Skip to main content
SpringerLink
Log in

PostProcessing in Constrained Role Mining

  • Conference paper
  • First Online:
Intelligent Data Engineering and Automated Learning – IDEAL 2018 (IDEAL 2018)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 11314))

Abstract

Constrained role mining aims to define a valid set of roles efficiently representing the organization of a company, easing the management of the security policies. Since the associated problems are NP hard, usually some heuristics are defined to find some sub-optimal solutions. In this paper we define two heuristics for the Permission Distribution and Role Usage Cardinality Constraints in the post processing framework, i.e. refining the roles produced by some other algorithm. We discuss the performance of the proposed heuristics applying them to some standard datasets showing the improvements w.r.t. previously available solutions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Blundo, C., Cimato, S.: A simple role mining algorithm. In: SAC 2010, New York, NY, USA, pp. 1958–1962. ACM (2010)

    Google Scholar 

  2. Blundo, C., Cimato, S.: Constrained role mining. In: Jøsang, A., Samarati, P., Petrocchi, M. (eds.) STM 2012. LNCS, vol. 7783, pp. 289–304. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38004-4_19

    Chapter  Google Scholar 

  3. Blundo, C., Cimato, S., Siniscalchi, L.: Mining roles in constrained RBAC. Submitted (2018)

    Google Scholar 

  4. Blundo, C., Cimato, S., Siniscalchi, L.: PRUCC-RM: permission-role-usage cardinality constrained role mining. In: COMPSAC 2017, pp. 149–154. IEEE (2017)

    Google Scholar 

  5. Chen, L., Crampton, J.: Set covering problems in role-based access control. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 689–704. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04444-1_42

    Chapter  Google Scholar 

  6. Ene, A., Horne, W., Milosavljevic, N., Rao, P., Schreiber, R., Tarjan, R.E.: Fast exact and heuristic methods for role minimization problems. In: SACMAT 2008, pp. 1–10. ACM (2008)

    Google Scholar 

  7. Ferraiolo, D.F., Sandhu, R.S., Gavrila, S.I., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. 4(3), 224–274 (2001)

    Article  Google Scholar 

  8. Harika, P., Nagajyothi, M., John, J.C., Sural, S., Vaidya, J., Atluri, V.: Meeting cardinality constraints in role mining. IEEE Trans. Dependable Secur. Comput. 12(1), 71–84 (2015)

    Article  Google Scholar 

  9. Hingankar, M., Sural, S.: Towards role mining with restricted user-role assignment. In: Wireless VITAE 2011, pp. 1–5 (2011)

    Google Scholar 

  10. John, J.C., Sural, S., Atluri, V., Vaidya, J.S.: Role mining under role-usage cardinality constraint. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IAICT, vol. 376, pp. 150–161. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30436-1_13

    Chapter  Google Scholar 

  11. Kumar, R., Sural, S., Gupta, A.: Mining RBAC roles under cardinality constraint. In: Jha, S., Mathuria, A. (eds.) ICISS 2010. LNCS, vol. 6503, pp. 171–185. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17714-9_13

    Chapter  Google Scholar 

  12. Mitra, B., Sural, S., Vaidya, J., Atluri, V.: A survey of role mining. ACM Comput. Surv. 48, 4 (2016)

    Article  Google Scholar 

  13. Lu, H., Vaidya, J., Atluri, V.: Optimal boolean matrix decomposition: application to role engineering. In: ICDE 2008, pp. 297–306 (2008)

    Google Scholar 

  14. Molloy, I., et al.: Mining roles with semantic meanings. In: SACMAT 2008, pp. 21–30. ACM (2008)

    Google Scholar 

  15. Molloy, I., Li, N., Li, T., Mao, Z., Wang, Q., Lobo, J.: Evaluating role mining algorithms. In: SACMAT, pp. 95–104. ACM (2009)

    Google Scholar 

  16. Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST model for role-based access control: towards a unified standard. In: Proceedings of the Fifth ACM Workshop on Role-based Access Control, RBAC 2000, New York, NY, USA, pp. 47–63. ACM ( 2000)

    Google Scholar 

  17. Vaidya, J., Atluri, V., Guo, Q.: The role mining problem: finding a minimal descriptive set of roles. In: SACMAT 2007, pp. 175–184. ACM (2007)

    Google Scholar 

  18. Vaidya, J., Atluri, V., Guo, Q.: The role mining problem: a formal perspective. ACM Trans. Inf. Syst. Secur. 13(3), 27 (2010)

    Article  Google Scholar 

  19. Vaidya, J., Atluri, V., Warner, J.: Roleminer: mining roles using subset enumeration. In: CCS 2006, pp. 144–153. ACM (2006)

    Google Scholar 

  20. Young, N.E.: Greedy set-cover algorithms. In: Kao, M.-Y. (ed.) Encyclopedia of Algorithms, pp. 886–889. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-642-27848-8

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Università degli Studi di Salerno, Fisciano, Italy

    Carlo Blundo & Luisa Siniscalchi

  2. Università degli Studi di Milano, Milan, Italy

    Stelvio Cimato

Authors
  1. Carlo Blundo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stelvio Cimato
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Luisa Siniscalchi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Carlo Blundo .

Editor information

Editors and Affiliations

  1. University of Manchester, Manchester, UK

    Hujun Yin

  2. Autonomous University of Madrid, Madrid, Spain

    David Camacho

  3. Campus of Gualtar, University of Minho, Braga, Portugal

    Paulo Novais

  4. University of Seville, Seville, Spain

    Antonio J. Tallón-Ballesteros

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Blundo, C., Cimato, S., Siniscalchi, L. (2018). PostProcessing in Constrained Role Mining. In: Yin, H., Camacho, D., Novais, P., Tallón-Ballesteros, A. (eds) Intelligent Data Engineering and Automated Learning – IDEAL 2018. IDEAL 2018. Lecture Notes in Computer Science(), vol 11314. Springer, Cham. https://doi.org/10.1007/978-3-030-03493-1_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-03493-1_22

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-03492-4

  • Online ISBN: 978-3-030-03493-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation