RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
On the computational complexity of edge concentration
Discrete Applied Mathematics
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
On bipartite and multipartite clique problems
Journal of Algorithms
Formal Concept Analysis: Mathematical Foundations
Formal Concept Analysis: Mathematical Foundations
Computing iceberg concept lattices with TITANIC
Data & Knowledge Engineering
Fast Algorithms for Mining Association Rules in Large Databases
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
On modeling system-centric information for role engineering
Proceedings of the eighth ACM symposium on Access control models and technologies
Role mining - revealing business roles for security administration using data mining technology
Proceedings of the eighth ACM symposium on Access control models and technologies
Proceedings of the tenth ACM symposium on Access control models and technologies
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
Identity Management Design Guide With IBM Tivoli Identity Manager
Identity Management Design Guide With IBM Tivoli Identity Manager
Role engineering using graph optimisation
Proceedings of the 12th ACM symposium on Access control models and technologies
The role mining problem: finding a minimal descriptive set of roles
Proceedings of the 12th ACM symposium on Access control models and technologies
Efficient policy analysis for administrative role based access control
Proceedings of the 14th ACM conference on Computer and communications security
A cost-driven approach to role engineering
Proceedings of the 2008 ACM symposium on Applied computing
Fast exact and heuristic methods for role minimization problems
Proceedings of the 13th ACM symposium on Access control models and technologies
Migrating to optimal RBAC with minimal perturbation
Proceedings of the 13th ACM symposium on Access control models and technologies
Mining roles with semantic meanings
Proceedings of the 13th ACM symposium on Access control models and technologies
A class of probabilistic models for role engineering
Proceedings of the 15th ACM conference on Computer and communications security
Evaluating role mining algorithms
Proceedings of the 14th ACM symposium on Access control models and technologies
Optimal Boolean Matrix Decomposition: Application to Role Engineering
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Algorithms for mining meaningful roles
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
A framework integrating attribute-based policies into role-based access control
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
A completeness analysis of frequent weighted concept lattices and their algebraic properties
Data & Knowledge Engineering
Constraint-enhanced role engineering via answer set programming
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
Mining parameterized role-based policies
Proceedings of the third ACM conference on Data and application security and privacy
Role Mining with Probabilistic Models
ACM Transactions on Information and System Security (TISSEC)
On the notion of redundancy in access control policies
Proceedings of the 18th ACM symposium on Access control models and technologies
Role mining algorithm evaluation and improvement in large volume android applications
Proceedings of the first international workshop on Security in embedded systems and smartphones
Toward mining of temporal roles
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Towards user-oriented RBAC model
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
| Hi-index | 0.00 |
With the growing adoption of Role-Based Access Control (RBAC) in commercial security and identity management products, how to facilitate the process of migrating a non-RBAC system to an RBAC system has become a problem with significant business impact. Researchers have proposed to use data mining techniques to discover roles to complement the costly top-down approaches for RBAC system construction. An important problem is how to construct RBAC systems with low complexity. In this article, we define the notion of weighted structural complexity measure and propose a role mining algorithm that mines RBAC systems with low structural complexity. Another key problem that has not been adequately addressed by existing role mining approaches is how to discover roles with semantic meanings. In this article, we study the problem in two primary settings with different information availability. When the only information is user-permission relation, we propose to discover roles whose semantic meaning is based on formal concept lattices. We argue that the theory of formal concept analysis provides a solid theoretical foundation for mining roles from a user-permission relation. When user-attribute information is also available, we propose to create roles that can be explained by expressions of user-attributes. Since an expression of attributes describes a real-world concept, the corresponding role represents a real-world concept as well. Furthermore, the algorithms we propose balance the semantic guarantee of roles with system complexity. Finally, we indicate how to create a hybrid approach combining top-down candidate roles. Our experimental results demonstrate the effectiveness of our approaches.