Taming role mining complexity in RBAC
نویسندگان
چکیده
In this paper we address the problem of reducing the role mining complexity in RBAC systems. To this aim, we propose a three steps methodology: first, we associate a weight to roles; second, we identify user-permission assignments that cannot belong to roles with a weight exceeding a given threshold; and third, we restrict the role-finding problem to user-permission assignments identified in the second step. We formally show—the proofs of our results are rooted in graph theory—that this methodology allows role engineers for the elicitation of stable candidate roles, by contextually simplifying the role selection task. Efficient algorithms to implement our strategy are also described. Further, we discuss practical applications of our approach. Finally, we tested our methodology on real data set. Results achieved confirm both the viability of our proposal and the analytical findings.
منابع مشابه
Automatic Migration to Role-Based Access Control
Molloy, Ian M. Ph.D., Purdue University, August 2010. Automatic Migration to Role Based Access Control. Major Professor: Ninghui Li. The success of role-based access control both within the research community and industry is undeniable. One of the main reasons for RBAC’s adoption is its ability to reduce administration costs, help eliminate errors, and improve the security of a system. Before t...
متن کاملPolicy Mining : a Bottom-Up Approach Toward Network Security Management. (Techniques de rôle mining pour la gestion de politiques de sécurité : application à l'administration de la sécurité réseau)
Today’s corporations rely entirely on their information systems, usually connected to the Internet. Network access control, mainly ensured by firewalls, has become a paramount necessity. Yet, the management of manually configured firewall rules is complex, error prone, and costly for large networks. Using high abstract models such as the Role Based Access Control (RBAC) model has proved to be e...
متن کاملConstrained Role Mining
Role Based Access Control (RBAC) is a very popular access control model, for long time investigated and widely deployed in the security architecture of different enterprises. To implement RBAC, roles have to be firstly identified within the considered organization. Usually the process of (automatically) defining the roles in a bottom up way, starting from the permissions assigned to each user, ...
متن کاملThe generalized temporal role mining problem
Role mining, the process of deriving a set of roles from the available user-permission assignments, is considered to be an essential step in successful implementation of Role-Based Access Control (RBAC) systems. Traditional role mining techniques, however, are not equipped to handle temporal extensions of RBAC like the Temporal-RBAC (TRBAC) model. In this paper, we formally define the problem o...
متن کاملHow to Find a Rigorous Set of Roles for Application of RBAC
Role-based access control (RBAC) has been adopted successfully by a variety of security system by reducing the complexity of the management of access control. The least privilege principle is a very important constraint policy of RBAC. Devising a complete and correct set of roles for supporting the least privilege principle has been recognized as one of the most important tasks in implementing ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computers & Security
دوره 29 شماره
صفحات -
تاریخ انتشار 2010