Professional Documents
Culture Documents
Role Mining Business: Taming Role-Based Access Control Administration
Role Mining Business: Taming Role-Based Access Control Administration
com
by 94.68.243.247 on 01/28/16. For personal use only.
8292.9789814374002-tp.indd 1
Control Administration
Taming Role-Based Access
in Business
Role Mining
1/11/12 11:36 AM
Role Mining in Business Downloaded from www.worldscientific.com
by 94.68.243.247 on 01/28/16. For personal use only.
Alessandro Colantonio
Bay31 GmbH, Switzerland
Roberto Di Pietro
Università di Roma Tre, Italy
Alberto Ocello
CrossIdeas Srl, Italy
World Scientific
NEW JERSEY • LONDON • SINGAPORE • BEIJING • SHANGHAI • HONG KONG • TA I P E I • CHENNAI
A catalogue record for this book is available from the British Library.
by 94.68.243.247 on 01/28/16. For personal use only.
For photocopying of material in this volume, please pay a copying fee through the Copyright
Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, USA. In this case permission to
photocopy is not required from the publisher.
ISBN-13 978-981-4374-00-2
ISBN-10 981-4374-00-8
Printed in Singapore.
v
Role Mining in Business Downloaded from www.worldscientific.com
by 94.68.243.247 on 01/28/16. For personal use only.
October 27, 2011
10:14
Preface
Role Mining in Business Downloaded from www.worldscientific.com
quests to data and services, and determining whether the requests should
be granted or denied. In recent years significant research has focused on
providing formal representations of access control models. In this context,
role-based access control (RBAC) has become the norm for managing en-
titlements within commercial applications. RBAC simplifies entitlement
management by using roles. A role uniquely identifies a set of permissions,
and users are assigned to appropriate roles based on their responsibilities
and qualifications. When users change their job function, they are assigned
new roles, and old roles are removed from their profile. This results in
users’ entitlements matching their actual job functions. While RBAC is
not a panacea for all ills related to access control, it offers great benefits to
users managers and administrators, especially non-technical people. First,
RBAC helps business users define security policies, since the role concept
can be easily understood by them even without the support of IT staff.
Second, RBAC implements the security engineering principles that sup-
port risk reduction, such as separation of duty (SoD) and least privilege.
Finally, roles minimize system administration effort by reducing the number
of relationships among users and permissions. Indeed, when two or more
users have similar permissions, we can reduce the number of administrative
actions by just grouping those permissions.
Despite the widespread adoption of RBAC-oriented systems, organiza-
tions frequently implement them without due consideration of roles. To
minimize deployment effort or to avoid project scope creep, organizations
often neglect role definition in the initial part of the deployment project.
Very often, organizations do not invest enough time to define roles in de-
tail; rather, they define high-level roles that do not reflect actual business
vii
October 27, 2011 10:14 World Scientific Book - 9in x 6in mining
viii Preface
carry out specific tasks. Bottom-up seeks to identify de facto roles em-
bedded in existing access control information. Since bottom-up approaches
by 94.68.243.247 on 01/28/16. For personal use only.
usually resort to data mining techniques, the term role mining is often
used. In practice, top-down approaches may produce results that conflict
with existing permissions, while bottom-up approaches may not consider
the high-level business structure of an organization. For maximum benefits,
a hybrid of top-down and bottom-up is often the most valid approach.
The bottom-up approach has recently attracted both researchers and
practitioners, since it can be easily automated. Indeed, companies which
plan to deploy RBAC-oriented systems usually find themselves migrating
from several “conventional” access control systems. In this scenario, role
mining uses data mining techniques to generate roles from the access control
information of this collection of legacy and standard systems. Current role
mining approaches, however, must deal with some practical issues:
Preface ix
Algorithm Performance Several works prove that the role mining prob-
lem is reducible to many other problems that are known to be intractable
(i.e., NP-hard), such as clique partition of graphs, binary matrix factor-
ization, bi-clustering, and graph vertex coloring, to name a few. As a
result, many role mining algorithms entail long running times and huge
memory footprints. Moreover, when hundreds of thousands of existing
user-permission assignments need to be analyzed, the number of candidate
roles may be so high that trying to analyze them is often impractical.
