Authors:
Simon Anderer
1
;
Tobias Kempter
1
;
Bernd Scheuermann
1
and
Sanaz Mostaghim
2
Affiliations:
1
Faculty of Management Science and Engineering, Hochschule Karlsruhe, Moltkestrasse 30, Karlsruhe, Germany
;
2
Institute for Intelligent Cooperating Systems, Otto-von-Guericke Universität, Magdeburg, Germany
Keyword(s):
Role Based Access Control, Dynamic Role Mining Problem, Dynamic Evolutionary Algorithm.
Abstract:
Role Based Access Control is one of the most frequently used concepts for authorization management in today’s business landscapes. The corresponding optimization problem, the so-called Role Mining Problem (RMP), which was shown to be NP-complete, relies in finding a minimal set of roles and a corresponding assignment of those roles to users based on a static user permission assignment. However, as job duties, positions and responsibilities of users in companies constantly change, the corresponding user permission assignment is also subject to changes. Thus, the RMP in its present form has to be extended by dynamically occurring events, representing the changes in business environments. This paper defines the Dynamic Role Mining Problem (DynRMP) and presents the most relevant events from business perspective as well as their algorithmic implications for the RMP. Furthermore, several methods to include those events into the framework of an evolutionary algorithm, which is a suitable so
lution strategy for the RMP, are presented and evaluated in a range of experiments.
(More)