Role mining in business : taming role-based access control administration /

Mostrar otras versiones (1)

With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) -- a policy-neutral access control model that serves as a bridge between acade...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Colantonio, Alessandro
Otros Autores: Di Pietro, Roberto (Computer scientist), Ocello, Alberto
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Singapore : World Scientific, 2012.
Temas:
Computers > Access control.
Computer security.
Computer networks.
Ordinateurs > Accès > Contrôle.
Sécurité informatique.
Réseaux d'ordinateurs.
COMPUTERS > Database Management > Data Mining.
Computer networks
Computer security
Computers > Access control
Acceso en línea:Texto completo
Tabla de Contenidos:
  • 1. Managing access rights. 1.1. Challenges of controlling access. 1.2. Access control concepts. 1.3. Access control models. 1.4. Final remarks
  • 2. Role-based access control. 2.1. RBAC basics. 2.2. RBAC standards. 2.3. Advantages of RBAC. 2.4. Obstacles to migrating to RBAC. 2.5. Final remarks
  • 3. Role engineering. 3.1. Modeling roles. 3.2. Role engineering approaches. 3.3. Parts of a role engineering task. 3.4. Guidelines. 3.5. Final remarks
  • 4. A step-to-step methodology for role mining. 4.1. Role mining steps. 4.2. Understanding access control data. 4.3. Data preparation. 4.4. Role definition. 4.5. Final remarks
  • 5. The hidden structure of roles. 5.1. Formalization of the role mining problem. 5.2. Graph-based approach. 5.3. Matrix-based approach. 5.4. Permission-powerset lattice. 5.5. Final remarks
  • 6. Enumerating candidate roles. 6.1. Eliciting patterns from access data. 6.2. Minimizing the number of roles. 6.3. Estimating the minimum number of roles. 6.4. Final remarks
  • 7. Minimizing the effort of administering RBAC. 7.1. A cost-driven approach to role engineering. 7.2. Problem formalization. 7.3. Finding optimal role-sets. 7.4. Finding sub-optimal role-sets. 7.5. Final remarks
  • 8. Measuring the meaning of roles. 8.1. Meaningful roles. 8.2. Modeling business. 8.3. Measuring the meaning of roles. 8.4. Spread indices in action. 8.5. Final remarks
  • 9. Visual role mining. 9.1. Role visualization problem. 9.2. Matrix sorting algorithm. 9.3. Visual elicitation of roles. 9.4. A visual approach to role engineering. 9.5. Experimental results. 9.6. Final remarks
  • 10. Splitting up the mining task. 10.1. A divide-and-conquer approach. 10.2. Complexity measures. 10.3. Similarity. 10.4. Minability. 10.5. Considerations about minability and similarity. 10.6. Conditioned indices. 10.7. Application to a real case. 10.8. Final remarks
  • 11. Stable roles. 11.1. Stable assignments and stable roles. 11.2. Pruning unstable assignments. 11.3. Stability and mining complexity. 11.4. Pruning examples. 11.5. Final remarks
  • 12. Imputing missing grants. 12.1. Missing values. 12.2. AB[symbol]A : Adaptive Bicluster-Based Approach. 12.3. Algorithm description. 12.4. Testing AB[symbol]A. 12.5. Final remarks
  • 13. The risk of meaningless roles. 13.1. Assessing risky system configurations. 13.2. Risk model. 13.3. Risk metrics. 13.4. Analysis of a real case. 13.5. Final remarks
  • 14. Ranking users and permissions. 14.1. Stability. 14.2. Framework description. 14.3. Experimental results. 14.4. Final remarks.

Ejemplares similares