Role mining with missing values

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

4 Citaten (Scopus)

Samenvatting

Over the years several organizations are migrating to Role-Based Access Control (RBAC) as a practical solution to regulate access to sensitive information. Role mining has been proposed to automatically extract RBAC policies from the current set of permissions assigned to users. Existing role mining approaches usually require that this set of permissions is retrievable and complete. Such an assumption, however, cannot be met in practice as permissions can be hard-coded in the applications or distributed over several subsystems. In those cases, permissions can be obtained from activity logs recording the actions performed by users. This, however, can provide an incomplete representation of the permissions within the system. Thus, existing role mining solutions are not directly applicable. In this work, we study the problem of role mining with incomplete knowledge. In particular, we investigate approaches for two instances of the role mining problem with missing values. Moreover, we study metrics to properly evaluate the obtained RBAC policies. We validate the investigated approaches using both synthetic and real data.
Originele taal-2Engels
Titel2016 11th International Conference on Availability, Reliability and Security (ARES), 31 August - 2 September 2016, Salzburg, Austria
Plaats van productiePiscataway
UitgeverijInstitute of Electrical and Electronics Engineers
Pagina's167-176
ISBN van elektronische versie978-1-5090-0990-9
ISBN van geprinte versie978-1-5090-0991-6
DOI's
StatusGepubliceerd - 2016

Vingerafdruk

Duik in de onderzoeksthema's van 'Role mining with missing values'. Samen vormen ze een unieke vingerafdruk.

Citeer dit