skip to main content
10.1145/1809842.1809854acmconferencesArticle/Chapter ViewAbstractPublication PagessacmatConference Proceedingsconference-collections
research-article

Role mining based on weights

Published: 11 June 2010 Publication History

Abstract

Role mining from the existing permissions has been widely applied to aid the process of migrating to an RBAC system. While all permissions are treated evenly in previous approaches, none of the work has employed the weights of permissions in role mining to our knowledge, thus providing the motivation for this work. In this paper, we generalize this to the case where permissions are given weights to reflect their importance to the system. The weights can correspond to the property of operations, the sensitive degree of objects, and the attribute of users associated with permissions. To calculate the weight of permissions, we introduce the concept of similarity between both users and permissions, and use a similarity matrix to reinforce the similarity between permissions. Then we create a link between the reinforced similarity and the weight of permissions. We further propose a weighted role mining algorithm to generate roles based on weights. Experiments on performance study prove the superiority of the new algorithm.

References

[1]
C. H. Cai, W. C. Fu, C. H. Cheng, and W. W. Kwong. Mining association rules with weighted items. In Proceedings of the 1998 International Symposium on Database Engineering and Applications, pages 68--77, 1998.
[2]
E. J. Coyne. Role engineering. In Proceedings of the 1th ACM Workshop on Role-Based Access Control, 1995.
[3]
A. Ene, W. Horne, N. Milosavljevic, P. Rao, R. Schreiber, and R. E. Tarjan. Fast exact and heuristic methods for role minimization problems. In Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, pages 1--10, June 2008.
[4]
E. B. Fernandez and J. C. Hawkins. Determining role rights from use cases. In Proceedings of the 2th ACM Workshop on Role-Based Access Control, pages 121--125, 1997.
[5]
D. Ferraiolo, R. Sandhu, S. Gavrila, D.Kuhn, and R. Chandramouli. Proposed nist standard for role-based access control. ACM Transactions on Information and System Security, 4(3):224--274, 2001.
[6]
M. Frank, A. P. Streich, D. Basin, and J. M. Buhmann. A probabilistic approach to hybrid role mining. In Proceedings of the 16th ACM Conference on Computer and Communications Security, pages 101--111, November 2009.
[7]
F. Geerts, B. Goethals, and T. Mielikainen. Tiling databases. In Proceedings of the 7th International Conference Discovery Science, pages 278--289, 2004.
[8]
G. Jeh and J. Widom. SimRank: A measure of structural-context similarity. In Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pages 538--543, 2002.
[9]
A. Kern, M. Kuhlmann, A. Schaad, and J. Moffett. Observations on the role life-cycle in the context of enterprise security management. In Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, pages 43--51, June 2002.
[10]
H. Lu, J. Vaidya, and V. Atluri. Optimal boolean matrix decomposition: application to role engineering. In Proceedings of the IEEE 24th International Conference on Data Engineering, pages 297--306, April 2008.
[11]
I. Molloy, H. Chen, T. Li, Q. Wang, N. Li, E. Bertino, S. Calo, and J. Lobo. Mining roles with semantic meanings. In Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, pages 21--30, June 2008.
[12]
I. Molloy, N. Li, T. Li, Z. Mao, Q. Wang, and J. Lobo. Evaluating role mining algorithms. In Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, pages 95--104, June 2009.
[13]
G. Neumann and M. Strembeck. A scenario-driven role engineering process for functional RBAC roles. In Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, pages 33--42, June 2002.
[14]
R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38--47, February 1996.
[15]
J. Schlegelmilch and U. Steffens. Role mining with ORCA. In Proceedings of the 10th ACM Symposium on Access Control Models and Technologies, pages 168--176, June 2005.
[16]
H. Takabi and J. B. D. Joshi. An efficient similarity-based approach for optimal mining of role hierarchy. In Proceedings of the 16th ACM Conference on Computer and Communications Security, poster session, November 2009.
[17]
F. Tao, F. Murtagh, and M. Farid. Weighted association rule mining using weighted support and significance framework. In Proceedings of the 9th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pages 661--666, August 2003.
[18]
J. Vaidya, V. Atluri, and Q. Guo. The role mining problem: finding a minimal descriptive set of roles. In Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, pages 175--184, June 2007.
[19]
J. Vaidya, V. Atluri, Q. Guo, and N. Adam. Migrating to optimal RBAC with minimal perturbation. In Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, pages 11--20, June 2008.
[20]
J. Vaidya, V. Atluri, and J. Warner. Roleminer: mining roles using subset enumeration. In Proceedings of the 13th ACM Conference on Computer and Communications Security, pages 144--153, October 2006.
[21]
L. Wang, X. Geng, J. C. Bezdek, C. Leckie, and K. Ramamohanarao. Specvat: enhanced visual cluster analysis. In Proceedings of the 8th IEEE International Conference on Data Mining, pages 638--647, December 2008.
[22]
W. Wang, J. Yang, and P. S. Yu. Efficient mining of weighted association rules (WAR). In Proceedings of the 6th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pages 270--274, 2000.
[23]
U. Yun, and J.J. Leggett. WFIM: weighted frequent itemset mining with a weight range and a minimum weight. In Proceedings of the 5th SIAM International Conference on Data Mining, pages 636--640, August 2005.
[24]
D. Zhang, K. Ramamohanarao, and T. Ebringer. Role engineering using graph optimisation. In Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, pages 139--144, June 2007.
[25]
D. Zhang, K. Ramamohanarao, T. Ebringer, and T. Yann. Permission set mining: discovering practical and useful roles. In Proceedings of the 2008 Annual Computer Security Applications Conference, pages 247--256, December 2008.

