Automatic Migration to Role-Based Access Control

Molloy, Ian M. Ph.D., Purdue University, August 2010. Automatic Migration to Role Based Access Control. Major Professor: Ninghui Li. The success of role-based access control both within the research community and industry is undeniable. One of the main reasons for RBAC’s adoption is its ability to reduce administration costs, help eliminate errors, and improve the security of a system. Before these advantages can be observed, an organization must first migrate their access control data over to RBAC. This is a process known as role engineering, and is potentially expensive. We view the problem of role engineering as an optimization of the existing ac­ cess control information (permission assignments, attributes, usage logs, etc.) that maximizes the return on investment in deploying RBAC given a model of a human administrator. We focus on three main objectives: the RBAC state must be compact, and minimize the costs to administer access to users; the RBAC state must contain semantically meaningful roles that correspond to real-world concepts and job duties; and the RBAC state must be correct and secure. We develop a two-phase process for role mining: first clean the data, and then find candidate roles. Techniques based on rank-reduced matrix decomposition and a model of security are used to clean the data to eliminate errors, predict unknown values, and identify assignments that are applicable to RBAC. Second, we develop a measure of administrative costs based on the structural complexity of the RBAC system. The complexity is parameterized and makes few assumptions regarding administrative e⇥ort. Two algorithms founded in the theory of formal concept analysis are developed to minimize the RBAC state complexity while maintaining semantically meaningful roles.