Abstract
Many of today's access control policies are associated with temporal restrictions. Under temporal role-based access control (TRBAC), roles have an associated temporal component, which allows them to better encapsulate such temporal access control policies. However, given their complexity, TRBAC systems can only be well managed if the set of roles is correctly defined. The process of deriving an optimal set of such roles is known as temporal role mining. In this paper, we formally define the temporal role mining problem (TRMP) in the form of a matrix decomposition problem, by introducing a new operator that multiplies a set with a Boolean value and redefining existing matrix multiplication operations in terms of it. We also define a new metric for temporal role mining, called cumulative overhead of temporal roles and permissions (CO-TRAP), which takes into consideration the administrative effort required for managing the resulting TRBAC system. Since TRMP as well as minimization of CO-TRAP are NP-complete problems, we propose two greedy algorithms based on many-valued concepts. Experimental evaluation on a number of real-world datasets shows that the proposed approach is both efficient and effective.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
