A Semantic-Based Semi-Automated Role Mapping Mechanism

Lijuan Diao, Wei She, I-Ling Yen, Junzhong Gu
Role-based access control, role mapping, concept extraction, role similarity

Role-based access control (RBAC) has been widely adopted in industrial and government. However, RBAC is only suitable for closed enterprise environment. Role mapping can be a tedious task for the security officers if it is done fully manually. Yet, performing role mapping automatically incur security risks. In this paper, we introduce a semiautomated role mapping process, where promising role mappings are generated automatically and recommended to the security officer(s). The security officers then approve or modify the recommended role mappings. We present a method for automatically generate role mappings based on the similarities of the roles in two role hierarchies. We use an example to illustrate our approach and show its feasibility.

Publish Date: 
Saturday, June 1, 2013
International Conference on Software Engineering and Knowledge Engineering, Boston, June 2013