Determining role rights from use cases
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Role-based access control and the access control matrix
ACM SIGOPS Operating Systems Review
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Observations on the role life-cycle in the context of enterprise security management
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Role mining - revealing business roles for security administration using data mining technology
Proceedings of the eighth ACM symposium on Access control models and technologies
Proceedings of the tenth ACM symposium on Access control models and technologies
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
A cost-driven approach to role engineering
Proceedings of the 2008 ACM symposium on Applied computing
Fast exact and heuristic methods for role minimization problems
Proceedings of the 13th ACM symposium on Access control models and technologies
Mining roles with semantic meanings
Proceedings of the 13th ACM symposium on Access control models and technologies
A class of probabilistic models for role engineering
Proceedings of the 15th ACM conference on Computer and communications security
A formal framework to elicit roles with business meaning in RBAC systems
Proceedings of the 14th ACM symposium on Access control models and technologies
Evaluating role mining algorithms
Proceedings of the 14th ACM symposium on Access control models and technologies
Edge-RMP: Minimizing administrative assignments for role-based access control
Journal of Computer Security
A probabilistic approach to hybrid role mining
Proceedings of the 16th ACM conference on Computer and communications security
A closer look to the V-model approach for role engineering
WSEAS Transactions on Computers
A simple role mining algorithm
Proceedings of the 2010 ACM Symposium on Applied Computing
On the definition of role mining
Proceedings of the 15th ACM symposium on Access control models and technologies
StateMiner: an efficient similarity-based approach for optimal mining of role hierarchy
Proceedings of the 15th ACM symposium on Access control models and technologies
Proceedings of the 15th ACM symposium on Access control models and technologies
Graph based strategies to role engineering
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
A learning-based approach for SELinux policy optimization with type mining
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Role mining in the presence of noise
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Mining Roles with Multiple Objectives
ACM Transactions on Information and System Security (TISSEC)
Baaz: a system for detecting access control misconfigurations
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
A new role mining framework to elicit business roles and to mitigate enterprise risk
Decision Support Systems
Mining RBAC roles under cardinality constraint
ICISS'10 Proceedings of the 6th international conference on Information systems security
An optimization model for the extended role mining problem
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Role engineering: from theory to practice
Proceedings of the second ACM conference on Data and Application Security and Privacy
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Algorithms for mining meaningful roles
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Role Mining with Probabilistic Models
ACM Transactions on Information and System Security (TISSEC)
Evolving role definitions through permission invocation patterns
Proceedings of the 18th ACM symposium on Access control models and technologies
RMiner: a tool set for role mining
Proceedings of the 18th ACM symposium on Access control models and technologies
Business Driven User Role Assignment: Nimble Adaptation of RBAC to Organizational Changes
International Journal of Information Security and Privacy
An optimization framework for role mining
Journal of Computer Security
| Hi-index | 0.00 |
Role engineering is one of the fundamental phases for migrating existing enterprises to Role Based Access Control. In organisations with a large number of users and permissions, this task can be time consuming and costly if a top down approach is used. Existing bottom up approaches are not sufficient in producing a comprehensive set of roles for hierarchical Role Based Access Control. In this research, we propose a predominately bottom up approach that uses Graph Optimisation to identify appropriate role hierarchies. Additional partial role specifications can be incorporated to produce a hybrid approach. Using rules that reduce administration requirements, roles and their hierarchies are automatically extracted from large numbers of permission assignments. The results of the Graph Optimisation approach are hierarchical Role Based Access Control infrastructures that offer improved access control administration for the system.