Abstract
AbstractThe administration of access control structures in Enterprise Resource Planning Systems (ERP) is mainly organized by Role Based Access Control. The associated optimization problem is called the Role Mining Problem (RMP), which is known to be NP-complete. The goal is to search for role concepts minimizing the number of roles. Algorithms for this task are presented in literature, but often they cannot be used for role mining in ERP in a straightforward way, as ERP systems have additional conditions and constraints. Some ERP systems require multiple levels of roles. This paper defines new two-level variants of the RMP, examines their relationship and presents three approaches to computing such hierarchical role concepts. One is aiming at optimizing multiple levels of roles simultaneously. The other approaches divide the multi-level role mining problem into separate sub-problems, which are optimized individually. All approaches are based on an evolutionary algorithm for single-level role mining and have been implemented and evaluated in a range of experiments.KeywordsMulti-level Role MiningEvolutionary AlgorithmAccess ControlEnterprise Resource Planning Systems
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call