Mining Two-Level Role Concepts Using Evolutionary Algorithms

Mining Two-Level Role Concepts Using Evolutionary Algorithms

연구 분야: Databases

학회: SN Computer Science

The administration of access control structures in IT-systems is mainly organized with role concepts. The initiation and management of such role concepts requires a lot of time and effort from security administrators and consultants. Hence, automated solutions bear a huge potential to make this process more efficient. Algorithms for this task are presented in literature but, in most cases, cannot be implemented for role mining in practice in a straightforward way, since IT-systems used by companies and organizations have some additional conditions and constraints that require the customization of existing algorithms. In this paper, the focus is mainly on access control in Enterprise Resource Planning (ERP) systems, where two-level role concepts are required. For this, the associated optimization problems, the Basic Two-level Role Mining Problem and the Constrained Two-level Role Mining Problem, are introduced. Additionally, a new set of synthetically generated benchmark instances for two-level role mining, the 2LEVEL_x-benchmark, as well as two instances derived from real-world role mining scenarios, the RW_x-benchmark, are described. Furthermore, three approaches to tackle the described two-level role mining problems, based on different applications or modification of an existing algorithm for single-level role mining, are introduced and evaluated in a range of experiments.