System and method for context-sensitive access control

What is claimed is: 1. A method for controlling access permissions to a piece of machinery, the method comprising: receiving behavioral data relating to at least one user; receiving, from a user, an access request; receiving current user behavioral data from the user and current state data relating to the piece of machinery at a time corresponding to the access request; generating a likelihood value, indicating the likelihood the access request is a valid request based on the current user behavioral data and the current state data; authenticating the user for access to operate the piece of machinery when the current user likelihood value is determined to be at or above a predetermined threshold value; and generating a permissions data structure specifying features of the piece of machinery which can be operated by the user, whereby the permissions data structure can be used to control use of the piece of machinery by the user. 2. The method of claim 1 , further comprising requesting a secondary authentication method of the user when the likelihood value is determined to be not at or above the predetermined threshold value. 3. The method of claim 1 , wherein the scope of permissions is a default scope of permissions when the likelihood value is determined to be not at or above a predetermined threshold value. 4. The method of claim 1 , further comprising: receiving repeated behavior and state data over time, including when accessing the service; updating the method for generating a likelihood value using the data. 5. The method of claim 1 , wherein the behavioral data is for a group of users that are similar demographically to the user. 6. The method of claim 1 , wherein one or more of the following machine learning algorithms is used; decision tree, regression, neural network, time series, clustering, outlier detection, ensemble model, factor analysis, naïve Bayes formulation, support vector machine, linear regression, logistic regression, k-nearest neighbors (kNN), k-Means, random forest, dimensionality reduction, gradient boosting, apriori, nearest neighbor, attention layers, generative adversarial networks, and teacher-student curriculum learning. 7. The method of claim 1 , wherein the user data includes, for each access to the service, one or more of: user location data, a date and/or time, a weekday, a direction of approach to a service access location, a barometer reading, an accelerometer reading, a microphone reading, wireless frequencies and communications of user device, recent physical activity levels, recent user actions on the user device, results of user gait analysis, recent user location, orientation of the user device, a lock state of the user device, a lock time of the user device and/or a lock duration of the user device. 8. The method of claim 2 , wherein the secondary authentication method includes, a least one of requesting a fingerprint, requesting a password or pin, facial identification, user speech identification, requesting user location information, requesting a hardware token, requesting a response by short message service (SMS), near field communications (NFC) communication with a user device, requesting badge information, requesting single sign on (SSO) history information, retina identification, requesting electrocardiogram (EKG) information of the user, user weight, user height and/or a secret knowledge challenge. 9. The method of claim 8 , wherein a combination of multiple secondary authentication methods is used to authenticate identity. 10. The method of claim 1 , wherein the state data includes state data of the piece of machinery relating to at least one of, usage history of the piece of machinery, work schedule of the piece of machinery, damage to the piece of machinery, safe operations rules for the piece of machinery, maintenance state and schedule of the piece of machinery, odometer data of the piece of machinery and/or current or recent location of the piece of machinery. 11. The method of claim 1 , wherein the state data includes external context data including data relating to at least one of, a single sign on (SSO) history for the piece of machinery, Electronic Logging Device (ELD) data for the piece of machinery, operator work schedule, operator login history, data indicating a relationship of the operator to other operators, operator checklist data, work order data, vacation schedule data, sick leave data, holiday schedule data, operator certification/licensing and/or data indicating legal limits on usage of the piece of machinery. 12. The method of claim 11 wherein the state data includes operator certification/licensing data that is retrieved in real time from a registration database. 13. The method of claim 3 , wherein the default scope of permissions is based on at least one of site policy, system configuration and/or operator preference. 14. The method of claim 1 , wherein elements of the behavioral data for at least one user and the state data relating to the service is selected based on at least one of site policy, system configuration and/or operator preference. 15. The method of claim 2 , wherein the secondary mode of authentication is selected based on at least one of site policy, system configuration and/or operator preference. 16. The method of claim 1 , wherein elements of the current behavioral data and the current state data relating to the service is selected based on at least one of site policy, system configuration and/or operator preference. 17. The method of claim 1 , wherein the piece of machinery is a vehicle or a machine tool. 18. The method of claim 17 , wherein the permissions data structure specifies that only an auxiliary system of the machinery can be operated by the operator. 19. A computer system for controlling access permissions to a piece of machinery, the system comprising: at least one computer processor; and at least one memory operatively coupled to the at least one computer processor and storing computer readable instructions which, when executed by the at least one processor, cause the at least one processor to; receive behavioral data relating to at least one user receive, from a user, an access request; receive current user behavioral data from the user device and current state data relating to the piece of machinery at a time corresponding to the access request; generate a likelihood value, indicating the likelihood the access request is a valid request based on the current user characteristic data and the current state data; authenticate the user for access operate the piece of machinery when the current user likelihood value is determined to be at or above a predetermined threshold value; and generate a permissions data structure specifying features of the piece of machinery which can be operated by the user, whereby the permissions data structure can be used to control use of the piece of machinery by the user. 20. The system of claim 19 , wherein the instructions further cause the processor to request a secondary authentication method of the user when the likelihood value is determined to be not at or above a predetermined threshold value. 21. The system of claim 19 , wherein the scope of permissions is a default scope of permissions when the likelihood value is determined to be not at or above a predetermined threshold value. 22. The system of claim 19 , wherein the behavior and state data is received multiple times over time, including when accessing the service and the me