More Web Proxy on the site http://driver.im/

research-article

Genetic algorithms for role mining in critical infrastructure data spaces

Authors:

Igor KotenkoAuthors Info & Claims

GECCO '18: Proceedings of the Genetic and Evolutionary Computation Conference Companion

Pages 1688 - 1695

https://doi.org/10.1145/3205651.3208283

Published: 06 July 2018 Publication History

Abstract

In the paper, a Role Mining problem, which is the cornerstone for creating Role-Based Access Control (RBAC) systems, is transferred to the domain of data spaces. RBAC is the most widespread model of access control in different multi-user information systems, including critical infrastructures. The data spaces is the perspective concept of creating information storage systems, which transforms the concept of databases, integrating in one system the information resources from other systems, and allows us to control their security on a centralized basis. The paper considers a mathematical statement of the RBAC design problem for data spaces and offers the approaches to its solving based on genetic algorithms. The proposed approaches consider requirements of compliance with role-based security policies in case of combining all users' sets and all permissions' sets in the data space. The paper considers main decisions on creation and enhancement of genetic algorithms which implementation increases their operational speed. The experimental assessment of the offered genetic algorithms shows their high performance.

Supplementary Material

PDF File (p1688-saenko_suppl.pdf)

Supplemental files.

Download
58.26 KB

References

[1]

M.Franklin, A.Halevy, and D.Maier. 2005. From databases to dataspaces: a new abstraction for information management. SIGMOD Rec. 34, 4 (December 2005), 27--33.

Digital Library

[2]

A.Halevy, M.Franklin, and D.Maier. 2006. Principles of dataspace systems. In Proceedings of the ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems (PODS '06). ACM, New York, NY, USA, 1--9.

Digital Library

[3]

B.Mitra, S.Sural, J.Vaidya, and V.Atluri. 2016. A Survey of Role Mining. ACM Comput. Surv. 48, 4, Article 50 (February 2016), 37 pages.

Digital Library

[4]

R.S.Sandhu, E.J.Coyne, H.L.Feinstein, and C.E.Youman. 1996. Role-Based Access Control Models. Computer 29, 2 (Feb. 1996), 38--47.

Digital Library

[5]

M.Frank, J.M.Buhmann, and D.Basin. 2010. On the definition of role mining. In Proceedings of the 15th ACM symposium on Access control models and technologies (SACMAT '10). ACM, New York, NY, 35--44.

Digital Library

[6]

G.Verma, V.Verma. 2012. Role and Applications of Genetic Algorithm in Data Mining. Intern. Journal of Computer Applications, 48, 17 (2012) 5--8.

[7]

J.Vaidya, V.Atluri, and Q.Guo. 2007. The role mining problem: finding a minimal descriptive set of roles. In Proceedings of the ACM symposium on Access control models and technologies (SACMAT '07). ACM, New York, NY, 175--184.

Digital Library

[8]

I.Saenko and I.Kotenko. 2012. Design and Performance Evaluation of Improved Genetic Algorithm for Role Mining Problem. In Proceedings of the 2012 20th Euromicro International Conference on Parallel, Distributed and Network-based Processing (PDP '12). IEEE Computer Society, Washington, DC, 269--274.

Digital Library

[9]

I.Saenko and I.Kotenko. 2012. Design and Performance Evaluation of Improved Genetic Algorithm for Role Mining Problem. In Proceedings of the 2012 20th Euromicro International Conference on Parallel, Distributed and Network-based Processing (PDP '12). IEEE Computer Society, Washington, DC, 269--274.

Digital Library

[10]

I.Kotenko and I.Saenko. 2015. Improved genetic algorithms for solving the optimisation tasks for design of access control schemes in computer networks. Int. J. Bio-Inspired Comput. 7, 2 (May 2015), 98-110.

Digital Library

[11]

I.Saenko and I.Kotenko. 2016. Using Genetic Algorithms for Design and Reconfiguration of RBAC Schemes. In Proceedings of the 1st International Workshop on AI for Privacy and Security (PrAISe '16). ACM, New York, NY, Article 4, 9 pages.

Digital Library

[12]

J.Vaidya, V.Atluri, and J.Warner. 2006. RoleMiner: mining roles using subset enumeration. In Proceedings of the ACM conference on Computer and communications security (CCS '06). ACM, New York, NY, 144--153.

Digital Library

[13]

Carlo Blundo and Stelvio Cimato. 2010. A simple role mining algorithm. In Proceedings of the 2010 ACM Symposium on Applied Computing (SAC '10). ACM, New York, NY, USA, 1958--1962.

