Matrix computations (3rd ed.)
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Simulation
Role mining - revealing business roles for security administration using data mining technology
Proceedings of the eighth ACM symposium on Access control models and technologies
PROXIMUS: a framework for analyzing very high dimensional discrete-attributed datasets
Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining
Proceedings of the tenth ACM symposium on Access control models and technologies
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
Role engineering using graph optimisation
Proceedings of the 12th ACM symposium on Access control models and technologies
The role mining problem: finding a minimal descriptive set of roles
Proceedings of the 12th ACM symposium on Access control models and technologies
Fast exact and heuristic methods for role minimization problems
Proceedings of the 13th ACM symposium on Access control models and technologies
Migrating to optimal RBAC with minimal perturbation
Proceedings of the 13th ACM symposium on Access control models and technologies
Mining roles with semantic meanings
Proceedings of the 13th ACM symposium on Access control models and technologies
The Boolean column and column-row matrix decompositions
Data Mining and Knowledge Discovery
On the Positive--Negative Partial Set Cover problem
Information Processing Letters
IEEE Transactions on Knowledge and Data Engineering
A class of probabilistic models for role engineering
Proceedings of the 15th ACM conference on Computer and communications security
Evaluating role mining algorithms
Proceedings of the 14th ACM symposium on Access control models and technologies
Edge-RMP: Minimizing administrative assignments for role-based access control
Journal of Computer Security
Optimal Boolean Matrix Decomposition: Application to Role Engineering
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Multi-assignment clustering for Boolean data
ICML '09 Proceedings of the 26th Annual International Conference on Machine Learning
Mining discrete patterns via binary matrix factorization
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining
A probabilistic approach to hybrid role mining
Proceedings of the 16th ACM conference on Computer and communications security
Extended Boolean Matrix Decomposition
ICDM '09 Proceedings of the 2009 Ninth IEEE International Conference on Data Mining
Proceedings of the 15th ACM symposium on Access control models and technologies
PKDD'06 Proceedings of the 10th European conference on Principle and Practice of Knowledge Discovery in Databases
Constraint-Aware Role Mining via Extended Boolean Matrix Decomposition
IEEE Transactions on Dependable and Secure Computing
Hi-index | 0.00 |
Role Based Access Control RBAC is accepted as the de facto access control model for organizations of all sizes. However, engineering the right set of roles is crucial to enable the correct deployment of RBAC within an organization. Indeed, discovering an optimal and correct set of roles from existing permission assignments, referred to as the role mining problem RMP, has gained significant attention in recent years. Role Mining is itself an instantiation of Boolean matrix decomposition --wherein a Boolean matrix is decomposed into two Boolean matrices giving a set of basis vectors and their appropriate combination. In fact, such decompositions are useful in a number of application domains beyond role engineering, including text mining as well as knowledge discovery. While a Boolean matrix can be decomposed in many ways, however, certain decompositions better characterize the semantics associated with the original matrix in a succinct but comprehensive way. Indeed, one can find different decompositions that are optimal with respect to different criteria that may match various semantics. In this paper, we first present a number of variants of the optimal Boolean matrix decomposition problem, including usage RMP, basic RMP, δ-approximate RMP, and edge RMP, that have pragmatic implications in the context of role mining. We then present a unified framework for modeling the optimal Boolean matrix decomposition and its variants using integer linear programming ILP. Such modeling allows us to directly adopt the huge body of heuristic solutions and tools developed for integer linear programming. We also develop efficient heuristics and solutions for each RMP variant, and validate them by a comprehensive experimental evaluation.