Role Mining In Business

Role Mining In Business: Taming Role-based Access Control Administration

Author : Roberto Di Pietro

Publisher : World Scientific

Page : 295 pages

File Size : 24,1 MB

Release : 2012-02-20

Category : Computers

ISBN : 9814458104

Get eBook

Book Description

With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) — a policy-neutral access control model that serves as a bridge between academia and industry — is probably the most suitable security model for commercial applications.Interestingly, role design determines RBAC's cost. When there are hundreds or thousands of users within an organization, with individual functions and responsibilities to be accurately reflected in terms of access permissions, only a well-defined role engineering process allows for significant savings of time and money while protecting data and systems.Among role engineering approaches, searching through access control systems to find de facto roles embedded in existing permissions is attracting increasing interest. The focus falls on role mining, which is applied data mining techniques to automate — to the extent possible — the role design task.This book explores existing role mining algorithms and offers insights into the automated role design approaches proposed in the literature. Alongside theory, this book acts as a practical guide for using role mining tools when implementing RBAC. Besides a comprehensive survey of role mining techniques deeply rooted in academic research, this book also provides a summary of the role-based approach, access control concepts and describes a typical role engineering process.Among the pioneering works on role mining, this book blends business elements with data mining theory, and thus further extends the applications of role mining into business practice. This makes it a useful guide for all academics, IT and business professionals.



Role Mining in Business

Author : Alessandro Colantonio

Publisher : World Scientific

Page : 295 pages

File Size : 41,79 MB

Release : 2012

Category : Computers

ISBN : 9814374008

Get eBook

Book Description

With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) a policy-neutral access control model that serves as a bridge between academia and industry is probably the most suitable security model for commercial applications. Interestingly, role design determines RBAC's cost. When there are hundreds or thousands of users within an organization, with individual functions and responsibilities to be accurately reflected in terms of access permissions, only a well-defined role engineering process allows for significant savings of time and money while protecting data and systems. Among role engineering approaches, searching through access control systems to find de facto roles embedded in existing permissions is attracting increasing interest. The focus falls on role mining, which is applied data mining techniques to automate to the extent possible the role design task. This book explores existing role mining algorithms and offers insights into the automated role design approaches proposed in the literature. Alongside theory, this book acts as a practical guide for using role mining tools when implementing RBAC. Beside a comprehensive survey of role mining techniques deeply rooted in academic research, this book also provides a summary of the role-based approach, access control concepts and describes a typical role engineering process. Among the pioneering works on role mining, this book blends business elements with data mining theory, and thus further extends the applications of role mining into business practice. This makes it a useful guide for all academics, IT and business professionals.



Architectural Alignment of Access Control Requirements Extracted from Business Processes

Author : Pilipchuk, Roman

Publisher : KIT Scientific Publishing

Page : 366 pages

File Size : 31,9 MB

Release : 2023-01-27

Category : Computers

ISBN : 3731512122

Get eBook

Book Description

Business processes and information systems evolve constantly and affect each other in non-trivial ways. Aligning security requirements between both is a challenging task. This work presents an automated approach to extract access control requirements from business processes with the purpose of transforming them into a) access permissions for role-based access control and b) architectural data flow constraints to identify violations of access control in enterprise application architectures.



A Formal Approach to the Role Mining Problem

Author : Qi Guo

Publisher :

Page : 203 pages

File Size : 27,28 MB

Release : 2010

Category : Computer networks

ISBN :

Get eBook

Book Description

Role-based access control (RBAC) has become the norm for enforcing security since it has been successfully implemented in various commercial systems. Roles, which are nothing but sets of permissions when semantics are unavailable, represent organizational agents that perform certain job functions within the organization. Role engineering, the process of defining a set of roles and associate permissions to them, is essential before all the benefits of RBAC can be realized. There are two basic approaches towards role engineering: top-down and bottom-up. The key problem with the top-down approach is that it is likely to ignore the existing permissions. In addition, the top-down approach calls for a good understanding among various authorities from different disciplines, which makes role engineering tedious, time consuming and very difficult to implement. In contrast, the bottom-up approach automates the role engineering process especially when business semantics are not available. Also, it starts from the existing permissions and aggregates them into roles. Therefore, role engineering by the bottom-up approach is also referred to as role mining. A number of approaches exist for role mining and majority of them employ clustering techniques or their variants to discover roles. An inherent problem with these approaches is that there is no formal notion of goodness/ interestingness of a role. They present heuristic ways to find a set of candidate roles. While offering justifications for the identified roles, there is no integrative view of the entire set of roles. For insightful bottom-up analysis, we need to define interestingness metrics for roles. The objective of this dissertation research is to formally define a list of role mining problems and find the solutions to solve them.



Security and Privacy - Silver Linings in the Cloud

Author : Kai Rannenberg

Publisher : Springer Science & Business Media

Page : 329 pages

File Size : 40,69 MB

Release : 2010-09-02

Category : Computers

ISBN : 3642152562

Get eBook

Book Description

These proceedings contain the papers of IFIP/SEC 2010. It was a special honour and privilege to chair the Program Committee and prepare the proceedings for this conf- ence, which is the 25th in a series of well-established international conferences on security and privacy organized annually by Technical Committee 11 (TC-11) of IFIP. Moreover, in 2010 it is part of the IFIP World Computer Congress 2010 celebrating both the Golden Jubilee of IFIP (founded in 1960) and the Silver Jubilee of the SEC conference in the exciting city of Brisbane, Australia, during September 20–23. The call for papers went out with the challenging motto of “Security & Privacy Silver Linings in the Cloud” building a bridge between the long standing issues of security and privacy and the most recent developments in information and commu- cation technology. It attracted 102 submissions. All of them were evaluated on the basis of their significance, novelty, and technical quality by at least five member of the Program Committee. The Program Committee meeting was held electronically over a period of a week. Of the papers submitted, 25 were selected for presentation at the conference; the acceptance rate was therefore as low as 24. 5% making SEC 2010 a highly competitive forum. One of those 25 submissions could unfortunately not be included in the proceedings, as none of its authors registered in time to present the paper at the conference.





