Help
Cart
Skip main navigation

Available Issues

April 12, 2013 - April 13, 2026

Available Issues

April 12, 2013 - April 13, 2026

Role Refinement in Access Control: Model and Analysis

Published Online:28 Jul 2014https://doi.org/10.1287/ijoc.2014.0603

References

  • Alon N, Moshkovitz D, Safra S (2006) Algorithmic construction of sets for k-restrictions. ACM Trans. Algorithms 2(2):153–177.CrossrefGoogle Scholar
  • Bai X, Nunez M, Kalagnanam JR (2011) Managing data quality risk in accounting information systems. Inform. Systems Res. 23(2):453–473.LinkGoogle Scholar
  • Bai X, Gopal R, Nunez M, Zhdanov D (2012) On the prevention of fraud and privacy exposure in process information flow. INFORMS J. Comput. 24(3):416–432.LinkGoogle Scholar
  • Basu A, Kumar A (2002) Research commentary: Workflow management issues in e-business. Inform. Systems Res. 13(1):1–14.LinkGoogle Scholar
  • Botha RA, Eloff JHP (2001) Separation of duties for access control enforcement in workflow environments. IBM Systems J. 40(3):666–682.CrossrefGoogle Scholar
  • Chekuri C, Clarkson KL, Har-Peled S (2009) On the set multi-cover problem in geometric settings. Proc. 25th Annual Sympos. Computational Geometry (ACM, New York), 341–350.CrossrefGoogle Scholar
  • Chvatal V (1979) A greedy heuristic for the set-covering problem. Math. Oper. Res. 4(3):233–235.LinkGoogle Scholar
  • Colantonio A, Di Pietro R, Ocello A (2008) A cost-driven approach to role engineering. Proc. 2008 ACM Sympos. Appl. Comput. (ACM, New York), 2129–2136.CrossrefGoogle Scholar
  • Colantonio A, Di Pietro R, Verde NV (2012) A business-driven decomposition methodology for role mining. Comput. Security 31(7):844–855.CrossrefGoogle Scholar
  • Colantonio A, Di Pietro R, Ocello A, Verde NV (2009a) A probabilistic bound on the basic role mining problem and its applications. Proc. 24th IFIP TC 11 Internat. Inform. Security Conf., Cyprus Greece.CrossrefGoogle Scholar
  • Colantonio A, Di Pietro R, Ocello A, Verde NV (2009b) A formal framework to elicit roles with business meaning in RBAC systems. Proc. 14th ACM Sympos. Access Control Models Tech. (ACM, New York), 85–94.CrossrefGoogle Scholar
  • Colantonio A, Di Pietro R, Ocello A, Verde NV (2010) Taming role mining complexity in RBAC. Comput. Security 29(5):548–564.CrossrefGoogle Scholar
  • Colantonio A, Di Pietro R, Ocello A, Verde NV (2011) A new role mining framework to elicit business roles and to mitigate enterprise risk. Decision Support Systems 50(4):715–731.CrossrefGoogle Scholar
  • Coleman K (2008) Separation of duties and IT security. Accessed July 1, 2014, http://www.csoonline.com/article/446017/separation-of-duties-and-it-security.Google Scholar
  • Coyne EJ (1995) Role-engineering. 1st ACM Workshop on Role-Based Access Control (ACM Press, New York), 4.Google Scholar
  • Elliott A, Knight S (2010) Role explosion: Acknowledging the problem. Proc. 2010 Internat. Conf. Software Engrg. Res. Practice, Las Vegas, NV, 349–355.Google Scholar
  • Ene A, Horne W, Milosavljevic N, Rao P, Schreiber R, Tarjan RE (2008) Fast exact and heuristic methods for role minimization problems. Proc. 13th ACM Sympos. Access Control Models Tech. (ACM, New York), 1–10.CrossrefGoogle Scholar
  • Ferraiolo DF, Kuhn DR (1992) Role-based access control. 15th National Comput. Security Conf., Baltimore.Google Scholar
