Skip to main content
SpringerLink
Log in

Evolutionary Algorithms for the Constrained Two-Level Role Mining Problem

  • Conference paper
  • First Online:
Evolutionary Computation in Combinatorial Optimization (EvoCOP 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13222))

Abstract

The administration of access control structures in Enterprise Resource Planning Systems (ERP) is mainly organized by Role Based Access Control. The associated optimization problem is called the Role Mining Problem (RMP), which is known to be NP-complete. The goal is to search for role concepts minimizing the number of roles. Algorithms for this task are presented in literature, but often they cannot be used for role mining in ERP in a straightforward way, as ERP systems have additional conditions and constraints. Some ERP systems require multiple levels of roles. This paper defines new two-level variants of the RMP, examines their relationship and presents three approaches to computing such hierarchical role concepts. One is aiming at optimizing multiple levels of roles simultaneously. The other approaches divide the multi-level role mining problem into separate sub-problems, which are optimized individually. All approaches are based on an evolutionary algorithm for single-level role mining and have been implemented and evaluated in a range of experiments.

This work is supported by the German Ministry of Education and Research under grant number 16KIS1000.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Anderer, S., Kempter, T., Scheuermann, B., Mostaghim, S.: The dynamic role mining problem: role mining in dynamically changing business environments. In: Proceedings of IJCCI 2021, pp. 37–48. INSTICC, SciTePress (2021)

    Google Scholar 

  2. Anderer, S., Kreppein, D., Scheuermann, B., Mostaghim, S.: The addRole-EA: a new evolutionary algorithm for the role mining problem. In: Proceedings of IJCCI 2020, pp. 155–166. SciTePress (2020). https://doi.org/10.5220/0010025401550166

  3. Anderer, S., Scheuermann, B., Mostaghim, S., Bauerle, P., Beil, M.: RMPlib: a library of benchmarks for the role mining problem. In: Proceedings of SACMAT 2021, SACMAT 2021, pp. 3–13. ACM, New York (2021). https://doi.org/10.1145/3450569.3463566

  4. Blundo, C., Cimato, S.: A simple role mining algorithm. In: Proceedings of SAC 2010, pp. 1958–1962. ACM Press, New York (2010). https://doi.org/10.1145/1774088.1774503

  5. Dong, L.J., Wang, M.C., Kang, X.J.: Mining least privilege roles by genetic algorithm. Appl. Mech. Mater. 121–126, 4508–4512 (2011). https://doi.org/10.4028/www.scientific.net/AMM.121-126.4508

    Article  Google Scholar 

  6. Du, X., Chang, X.: Performance of AI algorithms for mining meaningful roles. In: 2014 IEEE Congress on Evolutionary Computation (CEC), pp. 2070–2076. IEEE (2014). https://doi.org/10.1109/CEC.2014.6900321

  7. Ene, A., Horne, W., Milosavljevic, N., Rao, P., Schreiber, R., Tarjan, R.E.: Fast exact and heuristic methods for role minimization problems. In: Proceedings of SACMAT 2008, pp. 1–10. ACM Press, New York (2008). https://doi.org/10.1145/1377836.1377838

  8. Guo, Q., Vaidya, J., Atluri, V.: The role hierarchy mining problem: Discovery of optimal role hierarchies. In: 2008 Annual Computer Security Applications Conference (ACSAC), pp. 237–246. IEEE (2008)

    Google Scholar 

  9. Huang, H., Shang, F., Liu, J., Du, H.: Handling least privilege problem and role mining in RBAC. J. Comb. Optim. 30(1), 63–86 (2013). https://doi.org/10.1007/s10878-013-9633-9

    Article  MathSciNet  MATH  Google Scholar 

  10. Kumar, R., Sural, S., Gupta, A.: Mining RBAC roles under cardinality constraint. In: Jha, S., Mathuria, A. (eds.) ICISS 2010. LNCS, vol. 6503, pp. 171–185. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17714-9_13

    Chapter  Google Scholar 

  11. Lu, H., Vaidya, J., Atluri, V.: Optimal boolean matrix decomposition: application to role engineering. In: 24th International Conference on Data Engineering, pp. 297–306. IEEE (2008). https://doi.org/10.1109/ICDE.2008.4497438

