I. Introduction

An identity is a set of one or more attributes that allows an entity or a person to be sufficiently distinguished or uniquely identified. With the world rapidly moving toward a digital landscape, digital identities are imminent: governments are increasingly digitizing public services, access to technology is increasingly democratized and internet services are becoming more diversified than ever. Identity and access management (I&AM) systems represent a critical component for any organization, they should incorporate rigorous security measures against tampering, unauthorized access, and theft and misuse of data. The rise of data volumes and computation capacities as well as the sophistication and efficiency of machine learning (ML) techniques have contributed to a successful implementation of ML in businesses. ML can significantly enhance the capabilities of I&AM systems, this can be achieved for example by analyzing user behavior patterns, preventing unauthorized access, predicting which access rights are appropriate for new users, and enhancing accuracy and resistance to spoofing. In this respect, the objective of this paper is to present a review of major ML-based approaches for I&AM functions and to provide a taxonomy of ML-I&AM systems along with a discussion. The taxonomy aims to categorize and classify ML-based approaches targeting I&AM systems based on the I&AM function. The methodology consists of the following key steps: