Dynamic Optimization of Role Concepts for Role-Based Access Control Using Evolutionary Algorithms-Reference-Cited by-同舟云学术

Dynamic Optimization of Role Concepts for Role-Based Access Control Using Evolutionary Algorithms

Published:2023-05-24 Issue:4 Volume:4 Page:
ISSN:2661-8907
Container-title:SN Computer Science
language:en
Short-container-title:SN COMPUT. SCI.

Author:

Anderer Simon,Kempter Tobias,Scheuermann Bernd,Mostaghim Sanaz

Abstract

AbstractTo ensure the security of current information systems, role-based access control (RBAC) is a widely used concept. For this purpose, based on an initial assignment of permissions to users, permissions are grouped to roles, which are then assigned to users. The corresponding (NP-complete) optimization problem, the so-called role mining problem (RMP), aims at finding a minimal set of roles and a corresponding assignment of those roles to users. Previously, the RMP has been considered as a static optimization problem. However, the application of RBAC in real business use cases requires the inclusion of dynamically occurring events that reflect changes in the business environment of companies, as well as events that result from direct user interaction with the role mining process. Therefore, in this paper, we provide a comprehensive overview and classification of the most relevant events for role mining and present methods for integrating them into the framework of an evolutionary role mining algorithm. The functional performance of these methods as well as the overall performance gain of dynamic role mining compared to the static approach is then examined in a series of experiments.

Funder

Bundesministerium für Bildung und Forschung

Hochschule Karlsruhe HKA

Publisher

Springer Science and Business Media LLC

Subject

Computer Science Applications,Computer Networks and Communications,Computer Graphics and Computer-Aided Design,Computational Theory and Mathematics,Artificial Intelligence,General Computer Science

Link

https://link.springer.com/content/pdf/10.1007/s42979-023-01805-1.pdf

Reference28 articles.

1. Verizon. Data breach investigations report 2019. Comput Fraud Security. 2019;2019(6):4. https://doi.org/10.1016/S1361-3723(19)30060-0.

2. Sandhu RS, Coyne EJ, Feinstein HL, Youman CE. Role-based access control models. Computer. 1996;29(2):38–47. https://doi.org/10.1109/2.485845.

3. Vaidya J, Atluri V, Guo Q, Lotz V, Thuraisingham B. (eds) The role mining problem. (eds Lotz V, Thuraisingham B.) Proceedings of the 12th ACM symposium on Access control models and technologies—SACMAT ’07, 175–184 (ACM Press, New York, 2007).

4. Anderer S, Kempter T, Scheuermann B, Mostaghim S. The dynamic role mining problem: role mining in dynamically changing business environments, 37–48. INSTICC (SciTePress, 2021).

5. Colantonio A, Di Pietro R, Ocello A, Wainwright RL, Haddad HM. (eds) A cost-driven approach to role engineering. (eds Wainwright RL, Haddad HM.) Proceedings of the 2008 ACM symposium on Applied computing - SAC ’08, 2129–2136 (ACM Press, New York, USA, 2008).

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. MFC-RMA (Matrix Factorization and Constraints- Role Mining Algorithm): An Optimized Role Mining Algorithm;Symmetry;2024-08-07

2. Application of Matrix Factorization Role Mining Algorithm in Role-Based Access Control for Edge RMP;2024 9th International Conference on Electronic Technology and Information Science (ICETIS);2024-05-17