Hybrid Role Mining Methods with Minimal Perturbation

Zhai Zhigang; Wang Jiandong; Cao Zining; Mao Yuguang

Journal of Computer Research and Development > 2013 > 50(5): 951-960.

Zhai Zhigang, Wang Jiandong, Cao Zining, Mao Yuguang. Hybrid Role Mining Methods with Minimal Perturbation[J]. Journal of Computer Research and Development, 2013, 50(5): 951-960.

Citation:

Zhai Zhigang, Wang Jiandong, Cao Zining, Mao Yuguang. Hybrid Role Mining Methods with Minimal Perturbation[J]. Journal of Computer Research and Development, 2013, 50(5): 951-960.

Citation:

Zhai Zhigang, Wang Jiandong, Cao Zining, Mao Yuguang. Hybrid Role Mining Methods with Minimal Perturbation[J]. Journal of Computer Research and Development, 2013, 50(5): 951-960.

PDF (1552 KB)

Hybrid Role Mining Methods with Minimal Perturbation

1(College of Computer Science and Technology, Nanjing University of Aeronautics & Astronautics, Nanjing 210016) 2(Jiangsu Provincial Govenment Offices Administration, Nanjing 210024) 3(State Key Laboratory for Novel Software Technology (Nanjing University), Nanjing 210093)

More Information

Published Date: May 14, 2013

Graphical Abstract

Abstract

Abstract

A basic problem in the design of role-based access control (RBAC) system is to automatically discover roles and configure user-role assignment and permission-role assignment. In order to achieve these objectives, researchers have proposed to discover roles from the existing user-permission assignments using data mining techniques, which is called role mining. But most of the existing role mining techniques do not consider the existing RBAC configurations and try to define everything from scratch. The definitions of similarity in the literature do not satisfy the commutative law. In this paper, we formally present a hybrid role mining method, providing deployed roles set using top-down approach and mining candidate role set using bottom-up approach. We propose the measures of weighted structural complexity for the optimality of the RBAC state. We also present the definitions of similarity of role sets for minimal perturbation that satisfy the commutative law and the similarity computation algorithm. Finally, the hybrid role mining algorithm with minimal perturbation is discussed. The algorithm’ computational complexity is analyzed and the effectiveness of the algorithm is evaluated. The evaluation results demonstrate the correctness and effectiveness of our approach.
- role mining,
- role engineering,
- role-based access control (RBAC),
- weighted structural complexity(WSC),
- similarity

FullText(HTML)

References (0)

[1]	Xu He, Wu Di, Lu Jiwu, Li Renfa. An Intrusion Detection Algorithm and Its Hardware Acceleration for CAN in Vehicles[J]. Journal of Computer Research and Development, 2023, 60(12): 2783-2796. DOI: 10.7544/issn1000-1239.202220035
[2]	Yin Shenglin, Zhang Xinglan, Zuo Liyu. Intrusion Detection System for Dual Route Deep Capsule Network[J]. Journal of Computer Research and Development, 2022, 59(2): 418-429. DOI: 10.7544/issn1000-1239.20200825
[3]	Ren Jiadong, Liu Xinqian, Wang Qian, He Haitao, Zhao Xiaolin. An Multi-Level Intrusion Detection Method Based on KNN Outlier Detection and Random Forests[J]. Journal of Computer Research and Development, 2019, 56(3): 566-575. DOI: 10.7544/issn1000-1239.2019.20180063
[4]	Shi Shengfei, Zhang Wei, Li Jianzhong. A Complex Event Detection Algorithm Based on Correlation Analysis[J]. Journal of Computer Research and Development, 2014, 51(8): 1871-1879. DOI: 10.7544/issn1000-1239.2014.20120813
[5]	Wang Qi'an and Chen Bing. Intrusion Detection System Using CVM Algorithm with Extensive Kernel Methods[J]. Journal of Computer Research and Development, 2012, 49(5): 974-982.
[6]	Mao Guojun and Zong Dongjun. An Intrusion Detection Model Based on Mining Multi-Dimension Data Streams[J]. Journal of Computer Research and Development, 2009, 46(4): 602-609.
[7]	Li Qinghua and Zhao Feng. The PBL Method: A Novel Parallel Error Detection Method for Intrusion Tolerance Systems[J]. Journal of Computer Research and Development, 2006, 43(8): 1411-1416.
[8]	Yang Wu, Yun Xiaochun, Li Jianhua. An Efficient Approach to Intrusion Detection Based on Boosting Rule Learning[J]. Journal of Computer Research and Development, 2006, 43(7): 1252-1259.
[9]	Mu Chengpo, Huang Houkuan, and Tian Shengfeng. A Survey of Intrusion-Detection Alert Aggregation and Correlation Techniques[J]. Journal of Computer Research and Development, 2006, 43(1): 1-8.
[10]	Wang Jin, Li Dequan, and Feng Dengguo. An Autonomous Agent-Based Adaptive Distributed Intrusion Detection System[J]. Journal of Computer Research and Development, 2005, 42(11): 1934-1939.