Edge-RMP: Minimizing administrative assignments for role-based access control

Journal of Computer Security

Volumn 17, Issue 2, 2009, Pages 211-235

  Vaidya, Jaideep ^a   Atluri, Vijayalakshmi ^a   Guo, Qi ^a   Lu, Haibing ^a  

^a RUTGERS UNIVERSITY   (United States)

Author keywords

RBAC; Role engineering; Role mining

Indexed keywords

BINARY INTEGER PROGRAMMING; DECISION VERSION; HEURISTIC SOLUTIONS; KEY PROBLEMS; LARGE-SCALE PROBLEM; MINIMALITY; MINING PROBLEMS; NP-HARD PROBLEM; OPTIMAL SETS; RBAC; ROLE ASSIGNMENT; ROLE ENGINEERING; ROLE MINING; ROLE-BASED ACCESS CONTROL; THEORETICAL BOUNDS; VERTEX COVER PROBLEMS;

COMPUTATIONAL COMPLEXITY; DYNAMIC PROGRAMMING; HEURISTIC ALGORITHMS; INTEGER PROGRAMMING; MINING; SECURITY SYSTEMS; UNMANNED AERIAL VEHICLES (UAV);

ACCESS CONTROL;

EID: 67651202658     PISSN: 0926227X     EISSN: None     Source Type: Journal    
DOI: 10.3233/JCS-2009-0341     Document Type: Article

References (31)

