Mining roles with semantic meanings

Molloy, Ian; Cheng, Hong; Li, Tiancheng; Wang, Qihua; Li, Ninghui; Bertino, Elisa; Calo, Seraphin; Lobo, Jorge

doi:10.1145/1377836.1377840

Cited by 144 publications

(160 citation statements)

References 9 publications

Supporting

Mentioning

148

Contrasting

Unclassified

Order By: Relevance

“…Several approaches are able to take existing roles into consideration (e.g. (Molloy et al, 2008)) but do not integrate usage data. Moreover, restrictions on the hierarchy of a RBAC state can represent one way to reduce complexity and increase the quality of either a single role or the whole RBAC state.…”

Section: Discussionmentioning

confidence: 99%

“…Finally, papers that do not present role mining techniques were removed from the catalog (e.g. (Molloy et al, 2008)). Consecutively, we classify recent role mining publications according to the scheme presented by (Fuchs and Meier, 2011).…”

Section: Methodsmentioning

confidence: 99%

“…Yet, none of the related work in the field focuses on quality criteria applied during role system maintenance. In (Molloy et al, 2008), the authors investigated the usage of selected metrics like the Weighted Structural Complexity (WSC) for analyzing role system states. (Fuchs and Müller, 2009) described mechanisms for periodically evaluating a role systems quality but do not consider the scalability of their approach in large realworld scenarios.…”

Section: Related Workmentioning

confidence: 99%

“…Formal Concept Analysis is a data mining technique similar to clustering, overcoming the limitation of only assigning entities to one group (Molloy et al, 2008). Related algorithms build a concept lattice from the UPA-matrix and reduce duplicate information.…”

Section: Role Mining Surveymentioning

confidence: 99%

“…In contrast to most other quality criteria the so called Weighted Structural Complexity (WSC) is a widely-used heuristic to rate the complexity of a RBAC model. Originally introduced by (Molloy et al, 2008), it applies weights to different optimization objectives. It can be seen as one of the most advanced measures that solely relies on the components of an RBAC state.…”

Section: Quality-related Criteriamentioning

confidence: 99%

See 4 more Smart Citations

Analyzing Quality Criteria in Role-based Identity and Access Management

Kunz

Fuchs

Netter

et al. 2015

Proceedings of the 1st International Conference on Information Systems Security and Privacy

View full text Add to dashboard Cite

Abstract:Roles have turned into the de facto standard for access control in enterprise identity management systems. However, as roles evolve over time, companies struggle to develop and maintain a consistent role model. Up to now, the core challenge of measuring the current quality of a role model and selecting criteria for its optimization remains unsolved. In this paper, we conduct a survey of existing role mining techniques and identify quality criteria inherently used by these approaches. This guides organizations during the selection of a role mining technique that matches their company-specific quality preferences. Moreover, our analysis aims to stimulate the research community to integrate quality metrics in future role mining approaches.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Methodsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Role Mining Surveymentioning

confidence: 99%

Section: Quality-related Criteriamentioning

confidence: 99%

See 3 more Smart Citations

Analyzing Quality Criteria in Role-based Identity and Access Management

Kunz

Fuchs

Netter

et al. 2015

Proceedings of the 1st International Conference on Information Systems Security and Privacy

View full text Add to dashboard Cite

show abstract

Role mining based on cardinality constraints

et al. 2015

Concurrency and Computation

View full text Add to dashboard Cite

SUMMARYRole mining was recently proposed to automatically find roles among user-permission assignments using data mining technologies. However, the current studies about role mining mainly focus on how to find roles, without considering the constraints that are essentially required in role-based access control systems. In this paper, we present a role mining algorithm with constraints, especially for the cardinality constraints. We illustrate it is essential for role mining to take cardinality constraints into account, and introduce the concepts of the cardinality constraints of roles and permissions. We further propose a role mining algorithm to generate roles based on these two kinds of cardinality constraints. The algorithm uses graph theory to model the role mining problem and maps the relation of two roles to the relation of graph elements. We set an optimization goal for role mining and employ graph optimization theory to find roles that satisfy the aforementioned cardinality constraints. We carry out the experiments to evaluate our approach. The experimental results demonstrate the rationality and effectiveness of the proposed algorithm.

show abstract

Role mining based on permission cardinality constraint and user cardinality constraint

Wang

et al. 2014

Security Comm. Networks

View full text Add to dashboard Cite

Constraint is an essential aspect of role‐based access control (RBAC) and is sometimes argued to be the principle motivation for RBAC. However, most of role mining algorithms do not consider the constraint. Furthermore, they just compare the least cost of the authorization process but do not consider how to assess the accuracy of the derived role state, thus, providing the motivation for this work. In this paper, we first define a wide variety of constraints, especially the permission cardinality constraint and user cardinality constraint. We further propose a role mining algorithm to generate roles based on these two kinds of cardinality constraints that consider the similarity between roles in the process of merging roles in order to improve the accuracy of the role state at the same time. Finally, we carry out the experiments to evaluate our approach. The experimental results demonstrate the effectiveness of our proposed algorithm. Copyright © 2014 John Wiley & Sons, Ltd.

show abstract

Mining roles with semantic meanings

Cited by 144 publications

References 9 publications

Analyzing Quality Criteria in Role-based Identity and Access Management

Analyzing Quality Criteria in Role-based Identity and Access Management

Role mining based on cardinality constraints

Role mining based on permission cardinality constraint and user cardinality constraint

Contact Info

Product

Resources

About