RoleVAT: Visual Assessment of Practical Need for Role Based Access Control

RoleVAT: Visual Assessment of Practical Need for Role Based Access Control

Role based access control (RBAC) is a powerful security administration concept that can simplify permission assignment management. Migration to and maintenance of RBAC requires role engineering, the identification of a set of roles that offer administrative benefit. However, establishing that RBAC i...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Zhang, D., Ramamohanarao, K., Versteeg, S., Rui Zhang
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Access control
Application software
cluster tendency analysis
clustering
Computer security
Conference management
Data engineering
Data mining
Data security
Pattern analysis
Permission
Power engineering and energy
role based access control
role engineering
role mining
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 22
container_issue
container_start_page 13
container_title
container_volume
creator Zhang, D.
Ramamohanarao, K.
Versteeg, S.
Rui Zhang
description Role based access control (RBAC) is a powerful security administration concept that can simplify permission assignment management. Migration to and maintenance of RBAC requires role engineering, the identification of a set of roles that offer administrative benefit. However, establishing that RBAC is desirable in a given enterprise is lacking in current role engineering processes. To help identify the practical need for RBAC, we propose RoleVAT, a Role engineering tool for the Visual Assessment of user and permission Tendencies. User and permission clusters can be visually identified as potential user groups or roles. The benefit and impact of this visual analysis in enterprise environments is discussed and demonstrated through testing on real life as well as synthetic datasets. Our experimental results show the effectiveness of RoleVAT as well as interesting user and role tendencies in real enterprise environments.
doi_str_mv 10.1109/ACSAC.2009.11
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_5380527</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>5380527</ieee_id><sourcerecordid>5380527</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-a75333e0e321315dc011d3dc94adc86ba873a10a0adc9633b7a6b3683941d80a3</originalsourceid><addsrcrecordid>eNotj8tOwzAURC0eEm1hyYqNfyDlXt_YjtmZiKcqQFC6rRzbkYLSBsVhwd9jBKvRGc2MNIydIywRwVza-s3WSwFgMh-wmZBaFQaBDtkcS1GWkoSWR2yGoKgwUugTNk_pAwCN0Thjj69DHzd2fcU3XfpyPbcpxZR2cT_xoeUvo_NT57P_FGPg7TDy3wK_dimj9T5neT3sp3HoT9lx6_oUz_51wd5vb9b1fbF6vnuo7aroUMupcFoSUYRIAgll8IAYKHhTuuAr1bhKk0NwkNEookY71ZCqyJQYKnC0YBd_u12Mcfs5djs3fm8lVZDv0Q_Lrkvi</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>RoleVAT: Visual Assessment of Practical Need for Role Based Access Control</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Zhang, D. ; Ramamohanarao, K. ; Versteeg, S. ; Rui Zhang</creator><creatorcontrib>Zhang, D. ; Ramamohanarao, K. ; Versteeg, S. ; Rui Zhang</creatorcontrib><description>Role based access control (RBAC) is a powerful security administration concept that can simplify permission assignment management. Migration to and maintenance of RBAC requires role engineering, the identification of a set of roles that offer administrative benefit. However, establishing that RBAC is desirable in a given enterprise is lacking in current role engineering processes. To help identify the practical need for RBAC, we propose RoleVAT, a Role engineering tool for the Visual Assessment of user and permission Tendencies. User and permission clusters can be visually identified as potential user groups or roles. The benefit and impact of this visual analysis in enterprise environments is discussed and demonstrated through testing on real life as well as synthetic datasets. Our experimental results show the effectiveness of RoleVAT as well as interesting user and role tendencies in real enterprise environments.</description><identifier>ISSN: 1063-9527</identifier><identifier>ISBN: 1424453275</identifier><identifier>ISBN: 076953919X</identifier><identifier>ISBN: 9780769539195</identifier><identifier>ISBN: 9781424453276</identifier><identifier>EISSN: 2576-9103</identifier><identifier>DOI: 10.1109/ACSAC.2009.11</identifier><language>eng</language><publisher>IEEE</publisher><subject>Access control ; Application software ; cluster tendency analysis ; clustering ; Computer security ; Conference management ; Data engineering ; Data mining ; Data security ; Pattern analysis ; Permission ; Power engineering and energy ; role based access control ; role engineering ; role mining</subject><ispartof>2009 Annual Computer Security Applications Conference, 2009, p.13-22</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/5380527$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2056,27923,54918</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/5380527$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Zhang, D.</creatorcontrib><creatorcontrib>Ramamohanarao, K.</creatorcontrib><creatorcontrib>Versteeg, S.</creatorcontrib><creatorcontrib>Rui Zhang</creatorcontrib><title>RoleVAT: Visual Assessment of Practical Need for Role Based Access Control</title><title>2009 Annual Computer Security Applications Conference</title><addtitle>ACSAC</addtitle><description>Role based access control (RBAC) is a powerful security administration concept that can simplify permission assignment management. Migration to and maintenance of RBAC requires role engineering, the identification of a set of roles that offer administrative benefit. However, establishing that RBAC is desirable in a given enterprise is lacking in current role engineering processes. To help identify the practical need for RBAC, we propose RoleVAT, a Role engineering tool for the Visual Assessment of user and permission Tendencies. User and permission clusters can be visually identified as potential user groups or roles. The benefit and impact of this visual analysis in enterprise environments is discussed and demonstrated through testing on real life as well as synthetic datasets. Our experimental results show the effectiveness of RoleVAT as well as interesting user and role tendencies in real enterprise environments.