceedings of the AAAI conference on artificial intelligence, Vol. 39, 2025, pp.23378–23386.

Zhou

Liu

, et al. Multi-agent deep reinforcement learning for urban traffic light control in vehicular networks. IEEE Trans Veh Technol 2020; 69: 8243–8256.

Baogang

CHEN

Jingxuan

YANG

Song

YAN

, et al. Automatic classification model for multisource heterogeneous air traffic control operational data security. J Tsinghua Univ (Sci Technol) 2024; 64: 1565–1574.

10.

Dong

Wang

. Research on game theory of air traffic management cyber physical system security. Aerospace 2022; 9: 397.

11.

Gai

She

Zhu

, et al. A blockchain-based access control scheme for zero trust cross-organizational data sharing. ACM Trans Internet Technol 2023; 23: 1–25.

12.

Zhao

Deng

. BFOD: blockchain-based privacy protection and security sharing scheme of flight operation data. IEEE Internet Things J 2023; 11: 3392–3401.

13.

. S-Atmchain: Blockchain-Based Data Sharing Method for Air Traffic Management. Available at SSRN 4399510, 2025.

14.

Bai

Zhang

, et al. Feature extraction method based on sparse autoencoder for air traffic management system security situation awareness. Secur Commun Netw 2022; 2022: 3757662.

15.

Fan

, et al. A human-centred approach based on functional near-infrared spectroscopy for adaptive decision-making in the air traffic control environment: a case study. Adv Eng Inf 2021; 49: 101325.

16.

Anniballi

Cardinali

. A new architecture to increase security of air traffic control system. In: 2011 8th European radar conference. IEEE, 2011, pp.357–360.

17.

Anniballi

Cardinali

. New solution to enhance the security in air traffic control. In: 2011 Tyrrhenian international workshop on digital communications-enhanced surveillance of aircraft and vehicles. IEEE, 2011, pp.95–100.

18.

Leonardi

Di Gregorio

Di Fausto

. Air traffic security: aircraft classification using ADS-B message’s phase-pattern. Aerospace 2017; 4: 51.

19.

Reisman

. Air traffic management blockchain infrastructure for security, authentication, and privacy. In: AIAA scitech forum (No. ARC-E-DAA-TN63825), 2019.

20.

Botti

Carrascosa

Julián

, et al. Modelling agents in hard real-time environments. In: European workshop on modelling autonomous agents in a multi-agent world. Berlin, Heidelberg: Springer Berlin Heidelberg, 1999, pp.63–76.

	Traditional Methods (e.g., RBAC,
Aspect	Perimeter based Security)	AARAC Framework
Risk-Based Access Control	Access is based on predefined roles (e.g., ATC operator, pilot) with static permissions. Real-time performance or changing air traffic conditions are not considered.	Access is determined based on dynamic risk assessment, considering real-time activity, past behavior, and current air traffic context.
Adaptability	Limited adaptability, as access is predefined based on roles and does not change with context or performance.	High adaptability. Access controls change dynamically in real-time based on agent performance and current air traffic conditions.
Historical Behavior Analysis	No historical behavior tracking. Access is determined without regard for past compliance or performance issues.	Includes past behavior analysis, where historical compliance and non-compliance are factored into risk scores and future access decisions.
Zero Trust Architecture	Traditional systems often trust agents within the perimeter by default, leading to vulnerabilities like insider threats.	ZTA eliminates implicit trust, requiring continuous verification through non-persistent connections, two-factor authentication (2FA), and micro segmentation.
Two-Factor Authentication (2FA)	Not widely implemented in older systems, leaving the network vulnerable to unauthorized access from compromised credentials.	Fully implemented, providing an extra layer of security by requiring both credentials and a second authentication factor for access.
Current Air Traffic Context	Does not account for current air traffic density or situational context when determining access levels.	Incorporates real-time traffic density analysis. Higher risks are accounted for in access control decisions, especially during high-density traffic situations.
Granularity of Risk Assessment	Basic role-based access; lacks granularity in evaluating agent-specific performance and situational risks.	Fine-grained risk assessment based on the agent's real-time activities, past compliance, and contextual factors, providing more tailored access control.