Meeting Cardinality Constraints in Role Mining

Harika P.; Nagajyothi M.; John J.C.; Sural S.; Vaidya J.; Atluri V.

首页> 外文期刊>Dependable and Secure Computing, IEEE Transactions on >Meeting Cardinality Constraints in Role Mining

【24h】

Meeting Cardinality Constraints in Role Mining

机译：在角色挖掘中满足基数约束

获取原文

获取原文并翻译 | 示例

开具论文收录证明 >>

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Role mining is a critical step for organizations that migrate from traditional access control mechanisms to role based access control (RBAC). Additional constraints may be imposed while generating roles from a given user-permission assignment relation. In this paper we consider two such constraints which are the dual of each other. A role-usage cardinality constraint limits the maximum number of roles any user can have. Its dual, the permission-distribution cardinality constraint, limits the maximum number of roles to which a permission can belong. These two constraints impose mutually contradictory requirements on user to role and role to permission assignments. An attempt to satisfy one of the constraints may result in a violation of the other. We show that the constrained role mining problem is NP-Complete and present heuristic solutions. Two distinct frameworks are presented in this paper. In the first approach, roles are initially mined without taking the constraints into account. The user-role and role-permission assignments are then checked for constraint violation in a post-processing step, and appropriately re-assigned, if necessary. In the second approach, constraints are enforced during the process of role mining. The methods are first applied on problems that consider the two constraints individually, and then with both considered together. Both methods are evaluated over a number of real-world data sets.

机译：对于从传统访问控制机制迁移到基于角色的访问控制（RBAC）的组织而言，角色挖掘是至关重要的一步。从给定的用户权限分配关系生成角色时，可能会施加其他约束。在本文中，我们考虑两个这样的约束条件，它们是彼此对偶的。角色使用基数约束限制了任何用户可以拥有的最大角色数。它的双重权限分配基数约束限制了权限可以属于的最大角色数。这两个约束对用户到角色和角色到权限分配提出了相互矛盾的要求。尝试满足其中一个约束可能会导致违反另一个约束。我们证明了约束角色挖掘问题是NP-Complete并提出了启发式解决方案。本文提出了两个不同的框架。在第一种方法中，最初是在不考虑约束的情况下挖掘角色的。然后，在后处理步骤中检查用户角色和角色权限分配是否违反约束，并在必要时进行适当的重新分配。在第二种方法中，在角色挖掘过程中强制执行约束。这些方法首先应用于分别考虑两个约束的问题，然后将两个约束一起考虑。两种方法均通过大量实际数据集进行评估。

著录项

来源
《Dependable and Secure Computing, IEEE Transactions on》 |2015年第1期|71-84|共14页
作者
Harika P.; Nagajyothi M.; John J.C.; Sural S.; Vaidya J.; Atluri V.;
展开▼
作者单位

School of Information Technology , Indian Institute of Technology, Kharagpur, India;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
Access control; Corporate acquisitions; Data mining; Matrix decomposition; Merging; Organizations; RBAC; cardinality constraint; concurrent framework; post-processing framework; role mining;

机译：访问控制;企业收购;数据挖掘;矩阵分解;合并;组织;RBAC;基数约束;并发框架;后处理框架;角色挖掘;

相似文献

外文文献
中文文献
专利

1. Role mining based on permission cardinality constraint and user cardinality constraint [J] . Ma Xiaopu, Li Ruixuan, Wang Hongwei, Security and Communications Networks . 2015,第13期

机译：基于权限基数约束和用户基数约束的角色挖掘
2. Role mining based on permission cardinality constraint and user cardinality constraint [J] . Xiaopu Ma, Ruixuan Li, Hongwei Wang, Security and Communication Networks (Online) . 2015,第13期

机译：基于权限基数约束和用户基数约束的角色挖掘
3. Role mining based on cardinality constraints [J] . Ruixuan Li, Huaqing Li, Xiwu Gu, Concurrency, practice and experience . 2015,第12期

机译：基于基数约束的角色挖掘
4. Role Mining under Role-Usage Cardinality Constraint [C] . John C. John, Shamik Sural, Vijayalakshmi Atluri, Information security and privacy research . 2012

机译：角色使用基数约束下的角色挖掘
5. Mining roles and access control for relational data under privacy and accuracy constraints. [D] . Pervaiz, Zahid. 2013

机译：在隐私和准确性约束下，关系数据的挖掘角色和访问控制。
6. Solving Logistic Regression with Group Cardinality Constraints for Time Series Analysis [O] . Yong Zhang, Kilian M. Pohl -1

机译：使用组基数约束解决Logistic回归以进行时间序列分析
7. Role Mining under Role-Usage Cardinality Constraint [O] . John, John,, Sural, Shamik, Atluri, Vijayalakshmi, 2012

机译：角色使用基数约束下的角色挖掘

Meeting Cardinality Constraints in Role Mining

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