  12. Mitra, B., Sural, S., Vaidya, J., Atluri, V.: A survey of role mining. ACM Comput. Surv. 48(4), 1–37 (2016). https://doi.org/10.1145/2871148

    Article  Google Scholar 

  13. Molloy, I., et al.: Mining roles with semantic meanings. In: Proceedings of SACMAT 2008, pp. 21–30. ACM Press, New York (2008). https://doi.org/10.1145/1377836.1377840

  14. Molloy, I., Li, N., Li, T., Mao, Z., Wang, Q., Lobo, J.: Evaluating role mining algorithms. In: Proceedings of SACMAT 2009, pp. 95–104. ACM Press, New York (2009). https://doi.org/10.1145/1542207.1542224

  15. Saenko, I., Kotenko, I.: Genetic algorithms for role mining problem. In: PDP 2011, pp. 646–650. IEEE (2011). https://doi.org/10.1109/PDP.2011.63

  16. Saenko, I., Kotenko, I.: Reconfiguration of RBAC schemes by genetic algorithms. In: IDC 2016. SCI, vol. 678, pp. 89–98. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-48829-5_9

    Chapter  Google Scholar 

  17. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996). https://doi.org/10.1109/2.485845

    Article  Google Scholar 

  18. Schlegelmilch, J., Steffens, U.: Role mining with ORCA. In: Proceedings of SACMAT 2005, pp. 168–176. ACM Press, New York (2005). https://doi.org/10.1145/1063979.1064008

  19. Takabi, H., Joshi, J.B.: Stateminer: an efficient similarity-based approach for optimal mining of role hierarchy. In: Proceedings of the 15th ACM Symposium on Access Control Models and Technologies, pp. 55–64 (2010)

    Google Scholar 

  20. Vaidya, J., Atluri, V., Guo, Q.: The role mining problem. In: Proceedings of SACMAT 2007, pp. 175–184. ACM Press, New York (2007). https://doi.org/10.1145/1266840.1266870

  21. Vaidya, J., Atluri, V., Warner, J., Guo, Q.: Role engineering via prioritized subset enumeration. IEEE Trans. Dependable Secure Comput. 7(3), 300–314 (2010). https://doi.org/10.1109/TDSC.2008.61

    Article  Google Scholar 

  22. Zhang, D., Ramamohanarao, K., Ebringer, T.: Role engineering using graph optimisation. In: Proceedings of SACMAT 2007, pp. 139–144. ACM Press, New York (2007). https://doi.org/10.1145/1266840.1266862

  23. Zhang, D., Ramamohanarao, K., Versteeg, S., Zhang, R.: Graph based strategies to role engineering. In: Proceedings of CSIIRW 2010, pp. 1–4. ACM Press, New York (2010). https://doi.org/10.1145/1852666.1852694

Download references

Author information

Authors and Affiliations

  1. University of Applied Sciences Karlsruhe, Karlsruhe, Germany

    Simon Anderer, Falk Schrader & Bernd Scheuermann

  2. Otto-von-Guericke Universität Magdeburg, Magdeburg, Germany

    Sanaz Mostaghim

Authors
  1. Simon Anderer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Falk Schrader
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bernd Scheuermann
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sanaz Mostaghim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Simon Anderer .

Editor information

Editors and Affiliations

  1. Pontificia Universidad Católica de Valparaíso, Valparaíso, Chile

    Leslie Pérez Cáceres

  2. Université du Littoral Côte d’Opale, Calais, France

    Sébastien Verel

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Anderer, S., Schrader, F., Scheuermann, B., Mostaghim, S. (2022). Evolutionary Algorithms for the Constrained Two-Level Role Mining Problem. In: Pérez Cáceres, L., Verel, S. (eds) Evolutionary Computation in Combinatorial Optimization. EvoCOP 2022. Lecture Notes in Computer Science, vol 13222. Springer, Cham. https://doi.org/10.1007/978-3-031-04148-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-04148-8_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-04147-1

  • Online ISBN: 978-3-031-04148-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation