RoleMiner: mining roles using subset enumeration

10 years 10 months ago
RoleMiner: mining roles using subset enumeration
Role engineering, the task of defining roles and associating permissions to them, is essential to realize the full benefits of the role-based access control paradigm. Essentially, there are two basic approaches to accomplish this: the topdown and the bottom-up. The top-down approach relies on a careful analysis of the business processes to define job functions and then specify appropriate roles from them. While this approach can aid in defining roles more accurately, it is tedious and time consuming since it requires that the semantics of the business processes be well understood. Moreover, it ignores existing permissions within an organization and does not utilize them. On the other hand, the bottomup approach starts with existing permissions and attempts to derive roles from them, thus helping to automate role definition. In this paper, we present an unsupervised approach called RoleMiner that mines roles from existing userpermission assignments. Since a role is nothing but a set of...
Jaideep Vaidya, Vijayalakshmi Atluri, Janice Warne
Added 20 Aug 2010
Updated 20 Aug 2010
Type Conference
Year 2006
Where CCS
Authors Jaideep Vaidya, Vijayalakshmi Atluri, Janice Warner
Comments (0)