The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Role Mining on Relational Data

Download

Download PDF Document
PDF

Author

Zahid Pervaiz, Arif Ghafoor, Walid G. Aref

Tech report number

CERIAS TR 2013-2

Entry type

unpublished

Abstract

Fine-grained access control for relational data defines user authorizations at the tuple level. Role Based Access Control (RBAC) has been proposed for relational data where roles are allowed access to tuples based on the authorized view defined by a selection predicate. During the last few years, extensive research has been conducted in the area of role engineering. The existing approaches for role engineering are top-down (using domain experts), bottom-up (role-mining), or a hybrid of both. However, no research has been conducted for role engineering in relational data. In this paper, we address this problem. The challenge is to extract an RBAC policy with authorized selection predicates for users given an existing tuple-level fine-grained access control policy. We formulate the problem for relational data, propose a role mining algorithm and conduct experimental evaluation. Experiments demonstrate that the proposed algorithm can achieve up to 400% improvement in performance for relational data as compared to existing role mining techniques.

Download

PDF

Date

2013 – 1 – 1

Key alpha

RBAC, role mining, relational data

Publication Date

2013-01-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.