A Semantic-Based Semi-Automated Role Mapping Mechanism
Role-based access control (RBAC) has been widely adopted in industrial and government. However, RBAC is only suitable for closed enterprise environment. Role mapping can be a tedious task for the security officers if it is done fully manually. Yet, performing role mapping automatically incur security risks. In this paper, we introduce a semiautomated role mapping process, where promising role mappings are generated automatically and recommended to the security officer(s). The security officers then approve or modify the recommended role mappings. We present a method for automatically generate role mappings based on the similarities of the roles in two role hierarchies. We use an example to illustrate our approach and show its feasibility.