Role Mining in Business Downloaded from www.worldscientific.com
Noise Within Data The number of roles elicited by existing role min-
ing approaches is often very large. This is mainly due to “noise” within
by 94.68.243.247 on 01/28/16. For personal use only.
x Preface
Book Content
Preface xi
stable candidate roles, namely roles that likely remains unchanged during
their lifecycle. We introduce a strategy that avoids the generation of un-
stable roles during the application of any role mining algorithm. The dual
problem of selecting assignments related to unstable roles is represented by
the identification of missing assignments: those permissions that, if granted
to certain users, would simplify the mining task. We describe a viable and
effective approach to identify such missing values.
Finally, we confront the question of effectively managing the risk derived
from granting access to resources. We discuss how a divide-and-conquer
approach to role mining actually reduces the risk related to illegal accesses.
In particular, we describe a risk model that assesses the risk related to
Role Mining in Business Downloaded from www.worldscientific.com
permissions that markedly deviate from those “similar” to them. That is,
bringing out users that have a permission-set different from other users with
the same business attributes (i.e., job title, department, cost center, etc.)
since they are likely prone to error when roles are operating. Focusing on
such users and permissions during the role definition process likely mitigates
the risk of unauthorized accesses and role misuse.
xii Preface
This book focuses on recent developments for role mining, by covering the
most relevant facets of existing techniques, as well as showing both antic-
ipated and unanticipated positive effects on the overall cost of managing
roles. To this objective, it couples a tight formalism when exposing the role
mining problem, with both theoretical and experimental results. In partic-
ular, it provides an optimal combination of theory (that can be of relevant
October 27, 2011 10:14 World Scientific Book - 9in x 6in mining
Preface xiii
interest to Academia) and practice (that can be of interest for the Indus-
try). Therefore, IT professionals and researchers can benefit from reading
this book, such as:
• system integrators, who integrate heterogeneous systems for the end user;
• target system developers, who incorporate access control enforcement
by 94.68.243.247 on 01/28/16. For personal use only.
xiv Preface
Contents
Role Mining in Business Downloaded from www.worldscientific.com
by 94.68.243.247 on 01/28/16. For personal use only.
Preface vii
Fundamentals 1
1. Managing Access Rights 3
1.1 Challenges of Controlling Access . . . . . . . . . . . . . . 3
1.2 Access Control Concepts . . . . . . . . . . . . . . . . . . . 5
1.2.1 Policies, Models, and Mechanisms . . . . . . . . . 5
1.2.2 Permissions, Operations, and Objects . . . . . . . 7
1.2.3 Authentication and Authorization . . . . . . . . . 7
1.2.4 User Life-Cycle Management and Provisioning . . 8
1.2.5 Overentitlement and Underentitlement . . . . . . 9
1.3 Access Control Models . . . . . . . . . . . . . . . . . . . . 10
1.3.1 Access Control Lists . . . . . . . . . . . . . . . . . 11
1.3.2 Discretionary Access Control . . . . . . . . . . . . 12
1.3.3 Mandatory Access Control . . . . . . . . . . . . . 13
1.3.4 Attribute-Based Access Control . . . . . . . . . . 13
1.4 Final Remarks . . . . . . . . . . . . . . . . . . . . . . . . 14
xv
October 27, 2011 10:14 World Scientific Book - 9in x 6in mining
xvi Contents
3. Role Engineering 35
3.1 Modeling Roles . . . . . . . . . . . . . . . . . . . . . . . . 35
3.2 Role Engineering Approaches . . . . . . . . . . . . . . . . 38
3.2.1 Top-Down . . . . . . . . . . . . . . . . . . . . . . 38
3.2.2 Bottom-Up . . . . . . . . . . . . . . . . . . . . . . 40
3.3 Parts of a Role Engineering Task . . . . . . . . . . . . . . 42
3.4 Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
3.5 Final Remarks . . . . . . . . . . . . . . . . . . . . . . . . 50
Contents xvii
xviii Contents
Contents xix
198
10.7 Application to a Real Case . . . . . . . . . . . . . . . . . 198
10.7.1 High and Low Values of Minability and Similarity 199
by 94.68.243.247 on 01/28/16. For personal use only.
xx Contents
Bibliography 259
Index 269