An access control determination engine optimization system based on big data is composed of a client terminal and a server terminal. The server terminal is used for conducting decision evaluation, authorization and execution on a request sent by the client terminal. The access control determination engine optimization system comprises an original access control determination engine, an infrastructure portion of the original access control determination engine, a preprocessing frame, a real-time service frame and a background operation and maintenance frame, wherein the original access control determination engine and the infrastructure portion of the original access control determination engine comprise an access control determination evaluation engine module, a strategy execution point, an attribute authority module and a strategy library module, the preprocessing frame is used for processing required before deployment of the access control determination engine, and comprises an attribute preprocessing module, a first-stage clustering module and a second-stage clustering module, the real-time service frame is used for processing a real-time request generated when the server terminal runs, and comprises a registration center module, a mapping relation module and a set operation optimization module, and the background operation and maintenance frame comprises a recent entity registration module, an attribute change and maintenance module, a strategy change and maintenance module and a preparation strategy set module. The access control determination engine optimization system has the advantages of being efficient and high in availability, safety and universality.