| Description |
1 online resource (xx, 274 pages) : illustrations |
| Contents |
1. Managing access rights. 1.1. Challenges of controlling access. 1.2. Access control concepts. 1.3. Access control models. 1.4. Final remarks -- 2. Role-based access control. 2.1. RBAC basics. 2.2. RBAC standards. 2.3. Advantages of RBAC. 2.4. Obstacles to migrating to RBAC. 2.5. Final remarks -- 3. Role engineering. 3.1. Modeling roles. 3.2. Role engineering approaches. 3.3. Parts of a role engineering task. 3.4. Guidelines. 3.5. Final remarks -- 4. A step-to-step methodology for role mining. 4.1. Role mining steps. 4.2. Understanding access control data. 4.3. Data preparation. 4.4. Role definition. 4.5. Final remarks -- 5. The hidden structure of roles. 5.1. Formalization of the role mining problem. 5.2. Graph-based approach. 5.3. Matrix-based approach. 5.4. Permission-powerset lattice. 5.5. Final remarks -- 6. Enumerating candidate roles. 6.1. Eliciting patterns from access data. 6.2. Minimizing the number of roles. 6.3. Estimating the minimum number of roles. 6.4. Final remarks -- 7. Minimizing the effort of administering RBAC. 7.1. A cost-driven approach to role engineering. 7.2. Problem formalization. 7.3. Finding optimal role-sets. 7.4. Finding sub-optimal role-sets. 7.5. Final remarks -- 8. Measuring the meaning of roles. 8.1. Meaningful roles. 8.2. Modeling business. 8.3. Measuring the meaning of roles. 8.4. Spread indices in action. 8.5. Final remarks -- 9. Visual role mining. 9.1. Role visualization problem. 9.2. Matrix sorting algorithm. 9.3. Visual elicitation of roles. 9.4. A visual approach to role engineering. 9.5. Experimental results. 9.6. Final remarks -- 10. Splitting up the mining task. 10.1. A divide-and-conquer approach. 10.2. Complexity measures. 10.3. Similarity. 10.4. Minability. 10.5. Considerations about minability and similarity. 10.6. Conditioned indices. 10.7. Application to a real case. 10.8. Final remarks -- 11. Stable roles. 11.1. Stable assignments and stable roles. 11.2. Pruning unstable assignments. 11.3. Stability and mining complexity. 11.4. Pruning examples. 11.5. Final remarks -- 12. Imputing missing grants. 12.1. Missing values. 12.2. AB[symbol]A : Adaptive Bicluster-Based Approach. 12.3. Algorithm description. 12.4. Testing AB[symbol]A. 12.5. Final remarks -- 13. The risk of meaningless roles. 13.1. Assessing risky system configurations. 13.2. Risk model. 13.3. Risk metrics. 13.4. Analysis of a real case. 13.5. Final remarks -- 14. Ranking users and permissions. 14.1. Stability. 14.2. Framework description. 14.3. Experimental results. 14.4. Final remarks |
| Summary |
With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) -- a policy-neutral access control model that serves as a bridge between academia and industry -- is probably the most suitable security model for commercial applications. Interestingly, role design determines RBAC's cost. When there are hundreds or thousands of users within an organization, with individual functions and responsibilities to be accurately reflected in terms of a |
| Bibliography |
Includes bibliographical references (pages 259-267) and index |
| Notes |
English |
|
Print version record |
| Subject |
Computers -- Access control.
|
|
Computer security
|
|
Computer networks.
|
|
COMPUTERS -- Database Management -- Data Mining.
|
|
Computer networks
|
|
Computer security
|
|
Computers -- Access control
|
| Form |
Electronic book
|
| Author |
Di Pietro, Roberto (Computer scientist)
|
|
Ocello, Alberto
|
| LC no. |
2011278916 |
| ISBN |
9789814366151 |
|
9814366153 |
|
9814374008 |
|
9789814374002 |
|
1280669632 |
|
9781280669637 |
|
9786613646569 |
|
6613646563 |
|
