research-article

Research on Role Mining Algorithms in RBAC

Authors:

Rui MaoAuthors Info & Claims

HPCCT '18: Proceedings of the 2018 2nd High Performance Computing and Cluster Technologies Conference

Pages 1 - 5

https://doi.org/10.1145/3234664.3234680

Published: 22 June 2018 Publication History

Abstract

While role mining algorithms have been proposed in recent years, but there still lacks a more comprehensive study to compare and analyze these algorithms. These role mining algorithms have been evaluated when they were proposed, but different datasets and evaluation criteria have been used in the evaluation. In this paper, we use a comprehensive evaluation framework to compare these role mining algorithms. We use real datasets to compare six algorithms from several aspects such as weighted structural comp-lexity(WSC), number of generated roles and operating efficiency. Our results illustrate the advantages and disadvantages of these algorithms.

References

[1]

Moon R, Pritts T A, Parikh A A, et al. Authorization recycling in RBAC systems.{C}// SACMAT 2008, ACM Symposium on Access Control MODELS and Technologies, Estes Park, Co, Usa, June 11-13, 2008, Proceedings. DBLP, 2008:63--72.

Digital Library

[2]

Kuhlmann M, Shohat D, and Schimpf G. Role Mining Revealing Business Roles for Security Administration Using Data Mining Technology{A}. Proceedings of the 8th ACM Symposium on Access Control Models and Technologies (SACMAT '03){C}. New York: ACM, 2003: 179--186.

Digital Library

[3]

Zhang D, Ramamohanarao K, and Ebringer T. Role Engineering Using Graph Optimization{A}. Proceedings of the 12th ACM Symposium on Access Control Models and Technologies (SACMAT '07){C}. New York: ACM, 2007: 139--144.

Digital Library

[4]

Schlegelmilch J and Steffens U. Role mining with ORCA. In Proceedings of the 10th ACM Symposium on Access Control Models and Technologies (SACMAT '05). New York: ACM, 2005: 168--176.

Digital Library

[5]

Vaidya J, Atluri V and Warner J. Role Miner: Mining Roles Using Subset Enumeration{C}. //Proceedings of the 13th ACM Conference on Computer and Communications Security, New York: ACM, 2006: 144--153.

Digital Library

[6]

Molloy I, Li N, Li T, et al. Evaluating role mining algorithmms{C}// ACM Symposium on Access Control MODELS and Technologies. ACM, 2009:95--104.

Digital Library

[7]

Vaidya J, Atluri V, and Guo Q. The Role Mining Problem: Finding a Minimal Descriptive Set of Roles{A}. Proceedings of the 12th ACM Symposium on Access Control Models and Technologies (SACMAT '07) {C}. New York: ACM, 2007: 175--184.

Digital Library

[8]

Lu H, Vaidya J, and Atluri V. Optimal Boolean Matrix Decomposition: Application to Role Engineering{A}. //Proceedings of the 24th IEEE International Conference on Data Engineering (ICDE '08) {C}. New York: IEEE, 2008: 297--306.

Digital Library

[9]

Frank M, Basin D, and Buhmann J M. A Class of probabilistic Models for role Engineering{C}. //Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS- '08). New York: ACM, 2008: 299--310.

Digital Library

[10]

Zhang Lei. Research of Related Algorithms in Role Engineering Based on Concept Lattice {D}. Harbin Institute of Technology, 2015.

[11]

Frank M, Streich A P, Basin D et al. A probabilistic approach to hybrid role mining{C}//Pore of the 16th ACM Symposium on Access control Models and Technologies(CCS20-09). New York: ACM, 2009:101--104.

Digital Library

[12]

Du X, Chang X. Performance of AI algorithms for mining meaningful roles{C}. Evolutionary Computation. IEEE.2014:2070--2076.

[13]

Liu Meng. Security analysis and conflict handling for RBAC model based on Petri Nets{D}. Harbin Institute of Technology, 2016.

[14]

Chari S N, Molloy I M. Generation of attribute based access control policy from existing authorization system{J}. 2016.

[15]

Mitra B, Sural S, Vaidya J, et al. A Survey of Role Mining{J}. ACM Computing Surveys, 2016, 48(4):1--37.

