research-article

RMPlib: A Library of Benchmarks for the Role Mining Problem

Authors:

Bernd Scheuermann,

Sanaz Mostaghim,

Patrick Bauerle,

Matthias BeilAuthors Info & Claims

SACMAT '21: Proceedings of the 26th ACM Symposium on Access Control Models and Technologies

Pages 3 - 13

https://doi.org/10.1145/3450569.3463566

Published: 11 June 2021 Publication History

Abstract

Role Based Access Control is a widely spread concept in cyber security. Thus, the (NP-complete) Role Mining Problem (RMP), which consists of finding an optimal set of roles and a corresponding assignment of those roles to users, is of great scientific interest. Over the last years, different algorithms have been developed to search for good solutions to the RMP. However, conclusive benchmarks for thorough comparison of the developed methods are rarely known. This paper introduces to RMPlib, a library for the Role Mining Problem, containing a set of new industry-oriented benchmark instances partly taken from real-world use cases, partly created synthetically. Access to RMPlib is provided through a platform where researchers can actively contribute new benchmark instances and best solutions, such that the library adapts to the changing requirements in science. The current version of RMPlib can be found at https://github.com/RMPlib/RMPlib.

References

[1]

Simon Anderer, Daniel Kreppein, Bernd Scheuermann, and Sanaz Mostaghim. 2020. The addRole-EA: A New Evolutionary Algorithm for the Role Mining Problem. In Proceedings of the 12th International Joint Conference on Computational Intelligence, IJCCI 2020, Budapest, Hungary, November 2--4, 2020, Juan Julián Merelo Guervós, Jonathan M. Garibaldi, Christian Wagner, Thomas Back, Kurosh Madani, and Kevin Warwick (Eds.). SCITEPRESS, 155--166. https://doi.org/10.5220/0010025401550166

[2]

Elisa Bertino, Piero Andrea Bonatti, and Elena Ferrari. 2000. TRBAC: A Temporal Role-Based Access Control Model. In Proceedings of the Fifth ACM Workshop on Role-Based Access Control (Berlin, Germany) (RBAC '00). Association for Computing Machinery, New York, NY, USA, 21--30. https://doi.org/10.1145/344287.344298

Digital Library

[3]

Alessandro Colantonio, Roberto Di Pietro, and Alberto Ocello. 2008. A cost-driven approach to role engineering. In Proceedings of the 2008 ACM symposium on Applied computing - SAC '08, Roger L. Wainwright and Hisham M. Haddad (Eds.). ACM Press, New York, New York, USA, 2129--2136. https://doi.org/10.1145/1363686.1364198

Digital Library

[4]

Alina Ene, William Horne, Nikola Milosavljevic, Prasad Rao, Robert Schreiber, and Robert E. Tarjan. 2008. Fast exact and heuristic methods for role minimization problems. In Proceedings of the 13th ACM symposium on Access control models and technologies - SACMAT '08, Indrakshi Ray and Ninghui Li (Eds.). ACM Press, New York, New York, USA, 1--10. https://doi.org/10.1145/1377836.1377838

Digital Library

[5]

Michael Gallaher, Alan O'Connor, Brian Kropp, and Gregory Tassey. 2002. The economic impact of role-based access control. Technical Report. National Institute of Standards and Technology (NIST).

[6]

Hejiao Huang, Feng Shang, Jinling Liu, and Hongwei Du. 2015. Handling least privilege problem and role mining in RBAC. Journal of Combinatorial Optimization, Vol. 30, 1 (2015), 63--86. https://doi.org/10.1007/s10878-013--9633--9

Digital Library

[7]

Martin Kuhlmann, Dalia Shohat, and Gerhard Schimpf. 2003. Role mining - revealing business roles for security administration using data mining technology. In Proceedings of the eighth ACM symposium on Access control models and technologies - SACMAT '03, Elena Ferrari and David Ferraiolo (Eds.). ACM Press, New York, New York, USA, 179--186. https://doi.org/10.1145/775412.775435

