For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
The Research on the Telecom Customer Churn Based on System Dynamics
p.1003
Microscopic Simulation Modeling of En-Route Diversion Strategies for Commercial Vehicle Operations
p.1008
Research on Kansei Engineering and its Application in Massage Chair Design
p.1014
Communication Software Design of Remote Monitoring System for Motor Excitation Parameters Based on PSTN
p.1018
The Formalization of Least Privilege Mining in RBAC
p.1023
Image Processing of the Hook on the Catenary Based on Machine Vision
p.1028
CNC Remote Monitoring and Fault Diagnosis Based on Multi-Agent Technology
p.1033
A Dynamic Traffic Coordination Control Model of Congestion Based on Synergetics
p.1039
Polyphone Disambiguation Based on Maximum Entropy Model in Mandarin Grapheme-to-Phoneme Conversion
p.1043

The Formalization of Least Privilege Mining in RBAC

Article Preview

Abstract:

Devising a complete and correct set of roles for supporting the least privilege principle has been recognized as one of the most important tasks in implementing RBAC. A key problem is how to find such sets of roles which have the least permissions. However there are too few formalized descriptions and definitions on this problem. In order to provide a material object for researching the least privilege principle, we define the least privilege mining problem (LPMP) and its two variations: δ-approx LPMP and MinNoise LPMP. By showing formalized descriptions, we clarify clearly the methods of discovering least permissions. Correspondingly, we give two simple algorithms to implement the methods.

You might also be interested in these eBooks
Materials Engineering for Advanced Technologies View Preview

Info:

Periodical:

Key Engineering Materials (Volumes 480-481)

Pages:

1023-1027

DOI:

https://doi.org/10.4028/www.scientific.net/KEM.480-481.1023

Citation:

Cite this paper

Online since:

June 2011

Authors:

Li Jun Dong, Xiao Jun Kang, Jun Song, Mao Cai Wang

Keywords:

Access Control (AC), Information Security, Least Privilege, RBAC

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2011 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] American National Standards Institute, Inc.: American National Stnadard for Inormation Technology-Role Based Access Control (ANSI INCITS359-2004), (2004).

Google Scholar

[2] F.B. Schneider. Least privilege and more [computer security]. IEEE Security & Privacy, 2003, 1(5): 55-59.

DOI: 10.1109/msecp.2003.1236236

Google Scholar

[3] Timothy E. Levin, Cynthia E. Irvine and Thuy D. Nguyen. Least Privilege in Separation Kernels. Communications in Computer and Information Science, 2008, 9: 146-157.

DOI: 10.1007/978-3-540-70760-8_12

Google Scholar

[4] Jaideep Vaidya, Vijayalakshmi Atlur, Qi Guo. The role mining problem: finding a minimal descriptive set of roles. Proceedings of the 12th ACM symposium on Access control models and technologies, 2007, pp.175-184.

DOI: 10.1145/1266840.1266870

Google Scholar

[5] R. Simon, and M. Zurko. Separation of duty in role-based environments. In Proceedings of 10th IEEE Computer Security Foundations Workshop, 1997, pp.183-194.

DOI: 10.1109/csfw.1997.596811

Google Scholar

[6] Ravi Sandhu and Venkata Bhamidipati, The ASCAA Principles for Next-Generation Role-Based Access Control. Proc. 3rd International Conference on Availability, Reliability and Security, 2008, pp.532-537.

Google Scholar

[7] Jorg R. Muhlbacher, Christian Praher. DS RBAC-Dynamic Sessions in Role Based Access Control. Journal of Universal Computer Science, 2009, 15(3): 538~554.

Google Scholar

[8] M.A. Habib. Mutual exclusion and role inheritance affecting least privilege in RBAC. 2010 International Conference for Internet Technology and Secured Transactions (ICITST), 2010, pp.1-6.

Google Scholar

[9] Liang Chen and Jason Crampton. Inter-domain role mapping and least privilege. Proceedings of the 12th ACM symposium on Access control models and technologies, 2007, pp.157-162.

DOI: 10.1145/1266840.1266866

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.