EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Handling least privilege problem and role mining in RBAC

Hejiao Huang (), Feng Shang (), Jinling Liu () and Hongwei Du ()
Additional contact information
Hejiao Huang: Harbin Institute of Technology Shenzhen Graduate School
Feng Shang: Harbin Institute of Technology Shenzhen Graduate School
Jinling Liu: Harbin Institute of Technology Shenzhen Graduate School
Hongwei Du: Harbin Institute of Technology Shenzhen Graduate School

Journal of Combinatorial Optimization, 2015, vol. 30, issue 1, No 6, 63-86

Abstract: Abstract For a given role-based access control (RBAC) configuration, user-role assignment satisfying least privilege principle (specified as LPUAP) is one of the most important problems to be solved in information security. LPUAP has been proved to be NP-hard. This paper gives several efficient greedy algorithms for handling this problem. Experiment results show that the output of our algorithms is almost optimal while the running time is greatly reduced. In another case where a RBAC configuration is to be set up, minimizing the descriptive set of roles (specified as Basic-RMP) and minimizing the administrative assignments for roles (specified as Edge-RMP) can greatly decrease the management costs. Both role mining problems (i.e., Basic-RMP and Edge-RMP) have also been proved to be NP-hard. This paper converts Basic-RMP to set cover problem and Edge-RMP to weighted set cover problem, and two algorithms respectively named $$GA_{Basic}$$ GA Basic algorithm for Basic-RMP and $$GA_{Edge}$$ GA Edge algorithm for Edge-RMP, are designed. Experiment results show that the average similarity rate between role sets produced by $$GA_{Basic}$$ GA Basic algorithm and the original ones used in generating the dataset is above 90 %. However, in the process of converting role mining into Set Cover Problem, the number of candidate role set is very large. In order to reduce the complexity of the $$GA_{Basic}$$ GA Basic algorithm, this paper presents a new polynomial-time algorithm with a performance nearly the same as that of $$GA_{Basic}$$ GA Basic algorithm.

Keywords: RBAC; Role mining; Greedy algorithm (search for similar items in EconPapers)
Date: 2015
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (2)

Downloads: (external link)
http://link.springer.com/10.1007/s10878-013-9633-9 Abstract (text/html)
Access to the full text of the articles in this series is restricted.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:jcomop:v:30:y:2015:i:1:d:10.1007_s10878-013-9633-9

Ordering information: This journal article can be ordered from
https://www.springer.com/journal/10878

DOI: 10.1007/s10878-013-9633-9

Access Statistics for this article

Journal of Combinatorial Optimization is currently edited by Thai, My T.

More articles in Journal of Combinatorial Optimization from Springer
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-20
Handle: RePEc:spr:jcomop:v:30:y:2015:i:1:d:10.1007_s10878-013-9633-9