Edge-RMP: Minimizing administrative assignments for role-based access control
Journal of Computer Security
A simple role mining algorithm
Proceedings of the 2010 ACM Symposium on Applied Computing
On the definition of role mining
Proceedings of the 15th ACM symposium on Access control models and technologies
StateMiner: an efficient similarity-based approach for optimal mining of role hierarchy
Proceedings of the 15th ACM symposium on Access control models and technologies
Role mining in the presence of noise
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Automating security configuration and administration: an access control perspective
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Algorithms for mining meaningful roles
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Mining parameterized role-based policies
Proceedings of the third ACM conference on Data and application security and privacy
Role Mining with Probabilistic Models
ACM Transactions on Information and System Security (TISSEC)
On the exploitation of process mining for security audits: the process discovery case
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Analysis of TRBAC with dynamic temporal role hierarchies
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
| Hi-index | 0.00 |
Role hierarchies are fundamental to the role based access control (RBAC) model. The notion of role hierarchy is a well understood concept that allows senior roles to inherit the permissions of the corresponding junior roles. Role hierarchies further ease the burden of security administration, as there is no need to explicitly specify and maintain a large number of permissions. Given a set of roles or user permissions, one may construct a number of alternative hierarchies. However, there does not exist the notion of an optimal role hierarchy. Optimality helps in maximizing the benefit of employing the role hierarchy. In this paper, we propose such a formal metric. Our optimality notion is based on the smallest graph representation of the role hierarchy (minimal in the number of edges) having the same transitive closure as any alternate representation. We show why this makes sense as well as ways to achieve this. The main contributions of this paper are to formalize the notion of optimality for role hierarchy construction, along with proposing heuristic solutions to achieve this objective, thus making role hierarchies feasible and practical.