Open Access Open Access  Restricted Access Subscription Access

Visual Elicitation of Roles:Using a Hybrid Approach


Affiliations
1 Mount Zion College of Engineering and Technology, Computer Science and Engineering, Pudukottai, India
 

Access control is the process of mediating requests to data and services maintained a system, determining which requests should be granted or denied. Significant research has focused on providing formal representation of access control models. Role Based Access Control (RBAC) has become the norm in most organizations. This success is greatly due to its simplicity: a role identifies a set of Permissions; users in turn are assigned to roles based on their responsibilities. To implement a RBAC system, it is important to devise a complete set of roles. This design task, known as role engineering, has been recognized as the costliest part of a RBAC – oriented project. We propose a new role engineering approach to Role – Based Access Control (RBAC) referred to as visual role mining. The main aim is to graphically represent user – permission assignments to enable quick analysis and elicitation of meaningful roles. We propose two algorithms: VISRODE (VISualize Roles using DicE) and EXTRACT (Exception Tolerant Role ACTualizer). A heuristic algorithm VISRODE is used to sort the users and permissions matrix to avoid the large gaps between items using DicE coefficient. EXTRACT is a probabilistic algorithm and it generates a list of pseudo roles. This paper offers a graphical way to effectively navigate the result so that it reduces the time complexity in visualizing the roles.

Keywords

Datasets, Matrix Sorting, Role Engineering, Role Mining Algorithms, Pseudo Roles, Visual Mining.
User
Notifications
Font Size

Abstract Views: 210

PDF Views: 0




  • Visual Elicitation of Roles:Using a Hybrid Approach

Abstract Views: 210  |  PDF Views: 0

Authors

A. Arockia Eucharista
Mount Zion College of Engineering and Technology, Computer Science and Engineering, Pudukottai, India
K. Haribaskar
Mount Zion College of Engineering and Technology, Computer Science and Engineering, Pudukottai, India

Abstract


Access control is the process of mediating requests to data and services maintained a system, determining which requests should be granted or denied. Significant research has focused on providing formal representation of access control models. Role Based Access Control (RBAC) has become the norm in most organizations. This success is greatly due to its simplicity: a role identifies a set of Permissions; users in turn are assigned to roles based on their responsibilities. To implement a RBAC system, it is important to devise a complete set of roles. This design task, known as role engineering, has been recognized as the costliest part of a RBAC – oriented project. We propose a new role engineering approach to Role – Based Access Control (RBAC) referred to as visual role mining. The main aim is to graphically represent user – permission assignments to enable quick analysis and elicitation of meaningful roles. We propose two algorithms: VISRODE (VISualize Roles using DicE) and EXTRACT (Exception Tolerant Role ACTualizer). A heuristic algorithm VISRODE is used to sort the users and permissions matrix to avoid the large gaps between items using DicE coefficient. EXTRACT is a probabilistic algorithm and it generates a list of pseudo roles. This paper offers a graphical way to effectively navigate the result so that it reduces the time complexity in visualizing the roles.

Keywords


Datasets, Matrix Sorting, Role Engineering, Role Mining Algorithms, Pseudo Roles, Visual Mining.