</description><subject>Access control</subject><subject>Application software</subject><subject>cluster tendency analysis</subject><subject>clustering</subject><subject>Computer security</subject><subject>Conference management</subject><subject>Data engineering</subject><subject>Data mining</subject><subject>Data security</subject><subject>Pattern analysis</subject><subject>Permission</subject><subject>Power engineering and energy</subject><subject>role based access control</subject><subject>role engineering</subject><subject>role mining</subject><issn>1063-9527</issn><issn>2576-9103</issn><isbn>1424453275</isbn><isbn>076953919X</isbn><isbn>9780769539195</isbn><isbn>9781424453276</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2009</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotj8tOwzAURC0eEm1hyYqNfyDlXt_YjtmZiKcqQFC6rRzbkYLSBsVhwd9jBKvRGc2MNIydIywRwVza-s3WSwFgMh-wmZBaFQaBDtkcS1GWkoSWR2yGoKgwUugTNk_pAwCN0Thjj69DHzd2fcU3XfpyPbcpxZR2cT_xoeUvo_NT57P_FGPg7TDy3wK_dimj9T5neT3sp3HoT9lx6_oUz_51wd5vb9b1fbF6vnuo7aroUMupcFoSUYRIAgll8IAYKHhTuuAr1bhKk0NwkNEookY71ZCqyJQYKnC0YBd_u12Mcfs5djs3fm8lVZDv0Q_Lrkvi</recordid><startdate>200912</startdate><enddate>200912</enddate><creator>Zhang, D.</creator><creator>Ramamohanarao, K.</creator><creator>Versteeg, S.</creator><creator>Rui Zhang</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>200912</creationdate><title>RoleVAT: Visual Assessment of Practical Need for Role Based Access Control</title><author>Zhang, D. ; Ramamohanarao, K. ; Versteeg, S. ; Rui Zhang</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-a75333e0e321315dc011d3dc94adc86ba873a10a0adc9633b7a6b3683941d80a3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2009</creationdate><topic>Access control</topic><topic>Application software</topic><topic>cluster tendency analysis</topic><topic>clustering</topic><topic>Computer security</topic><topic>Conference management</topic><topic>Data engineering</topic><topic>Data mining</topic><topic>Data security</topic><topic>Pattern analysis</topic><topic>Permission</topic><topic>Power engineering and energy</topic><topic>role based access control</topic><topic>role engineering</topic><topic>role mining</topic><toplevel>online_resources</toplevel><creatorcontrib>Zhang, D.</creatorcontrib><creatorcontrib>Ramamohanarao, K.</creatorcontrib><creatorcontrib>Versteeg, S.</creatorcontrib><creatorcontrib>Rui Zhang</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Zhang, D.</au><au>Ramamohanarao, K.</au><au>Versteeg, S.</au><au>Rui Zhang</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>RoleVAT: Visual Assessment of Practical Need for Role Based Access Control</atitle><btitle>2009 Annual Computer Security Applications Conference</btitle><stitle>ACSAC</stitle><date>2009-12</date><risdate>2009</risdate><spage>13</spage><epage>22</epage><pages>13-22</pages><issn>1063-9527</issn><eissn>2576-9103</eissn><isbn>1424453275</isbn><isbn>076953919X</isbn><isbn>9780769539195</isbn><isbn>9781424453276</isbn><abstract>Role based access control (RBAC) is a powerful security administration concept that can simplify permission assignment management. Migration to and maintenance of RBAC requires role engineering, the identification of a set of roles that offer administrative benefit. However, establishing that RBAC is desirable in a given enterprise is lacking in current role engineering processes. To help identify the practical need for RBAC, we propose RoleVAT, a Role engineering tool for the Visual Assessment of user and permission Tendencies. User and permission clusters can be visually identified as potential user groups or roles. The benefit and impact of this visual analysis in enterprise environments is discussed and demonstrated through testing on real life as well as synthetic datasets. Our experimental results show the effectiveness of RoleVAT as well as interesting user and role tendencies in real enterprise environments.</abstract><pub>IEEE</pub><doi>10.1109/ACSAC.2009.11</doi><tpages>10</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1063-9527
ispartof 2009 Annual Computer Security Applications Conference, 2009, p.13-22
issn 1063-9527
2576-9103
language eng
recordid cdi_ieee_primary_5380527
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Access control
Application software
cluster tendency analysis
clustering
Computer security
Conference management
Data engineering
Data mining
Data security
Pattern analysis
Permission
Power engineering and energy
role based access control
role engineering
role mining
title RoleVAT: Visual Assessment of Practical Need for Role Based Access Control
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-14T03%3A24%3A09IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=RoleVAT:%20Visual%20Assessment%20of%20Practical%20Need%20for%20Role%20Based%20Access%20Control&rft.btitle=2009%20Annual%20Computer%20Security%20Applications%20Conference&rft.au=Zhang,%20D.&rft.date=2009-12&rft.spage=13&rft.epage=22&rft.pages=13-22&rft.issn=1063-9527&rft.eissn=2576-9103&rft.isbn=1424453275&rft.isbn_list=076953919X&rft.isbn_list=9780769539195&rft.isbn_list=9781424453276&rft_id=info:doi/10.1109/ACSAC.2009.11&rft_dat=%3Cieee_6IE%3E5380527%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=5380527&rfr_iscdi=true