Automatic migration to role based access control

Ian M Molloy, Purdue University


The success of role-based access control both within the research community and industry is undeniable. One of the main reasons for RBAC’s adoption is its ability to reduce administration costs, help eliminate errors, and improve the security of a system. Before these advantages can be observed, an organization must first migrate their access control data over to RBAC. This is a process known as role engineering, and is potentially expensive. We view the problem of role engineering as an optimization of the existing access control information (permission assignments, attributes, usage logs, etc.) that maximizes the return on investment in deploying RBAC given a model of a human administrator. We focus on three main objectives: the RBAC state must be compact, and minimize the costs to administer access to users; the RBAC state must contain semantically meaningful roles that correspond to real-world concepts and job duties; and the RBAC state must be correct and secure. We develop a two-phase process for role mining: first clean the data, and then find candidate roles. Techniques based on rank-reduced matrix decomposition and a model of security are used to clean the data to eliminate errors, predict unknown values, and identify assignments that are applicable to RBAC. Second, we develop a measure of administrative costs based on the structural complexity of the RBAC system. The complexity is parameterized and makes few assumptions regarding administrative effort. Two algorithms founded in the theory of formal concept analysis are developed to minimize the RBAC state complexity while maintaining semantically meaningful roles. This dissertation illustrates that it is possible to automatically specify an access control system, such as role-based access control, from incomplete and noisy input data consisting of allow-deny decisions and attributes describing the subjects, objects, and rights. Further, one can ensure the resulting access control system has low administrative costs as measured by the structural complexity and semantic meaning of the resulting access control state.




Li, Purdue University.

Subject Area

Computer science

Off-Campus Purdue Users:
To access this dissertation, please log in to our
proxy server