Abstract
Dealing with the risks in information sharing technology, role based access control(RBAC) mechanism has more advantages than traditional access control mechanism like DAC and MAC. Role takes core position in both building, maintaining the architecture of the RBAC system and migrating the non-RBAC system to the RBAC system. Then role engineering is proposed to find the appropriate roles for the RBAC system. Role mining problem, as an automatic way to find the roles, has been a hotspot for the role engineering. In this paper, we briefly introduce the basic definition of RBAC. A contribution of this paper is to classify some of the exist method into clustering methods and Binary Matrix Decomposition Method. We also evaluate some of these methods on both real-world data and experimental data. At last, we analyze the results to find out what differences may appear using different method and dataset.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Yibao, B., Lihua, Y., Binxing, F., Li, G.: A novel logic-based automatic approach to constructing compliant security policies. Science in China (Series F) 55(1), 149–164 (2012)
Ferraiolo, D., Kuhn, D.R., Chandramouli, R.: Role-based access control. Artech House (2003)
Sandhu, R.S., Coynek, E.J., Feinsteink, H.L., Youmank, C.E.: Role-based access control models yz. IEEE Computer 29(2), 38–47 (1996)
Coyne, E.J.: Role engineering (1996)
Fernandez, E.B., Hawkins, J.C.: Determining role rights from use cases. In: Proceedings of the Second ACM Workshop on Role-Based Access Control, pp. 121–125. ACM
Kuhlmann, M., Shohat, D., Schimpf, G.: Role mining-revealing business roles for security administration using data mining technology. In: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies, pp. 179–186. ACM
Vaidya, J., Atluri, V., Guo, Q.: The role mining problem: finding a minimal descriptive set of roles. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, pp. 175–184. ACM
Molloy, I., Li, N., Qi, Y.A., Lobo, J., Dickens, L.: Mining roles with noisy data. In: Proceedings of the 15th ACM Symposium on Access Control Models and Technologies, pp. 45–54. ACM
Schlegelmilch, J., Steffens, U.: Role mining with orca. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies, pp. 168–176. ACM
Vaidya, J., Atluri, V., Warner, J.: Roleminer: mining roles using subset enumeration. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 144–153. ACM
Milosavljevic, N., Rao, P., Schreiber, R., Ene, A., Horne, W., Tarjan, R.E.: Fast exact and heuristic methods for role minimization problems (2008)
Molloy, I., Chen, H., Li, T., Wang, Q., Li, N., Bertino, E., Calo, S., Lobo, J.: Mining roles with semantic meanings. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, pp. 21–30. ACM
Ma, X., Li, R., Lu, Z.: Role mining based on weights. In: Proceedings of the 15th ACM Symposium on Access Control Models and Technologies, pp. 65–74. ACM
Lu, H., Vaidya, J., Atluri, V.: Optimal boolean matrix decomposition: Application to role engineering. In: IEEE 24th International Conference on Data Engineering, ICDE 2008, pp. 297–306. IEEE (2008)
Vaidya, J., Atluri, V., Guop, Q.: The role mining problem: A formal perspective. ACM Transactions on Information and System Security (TISSEC)Â 13(3), 27 (2010)
Geerts, F., Goethals, B., Mielikäinen, T.: Tiling databases. In: Suzuki, E., Arikawa, S. (eds.) DS 2004. LNCS (LNAI), vol. 3245, pp. 278–289. Springer, Heidelberg (2004)
Miettinen, P., Mielikainen, T., Gionis, A., Das, G., Mannila, H.: The discrete basis problem. IEEE Transactions on Knowledge and Data Engineering 20(10), 1348–1362 (2008)
Frank, M., Streich, A.P., Basin, D., Buhmann, J.M.: A probabilistic approach to hybrid role mining. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 101–111. ACM
Lu, H., Vaidya, J., Atluri, V., Hong, Y.: Constraint-aware role mining via extended boolean matrix decomposition. IEEE Transactions on Dependable and Secure Computing 9(5), 655–669 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Liang, F., Yunchuan, G. (2014). A Survey of Role Mining Methods in Role-Based Access Control System. In: Han, W., Huang, Z., Hu, C., Zhang, H., Guo, L. (eds) Web Technologies and Applications. APWeb 2014. Lecture Notes in Computer Science, vol 8710. Springer, Cham. https://doi.org/10.1007/978-3-319-11119-3_27
Download citation
DOI: https://doi.org/10.1007/978-3-319-11119-3_27
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11118-6
Online ISBN: 978-3-319-11119-3
eBook Packages: Computer ScienceComputer Science (R0)