Volume 7 Number 2 (Feb. 2012)
Home > Archive > 2012 > Volume 7 Number 2 (Feb. 2012) >
JSW 2012 Vol.7(2): 398-407 ISSN: 1796-217X
doi: 10.4304/jsw.7.2.398-407

How to Find a Rigorous Set of Roles for Application of RBAC

Lijun Dong, Xiaojun Kang, and Maocai Wang
School of Computer, China University of Geosciences, Wuhan, P.R. China

Abstract—Role-based access control (RBAC) has been adopted successfully by a variety of security system by reducing the complexity of the management of access control. The least privilege principle is a very important constraint policy of RBAC. Devising a complete and correct set of roles for supporting the least privilege principle has been recognized as one of the most important tasks in implementing RBAC. A key problem is how to find such sets of roles which have the least permissions. In fact, when the number of role-permission assignments is large, it is almost impossible to find a rigorous set of roles which has the completely same set of permissions required by a user. To address this problem, we research the problem how to find such the rigorous combinations obeying the principle of least permissions. By bringing forward the concept of the least privilege mining problem, we describe the methods to resolve the problem and some instances of its applications, too. Moreover, the corresponding algorithms are displayed. Specially, by analyzing the complexity of least privilege mining problem, the method based on evolutionary algorithm is shown appreciate. Correspondingly, the experiments are accomplished to prove our opinions. Finally, the paper is concluded and some future work is posed.

Index Terms—information security, role-based access control, least privilege, evolutionary algorithm

[PDF]

Cite: Lijun Dong, Xiaojun Kang, Maocai Wang, "How to Find a Rigorous Set of Roles for Application of RBAC," Journal of Software vol. 7, no. 2, pp. 398-407, 2012.

General Information

ISSN: 1796-217X (Online)
Frequency: Monthly (2006-2019); Bimonthly (Since 2020)
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, Google Scholar, ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsw@iap.org
  • Dec 06, 2019 News!

    Vol 14, No 1- Vol 14, No 4 has been indexed by EI (Inspec)   [Click]

  • Jun 22, 2020 News!

    Papers published in JSW Vol 14, No 1- Vol 15 No 4 have been indexed by DBLP     [Click]

  • Jun 22, 2020 News!

    The papers published in Vol 15, No 5 have all received dois from Crossref    [Click]

  • Aug 01, 2018 News!

    [CFP] 2020 the annual meeting of JSW Editorial Board, ICCSM 2020, will be held in Rome, Italy, July 17-19, 2020   [Click]

  • Jun 22, 2020 News!

    Vol 15, No 5 has been published with online version     [Click]