Cited By

View all
  • (2021)Agent-Based Semantic Role Mining for Intelligent Access Control in Multi-Domain Collaborative Applications of Smart CitiesSensors10.3390/s2113425321:13(4253)Online publication date: 22-Jun-2021
  • (2021)A Scalable Role Mining Approach for Large OrganizationsProceedings of the 2021 ACM Workshop on Security and Privacy Analytics10.1145/3445970.3451154(45-54)Online publication date: 28-Apr-2021
  • (2021)An Improved Genetic Algorithm for Safety and Availability Checking in Cyber-Physical SystemsIEEE Access10.1109/ACCESS.2021.30726359(56869-56880)Online publication date: 2021
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
SACMAT '10: Proceedings of the 15th ACM symposium on Access control models and technologies
June 2010
212 pages
ISBN:9781450300490
DOI:10.1145/1809842
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 June 2010

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. rbac
  2. role engineering
  3. role mining
  4. similarity
  5. weight

Qualifiers

  • Research-article

Conference

SACMAT'10
Sponsor:

Acceptance Rates

Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)7
  • Downloads (Last 6 weeks)1
Reflects downloads up to 13 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2021)Agent-Based Semantic Role Mining for Intelligent Access Control in Multi-Domain Collaborative Applications of Smart CitiesSensors10.3390/s2113425321:13(4253)Online publication date: 22-Jun-2021
  • (2021)A Scalable Role Mining Approach for Large OrganizationsProceedings of the 2021 ACM Workshop on Security and Privacy Analytics10.1145/3445970.3451154(45-54)Online publication date: 28-Apr-2021
  • (2021)An Improved Genetic Algorithm for Safety and Availability Checking in Cyber-Physical SystemsIEEE Access10.1109/ACCESS.2021.30726359(56869-56880)Online publication date: 2021
  • (2020)Intelligent Role-Based Access Control Model and Framework Using Semantic Business Roles in Multi-Domain EnvironmentsIEEE Access10.1109/ACCESS.2020.29653338(12253-12267)Online publication date: 2020
  • (2020)Role Mining: Survey and Suggestion on Role Mining in Access ControlMobile Internet Security10.1007/978-981-15-9609-4_4(34-50)Online publication date: 2-Nov-2020
  • (2019)User Access Rights Recommendation using Modified Fuzzy C-Means in Role Mining of an Indonesian Core Banking System2019 12th International Conference on Information & Communication Technology and System (ICTS)10.1109/ICTS.2019.8850977(241-245)Online publication date: Jul-2019
  • (2018)Recognition of Access Control Role Based on Convolutional Neural Network2018 IEEE 4th International Conference on Computer and Communications (ICCC)10.1109/CompComm.2018.8780610(2069-2074)Online publication date: Dec-2018
  • (2018)Policy Engineering in RBAC and ABACFrom Database to Cyber Security10.1007/978-3-030-04834-1_2(24-54)Online publication date: 30-Nov-2018
  • (2017)Towards an Efficient Approximate Solution for the Weighted User Authorization Query ProblemIEICE Transactions on Information and Systems10.1587/transinf.2016ICP0002E100.D:8(1762-1769)Online publication date: 2017
  • (2016)A Survey of Role MiningACM Computing Surveys10.1145/287114848:4(1-37)Online publication date: 22-Feb-2016
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media