RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Role mining - revealing business roles for security administration using data mining technology
Proceedings of the eighth ACM symposium on Access control models and technologies
Proceedings of the tenth ACM symposium on Access control models and technologies
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
The role mining problem: finding a minimal descriptive set of roles
Proceedings of the 12th ACM symposium on Access control models and technologies
Fast exact and heuristic methods for role minimization problems
Proceedings of the 13th ACM symposium on Access control models and technologies
Mining roles with semantic meanings
Proceedings of the 13th ACM symposium on Access control models and technologies
A class of probabilistic models for role engineering
Proceedings of the 15th ACM conference on Computer and communications security
Edge-RMP: Minimizing administrative assignments for role-based access control
Journal of Computer Security
Optimal Boolean Matrix Decomposition: Application to Role Engineering
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
A probabilistic approach to hybrid role mining
Proceedings of the 16th ACM conference on Computer and communications security
Extended Boolean Matrix Decomposition
ICDM '09 Proceedings of the 2009 Ninth IEEE International Conference on Data Mining
Proceedings of the 15th ACM symposium on Access control models and technologies
Proceedings of the 15th ACM symposium on Access control models and technologies
Role mining in the presence of noise
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Mining Roles with Multiple Objectives
ACM Transactions on Information and System Security (TISSEC)
Constraint-Aware Role Mining via Extended Boolean Matrix Decomposition
IEEE Transactions on Dependable and Secure Computing
| Hi-index | 0.00 |
Role mining recently has attracted much attention from the role-based access control (RBAC) research community as it provides a machine-operated means of discovering roles from existing permission assignments. While there is a rich body of literature on role mining, we find that user experience/perception - one ultimate goal for any information system - is surprisingly ignored by the existing works. This work is the first to study role mining from the end-user perspective. Specifically, based on the observation that end-users prefer simple role assignments, we propose to incorporate to the role mining process a user-role assignment sparseness constraint that mandates the maximum number of roles each user can have. Under this rationale, we formulate user-oriented role mining as two specific problems: one is user-oriented exact role mining problem (RMP), which is obliged to completely reconstruct the given permission assignments, and the other is user-oriented approximate RMP, which tolerates a certain amount of deviation from the complete reconstruction. The extra sparseness constraint poses a great challenge to role mining, which in general is already a hard problem. We examine some typical existing role mining methods to see their applicability to our problems. In light of their insufficiency, we present a new algorithm, which is based on a novel dynamic candidate role generation strategy, tailored to our problems. Experiments on benchmark datasets demonstrate the effectiveness of our proposed algorithm.