Role mining using answer set programming

With the increasing adoption of role-based access control (RBAC) in business security, role mining technology has been widely applied to aid the process of migrating a non-RBAC system to an RBAC system. However, because it is hard to deal with a variety of constraint conflicts at the same time, none...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Future generation computer systems Jg. 55; S. 336 - 343
Hauptverfasser: Ye, Wei, Li, Ruixuan, Gu, Xiwu, Li, Yuhua, Wen, Kunmei
Format: Journal Article
Sprache:Englisch
Veröffentlicht: Elsevier B.V 01.02.2016
Schlagworte:
Answer set programming
Constraint
RBAC
Role mining
Role mining
RBAC
Constraint
Answer set programming
ISSN:0167-739X, 1872-7115
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:With the increasing adoption of role-based access control (RBAC) in business security, role mining technology has been widely applied to aid the process of migrating a non-RBAC system to an RBAC system. However, because it is hard to deal with a variety of constraint conflicts at the same time, none of existing role mining algorithms can simultaneously satisfy various constraints that usually describe organizations’ security and business requirements. To extend the ability of role mining technology, this paper proposes a novel role mining approach using answer set programming (ASP) that complies with constraints and meets various optimization objectives, named constrained role miner (CRM). Essentially, the idea is that ASP is an approach to declarative problem solving. Thus, either to discover RBAC configurations or to deal with conflicts between constraints, ASP programs do not need to specify how answers are computed. Finally, we demonstrate the effectiveness and efficiency of our approach through experimental results. •We propose a novel role mining approach using ASP.•This novel role mining approach can comply with various kinds of constraints.•This novel role mining approach meets multi-objective optimization at the same time.
ISSN:0167-739X
1872-7115
DOI:10.1016/j.future.2014.10.018