Spring 2009

Abstract:

Role based access control is well accepted as the standard best practice for access control within applications and organizations. Role engineering, the task of defining roles and associating permissions to them, is essential to realize the full benefits of the role-based access control paradigm. The essential question is how to devise a complete and correct set of roles -- this depends on how you define goodness/interestingness (when is a role good/interesting?) We define the role mining problem (RMP) as the problem of discovering an optimal set of roles from existing user permissions. In addition to the above basic RMP, we introduce two different variations of the RMP, called the delta-approx RMP and the Minimal Noise RMP that have pragmatic implications. Our main contribution is to formally define RMP, analyze its theoretical bounds, and present heuristic solutions to find the optimal set of roles based on subset enumeration. We place this in the framework of matrix decomposition which is applicable to many other domains including text mining.

Biography

Dr. Jaideep Vaidya is an Assistant Professor at Rutgers University. He received his Masters and Ph.D. at Purdue University and his Bachelors degree at the University of Mumbai. His research interests are in Data Mining, Privacy, Security, and Information Sharing. He has published over 40 papers in international conferences and archival journals, and has received two best paper awards from the premier conferences in data mining and databases. He is also the recipient of a NSF Career Award and is a member of the ACM, and the IEEE Computer Society.

Homepage:

http://cimic.rutgers.edu/~jsvaidya/