Digital Library

[16]

A. Ene, W. Horne, N. Milosavljevic, P. Rao, R. Schreiber, and R.E. Tarjan. Fast exact and heuristic methods for role minimization problems. InProc. ACM Symposium on Access Control Models and Technologies (SACMAT), 2008.

Digital Library

[17]

Bart E, Price B, Hanley J. Temporally Coherent Role-Topic Models (TCRTM): Deinterlacing Overlapping Activity Patterns {C}//Proceedings, Part II, of the European Conference on Machine Learning and Knowledge Discovery in Databases - Volume 9285. Springer-Verlag New York, Inc. 2015:390--405.

[18]

I Molloy,Y Park,S Chari. Generative models for access control policies: applications to role mining over logs with attribution{C}. Acm Symposium on Access Control Models & Technologies. 2012: 45--56

Digital Library

Cited By

Yang YLi JZhang TChen LHuang GLv Z(2025)IRMAOC: an interpretable role mining algorithm based on overlapping clusteringCybersecurity10.1186/s42400-024-00348-z8:1Online publication date: 27-Jan-2025
https://doi.org/10.1186/s42400-024-00348-z
Zhu FYang CZhu LZuo HGu J(2024)MFC-RMA (Matrix Factorization and Constraints- Role Mining Algorithm): An Optimized Role Mining AlgorithmSymmetry10.3390/sym1608100816:8(1008)Online publication date: 7-Aug-2024
https://doi.org/10.3390/sym16081008
Bai WPan ZGuo SChen ZRanchal R(2019)RMMDISecurity and Communication Networks10.1155/2019/80853032019Online publication date: 1-Jan-2019
https://dl.acm.org/doi/10.1155/2019/8085303

Index Terms

Research on Role Mining Algorithms in RBAC
1. Security and privacy
  1. Security services
    1. Access control

Recommendations

Evaluating role mining algorithms
SACMAT '09: Proceedings of the 14th ACM symposium on Access control models and technologies

While many role mining algorithms have been proposed in recent years, there lacks a comprehensive study to compare these algorithms. These role mining algorithms have been evaluated when they were proposed, but the evaluations were using different ...
The role mining problem: finding a minimal descriptive set of roles
SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologies

Devising a complete and correct set of roles has been recognized as one of the most important and challenging tasks in implementing role based access control. A key problem related to this is the notion of goodness/interestingness -- when is a role good/...
Role mining based on cardinality constraints

Role mining was recently proposed to automatically find roles among user-permission assignments using data mining technologies. However, the current studies about role mining mainly focus on how to find roles, without considering the constraints that are ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

HPCCT '18: Proceedings of the 2018 2nd High Performance Computing and Cluster Technologies Conference

June 2018

126 pages

ISBN:9781450364850

DOI:10.1145/3234664

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

Shanghai Jiao Tong University: Shanghai Jiao Tong University
Xi'an Jiaotong-Liverpool University: Xi'an Jiaotong-Liverpool University
Chinese Academy of Sciences

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 June 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

HPCCT 2018

HPCCT 2018: 2018 2nd High Performance Computing and Cluster Technologies Conference

June 22 - 24, 2018

Beijing, China

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
194
Total Downloads

Downloads (Last 12 months)10
Downloads (Last 6 weeks)1

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Yang YLi JZhang TChen LHuang GLv Z(2025)IRMAOC: an interpretable role mining algorithm based on overlapping clusteringCybersecurity10.1186/s42400-024-00348-z8:1Online publication date: 27-Jan-2025
https://doi.org/10.1186/s42400-024-00348-z
Zhu FYang CZhu LZuo HGu J(2024)MFC-RMA (Matrix Factorization and Constraints- Role Mining Algorithm): An Optimized Role Mining AlgorithmSymmetry10.3390/sym1608100816:8(1008)Online publication date: 7-Aug-2024
https://doi.org/10.3390/sym16081008
Bai WPan ZGuo SChen ZRanchal R(2019)RMMDISecurity and Communication Networks10.1155/2019/80853032019Online publication date: 1-Jan-2019
https://dl.acm.org/doi/10.1155/2019/8085303

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten