My Account Log in

4 options

Role mining in business : taming role-based access control administration / Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello.

EBSCOhost Academic eBook Collection (North America) Available online

View online

EBSCOhost Ebook Business Collection Available online

View online

EBSCOhost eBook Community College Collection Available online

View online

Ebook Central Academic Complete Available online

View online
Format:
Book
Author/Creator:
Colantonio, Alessandro.
Contributor:
Di Pietro, Roberto.
Ocello, Alberto.
Language:
English
Subjects (All):
Computer networks--Access control.
Computer networks.
Physical Description:
1 online resource (295 p.)
Edition:
1st ed.
Place of Publication:
Singapore : World Scientific Pub. Co., 2012.
Language Note:
English
Summary:
With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) - a policy-neutral access control model that serves as a bridge between academia and industry - is probably the most suitable security model for commercial applications. Interestingly, role design determines RBAC's cost. When there are hundreds or thousands of users within an organization, with individual functions and responsibilities to be accurately reflected in terms of a
Contents:
Contents; Preface; 4.2 Understanding Access Control Data; 4.3 Data Preparation; 4.4 Role Definition; 4.5 Final Remarks; Fundamentals; 1. Managing Access Rights; 1.1 Challenges of Controlling Access; 1.2 Access Control Concepts; 1.2.1 Policies, Models, and Mechanisms; 1.2.2 Permissions, Operations, and Objects; 1.2.3 Authentication and Authorization; 1.2.4 User Life-Cycle Management and Provisioning; 1.2.5 Overentitlement and Underentitlement; 1.3 Access Control Models; 1.3.1 Access Control Lists; 1.3.2 Discretionary Access Control; 1.3.3 Mandatory Access Control
1.3.4 Attribute-Based Access Control1.4 Final Remarks; 2. Role-Based Access Control; 2.1 RBAC Basics; 2.2 RBAC Standards; 2.2.1 Core RBAC; 2.2.2 Hierarchical RBAC; 2.2.3 Static Separation of Duties (SSD) RBAC; 2.2.4 Dynamic Separation of Duties (DSD) RBAC; 2.3 Advantages of RBAC; 2.3.1 Efficient Policy Maintenance and Certification; 2.3.2 Efficient Provisioning; 2.3.3 Reduction in New Employee Downtime; 2.3.4 Enhanced System Security; 2.3.5 Enhanced Organizational Productivity; 2.4 Obstacles to Migrating to RBAC; 2.4.1 Role Engineering; 2.4.2 Migration Costs
2.4.3 Systems Structure and Interoperability2.4.4 Product Acceptance and Comparison; 2.5 Final Remarks; 3. Role Engineering; 3.1 Modeling Roles; 3.2 Role Engineering Approaches; 3.2.1 Top-Down; 3.2.2 Bottom-Up; 3.3 Parts of a Role Engineering Task; 3.4 Guidelines; 3.5 Final Remarks; 4. A Step-to-Step Methodology for Role Mining; 4.1 Role Mining Steps; 5. The Hidden Structure of Roles; 5.1 Formalization of the Role Mining Problem; 5.2 Graph-Based Approach; 5.2.1 Graph Theory Basics; 5.2.2 Role Mining and Graph-Related Problems; 5.3 Matrix-Based Approach
5.3.1 Role Mining and Binary Matrix Factorization5.3.2 Pseudo-Roles; 5.3.3 Relevance of Maximal Pseudo-Roles; 5.3.4 Fast Computation of Maximal Pseudo-Roles; 5.4 Permission-Powerset Lattice; 5.4.1 Posets, Lattices, Hasse Diagrams, and Graphs; 5.4.2 Mapping Permission Patterns to Roles; 5.4.3 Finding Redundancies; 5.5 Final Remarks; Pattern Identification in Users' Entitlements; 6. Enumerating Candidate Roles; 6.1 Eliciting Patterns From Access Data; 6.1.1 Clustering Techniques; 6.1.1.1 Categorization of Clustering Methods; 6.1.1.2 ORCA: A Hierarchical Clustering for Role Mining
6.1.2 Frequent Itemsets6.1.2.1 Definitions; 6.1.2.2 The Algorithm Apriori; 6.1.2.3 Generating Association Rules; 6.1.2.4 Closed Itemset Mining; 6.1.2.5 CompleteMiner: Enumeration of Closed Permission-Sets; 6.2 Minimizing the Number of Roles; 6.2.1 A Graph Reduction for Role Minimization; 6.2.2 Optimal Boolean Matrix Decomposition; 6.3 Estimating the Minimum Number of Roles; 6.3.1 Martingales and Azuma-Hoe.ding Inequality; 6.3.2 A Concentration Result for Number of Roles; 6.3.3 Applications of the Bound; 6.4 Final Remarks; 7. Minimizing the Effort of Administering RBAC
7.1 A Cost-Driven Approach to Role Engineering
Notes:
Description based upon print version of record.
Includes bibliographical references and index.
ISBN:
9786613646569
9781280669637
1280669632
9789814366151
9814366153
OCLC:
794328384

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account