Digital Library

[8]

Ninghui Li, Mahesh V. Tripunitara, and Ziad Bizri. 2007. On Mutually Exclusive Roles and Separation-of-Duty. ACM Trans. Inf. Syst. Secur., Vol. 10, 2 (May 2007), 5--es. https://doi.org/10.1145/1237500.1237501

Digital Library

[9]

Haibing Lu, Jaideep Vaidya, and Vijayalakshmi Atluri. 2014. An optimization framework for role mining. Journal of Computer Security, Vol. 22, 1 (2014), 1--31. https://doi.org/10.3233/JCS-130484

[10]

Barsha Mitra, Shamik Sural, Jaideep Vaidya, and Vijayalakshmi Atluri. 2016. A Survey of Role Mining. Comput. Surveys, Vol. 48, 4 (2016), 1--37. https://doi.org/10.1145/2871148

Digital Library

[11]

Ian Molloy, Hong Chen, Tiancheng Li, Qihua Wang, Ninghui Li, Elisa Bertino, Seraphin Calo, and Jorge Lobo. 2008. Mining roles with semantic meanings. In Proceedings of the 13th ACM symposium on Access control models and technologies - SACMAT '08, Indrakshi Ray and Ninghui Li (Eds.). ACM Press, New York, New York, USA, 21--30. https://doi.org/10.1145/1377836.1377840

Digital Library

[12]

Ian Molloy, Ninghui Li, Tiancheng Li, Ziqing Mao, Qihua Wang, and Jorge Lobo. 2009. Evaluating role mining algorithms. In Proceedings of the 14th ACM symposium on Access control models and technologies - SACMAT '09, Barbara Carminati and James Joshi (Eds.). ACM Press, New York, New York, USA, 95--104. https://doi.org/10.1145/1542207.1542224

Digital Library

[13]

Igor Saenko and Igor Kotenko. 2011. Genetic Algorithms for Role Mining Problem. In 2011 19th International Euromicro Conference on Parallel, Distributed and Network-Based Processing. IEEE, 646--650. https://doi.org/10.1109/PDP.2011.63

Digital Library

[14]

Igor Saenko and Igor Kotenko. 2016. Using Genetic Algorithms for Design and Reconfiguration of RBAC Schemes. In Proceedings of the 1st International Workshop on AI for Privacy and Security - PrAISe '16, Unknown (Ed.). ACM Press, New York, New York, USA, 1--9. https://doi.org/10.1145/2970030.2970033

Digital Library

[15]

Igor Saenko and Igor Kotenko. 2018. Genetic Algorithms for Solving Problems of Access Control Design and Reconfiguration in Computer Networks. ACM Transactions on Internet Technology, Vol. 18, 3 (2018), 1--21. https://doi.org/10.1145/3093898

Digital Library

[16]

R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. 1996. Role-based access control models. Computer, Vol. 29, 2 (1996), 38--47. https://doi.org/10.1109/2.485845

Digital Library

[17]

Prasuna Sarana, Arindam Roy, Shamik Sural, Jaideep Vaidya, and Vijayalakshmi Atluri. 2015. Role Mining in the Presence of Separation of Duty Constraints. In Proceedings of the 11th International Conference on Information Systems Security - Volume 9478 (Kolkata, India) (ICISS 2015). Springer-Verlag, Berlin, Heidelberg, 98--117. https://doi.org/10.1007/978--3--319--26961-0_7

Digital Library

[18]

Jürgen Schlegelmilch and Ulrike Steffens. 2005. Role mining with ORCA. In Proceedings of the tenth ACM symposium on Access control models and technologies - SACMAT '05, Elena Ferrari and Gail-Joon Ahn (Eds.). ACM Press, New York, New York, USA, 168--176. https://doi.org/10.1145/1063979.1064008

Digital Library

[19]

