Title :
Role Mining Using Boolean Matrix Decomposition with Hierarchy
Author :
Wei Ye ; Ruixuan Li ; Huaqing Li
Author_Institution :
Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan, China
Abstract :
With the increasing adoption of role-based access control (RBAC) in business security, how to apply role mining technology to aid the process of migrating a non-RBAC system to a RBAC system has become an important problem. Numerous approaches have been proposed to use data mining techniques to discover the roles. However, the Boolean matrix decomposition is still little used in role mining, because Boolean matrix decomposition without hierarchy can not express the hierarchical relationships of the RBAC model. In this paper, we propose a new method of Boolean matrix decomposition which can clearly express the hierarchical relationships of the RBAC model. Then, we introduce the cost-utility analysis method in economics to guide the role mining. Our optimization goal is not only to minimize the administration costs, but also to maximize the utility of RBAC configuration in the meanwhile. We further propose a heuristic algorithm to find the optimal solution with the Boolean matrix decomposition. The experimental results demonstrate the effectiveness of our approach.
Keywords :
Boolean algebra; authorisation; data mining; matrix decomposition; Boolean matrix decomposition; cost-utility analysis method; data mining techniques; heuristic algorithm; hierarchy; nonRBAC system; role discovery; role mining technology; role-based access control; Algorithm design and analysis; Context; Formal concept analysis; Lattices; Matrix decomposition; Optimization; Security; cost-utility; rbac; role engineering; role mining;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on
Conference_Location :
Melbourne, VIC
DOI :
10.1109/TrustCom.2013.98
