The concept of role has revolutionized the access control systems by making them more efficient and by simplifying their management. Role mining is the discipline of automating the definition of roles in a given access control system. It is a vivid research area, which has attracted a growing interest in the last years. Research on role mining has produced several interesting contributions in this field, and has also raised several related issues toward leveraging them in actual enterprises. This paper is a comprehensive analysis of the main research directions around role mining and the future trends. The authors present the problem of role mining, the current achievements to solve it and the related open issues. With this objective, they define a complete and realistic business process for Role Mining, and the authors sequentially analyze the issues related to each step of the process by investigating the main contributions in the literature. They also point the unhandled issues and we highlight the future perspectives.
Abstract-The use of role engineering has grown in importance with the expansion of highly abstracted access control frameworks in organizations. In particular, the use of role mining techniques for the discovery of roles from previously deployed authorizations has facilitated the configuration of such frameworks. However, the literature lacks from a clear basis for appraising and leveraging the learning outcomes of the role mining process. In this paper, we provide such a formal basis. We compare sets of roles by projecting roles from one set into the other set. This approach allows to measure how comparable the two configurations of roles are, and to interpret each role. We formally define the problem of comparing sets of roles, and prove that the problem is NP-complete. Then, we propose an algorithm to map the inherent relation among the sets based on algebraic expressions. We demonstrate the correctness and completeness of our solution, and investigate some further issues that may benefit from our approach, such as detection of unhandled perturbations or source misconfiguration.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.