Digital Library

[14]

C.Blundo and S.Cimato. 2010. A simple role mining algorithm. In Proceedings of the 2010 ACM Symposium on Applied Computing (SAC '10). ACM, New York, NY, USA, 1958--1962.

Digital Library

[15]

M.Frank, J.M.Buhman, and D.Basin. 2013. Role Mining with Probabilistic Models. ACM Trans. Inf. Syst. Secur. 15, 4, Article 15. 28 pages.

Digital Library

[16]

M.Frank, A.P.Streich, D.Basin, and J.M.Buhmann. 2012. Multi-assignment clustering for boolean data. J. Mach. Learn. Res. 13, 1. 459--489.

Digital Library

[17]

M.Kuhlmann, D.Shohat, and G.Schimpf. 2003. Role mining - revealing business roles for security administration using data mining technology. In Proceedings of the eighth ACM symposium on Access control models and technologies (SACMAT '03). ACM, New York, NY, USA, 179--186.

Digital Library

[18]

A.Colantonio, R.D.Pietro, and A.Ocello. 2008. A cost-driven approach to role engineering. In Proceedings of the 2008 ACM symposium on Applied computing (SAC '08). ACM, New York, NY, 2129--2136.

Digital Library

[19]

N.C.Narendra. 2003. Design of an integrated Role-Based Access Control Infrastructure for Adaptive Workflow Systems. Journal of Computing and Information Technology, 11, 4, 2003, 293--308.

[20]

S.Zafar, K.Winter, R.Colvin, and R.G.Dromey. 2006. Verification of an Integrated Role-Based Access Control Model. In Proceedings of the 1st International Workshop - Asian Working Conference on Verified Software (AWCVS'06). 12 pages

[21]

M.V.Tripunitara and B.Carbunar. 2009. Efficient access enforcement in distributed role-based access control (RBAC) deployments. In Proceedings of the 14th ACM symposium on Access control models and technologies (SACMAT '09). ACM, New York, NY, USA, 155--164.

Digital Library

[22]

P.Parikh, M.Kantarcioglu, V.Khadilkar, B.Thuraisingham, and L.Khan. 2012. In Proceedings of the IEEE IRI 2012, 659--663.

[23]

H.V.Nguyen, K.Böhm, F.Becker, B.Goldman, G.Hinkel, and E.Müller. 2015. Identifying User Interests within the Data Space - a Case Study with SkyServer. In Proceedings of the 18th International Conference on Extending Database Technology (EDBT'18). 641--652.

[24]

N.Semmanche and S.Selka. 2008. Access control of Web services using genetic algorithms. In Proceedings of the 2008 High Performance Computing & Simulation Conference (HPCS'08), ECMS, Nicosia, Cyprus, 249--254

[25]

N.Rai and K.Rai. Genetic Algorithm Based intrusion Detection System. 2014. International Journal of Computer Science and Information Technologies, 5, 4 (2014), 4952--4957

[26]

H.-S.Yang, M.Maier, M.Reisslein, and W.M.Carlyle. 2003. A Genetic Algorithm based Methodology for Optimizing Multi-Service Convergence in a Metro WDM Network. Journal of Lightwave Technology, 21, 5 (2003), 1114--1146.

[27]

R.Mueller-Bady, R.Gad, M.Kappes, and I.Medina-Bulo. 2015. Using Genetic Algorithms for Deadline-Constrained Monitor Selection in Dynamic Computer Networks. In Proceedings of the Companion Publication of the 2015 Annual Conference on Genetic and Evolutionary Computation (GECCO'15), Sara Silva (Ed.). ACM, New York, NY, 867--874.

Digital Library

[28]

V.Snasel, J.Platos and P.Kromer. 2008. On Genetic Algorithms for Boolean Matrix Factorization. In Proceedings of the Eighth International Conference on Intelligent Systems Design and Applications (ISDA'08), Vol. 2, IEEE Press, New York, 170--175.

Digital Library

[29]

I.Saenko and I.Kotenko. 2017. Administrating role-based access control by genetic algorithms. In Proceedings of the Genetic and Evolutionary Computation Conference Companion (GECCO'17). ACM, New York, NY, USA, 1463--1470.

