Thursday, May 10, 2007

Role Mining with Orca

@inproceedings{schlegelmilch05orca,
author = {Jurgen Schlegelmich, Ulrike Steffens},
title = {Role Mining with ORCA},
booktitle = {SACMAT '05: Proceedings of the tenth ACM symposium on Access control models and technologies},
year = {2005},
address = {Stockholm, Sweden},
publisher = {ACM Press},
}

This paper proposes ORCA, a java visualisation tool that performs hierarchical clustering on permission assignments for definition of role concepts/role engineering. User interaction can add information during hierarchy construction to assist clustering.

Mentioned caveats in role mining:
  1. Noise in data: cleansing/anamolies must be removed
  2. Multi-role systems: systems support multiple roles
  3. Multi-role users: users can be assigned multiple roles
  4. Multiple identities per user
  5. No semantics in data mined roles
These issues are mentioned but not solved (with the exception of 3) by ORCA.

Method ideology: place permissions in a cluster if a significant number of users have them. Each cluster has a set of permissions and a set of users assigned to the cluster.

Technique:
  1. Each permission starts as a permission set cluster in C.
  2. Identify pairs of clusters from C with maximum user assignment intersect and maximum union.
  3. Create a role from the new permission set union. If more than one exist, randomly pick one.
  4. Remove original pair of clusters from C so previous clusters can no longer be used/selected to create new roles.
  5. New role created as a super clusters of previous clusters and add to C.
Problems in approach:
  • each permission can only belong to one path of the role hierarchy, modifications to reduce this constraint can produce inconsistencies and large number of additional yet not required roles.
  • time consuming, must generate all cluster pair intersects at each iteration
  • choosing one pair can remove the possibility of other pairings, making ordering important
  • when more than one pair has merging potential (more than one maximal pair for new cluster creation) one is chosen at random
Novelness:
  • At that time, it was the first role mining approach that didn't used a generic set of tools developed general pupose data mining. It was role engineering specific. The data mining used applied heirarchical clustering for permissions to create roles. While no new data mining contribution was made, it was a new application of data mining to enterprise security.
  • The visualisation tool sounds pretty, describing what is being done at each step, what is in each cluster and different colour intensities are used for clusters with more user assignments. It sounds pretty but also confusing to use in situations with many entities. Some learning is required to understand what the data mining does and what it means in context of the different possible clusters. Some options for finding different correlations is present: highlighting clusters who have users who fit a certain criteria. Less information is given on exactly how this information can be used to create roles.
  • Visualizations also allows for the concept of neighbouring clusters, where clusters of permissions are similar are placed next to each other for viewing in ORCA. Similarity between clusters is measured by the propotion of permissions that are the same within two clusters.

1 comment:

Bruno said...

Is the Java tool available to casual users? where?

thks