Finding an optimum set of roles in a CPAC model

Kabir, Enamul and Wang, Hua and Sun, Lili (2019) Finding an optimum set of roles in a CPAC model. In: 2019 International Conference on Networking and Network Applications (NaNA 2019), 10-13 Oct 2019, Daegu City, Korea.


Abstract

Purpose-based access control models are widely applied in both governments and industry. According to users' attributes, users are required to dynamically act as various roles. Access permissions with roles are assigned to users that shows what can do for the purposes with certain conditions. Conditional role involved purpose-based access control models (CPAC) are designed for users to dynamically act with conditional roles. For efficiency of an access method, it is a challenging problem to find an optimal set of roles from an existing access control model. This paper devises a set of roles in implementing a CPAC model that can deal with the problem. We define a conditional role mining problem (CRMP) model that includes conditional roles and purposes. Algorithms are developed to discover an optimal set of roles from existing permissions in the access control model. Furthermore, based on practical situations, two different variations from CRMP are introduced. One is named δ-approx CRMP while the other is Minimal Noise CRMP. The two variations are not analysed in this paper but in future work.


Statistics for USQ ePrint 39529
Statistics for this ePrint Item
Item Type: Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)
Refereed: Yes
Item Status: Live Archive
Additional Information: Permanent restricted access to Published version, in accordance with the copyright policy of the publisher.
Faculty/School / Institute/Centre: Current - Faculty of Health, Engineering and Sciences - School of Sciences (6 Sep 2019 -)
Faculty/School / Institute/Centre: Current - Faculty of Health, Engineering and Sciences - School of Sciences (6 Sep 2019 -)
Date Deposited: 11 Sep 2020 04:52
Last Modified: 09 Oct 2020 04:59
Uncontrolled Keywords: conditional role mining; access control; purpose; privacy
Fields of Research (2008): 08 Information and Computing Sciences > 0899 Other Information and Computing Sciences > 089999 Information and Computing Sciences not elsewhere classified
Socio-Economic Objectives (2008): E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences
Identification Number or DOI: https://doi.org/10.1109/NaNA.2019.00014
URI: http://eprints.usq.edu.au/id/eprint/39529

Actions (login required)

View Item Archive Repository Staff Only