Role-Based Access Control Models
Computer
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Role-finding/role-engineering (panel session)
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Observations on the role life-cycle in the context of enterprise security management
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Fast Algorithms for Mining Association Rules in Large Databases
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Role mining - revealing business roles for security administration using data mining technology
Proceedings of the eighth ACM symposium on Access control models and technologies
Engineering of Role/Permission Assignments
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Proceedings of the tenth ACM symposium on Access control models and technologies
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
Computational aspects of mining maximal frequent patterns
Theoretical Computer Science
Role engineering using graph optimisation
Proceedings of the 12th ACM symposium on Access control models and technologies
The role mining problem: finding a minimal descriptive set of roles
Proceedings of the 12th ACM symposium on Access control models and technologies
HyDRo --- Hybrid Development of Roles
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
A formal framework to elicit roles with business meaning in RBAC systems
Proceedings of the 14th ACM symposium on Access control models and technologies
Evaluating role mining algorithms
Proceedings of the 14th ACM symposium on Access control models and technologies
Multi-assignment clustering for Boolean data
ICML '09 Proceedings of the 26th Annual International Conference on Machine Learning
A probabilistic approach to hybrid role mining
Proceedings of the 16th ACM conference on Computer and communications security
ABBA: adaptive bicluster-based approach to impute missing values in binary matrices
Proceedings of the 2010 ACM Symposium on Applied Computing
On the definition of role mining
Proceedings of the 15th ACM symposium on Access control models and technologies
StateMiner: an efficient similarity-based approach for optimal mining of role hierarchy
Proceedings of the 15th ACM symposium on Access control models and technologies
Mining Roles with Multiple Objectives
ACM Transactions on Information and System Security (TISSEC)
Automating security configuration and administration: an access control perspective
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
A new role mining framework to elicit business roles and to mitigate enterprise risk
Decision Support Systems
Enforcing access control in workflow systems with a task engineering approach
International Journal of Internet Technology and Secured Transactions
Role engineering: from theory to practice
Proceedings of the second ACM conference on Data and Application Security and Privacy
Role Mining with Probabilistic Models
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.00 |
In recent years role-based access control (RBAC) has been spreading within organizations. However, companies still have considerable difficulty migrating to this model, due to the complexity involved in identifying a set of roles fitting the real needs of the company. All the various role engineering methods proposed thus far lack a metric for measuring the "quality" of candidate roles produced. This paper proposes a new approach guided by a cost-based metric, where "cost" represents the effort to administer the resulting RBAC. Further, we propose REAM (Role-Based Association-rule Mining), an algorithm leveraging the cost metric to find candidate role-sets with the lowest possible administration cost. For a specific parameter set, RBAM behaves as already existing role mining algorithms and is, worst case, NP-complete. Yet, we will provide several examples showing the sensibility of assumptions made by the algorithm. Further, application of the algorithm to real data will highlight the improvements over current solutions. Finally, we comment on the direction of future research.