Using classification for role-based access control management

Abstract

Access control is based on the specification of rights to resources. Role-based access control (RBAC) has emerged as one of the most robust security models which significantly simplifies administrative overheads. Despite all the compelling benefits that RBAC offers, it still lacks the ability to handle dynamic environment aspect and handling any unforeseen situations. Manual intervention becomes necessary when a user who is not previously defined in the system requests an access. For a system administrator, it becomes challenging to decide whether a submitted request should be honoured or not and how a new user can be added to the existing system in a secure manner. These issues have significantly increased the demand for new access control solutions that provide flexible, yet secure access. In this paper, we present an approach to facilitate automatic enforcement of access control policies when a new user is added to an existing access control system. Our approach is based on classification method. To evaluate the effectiveness of our approach we performed extensive experiments on both real and synthetic datasets. We compare the performance of our approach to another well-known approach that was proposed earlier to handle a similar problem. Experimental results show that our approach performs very well. Moreover, we have found that our approach is relatively easier to implement.