Digital Library

[30]

D.E.Goldberg. 1989. Genetic Algorithms in Search, Optimization and Machine Learning. Addison-Wesley, Inc., Boston, MA, USA

Digital Library

Cited By

Frazier JHelmuth TLi XHandl J(2024)Explaining Automatically Designed Software Defined Perimeters with a Two Phase Evolutionary Computation SystemProceedings of the Genetic and Evolutionary Computation Conference Companion10.1145/3638530.3664155(1527-1535)Online publication date: 14-Jul-2024
https://dl.acm.org/doi/10.1145/3638530.3664155
Protasov MMorozova T(2021)Risk accounting in public-private partnership for the creation of infrastructure facilities for healthcare organizationsBuhuchet v zdravoohranenii (Accounting in Healthcare)10.33920/med-17-2106-04(40-46)Online publication date: 1-Jun-2021
https://doi.org/10.33920/med-17-2106-04
Liu ADu XWang N(2020)Access Control Role Evolution Mechanism for Open Computing EnvironmentElectronics10.3390/electronics90305179:3(517)Online publication date: 21-Mar-2020
https://doi.org/10.3390/electronics9030517
Show More Cited By

Index Terms

Genetic algorithms for role mining in critical infrastructure data spaces
1. Computing methodologies
  1. Artificial intelligence
    1. Search methodologies
      1. Heuristic function construction
2. Security and privacy
  1. Security services
    1. Access control

Recommendations

Administrating role-based access control by genetic algorithms
GECCO '17: Proceedings of the Genetic and Evolutionary Computation Conference Companion

In the paper we address the problem of administering Role-Based Access Control (RBAC) systems, which consists in substantiation of the choice of solution of the RBAC design or reconfiguration problem based on using genetic algorithms (in conditions of ...
PBDM: a flexible delegation model in RBAC
SACMAT '03: Proceedings of the eighth ACM symposium on Access control models and technologies

Role-based access control (RBAC) is recognized as an efficient access control model for large organizations. Most organizations have some business rules related to access control policy. Delegation of authority is among these rules. RBDM0 and RDM2000 ...
Using Genetic Algorithms for Design and Reconfiguration of RBAC Schemes
PrAISe '16: Proceedings of the 1st International Workshop on AI for Privacy and Security

During last years for Role-Based Access Control (RBAC) model there were suggested several variants of optimization problems for design of RBAC schemes. These problems have mappings ≪users--roles> and ≪roles--permissions> under different conditions, ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

GECCO '18: Proceedings of the Genetic and Evolutionary Computation Conference Companion

July 2018

1968 pages

ISBN:9781450357647

DOI:10.1145/3205651

Editor:
Hernan Aguirre
Shinshu University
,
General Chair:
Keiki Takadama
The University of Electro-Communications

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGEVO: ACM Special Interest Group on Genetic and Evolutionary Computation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 July 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Russian Foundation for Basic Research
Government of Russian Federation
Federal Agency for Scientific Organizations of Russian Federation

Conference

GECCO '18

Sponsor:

SIGEVO

GECCO '18: Genetic and Evolutionary Computation Conference

July 15 - 19, 2018

Kyoto, Japan

Acceptance Rates

Overall Acceptance Rate 1,669 of 4,410 submissions, 38%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
76
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Reflects downloads up to 09 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Frazier JHelmuth TLi XHandl J(2024)Explaining Automatically Designed Software Defined Perimeters with a Two Phase Evolutionary Computation SystemProceedings of the Genetic and Evolutionary Computation Conference Companion10.1145/3638530.3664155(1527-1535)Online publication date: 14-Jul-2024
https://dl.acm.org/doi/10.1145/3638530.3664155
Protasov MMorozova T(2021)Risk accounting in public-private partnership for the creation of infrastructure facilities for healthcare organizationsBuhuchet v zdravoohranenii (Accounting in Healthcare)10.33920/med-17-2106-04(40-46)Online publication date: 1-Jun-2021
https://doi.org/10.33920/med-17-2106-04
Liu ADu XWang N(2020)Access Control Role Evolution Mechanism for Open Computing EnvironmentElectronics10.3390/electronics90305179:3(517)Online publication date: 21-Mar-2020
https://doi.org/10.3390/electronics9030517
Shlapentokh-Rothman MHemberg EO'Reilly UCoello Coello C(2020)Securing the software defined perimeter with evolutionary co-optimizationProceedings of the 2020 Genetic and Evolutionary Computation Conference Companion10.1145/3377929.3398085(1528-1536)Online publication date: 8-Jul-2020
https://dl.acm.org/doi/10.1145/3377929.3398085

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents