| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 425581 | Future Generation Computer Systems | 2016 | 8 Pages |
•We propose a novel role mining approach using ASP.•This novel role mining approach can comply with various kinds of constraints.•This novel role mining approach meets multi-objective optimization at the same time.
With the increasing adoption of role-based access control (RBAC) in business security, role mining technology has been widely applied to aid the process of migrating a non-RBAC system to an RBAC system. However, because it is hard to deal with a variety of constraint conflicts at the same time, none of existing role mining algorithms can simultaneously satisfy various constraints that usually describe organizations’ security and business requirements. To extend the ability of role mining technology, this paper proposes a novel role mining approach using answer set programming (ASP) that complies with constraints and meets various optimization objectives, named constrained role miner (CRM). Essentially, the idea is that ASP is an approach to declarative problem solving. Thus, either to discover RBAC configurations or to deal with conflicts between constraints, ASP programs do not need to specify how answers are computed. Finally, we demonstrate the effectiveness and efficiency of our approach through experimental results.
