Towards User-Oriented RBAC Model

Abstract : Role mining recently has attracted much attention from the role-based access control (RBAC) research community as it provides a machine-operated means of discovering roles from existing permission assignments. While there is a rich body of literature on role mining, we find that user experience/perception - one ultimate goal for any information system - is surprisingly ignored by the existing works. This work is the first to study role mining from the end-user perspective. Specifically, based on the observation that end-users prefer simple role assignments, we propose to incorporate to the role mining process a user-role assignment sparseness constraint that mandates the maximum number of roles each user can have. Under this rationale, we formulate user-oriented role mining as two specific problems: one is user-oriented exact role mining problem (RMP), which is obliged to completely reconstruct the given permission assignments, and the other is user-oriented approximate RMP, which tolerates a certain amount of deviation from the complete reconstruction. The extra sparseness constraint poses a great challenge to role mining, which in general is already a hard problem. We examine some typical existing role mining methods to see their applicability to our problems. In light of their insufficiency, we present a new algorithm, which is based on a novel dynamic candidate role generation strategy, tailored to our problems. Experiments on benchmark datasets demonstrate the effectiveness of our proposed algorithm.
Type de document :
Communication dans un congrès
Lingyu Wang; Basit Shafiq. 27th Data and Applications Security and Privacy (DBSec), Jul 2013, Newark, NJ, United States. Springer, Lecture Notes in Computer Science, LNCS-7964, pp.81-96, 2013, Data and Applications Security and Privacy XXVII. 〈10.1007/978-3-642-39256-6_6〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01490719
Contributeur : Hal Ifip <>
Soumis le : mercredi 15 mars 2017 - 17:16:24
Dernière modification le : jeudi 16 mars 2017 - 09:24:24
Document(s) archivé(s) le : vendredi 16 juin 2017 - 15:07:41

Fichier

978-3-642-39256-6_6_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Haibing Lu, Yuan Hong, Yanjiang Yang, Lian Duan, Nazia Badar. Towards User-Oriented RBAC Model. Lingyu Wang; Basit Shafiq. 27th Data and Applications Security and Privacy (DBSec), Jul 2013, Newark, NJ, United States. Springer, Lecture Notes in Computer Science, LNCS-7964, pp.81-96, 2013, Data and Applications Security and Privacy XXVII. 〈10.1007/978-3-642-39256-6_6〉. 〈hal-01490719〉

Partager

Métriques

Consultations de la notice

144

Téléchargements de fichiers

48