Jaideep Vaidya, Vijayalakshmi Atluri, and Qi Guo. 2007. The role mining problem. In Proceedings of the 12th ACM symposium on Access control models and technologies - SACMAT '07, Volkmar Lotz and Bhavani Thuraisingham (Eds.). ACM Press, New York, New York, USA, 175--184. https://doi.org/10.1145/1266840.1266870

Digital Library

[20]

Jaideep Vaidya, Vijayalakshmi Atluri, Janice Warner, and Qi Guo. 2010. Role Engineering via Prioritized Subset Enumeration. IEEE Transactions on Dependable and Secure Computing, Vol. 7, 3 (2010), 300--314. https://doi.org/10.1109/TDSC.2008.61

Digital Library

[21]

Verizon. 2019. Data Breach Investigations Report 2019. Computer Fraud & Security, Vol. 2019, 6 (2019), 4. https://doi.org/10.1016/S1361--3723(19)30060-0

[22]

Zhongyuan Xu and Scott D. Stoller. 2012. Algorithms for mining meaningful roles. In Proceedings of the 17th ACM symposium on Access Control Models and Technologies - SACMAT '12, Vijay Atluri, Jaideep Vaidya, Axel Kern, and Murat Kantarcioglu (Eds.). ACM Press, New York, New York, USA, 57--66. https://doi.org/10.1145/2295136.2295146

Digital Library

[23]

Dana Zhang, Kotagiri Ramamohanarao, and Tim Ebringer. 2007. Role engineering using graph optimisation. In Proceedings of the 12th ACM symposium on Access control models and technologies - SACMAT '07, Volkmar Lotz and Bhavani Thuraisingham (Eds.). ACM Press, New York, New York, USA, 139--144. https://doi.org/10.1145/1266840.1266862

Digital Library

Cited By

Yang YLi JZhang TChen LHuang GLv Z(2025)IRMAOC: an interpretable role mining algorithm based on overlapping clusteringCybersecurity10.1186/s42400-024-00348-z8:1Online publication date: 27-Jan-2025
https://doi.org/10.1186/s42400-024-00348-z
Anderer SJusten NScheuermann BMostaghim SLi XHandl J(2024)Survival Strategies for Evolutionary Role Mining Algorithms Using Expert KnowledgeProceedings of the Genetic and Evolutionary Computation Conference Companion10.1145/3638530.3654183(623-626)Online publication date: 14-Jul-2024
https://dl.acm.org/doi/10.1145/3638530.3654183
Wang DWang ZWang ZLiu ZChen PDong L(2024)Multi-Attribute Based Access Control Policy Generation Method2024 5th International Conference on Electronic Communication and Artificial Intelligence (ICECAI)10.1109/ICECAI62591.2024.10675285(522-525)Online publication date: 31-May-2024
https://doi.org/10.1109/ICECAI62591.2024.10675285
Show More Cited By

Index Terms

RMPlib: A Library of Benchmarks for the Role Mining Problem
1. Security and privacy
  1. Security services
    1. Access control

Recommendations

A Survey of Role Mining

Role-Based Access Control (RBAC) is the most widely used model for advanced access control deployed in diverse enterprises of all sizes. RBAC critically depends on defining roles, which are a functional intermediate between users and permissions. Thus, ...
The role mining problem: finding a minimal descriptive set of roles
SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologies

Devising a complete and correct set of roles has been recognized as one of the most important and challenging tasks in implementing role based access control. A key problem related to this is the notion of goodness/interestingness -- when is a role good/...
An effective role administration model using organization structure

Role-based access control (RBAC) is a well-accepted model for access control in an enterprise environment. When we apply RBAC model to large enterprises, effective role administration is a major issue. ARBAC97 is a well-known solution for decentralized ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SACMAT '21: Proceedings of the 26th ACM Symposium on Access Control Models and Technologies

June 2021

194 pages

ISBN:9781450383653

DOI:10.1145/3450569

General Chair:
Jorge Lobo
ICREA & Universitat Pompeu Fabra, Spain
,
Program Chairs:
Roberto Di Pietro
Hamad Bin Khalifa University
,
Omar Chowdhury
The University of Iowa