From Database to Cyber Security

Author : Pierangela Samarati

Publisher : Springer

Page : 498 pages

File Size : 43,52 MB

Release : 2018-11-30

Category : Computers

ISBN : 3030048349

Get eBook

Book Description

This Festschrift is in honor of Sushil Jajodia, Professor in the George Mason University, USA, on the occasion of his 70th birthday. This book contains papers written in honor of Sushil Jajodia, of his vision and his achievements. Sushil has sustained a highly active research agenda spanning several important areas in computer security and privacy, and established himself as a leader in the security research community through unique scholarship and service. He has extraordinarily impacted the scientific and academic community, opening and pioneering new directions of research, and significantly influencing the research and development of security solutions worldwide. Also, his excellent record of research funding shows his commitment to sponsored research and the practical impact of his work. The research areas presented in this Festschrift include membrane computing, spiking neural networks, phylogenetic networks, ant colonies optimization, work bench for bio-computing, reaction systems, entropy of computation, rewriting systems, and insertion-deletion systems.



Methodology for Hybrid Role Development

Author : Ludwig Fuchs

Publisher : BoD – Books on Demand

Page : 274 pages

File Size : 17,20 MB

Release : 2010

Category : Business & Economics

ISBN : 3899369785

Get eBook

Book Description

"Cybercrime costs firms USD 1 trillion globally" - Headlines like this released by Reuters news agency on 29th January 2009 tend to regularly dominate international press lately. Surveys indicate that insiders like employees are one of the biggest threats to data security within organisations. As a result of improper account management users accumulate a number of excessive rights over time, resulting in the so called identity chaos. In the course of constantly growing IT infrastructures on the one hand, as well as the legislative regulations and law on the other hand, role-based Identity Management in particular has become a means of solving the identity chaos and meeting data security requirements. However, the central challenge organisations face in this context is how to construct a role catalogue for their Identity Management infrastructure. Some companies deal with this issue by applying predominantly manual procedures based on organisational and operational structures. These approaches are known as Role Engineering methodologies. Throughout the last few years, so-called Role Mining methodologies which use Data Mining techniques that cluster existing access rights of employees have evolved as alternative approaches. Recent findings show that a combination of Role Engineering and Role Mining is necessary to define a good collection of roles. This book gives insight into a hybrid tool-supported methodology for cleansing identity and account data and developing business roles for employees using Role Engineering and Role Mining techniques. Its main goals are to increase the overall user management data quality and support companies throughout a semi-automated process of defining roles. The methodology considers existing employee information and access privileges without neglecting organisational structures and business experts' knowledge about the organisation.



Web Data Mining and Applications in Business Intelligence and Counter-Terrorism

Author : Bhavani Thuraisingham

Publisher : CRC Press

Page : 542 pages

File Size : 35,62 MB

Release : 2003-06-26

Category : Business & Economics

ISBN : 0203499514

Get eBook

Book Description

The explosion of Web-based data has created a demand among executives and technologists for methods to identify, gather, analyze, and utilize data that may be of value to corporations and organizations. The emergence of data mining, and the larger field of Web mining, has businesses lost within a confusing maze of mechanisms and strategies for obta



Identity Attack Vectors

Author : Morey J. Haber

Publisher : Apress

Page : 205 pages

File Size : 39,36 MB

Release : 2019-12-17

Category : Computers

ISBN : 1484251652

Get eBook

Book Description

Discover how poor identity and privilege management can be leveraged to compromise accounts and credentials within an organization. Learn how role-based identity assignments, entitlements, and auditing strategies can be implemented to mitigate the threats leveraging accounts and identities and how to manage compliance for regulatory initiatives. As a solution, Identity Access Management (IAM) has emerged as the cornerstone of enterprise security. Managing accounts, credentials, roles, certification, and attestation reporting for all resources is now a security and compliance mandate. When identity theft and poor identity management is leveraged as an attack vector, risk and vulnerabilities increase exponentially. As cyber attacks continue to increase in volume and sophistication, it is not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities, to conduct their malicious activities through privileged attacks and asset vulnerabilities. Identity Attack Vectors details the risks associated with poor identity management practices, the techniques that threat actors and insiders leverage, and the operational best practices that organizations should adopt to protect against identity theft and account compromises, and to develop an effective identity governance program. What You Will Learn Understand the concepts behind an identity and how their associated credentials and accounts can be leveraged as an attack vector Implement an effective Identity Access Management (IAM) program to manage identities and roles, and provide certification for regulatory compliance See where identity management controls play a part of the cyber kill chain and how privileges should be managed as a potential weak link Build upon industry standards to integrate key identity management technologies into a corporate ecosystem Plan for a successful deployment, implementation scope, measurable risk reduction, auditing and discovery, regulatory reporting, and oversight based on real-world strategies to prevent identity attack vectors Who This Book Is For Management and implementers in IT operations, security, and auditing looking to understand and implement an identity access management program and manage privileges in these environments