Performance of AI algorithms for mining meaningful roles

Role-based access control (RBAC) is being today´s dominant access control model due to its potential to mitigate the complexity and cost of access control administration. However, the migration from the access control lists (ACL) to RBAC for a large administration system may consume significant efforts, which challenges the adoption of RBAC. Role mining algorithms can significantly reduce the migration cost by providing a partially automatic construction of an RBAC policy. This paper explores Artificial Intelligence (AI) techniques in designing role mining algorithms, which can optimize policy quality in terms of policy size, user-attribute-based interpretability of the roles, and the combination of size and interpretability. We propose two algorithms, genetic algorithm (GA)-based and ant colony optimization (ACO)-based. GA-based algorithm works by starting with a set of all candidate roles and repeatedly removing roles. ACO-based algorithm works by starting with an empty policy and repeatedly adding candidate roles. We carry out extensive experiments with publicly available access control policies. The simulation results indicate that ®the proposed algorithms achieves better performance than the corresponding existing algorithms. (2) GA-based approach produces better results than ACO-based approach.□