Martin Kuhlmann
Gerhard Schimpf
ABSTRACT
In this paper we describe the work devising a new technique for role-finding to implement Role-Based Security Administration. Our results stem from industrial projects, where large-scale customers wanted to migrate to Role-Based Access Control (RBAC) based on already existing access rights patterns in their production IT-systems.
- G. Schimpf, "Security Administration and Control of Corporate-Wide Diverse Systems," in ACM SIGSAC Review, vol. 15(1), 1997. Google Scholar
Digital Library
- "Security Administration Manager (SAM), Release 2.4. Concepts and Facilities," Systor GmbH & Co. KG, Küüln, Germany (1999).Google Scholar
- B. J. Biddle and E. J. Thomas, "Role Theory: Concepts and Research". New York: Robert E. Krieger Publishing Company, 1979.Google Scholar
- D. F. Ferraiolo and R. D. Kuhn, "Role-Based Access Controls," presented at 15th NIST-NCSC National Computer Security Conference, Baltimore, MD, USA, 1992.Google Scholar
- R. Awischus, "Role-Based Access Control with the Security Administration Manager (SAM)", presented at 2nd ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, 1997. Google ScholarDigital Library
- R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman, "Role-based Access Control Models", IEEE Computer, vol. 29(2), 1996. Google ScholarDigital Library
- R. S. Sandhu, V. Bhamidipati, and Q. Munawer, "The ARBAC97 model for role-based administration of roles", ACM Transactions on Information and System Security, Vol. 1 (No.2 Feb.), 1999. Google ScholarDigital Library
- A. Münkeberg and R. Rakete, "Three for One: Role-based Access Control in Rapidly Changing Heterogeneous Environments", presented at 5th ACM Workshop on Role-Based Access Control, Berlin, Germany, 2000. Google ScholarDigital Library
- H. Rückle, G. Schimpf, and R. Weidinger, "Process-Oriented Approach for Role-Finding to Implement Role-Based Security Administration in a Large Industrial Organization", presented at 5th ACM Workshop on Role-Based Access Control, Berlin, Germany, 2000. Google ScholarDigital Library
- R. S. Sandhu, "Engineering Authority and Trust in Cyberspace: The OM-AM and RBAC Way", presented at 5th ACM Workshop on Role-Based Access Control, Berlin, Germany, 2000. Google ScholarDigital Library
- R. S. Sandhu, D. F. Ferraiolo, and R. D. Kuhn, "The NIST Model for Role-Based Access Control: Towards A Unified Standard", presented at 5th ACM Workshop on Role-Based Access Control, Berlin, Germany, 2000. Google ScholarDigital Library
- E. J. Coyne, "Role-Engineering", presented at 1st ACM Workshop on Role-Based Access Control, Gaithersburg, MD, USA, 1995. Google ScholarDigital Library
- E. B. Fernandez and J. C. Hawkins, "Determining Role Rights from Use Cases", presented at 2nd Workshop on Role-Based Access Control, Fairfax, VA, USA, 1997. Google ScholarDigital Library
- A. Kern and M. Kuhlmann, A.Schaad and J. Moffett, "Observations on the Role Life-Cycle in the Context of Enterprise Security Management", presented at SACMAT 2002, Monterey, CA, USA. Google ScholarDigital Library
- D.F. Ferraiolo, "An Argument for Role-Based Access Control", presented at SACMAT 2001, Chantilly, VA, USA. Google ScholarDigital Library
- P.A. Epstein, "Engineering of Role/Permission Assignments" - doctoral dissertation 2002, GMU Fairfax, VA, USA. Google ScholarDigital Library
- T. Jaeger, "On the Increasing Importance of Constraints", presented at 4th ACM Workshop on Role-Based Access Control, Fairfax, VA, USA, 1999. Google ScholarDigital Library
- M. Nyanchama and S. Osborn, "The Role Graph Model and Conflict of Interest", ACM Transactions on Information and System Security, Vol. 2 (No. 1, Febr), 1999. Google ScholarDigital Library
- J. Grabmeyer and A. Rudolph, "Techniques of Cluster Algorithms in Data Mining", IBM Informationssysteme GmbH, December 10, 1998.Google Scholar
- A. Kern, "Advanced Features for Enterprise-Wide Role-based Access Control", 18th Annual Computer Security Applications Conference, Las Vegas, NV, December 2002. Google ScholarDigital Library
- IBM Intelligent Miner for Data, User Manual.Google Scholar
- H. Rückle and G. Schimpf, "Rollen-Engineering im IT-Berechtigungsmanagement" KES Zeitschrift für Kommunikations- und EDV Sicherheit 5/00, 2000.Google Scholar
Index Terms
- Role mining - revealing business roles for security administration using data mining technology
Recommendations
Role mining with ORCA
SACMAT '05: Proceedings of the tenth ACM symposium on Access control models and technologiesWith continuously growing numbers of applications, enterprises face the problem of efficiently managing the assignment of access permissions to their users. On the one hand, security demands a tight regime on permissions; on the other hand, users need ...
Process-oriented approach for role-finding to implement role-based security administration in a large industrial organization
RBAC '00: Proceedings of the fifth ACM workshop on Role-based access controlIn this paper we describe the work in progress with a process-oriented approach for role-finding to implement Role-Based Security Administration. Our results stem from using a recently proposed role model and procedural model at Siemens AG ICN, a large ...
The ARBAC97 model for role-based administration of roles
Special issue on role-based access controlIn role-based access control (RBAC), permissions are associated with roles' and users are made members of roles, thereby acquiring the roles; permissions. RBAC's motivation is to simplify administration of authorizations. An appealing possibility is to ...
Comments