  • Ferraiolo DF, Barkley JF, Kuhn DR (1999) A role-based access control model and reference implementation within a corporate intranet. ACM Trans. Inform. System Security 2(1):34–64.CrossrefGoogle Scholar
  • Ferraiolo DF, Cugini JA, Kuhn DR (1995) Role-based access control (RBAC): Features and motivations. Proc. 11th Annual Comput. Security Appl. Conf., New Orleans, 241–248.Google Scholar
  • Ferraiolo DF, Gilbert DM, Lynch N (1993) An examination of federal and commercial access control policy needs. Proc. 16th NIST-NSA National Comput. Security Conf., Baltimore, 107–116.Google Scholar
  • Ferraiolo DF, Kuhn DR, Chandramouli R (2007) Role-Based Access Control, 2nd ed. (Artech House, Norwood, MA).Google Scholar
  • Ferraiolo DF, Sandhu RS, Gavrila S, Kuhn DR, Chandramouli R (2001) Proposed NIST standard for role-based access control. ACM Trans. Inform. System Security 4(3):224–274.CrossrefGoogle Scholar
  • Frank M, Basin D, Buhmann JM (2008) A class of probabilistic models for role engineering. Proc. 15th ACM Conf. Comput. Comm. Security (ACM, New York), 299–310.CrossrefGoogle Scholar
  • Frank M, Buhmann JM, Basin D (2010) On the definition of role mining. Proc. 15th ACM Sympos. Access Control Models Tech. (ACM, New York), 35–44.CrossrefGoogle Scholar
  • Frank M, Buhman J, Basin D (2013) Role mining with probabilistic models. ACM Trans. Inform. System Security 15(4):Article 15.CrossrefGoogle Scholar
  • Guo Q, Vaidya J, Atluri V (2008) The role hierarchy mining problem: Discovery of optimal role hierarchies. Comput. Security Appl. Conf., 237–246.CrossrefGoogle Scholar
  • Hall NG, Hochbaum DS (1986) A fast approximation algorithm for the multicovering problem. Discrete Appl. Math. 15(1):35–40.CrossrefGoogle Scholar
  • Hall NG, Hochbaum DS (1992) The multicovering problem. Eur. J. Oper. Res. 62(3):323–339.CrossrefGoogle Scholar
  • Har-Peled S, Lee M (2012) Weighted geometric set cover problems revisited. J. Computational Geometry 3(1):65–85.Google Scholar
  • Karp RM (1972) Reducibility among combinatorial problems. Miller RE, Thatcher JW, eds. Complexity Comput. Comput. (Plenum Press, New York), 85–103.CrossrefGoogle Scholar
  • Kuhlmann M, Shohat D, Schimpf G (2003) Role mining–revealing business roles for security administration using data mining technology. Proc. 8th ACM Sympos. Access Control Models Tech. (ACM, New York), 179–186.CrossrefGoogle Scholar
  • Li N, Wang Q (2008) Beyond separation of duty: An algebra for specifying high-level security policies. J. ACM 55(3):Article 12.CrossrefGoogle Scholar
  • Li N, Tripunitara MV, Bizri Z (2007) On mutually exclusive roles and separation-of-duty. ACM Trans. Inform. System Security 10(2):Article 5.CrossrefGoogle Scholar
  • Lu H, Vaidya J, Atluri V (2008) Optimal Boolean matrix decomposition: Application to role engineering. Proc. 2008 IEEE 24th Internat. Conf. Data Engrg. (IEEE Computer Society, Washington, DC), 297–306.CrossrefGoogle Scholar
  • Molloy I, Chen H, Li T, Wang Q, Li N, Bertino E, Calo S, Lobo J (2008) Mining roles with semantic meanings. Proc. 13th ACM Sympos. Access Control Models Tech. (ACM, New York), 21–30.CrossrefGoogle Scholar
  • O'Connor AC, Loomis RJ (2010) Economic Analysis of role-based access control. Accessed July 1, 2014, http://csrc.nist.gov/groups/SNS/rbac/documents/20101219_RBAC2_Final_Report.pdf.Google Scholar
  • Osborn S, Sandhu RS, Munawer Q (2000) Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans. Inform. System Security 3(2):85–106.CrossrefGoogle Scholar