1. K. Brooks, Migrating to role-based access control, in: RBAC'99: Proceedings of the Fourth ACM Workshop on Role-Based Access Control, ACM, New York, NY, USA, 1999, pp. 71-81.
2. E.J. Coyne, Role engineering, in: RBAC'95: Proceedings of the First ACM Workshop on Role-Based Access Control, ACM, New York, NY, USA, 1996, p. 4.
3. A. Ene, W. Horne, N. Milosavljevic, P. Rao, R. Schreiber and R.E. Tarjan, Fast exact and heuristic methods for role minimization problems, in: SACMAT'08: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 2008, pp. 1-10.
4. P. Epstein and R. Sandhu, Engineering of role/permission assignments, in: ACSAC'01: Proceedings of the 17th Annual Computer Security Applications Conference, IEEE Computer Society, Washington, DC, USA, 2001, pp. 127-136.
5. E.B. Fernandez and J.C. Hawkins, Determining role rights from use cases, in: RBAC'97: Proceedings of the Second ACM Workshop on Role-Based Access Control, ACM, New York, NY, USA, 1997, pp. 121-125.
6. D.F. Ferraiolo, R. Sandhu, S. Gavrila, D.R. Kuhn and R. Chandramouli, Proposed nist standard for role-based access control, ACM Trans. Inf. Syst. Secur. 4(3) (2001), 224-274.
7. M.P. Gallagher, A.C. O'Connor and B. Kropp, The economic impact of role-based access control, Planning Report 02-1, National Institute of Standards and Technology, March 2002.
8. M.R. Garey and D.S. Johnson, Computers and Intractability: A Guide to the Theory of NP-Completeness, Ch. 3, W.H. Freeman, New York, NY, USA, 1979.
9. Q. Guo, J. Vaidya and V. Atluri, The role hierarchy mining problem: Discovery of optimal role hierarchies, in: Proceedings of the 24th Annual Computer Security Applications Conference, Anaheim, CA, USA, December 8-12, 2008.
10. T. Jiang and B. Ravikumar, Minimal nfa problems are hard, SIAM J. Comput. 22(6) (1993), 1117-1141.
11. A. Kern, M. Kuhlmann, A. Schaad and J. Moffett, Observations on the role life-cycle in the context of enterprise security management, in: SACMAT'02: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 2002, pp. 43-51.
12. M. Kuhlmann, D. Shohat and G. Schimpf, Role mining - revealing business roles for security administration using data mining technology, in: SACMAT'03: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 2003, pp. 179-186.
13. H. Lu, J. Vaidya and V. Atluri, Optimal Boolean matrix decomposition: Application to role engineering, in: Proceedings of the 24th International Conference on Data Engineering (ICDE), Cancun, Mexico, 2008, pp. 297-306.
14. T. Mielikäinen, Intersecting data to closed sets with constraints, in: FIMI, CEUR Workshop Proceedings, Vol. 90, B. Goethals and M.J. Zaki, eds, CEUR, Melbourne, FL, USA, 2003.
15. P. Miettinen, The discrete basis problem, Master's thesis, University of Helsinki, 2006.
16. P. Miettinen, T. Mielikainen, A. Gionis, G. Das and H. Mannila, The discrete basis problem, in: Knowledge Discovery in Databases: PKDD 2006, Lecture Notes in Artificial Intelligence, Springer, New York, NY, USA, 2006, pp. 335-346 (online). Available: http://www.springerlink.com/content/ 31456146v6r72218.
17. I. Molloy, H. Chen, T. Li, Q. Wang, N. Li, E. Bertino, S. Calo and J. Lobo, Mining roles with semantic meanings, in: SACMAT'08: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 2008, pp. 21-30.
18. G. Neumann and M. Strembeck, A scenario-driven role engineering process for functional rbac roles, in: SACMAT'02: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 2002, pp. 33-42.
19. F. Pan, G. Cong, A.K.H. Tung, J. Yang and M.J. Zaki, Carpenter: finding closed patterns in long biological datasets, in: KDD, Washington, DC, USA, 2003, pp. 637-642.
20. H. Roeckle, G. Schimpf and R. Weidinger, Process-oriented approach for role-finding to implement role-based security administration in a large industrial organization, in: RBAC'00: Proceedings of the Fifth ACM Workshop on Role-Based Access Control, ACM, New York, NY, USA, 2000, pp. 103-110.
21. R.S. Sandhu, E.J. Coyne, H.L. Feinstein and C.E. Youman, Role-based access control models, IEEE Comput. 29(2) (1996), 38-47 (online). Available: citeseer.ist.psu.edu/sandhu96rolebased.html.
22. A. Schaad, J. Moffett and J. Jacob, The role-based access control system of a european bank: a case study and discussion, in: SACMAT'01: Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 2001, pp. 3-9.
23. J. Schlegelmilch and U. Steffens, Role mining with orca, in: SACMAT'05: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 2005, pp. 168-176.
24. D. Shin, G.-J. Ahn, S. Cho and S. Jin, On modeling system-centric information for role engineering, in: SACMAT'03: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 2003, pp. 169-178.
25. D. Thomsen, R. O'Brien and J. Bogle, Role-based access control framework for network enterprises, in: ACSAC'98: Proceedings of the 14th Annual Computer Security Applications Conference, IEEE Computer Society, Washington, DC, USA, 1998, pp. 50-58.
26. J. Vaidya, V. Atluri and Q. Guo, The role mining problem: finding a minimal descriptive set of roles, in: SACMAT'07: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 2007, pp. 175-184.
27. J. Vaidya, V. Atluri and Q. Guo, The role mining problem: A formal perspective, ACM Trans. Inf. Syst. Secur., to appear.
28. J. Vaidya, V. Atluri, Q. Guo and N. Adam, Migrating to optimal rbac with minimal perturbation, in: SACMAT'08: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 2008, pp. 11-20.
29. J. Vaidya, V. Atluri and J. Warner, Roleminer: Finding roles using subset enumeration, in: The Thirteenth ACM Conference on Computer and Communications Security, Alexandria, VA, USA, November 1-3, 2006.
30. J. Vaidya, V. Atluri, J. Warner and Q. Guo, Role engineering via prioritized subset enumeration, IEEE Transactions on Dependable and Secure Computing, to appear.
31. D. Zhang, K. Ramamohanarao and T. Ebringer, Role engineering using graph optimisation, in: SAC-MAT'07: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, ACM, New York, NY, USA, 2007, pp. 139-144.