Role Minimization as an Optimization Metric in Role Mining Algorithms: a Literature Review

  • Authors

    • Nazirah Abd. Hamid
    • Rabiah Ahmad
    • Siti Rahayu Selamat
    2018-12-09
    https://doi.org/10.14419/ijet.v7i4.31.23386
  • Access Control, Information Security, Optimization Metric, RBAC, Role Mining
  • Abstract

    A recent access control model that could accommodate a dynamic structure such as cloud computing can be recognized as role based access control and the role management process of this access control can be identified as role mining. The current trend in role based access control is the role mining problem that can be described as the difficulty to uncover an optimum set of roles from the user-permission assignment. To solve this problem, the researchers have proposed role mining algorithms to produce role set and among the existing algorithms there is an intrinsic topic of the common perception to evaluate the goodness of the generated role set. Eventually, the value of the identified roles could be measured by the preferred metric of optimality namely the number of roles, sizes of user-assignment and permission-assignment and Weighted Structural Complexity. Until now, there is some disagreement on the optimization metric but notably many researchers have agreed on the minimization of the number of roles as a solid metric. This paper discusses an overview of the current state-of-the-art on the recent role mining algorithms that focus on role minimization as an optimization metric to evaluate the goodness of the identified roles.

     

     

  • References

    1. [1] N. Meghanathan, “Review of Access Control Models for Cloud Computing,†Comput. Sci. Inf. Technol. ( CS IT ), vol. 3, no. 1, pp. 77–85, Sep. 2013.

      [2] M. Auxilia and K. Raja, “Dynamic Access Control Model for Cloud Computing,†in Sixth International Conference on Advanced Computing (ICoAC), 2014, pp. 47–56.

      [3] B. S. Sunitha and A. B. Basu, “Review of Role Based Access Control Method for Securing User Space in Cloud Computing,†Int. J. Comput. Trends Technol., vol. 14, no. 1, pp. 22–25, 2014.

      [4] Sourab, “Review Paper of Role Based Access Control Over Cloud Computing,†Int. J. Adv. Sci. Technol., vol. 2, no. I, pp. 31–34, 2014.

      [5] J. H. Jafarian, H. Takabi, H. Touati, E. Hesamifard, and M. Shehab, “Towards a General Framework for Optimal Role Mining: A Constraint Satisfaction Approach,†in Proceedings of the 20th ACM Symposium on Access Control Models and Technologies - SACMAT ’15, 2015, pp. 211–220.

      [6] M. Kunz, E. Fuchs, M. Netter, and G. Pernul, “How to Discover High-Quality Roles? A Survey and Dependency Analysis of Quality Criteria in Role Mining,†in Communications in Computer and Information Science, vol. 576, O. Camp, E. Weippl, C. Bidan, and E. Aïmeur, Eds. Cham: Springer International Publishing, 2015, pp. 49–67.

      [7] B. Mitra, S. Sural, J. Vaidya, and V. Atluri, “A Survey of Role Mining,†ACM Comput. Surv., vol. 48, no. 4, pp. 1–37, 2016.

      [8] N. A. Hamid, R. Ahmad, and S. S. Rahayu, “Recent Trends in Role Mining Algorithms for Role-Based Access Control: A Systematic Review,†World Appl. Sci. J., vol. 35, no. 7, pp. 1054–1058, 2017.

      [9] H. Lu, Y. Hong, Y. Yang, L. Duan, and N. Badar, “Towards user-oriented RBAC model,†J. Comput. Secur., vol. 23, no. 1, pp. 107–129, Mar. 2015.

      [10] H. Lu, J. Vaidya, and V. Atluri, “Optimal Boolean Matrix Decomposition: Application to Role Engineering,†in 2008 IEEE 24th International Conference on Data Engineering, 2008, pp. 297–306.

      [11] I. Molloy, H. Chen, T. Li, Q. Wang, N. Li, E. Bertino, S. Calo, and J. Lobo, “Mining Roles with Multiple Objectives,†ACM Trans. Inf. Syst. Secur., vol. 13, no. 4, pp. 1–35, Dec. 2010.

      [12] R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman, “Role-based access control models,†Computer (Long. Beach. Calif)., vol. 29, no. 2, pp. 38–47, 1996.

      [13] E. J. Coyne, “Role Engineering,†in Proceedings of the first ACM Workshop on Role-based access control, 1996, no. 4, pp. 15–16.

      [14] C. Jin, A. Shen, and W. Yu, “The RBAC System Based on Role Risk and User Trust,†Int. J. Comput. Commun. Eng., vol. 5, no. 5, pp. 374–380, 2016.

      [15] N. Al-Hadhrami, B. Aziz, S. Sardesai, and L. Ben Othmane, “Incremental Development of RBAC-Controlled E-Marking System Using the B Method,†in 2015 10th International Conference on Availability, Reliability and Security, 2015, pp. 532–539.

      [16] B. Mitra, S. Sural, V. Atluri, and J. Vaidya, “The Generalized Temporal Role Mining Problem,†J. Comput. Secur., vol. 23, no. 1, pp. 31–58, 2015.

      [17] I. Molloy, H. Chen, T. Li, Q. Wang, N. Li, E. Bertino, S. Calo, and J. Lobo, “Mining Roles with Semantic Meanings,†in Proceedings of the 13th ACM Symposium on Access Control Models and Technologies - SACMAT ’08, 2008, no. May 2014, pp. 21–30.

