角色挖掘问题:正式的视角

Q Engineering
Jaideep Vaidya, V. Atluri, Qi Guo
{"title":"角色挖掘问题:正式的视角","authors":"Jaideep Vaidya, V. Atluri, Qi Guo","doi":"10.1145/1805974.1805983","DOIUrl":null,"url":null,"abstract":"Devising a complete and correct set of roles has been recognized as one of the most important and challenging tasks in implementing role-based access control. A key problem related to this is the notion of goodness/interestingness—when is a role good/interesting? In this article, we define the Role Mining Problem (RMP) as the problem of discovering an optimal set of roles from existing user permissions. The main contribution of this article is to formally define RMP and analyze its theoretical bounds. In addition to the above basic RMP, we introduce two different variations of the RMP, called the Δ-Approx RMP and the minimal-noise RMP that have pragmatic implications. We reduce the known “Set Basis Problem” to RMP to show that RMP is an NP-complete problem. An important contribution of this article is also to show the relation of the RMP to several problems already identified in the data mining and data analysis literature. By showing that the RMP is in essence reducible to these known problems, we can directly borrow the existing implementation solutions and guide further research in this direction. We also develop a heuristic solution based on the previously proposed FastMiner algorithm, which is very accurate and efficient.","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"1 1","pages":"27:1-27:31"},"PeriodicalIF":0.0000,"publicationDate":"2010-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"71","resultStr":"{\"title\":\"The role mining problem: A formal perspective\",\"authors\":\"Jaideep Vaidya, V. Atluri, Qi Guo\",\"doi\":\"10.1145/1805974.1805983\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Devising a complete and correct set of roles has been recognized as one of the most important and challenging tasks in implementing role-based access control. A key problem related to this is the notion of goodness/interestingness—when is a role good/interesting? In this article, we define the Role Mining Problem (RMP) as the problem of discovering an optimal set of roles from existing user permissions. The main contribution of this article is to formally define RMP and analyze its theoretical bounds. In addition to the above basic RMP, we introduce two different variations of the RMP, called the Δ-Approx RMP and the minimal-noise RMP that have pragmatic implications. We reduce the known “Set Basis Problem” to RMP to show that RMP is an NP-complete problem. An important contribution of this article is also to show the relation of the RMP to several problems already identified in the data mining and data analysis literature. By showing that the RMP is in essence reducible to these known problems, we can directly borrow the existing implementation solutions and guide further research in this direction. We also develop a heuristic solution based on the previously proposed FastMiner algorithm, which is very accurate and efficient.\",\"PeriodicalId\":50912,\"journal\":{\"name\":\"ACM Transactions on Information and System Security\",\"volume\":\"1 1\",\"pages\":\"27:1-27:31\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"71\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Transactions on Information and System Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1805974.1805983\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q\",\"JCRName\":\"Engineering\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Information and System Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1805974.1805983","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q","JCRName":"Engineering","Score":null,"Total":0}
引用次数: 71

摘要

在实现基于角色的访问控制时,设计一组完整且正确的角色被认为是最重要和最具挑战性的任务之一。与此相关的一个关键问题是善良/有趣的概念——什么时候一个角色是善良/有趣的?在本文中,我们将角色挖掘问题(RMP)定义为从现有用户权限中发现一组最佳角色的问题。本文的主要贡献是正式定义了RMP并分析了其理论范围。除了上述基本的RMP之外,我们还介绍了RMP的两种不同变体,称为Δ-Approx RMP和具有实用意义的最小噪声RMP。我们将已知的“集合基问题”约简为RMP,证明RMP是一个np完全问题。本文的一个重要贡献是还展示了RMP与数据挖掘和数据分析文献中已经确定的几个问题之间的关系。通过表明RMP本质上可简化为这些已知问题,我们可以直接借鉴现有的实现方案,并指导这一方向的进一步研究。我们还基于先前提出的FastMiner算法开发了一种启发式解决方案,该算法非常准确和高效。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
The role mining problem: A formal perspective
Devising a complete and correct set of roles has been recognized as one of the most important and challenging tasks in implementing role-based access control. A key problem related to this is the notion of goodness/interestingness—when is a role good/interesting? In this article, we define the Role Mining Problem (RMP) as the problem of discovering an optimal set of roles from existing user permissions. The main contribution of this article is to formally define RMP and analyze its theoretical bounds. In addition to the above basic RMP, we introduce two different variations of the RMP, called the Δ-Approx RMP and the minimal-noise RMP that have pragmatic implications. We reduce the known “Set Basis Problem” to RMP to show that RMP is an NP-complete problem. An important contribution of this article is also to show the relation of the RMP to several problems already identified in the data mining and data analysis literature. By showing that the RMP is in essence reducible to these known problems, we can directly borrow the existing implementation solutions and guide further research in this direction. We also develop a heuristic solution based on the previously proposed FastMiner algorithm, which is very accurate and efficient.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
ACM Transactions on Information and System Security
ACM Transactions on Information and System Security 工程技术-计算机:信息系统
CiteScore
4.50
自引率
0.00%
发文量
0
审稿时长
3.3 months
期刊介绍: ISSEC is a scholarly, scientific journal that publishes original research papers in all areas of information and system security, including technologies, systems, applications, and policies.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信