Authors:
Simon Anderer
1
;
Nicolas Justen
1
;
Bernd Scheuermann
2
and
Sanaz Mostaghim
3
Affiliations:
1
SIVIS GmbH, Grünhutstrasse 6, 76187 Karlsruhe, Germany
;
2
Karlsruhe University of Applied Sciences, Karlsruhe, Germany
;
3
Otto-von-Guericke Universität Magdeburg, Magdeburg, Germany
Keyword(s):
Dynamic Role Mining, User Interaction, Evolutionary Algorithms.
Abstract:
To protect the security of corporate IT systems against erroneous or fraudulent behavior of employees, Role Based Access Control has proven to be an effective concept. The corresponding NP-complete Role Mining Problem aims at finding a minimal set of roles and an assignment of roles to users. A valuable source of additional information, which is not yet included in current role mining algorithms, is expert knowledge. Users of role mining software should be enabled to monitor the role mining process and interactively transfer their knowledge to the system, for example by suggesting good or deleting bad roles. This leads to dynamically occurring interaction events, which must be included into the optimization process preferably in real-time, since these have the potential to accelerate the optimization process or improve the solution quality. This paper introduces to interactive role mining. For this purpose, the hitherto static RMP is considered as dynamic optimization problem. Since
evolutionary algorithms have shown to be a promising solution approach, it is shown how events emerging from user interaction can be integrated. The integration of different interaction events into the evolutionary algorithm and their impact on the optimization process are then evaluated in a range of experiments.
(More)