      [18] J. Vaidya, V. Atluri, and Q. Guo, “The Role Mining Problem: A Formal Perspective,†ACM Trans. Inf. Syst. Secur., vol. 13, no. 3, pp. 1–31, 2010.

      [19] J. Vaidya, V. Atluri, and J. Warner, “RoleMiner: Mining Roles using Subset Enumeration,†in Proceedings of the 13th ACM conference on Computer and communications security, 2006, no. January, pp. 144–153.

      [20] J. Vaidya, V. Atluri, and Q. Guo, “The Role Mining Problem: Finding a Minimal Descriptive Set of Roles,†in Proceedings of the 12th ACM Symposium on Access Control Models and Technologies - SACMAT ’07, 2007, p. 175.

      [21] A. Ene, W. Horne, N. Milosavljevic, P. Rao, R. Schreiber, and R. E. Tarjan, “Fast Exact and Heuristic Methods for Role Minimization Problems,†in Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, 2008, pp. 1–10.

      [22] H. Lu, J. Vaidya, and V. Atluri, “An Optimization Framework for Role Mining,†J. Comput. Secur., vol. 22, no. 1, pp. 1–31, Jan. 2014.

      [23] P. Sarana, A. Roy, S. Sural, J. Vaidya, and V. Atluri, “Role Mining in the Presence of Separation of Duty Constraints,†in International Conference on Information Systems Security, 2015, pp. 98–117.

      [24] L. Dong, K. Wu, and G. Tang, “A Data-Centric Approach to Quality Estimation of Role Mining Results,†IEEE Trans. Inf. Forensics Secur., vol. 11, no. 12, pp. 2678–2692, Dec. 2016.

      [25] P. Harika, M. Nagajyothi, J. C. John, S. Sural, J. Vaidya, and V. Atluri, “Meeting Cardinality Constraints in Role Mining,†IEEE Trans. Dependable Secur. Comput., vol. 12, no. 1, pp. 71–84, 2015.

      [26] H. Huang, F. Shang, J. Liu, and H. Du, “Handling Least Privilege Problem and Role Mining in RBAC,†J. Comb. Optim., vol. 30, no. 1, pp. 63–86, Jul. 2015.

      [27] A. Roy, S. Sural, A. K. Majumdar, J. Vaidya, and V. Atluri, “Minimizing Organizational User Requirement while Meeting Security Constraints,†ACM Trans. Manag. Inf. Syst., vol. 6, no. 3, pp. 1–25, Sep. 2015.

      [28] N. Pan, Z. Zhu, L. He, L. Sun, and H. Su, “Mining Approximate Roles under Important Assignment,†in 2nd IEEE International Conference on Computer and Communications, 2016, pp. 1319–1324.

      [29] B. Mitra, S. Sural, J. Vaidya, and V. Atluri, “Mining Temporal Roles using Many-Valued Concepts,†Comput. Secur., vol. 60, pp. 79–94, Jul. 2016.

      [30] S. Vavilis, A. I. Egner, M. Petkovic, and N. Zannone, “Role Mining with Missing Values,†in 11th International Conference on Availability, Reliability and Security (ARES), 2016, pp. 167–176.

      [31] O. Troyanskaya, M. Cantor, G. Sherlock, P. Brown, T. Hastie, R. Tibshirani, D. Botstein, and R. B. Altman, “Missing Value Estimation Methods for DNA Microarrays,†Bioinformatics, vol. 17, no. 6, pp. 520–525, Jun. 2001.

      [32] D. F. Ferraiolo, R. Chandramouli, G.-J. Ahn, and S. I. Gavrila, “The Role Control Center: Features and Case Studies,†in Proceedings of the eighth ACM symposium on Access control models and technologies - SACMAT ’03, 2003, no. May 2014, p. 12.

      [33] B. Shuriya and M. E. Graduate, “RBAM with Constraint Satisfaction Problem in Role Mining,†Int. J. Innov. Res. Dev., vol. 4, no. 2, pp. 100–102, 2015.

      [34] J. Lu, J. B. D. Joshi, L. Jin, and Y. Liu, “Towards Complexity Analysis of User Authorization Query Problem in RBAC,†Comput. Secur., vol. 48, no. September 2016, pp. 116–130, Feb. 2015.

      [35] W. Ye, R. Li, X. Gu, Y. Li, and K. Wen, “Role Mining using Answer Set Programming,†Futur. Gener. Comput. Syst., vol. 55, pp. 336–343, Feb. 2016.

      [36] I. Saenko and I. Kotenko, “Administrating Role-based Access Control by Genetic Algorithms,†in Proceedings of the Genetic and Evolutionary Computation Conference Companion on - GECCO ’17, 2017, pp. 1463–1470.

      [37] N. Pan, Z. Zhu, L. He, and L. Sun, “An Efficiency Approach for RBAC Reconfiguration with Minimal Roles and Perturbation,†Concurr. Comput. Pract. Exp., no. December, pp. 1–15, Dec. 2017.

  • Downloads

  • How to Cite

    Abd. Hamid, N., Ahmad, R., & Rahayu Selamat, S. (2018). Role Minimization as an Optimization Metric in Role Mining Algorithms: a Literature Review. International Journal of Engineering & Technology, 7(4.31), 306-310. https://doi.org/10.14419/ijet.v7i4.31.23386

    Received date: 2018-12-07

    Accepted date: 2018-12-07

    Published date: 2018-12-09