Skip to Main content Skip to Navigation
Conference papers

An Optimization Model for the Extended Role Mining Problem

Abstract : The primary purpose of Role Mining is to effectively determine the roles in an enterprise using the permissions that have already been assigned to the users. If this permission assignment is viewed as a 0-1 matrix, then Role Mining aims to decompose this matrix into two matrices which represent user-role and role-permission assignments. This decomposition is known as Boolean Matrix Decomposition (BMD). In this paper, we use an Extended BMD (EBMD) to consider separation of duty constraints (SOD) and exceptions, that are common to any security system, in the role mining process. Essentially, in EBMD, we introduce negative assignments. An additional benefit of allowing negative assignments in roles is that, a less number of roles can be used to reconstruct the same given user-permission assignments. We introduce Extended Role Mining Problem and its variants and present their optimization models. We also propose a heuristic algorithm that is capable of utilizing these models to find good decompositions.
Document type :
Conference papers
Complete list of metadata

Cited literature [11 references]  Display  Hide  Download

https://hal.inria.fr/hal-01586595
Contributor : Hal Ifip <>
Submitted on : Wednesday, September 13, 2017 - 8:56:14 AM
Last modification on : Friday, August 9, 2019 - 3:24:28 PM
Long-term archiving on: : Thursday, December 14, 2017 - 1:05:56 PM

File

978-3-642-22348-8_8_Chapter.pd...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Emre Uzun, Vijayalakshmi Atluri, Haibing Lu, Jaideep Vaidya. An Optimization Model for the Extended Role Mining Problem. 23th Data and Applications Security (DBSec), Jul 2011, Richmond, VA, United States. pp.76-89, ⟨10.1007/978-3-642-22348-8_8⟩. ⟨hal-01586595⟩

Share

Metrics

Record views

72

Files downloads

239