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 June 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SACMAT '21

Sponsor:

SIGSAC

SACMAT '21: The 26th ACM Symposium on Access Control Models and Technologies

June 16 - 18, 2021

Virtual Event, Spain

Acceptance Rates

Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
138
Total Downloads

Downloads (Last 12 months)17
Downloads (Last 6 weeks)2

Reflects downloads up to 23 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Yang YLi JZhang TChen LHuang GLv Z(2025)IRMAOC: an interpretable role mining algorithm based on overlapping clusteringCybersecurity10.1186/s42400-024-00348-z8:1Online publication date: 27-Jan-2025
https://doi.org/10.1186/s42400-024-00348-z
Anderer SJusten NScheuermann BMostaghim SLi XHandl J(2024)Survival Strategies for Evolutionary Role Mining Algorithms Using Expert KnowledgeProceedings of the Genetic and Evolutionary Computation Conference Companion10.1145/3638530.3654183(623-626)Online publication date: 14-Jul-2024
https://dl.acm.org/doi/10.1145/3638530.3654183
Wang DWang ZWang ZLiu ZChen PDong L(2024)Multi-Attribute Based Access Control Policy Generation Method2024 5th International Conference on Electronic Communication and Artificial Intelligence (ICECAI)10.1109/ICECAI62591.2024.10675285(522-525)Online publication date: 31-May-2024
https://doi.org/10.1109/ICECAI62591.2024.10675285
Anderer SScheuermann BMostaghim S(2024)Studies on Multi-objective Role Mining in ERP SystemsEvolutionary Computation in Combinatorial Optimization10.1007/978-3-031-57712-3_6(81-96)Online publication date: 2024
https://doi.org/10.1007/978-3-031-57712-3_6
Kang HLiu GWang QZhang QNiu JLuo N(2023)An improved minimal noise role mining algorithm based on role interpretabilityComputers and Security10.1016/j.cose.2023.103100127:COnline publication date: 1-Apr-2023
https://dl.acm.org/doi/10.1016/j.cose.2023.103100
Anderer SKempter TScheuermann BMostaghim S(2023)Dynamic Optimization of Role Concepts for Role-Based Access Control Using Evolutionary AlgorithmsSN Computer Science10.1007/s42979-023-01805-14:4Online publication date: 24-May-2023
https://dl.acm.org/doi/10.1007/s42979-023-01805-1
Anderer SScheuermann BMostaghim S(2023)Evolutionary Optimization of Roles for Access Control in Enterprise Resource Planning SystemsComputational Intelligence10.1007/978-3-031-46221-4_1(1-23)Online publication date: 3-Nov-2023
https://doi.org/10.1007/978-3-031-46221-4_1
Guo QTripunitara MDietrich SChowdhury OTakabi D(2022)The Secrecy Resilience of Access Control Policies and Its Application to Role MiningProceedings of the 27th ACM on Symposium on Access Control Models and Technologies10.1145/3532105.3535030(115-126)Online publication date: 7-Jun-2022
https://dl.acm.org/doi/10.1145/3532105.3535030
Drakopoulos GMylonas P(2022)A Genetic Algorithm For Boolean Semiring Matrix Factorization With Applications To Graph Mining2022 IEEE International Conference on Big Data (Big Data)10.1109/BigData55660.2022.10020828(3864-3870)Online publication date: 17-Dec-2022
https://doi.org/10.1109/BigData55660.2022.10020828
Anderer SSchrader FScheuermann BMostaghim S(2022)Evolutionary Algorithms for the Constrained Two-Level Role Mining ProblemEvolutionary Computation in Combinatorial Optimization10.1007/978-3-031-04148-8_6(79-94)Online publication date: 20-Apr-2022
https://dl.acm.org/doi/10.1007/978-3-031-04148-8_6

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten