Barsha Mitra scite author profile

Role-Based Access Control (RBAC) is the most widely used model for advanced access control deployed in diverse enterprises of all sizes. RBAC critically depends on defining roles, which are a functional intermediate between users and permissions. Thus, for RBAC to be effective, an appropriate set of roles needs to be identified. Since many organizations already have user-permission assignments defined in some form, it makes sense to identify roles from this existing information. This process, known as role mining, is one of the critical steps for successful RBAC adoption in any enterprise. In recent years, numerous role mining techniques have been developed, which take into account the characteristics of the core RBAC model, as well as its various extended features. In this article, we comprehensively study and classify the basic problem of role mining along with its several variants and the corresponding solution strategies. Categorization is done on the basis of the nature of the target RBAC system, the objective of role mining, and the type of solution. We then discuss the limitations of existing work and identify new areas of research that can lead to further enrichment of this field.

show abstract

The generalized temporal role mining problem

Mitra

Sural

Atluri

et al. 2015

JCS

View full text Add to dashboard Cite

Role mining, the process of deriving a set of roles from the available user-permission assignments, is considered to be an essential step in successful implementation of Role-Based Access Control (RBAC) systems. Traditional role mining techniques, however, are not equipped to handle temporal extensions of RBAC like the Temporal-RBAC (TRBAC) model. In this paper, we formally define the problem of finding a minimal set of roles from temporal user-permission assignments, such that in the resulting TRBAC system, users acquire either the same or a subset of the permissions originally assigned to them for the complete or partial durations of time as specified in the input. We show that the problem is NP-complete and propose a greedy algorithm for solving it. Our algorithm first derives a set of candidate roles from the temporal user-permission assignments and then selects the least possible number of roles from the candidate role set. The final output consists of a set of roles, a user-to-role assignment relation, a role-to-permission assignment relation and a role enabling base describing the time durations for which each role is enabled. Performance of the proposed approach has been evaluated on a number of synthetic as well as real-world datasets.

show abstract

Toward Mining of Temporal Roles

Mitra

Sural

Atluri

et al. 2013

View full text Add to dashboard Cite

Abstract. In Role-Based Access Control (RBAC), users acquire permissions through their assigned roles. Role mining, the process of finding a set of roles from direct user-permission assignments, is essential for successful implementation of RBAC. In many organizations it is often required that users are given permissions that can vary with time. To handle such requirements, temporal extensions of RBAC like Temporal-RBAC (TRBAC) and Generalized Temporal Role-Based Access Control (GTRBAC) have been proposed. Existing role mining techniques, however, cannot be used to process the temporal element associated with roles in these models. In this paper, we propose a method for mining roles in the context of TRBAC. First we formally define the Temporal Role Mining Problem (TRMP), and then show that the TRMP problem is NP-complete and present a heuristic approach for solving it.

show abstract

Mining temporal roles using many-valued concepts

Mitra

Sural

Vaidya

et al. 2016

Computers & Security

View full text Add to dashboard Cite

A novel blockchain based framework to secure IoT-LLNs against routing attacks

2020

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Barsha Mitra

A Survey of Role Mining

The generalized temporal role mining problem

Toward Mining of Temporal Roles

Mining temporal roles using many-valued concepts

A novel blockchain based framework to secure IoT-LLNs against routing attacks

Contact Info

Product

Resources

About