Towards User-Oriented RBAC Model - Data and Applications Security and Privacy XXVII
Conference Papers Year : 2013

Towards User-Oriented RBAC Model

Haibing Lu
  • Function : Author
  • PersonId : 978062
Yuan Hong
  • Function : Author
  • PersonId : 1004168
Lian Duan
  • Function : Author
  • PersonId : 978066
Nazia Badar
  • Function : Author
  • PersonId : 1004169

Abstract

Role mining recently has attracted much attention from the role-based access control (RBAC) research community as it provides a machine-operated means of discovering roles from existing permission assignments. While there is a rich body of literature on role mining, we find that user experience/perception - one ultimate goal for any information system - is surprisingly ignored by the existing works. This work is the first to study role mining from the end-user perspective. Specifically, based on the observation that end-users prefer simple role assignments, we propose to incorporate to the role mining process a user-role assignment sparseness constraint that mandates the maximum number of roles each user can have. Under this rationale, we formulate user-oriented role mining as two specific problems: one is user-oriented exact role mining problem (RMP), which is obliged to completely reconstruct the given permission assignments, and the other is user-oriented approximate RMP, which tolerates a certain amount of deviation from the complete reconstruction. The extra sparseness constraint poses a great challenge to role mining, which in general is already a hard problem. We examine some typical existing role mining methods to see their applicability to our problems. In light of their insufficiency, we present a new algorithm, which is based on a novel dynamic candidate role generation strategy, tailored to our problems. Experiments on benchmark datasets demonstrate the effectiveness of our proposed algorithm.
Fichier principal
Vignette du fichier
978-3-642-39256-6_6_Chapter.pdf (119.13 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-01490719 , version 1 (15-03-2017)

Licence

Identifiers

Cite

Haibing Lu, Yuan Hong, Yanjiang Yang, Lian Duan, Nazia Badar. Towards User-Oriented RBAC Model. 27th Data and Applications Security and Privacy (DBSec), Jul 2013, Newark, NJ, United States. pp.81-96, ⟨10.1007/978-3-642-39256-6_6⟩. ⟨hal-01490719⟩
395 View
197 Download

Altmetric

Share

More