  • Phillips J (2009) How to streamline role-based access control. Accessed July 1, 2014, http://searchfinancialsecurity.techtarget.com/tip/How-to-streamline-role-based-access-control.Google Scholar
  • Raghavan P, Thompson CD (1987) Randomized rounding: A technique for provably good algorithms and algorithmic proofs. Combinatorica 7(4):365–374.CrossrefGoogle Scholar
  • Saltzer JH (1974) Protection and the control of information sharing in multics. Comm. ACM 17(7):388–402.CrossrefGoogle Scholar
  • Sandhu R, Munawer Q (1998) How to do discretionary access control using roles. Proc. Third ACM Workshop Role-Based Access Control (ACM, New York), 47–54.CrossrefGoogle Scholar
  • Sandhu R, Ferraiolo D, Kuhn R (2000) The NIST model for role-based access control: Towards a unified standard. Proc. Fifth ACM Workshop Role-Based Access Control (ACM, New York),47–63.CrossrefGoogle Scholar
  • Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (1996) Role-based access control models. Computer 29(2):38–47.CrossrefGoogle Scholar
  • Saviynt (2012) Information provided via letter from the CEO of Saviynt to the authors, June 4.Google Scholar
  • Schneider FB (2000) Enforceable security policies. ACM Trans. Inform. System Security 3(1):30–50.CrossrefGoogle Scholar
  • Shafiq B, Masood A, Joshi J, Ghafoor A (2005) A role-based access control policy verification framework for real-time systems. Proc. 10th IEEE Internat. Workshop Object-Oriented Real-Time Dependable Systems (IEEE Computer Society, Washington, DC), 13–20.CrossrefGoogle Scholar
  • Takabi H, Joshi JBD (2010) StateMiner: An efficient similarity-based approach for optimal mining of role hierarchy. Proc. 15th ACM Sympos. Access Control Models Tech. (ACM, New York),55–64.CrossrefGoogle Scholar
  • Takabi H, Joshi JBD, Ahn G (2010) Security and privacy challenges in cloud computing environments. Security Privacy, IEEE 8(6):24–31.CrossrefGoogle Scholar
  • Vaidya J, Atluri V, Warner J (2006) RoleMiner: Mining roles using subset enumeration. Proc. 13th ACM Conf. Comput. Comm. Security (ACM, New York), 144–153.CrossrefGoogle Scholar
  • Vaidya J, Atluri V, Guo Q (2007) The role mining problem: Finding a minimal descriptive set of roles. Proc. 12th ACM Sympos. Access Control Models Tech. (ACM, New York), 175–184.CrossrefGoogle Scholar
  • Vaidya J, Atluri V, Guo Q (2010) The role mining problem: A formal perspective. ACM Tran. Inform. System Security 13(3):Article 27.Google Scholar
  • Vaidya J, Atluri V, Guo Q, Adam N (2008) Migrating to optimal RBAC with minimal perturbation. Proc. 13th ACM Sympos. Access Control Models Tech. (ACM, New York), 11–20.CrossrefGoogle Scholar
  • Vazirani VV (2001) Approximation Algorithms (Springer-Verlag, Berlin).Google Scholar
  • Xu Z, Stoller SD (2012) Algorithms for mining meaningful roles. Proc. 17th ACM Sympos. Access Control Models Tech. (ACM, New York), 57–66.CrossrefGoogle Scholar
  • Yang J, Leung JY-T (2005) A generalization of the weighted set covering problem. Naval Res. Logist. 52(2):142–149.CrossrefGoogle Scholar
Previous
Back to Top
Next
INFORMS site uses cookies to store information on your computer. Some are essential to make our site work; Others help us improve the user experience. By using this site, you consent to the placement of these cookies. Please read our Privacy Statement to learn more.
Agree