{"title":"An importance-based approach for mining approximate roles","authors":"Lei Sun, Ning Pan, Liangsheng He, Zhiqiang Zhu","doi":"10.1109/PIC.2017.8359589","DOIUrl":null,"url":null,"abstract":"Role Based Access Control (RBAC) has become the de facto access control model in recent years. In order to deploy RBAC, organizations have to define a set of roles from the existing user-permission assignment relationships, the process of which is called role mining. There have been many role mining algorithms proposed to devise a complete and correct set of roles which may not be necessary because the user-permission assignment (UPA) relationships are dynamic. In this paper, we define the evaluation criterion and the 6-Approx Important Role Mining Problem (6-IRMP) which is proved to be NP-complete first, then we propose a heuristic bottom-up role mining approach that reduces the total number of roles with important assignments and permissions preserved. Furthermore, we carry out the experiments with public datasets to evaluate our approach and the experimental results compared with other algorithms demonstrate the effectiveness of our proposed approach.","PeriodicalId":370588,"journal":{"name":"2017 International Conference on Progress in Informatics and Computing (PIC)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference on Progress in Informatics and Computing (PIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PIC.2017.8359589","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Role Based Access Control (RBAC) has become the de facto access control model in recent years. In order to deploy RBAC, organizations have to define a set of roles from the existing user-permission assignment relationships, the process of which is called role mining. There have been many role mining algorithms proposed to devise a complete and correct set of roles which may not be necessary because the user-permission assignment (UPA) relationships are dynamic. In this paper, we define the evaluation criterion and the 6-Approx Important Role Mining Problem (6-IRMP) which is proved to be NP-complete first, then we propose a heuristic bottom-up role mining approach that reduces the total number of roles with important assignments and permissions preserved. Furthermore, we carry out the experiments with public datasets to evaluate our approach and the experimental results compared with other algorithms demonstrate the effectiveness of our proposed approach.