RMMDI: A Novel Framework for Role Mining Based on the Multi-Domain Information

Bai, Wei; Pan, Zhisong; Guo, Shize; Chen, Zhe

doi:10.1155/2019/8085303

Cited by 7 publications

(8 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Bai et al [2] propose a framework for role mining based on the multi-domain information named RMMDI. This framework uses information in multi-domains, including network domain, digital domain, and physical domain, to discover the relationships between users and permissions.…”

Section: Role Mining Via Nmfmentioning

confidence: 99%

A Scalable Role Mining Approach for Large Organizations

Abolfathi

Raghebi

Jafarian

et al. 2021

Proceedings of the 2021 ACM Workshop on Security and Privacy Analytics

View full text Add to dashboard Cite

Role-based access control (RBAC) model has gained significant attention in cybersecurity in recent years. RBAC restricts system access only to authorized users based on the roles and regulations within an organization. The flexibility and usability of this model have encouraged organizations to migrate from traditional discretionary access control (DAC) models to RBAC. However, this transition requires accomplishing a very challenging task called role mining in which users' roles are generated from the existing access control lists. Although various approaches have been proposed to address this NP-complete problem in the literature, they suffer either from low scalability such that their execution time increases exponentially with the input size, or they rely on fast heuristics with low optimality that generate too many roles. In this paper, we introduce a highly scalable yet optimal approach to tackle the role mining problem. To this end, we utilize a non-negative rank reduced matrix decomposition method to decompose a large-scale user-permission assignment into two constitutive components, i.e. the user-role and role-permission assignments. Then, we apply a thresholding technique to convert real-valued components into binary-valued factors. We employ various access control configurations and demonstrate that our proposed model is able to effectively discover the latent relationship behind the user-permission data even with large datasets.

show abstract

Section: Role Mining Via Nmfmentioning

confidence: 99%

A Scalable Role Mining Approach for Large Organizations

Abolfathi

Raghebi

Jafarian

et al. 2021

Proceedings of the 2021 ACM Workshop on Security and Privacy Analytics

View full text Add to dashboard Cite

show abstract

“…Role mining and role engineering are the main concerned research areas in RBAC research. A role mining framework was proposed in [25] taking into account the organizational entity-relation information. The work done in [26], [27] showed the role mining and role engineering optimization with separation of duty and cardinality constraints.…”

Section: Related Workmentioning

confidence: 99%

Intelligent Role-Based Access Control Model and Framework Using Semantic Business Roles in Multi-Domain Environments

et al. 2020

View full text Add to dashboard Cite

Today's rapidly developing communication technologies and dynamic collaborative business models made the security of data and resources more crucial than ever especially in multi-domain environments like Cloud and Cyber-Physical Systems (CPS). It enforced the research community to develop enhanced access control techniques and models for resources across multi-domain distributed environments so that the security requirements of all participating organizations can be fulfilled through considering dynamicity of changing environments and versatility of access control policies. The popularity of Role-Based Access Control (RBAC) model is irrefutable because of low administrative overhead and largescale implementation in business organizations. However, it does not incorporate the dynamically changing policies and lacks semantically meaningful business roles which could have a diverse impact upon access decisions in multi-domain business environments. This paper describes our proposed novel access control framework that uses semantic business roles and intelligent agents through implementation of our Intelligent RBAC (I-RBAC) model. It encompasses occupational entitlements as roles for multiple domains. We use the dataset of original occupational roles provided by Standard Occupational Classification (SOC), USA. The novelty of the paper lies in developing a core I-RBAC ontology using real-world semantic business roles and intelligent agent technologies together for achieving required level of access control in highly dynamic multi-domain environment. The intelligent agents use WordNet and bidirectional LSTM deep neural network for automated population of organizational ontology from unstructured text policies. This dynamically learned organizational ontology is further matched with our core I-RBAC ontology in order to extract unified semantic business roles. The proposed I-RBAC model is mathematically described and the overall I-RBAC framework and its implementation architecture is explained. At the end, the I-RBAC model is validated through the implementation results that show a linear runtime trend of the model in presence of a large number of permission assignments and multiple queries.

show abstract

“…With the rapid development of the Internet, the current big data technology is characterized by large data volume, fast output speed, wide data types, and complex relationships among data. Therefore, it faces many difficulties and security risks in the process of data collection, data storage, data transmission, and data application [1][2][3]. For the current problems, traditional big data security technology has been difficult to operate effectively in the big data environment [4][5][6].…”

Section: Introductionmentioning

confidence: 99%

A Novel Framework for Authority Management Based on Knowledge Base Completion of the Graph Neural Network

Wang

Xia

Zhao

et al. 2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Big data is massive and heterogeneous, along with the rapid increase in data quantity, and the diversification of user access, traditional database, and access control methods can no longer meet the requirements of big data storage and flexible access control. To solve this problem, an entity relationship completion and authority management method is proposed. By combining the weighted graph convolutional neural network and the attention mechanism, a knowledge base completion model is given. On this basis, the authority management model is formally defined and the process of multilevel trust access control is designed. The effectiveness of the proposed method is verified by experiments, and the authority management of knowledge base is more fine-grained and more secure.

show abstract

RMMDI: A Novel Framework for Role Mining Based on the Multi-Domain Information

Cited by 7 publications

References 33 publications

A Scalable Role Mining Approach for Large Organizations

A Scalable Role Mining Approach for Large Organizations

Intelligent Role-Based Access Control Model and Framework Using Semantic Business Roles in Multi-Domain Environments

A Novel Framework for Authority Management Based on Knowledge Base Completion of the Graph Neural Network

Contact Info

Product

Resources

About