Role mining based on permission cardinality constraint and user cardinality constraint
نویسندگان
چکیده
Constraint is an essential aspect of RBAC and is sometimes argued to be the principle motivation for RBAC. However, most of role mining algorithms don’t consider the constraint. Furthermore, they just compare the least cost of the authorization process while don’t consider how to assess the accuracy of the derived role state, thus providing the motivation for this work. In this paper, we first define a wide variety of constraints, especially the permission cardinality constraint and user cardinality constraint. We further propose a role mining algorithm to generate roles based on these two kinds of cardinality constraint that considers the similarity between roles in the process of merging roles in order to improve the accuracy of the role state at the same time. Finally, we carry out the experiments to evaluate our approach. The experimental results demonstrate the effectiveness of our proposed algorithm. Copyright c ⃝ 2010 John Wiley & Sons, Ltd.
منابع مشابه
Visual Approach to Role Mining with Permission Usage Cardinality Constraint
Role Based Access Control (RBAC) is an effective way of managing permissions assigned to a large number of users in an enterprise. This paper offers a new role engineering approach to RBAC, referred to as visual role mining. The key idea is to graphically represent userpermission assignments to enable quick analysis and elicitation of meaningful roles with constraint. There are two algorithms: ...
متن کاملRole Mining under Role-Usage Cardinality Constraint
With the emergence of Role Based Access Control (RBAC) as the de facto access control model, organizations can now implement and manage many high level security policies. As a means of migration from traditional access control systems to RBAC, di↵erent role mining algorithms have been proposed in recent years for finding a minimal set of roles from existing user-permission assignments. While de...
متن کاملCardinality Constraint Access Control Model and Implementation
Analysis constraints and its diversity in security access control model. Cardinality is a common constraint in access control model. An extended cardinality constraint access control model is established. According to actual demand, we describe the user-role, user-session, role-session cardinality constraints based on the RBAC model. The differences between static and dynamic cardinality constr...
متن کاملGeneralized Temporal Role Based Access Control Model (GTRBAC) Part I Specification and Modeling
A temporal RBAC (TRBAC) model has recently been proposed that addresses the temporalaspects of roles and trigger-based role enabling. However, it is limited to constraints on enablingof roles only. We propose a Generalized Temporal Role Based Access Control model (GTRBAC)that is capable of expressing a wider range of temporal constraints. GTRBAC is capable ofexpressing periodic ...
متن کاملConstrained Role Mining
Role Based Access Control (RBAC) is a very popular access control model, for long time investigated and widely deployed in the security architecture of different enterprises. To implement RBAC, roles have to be firstly identified within the considered organization. Usually the process of (automatically) defining the roles in a bottom up way, starting from the permissions assigned to each user, ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Security and Communication Networks
دوره 8 شماره
صفحات -
تاریخ انتشار 2015