An Optimization Model for the Extended Role Mining Problem

Abstract : The primary purpose of Role Mining is to effectively determine the roles in an enterprise using the permissions that have already been assigned to the users. If this permission assignment is viewed as a 0-1 matrix, then Role Mining aims to decompose this matrix into two matrices which represent user-role and role-permission assignments. This decomposition is known as Boolean Matrix Decomposition (BMD). In this paper, we use an Extended BMD (EBMD) to consider separation of duty constraints (SOD) and exceptions, that are common to any security system, in the role mining process. Essentially, in EBMD, we introduce negative assignments. An additional benefit of allowing negative assignments in roles is that, a less number of roles can be used to reconstruct the same given user-permission assignments. We introduce Extended Role Mining Problem and its variants and present their optimization models. We also propose a heuristic algorithm that is capable of utilizing these models to find good decompositions.
Type de document :
Communication dans un congrès
Yingjiu Li. 23th Data and Applications Security (DBSec), Jul 2011, Richmond, VA, United States. Springer, Lecture Notes in Computer Science, LNCS-6818, pp.76-89, 2011, Data and Applications Security and Privacy XXV. 〈10.1007/978-3-642-22348-8_8〉
Liste complète des métadonnées

Littérature citée [11 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01586595
Contributeur : Hal Ifip <>
Soumis le : mercredi 13 septembre 2017 - 08:56:14
Dernière modification le : mercredi 13 septembre 2017 - 14:28:18
Document(s) archivé(s) le : jeudi 14 décembre 2017 - 13:05:56

Fichier

978-3-642-22348-8_8_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Emre Uzun, Vijayalakshmi Atluri, Haibing Lu, Jaideep Vaidya. An Optimization Model for the Extended Role Mining Problem. Yingjiu Li. 23th Data and Applications Security (DBSec), Jul 2011, Richmond, VA, United States. Springer, Lecture Notes in Computer Science, LNCS-6818, pp.76-89, 2011, Data and Applications Security and Privacy XXV. 〈10.1007/978-3-642-22348-8_8〉. 〈hal-01586595〉

Partager

Métriques

Consultations de la notice

25

Téléchargements de fichiers

8