Role mining in business :: taming role-based access control administration /
With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) -- a policy-neutral access control model that serves as a bridge between acade...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Weitere Verfasser: | , |
| Format: | Elektronisch E-Book |
| Sprache: | English |
| Veröffentlicht: |
Singapore :
World Scientific,
2012.
|
| Schlagworte: | |
| Online-Zugang: | DE-862 DE-863 |
| Zusammenfassung: | With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) -- a policy-neutral access control model that serves as a bridge between academia and industry -- is probably the most suitable security model for commercial applications. Interestingly, role design determines RBAC's cost. When there are hundreds or thousands of users within an organization, with individual functions and responsibilities to be accurately reflected in terms of a. |
| Beschreibung: | 1 online resource (xx, 274 pages :) |
| Bibliographie: | Includes bibliographical references (pages 259-267) and index. |
| ISBN: | 9789814366151 9814366153 9814374008 9789814374002 1280669632 9781280669637 9786613646569 6613646563 |
Internformat
MARC
| LEADER | 00000cam a2200000Ma 4500 | ||
|---|---|---|---|
| 001 | ZDB-4-EBA-ocn794328384 | ||
| 003 | OCoLC | ||
| 005 | 20240705115654.0 | ||
| 006 | m o d | ||
| 007 | cr |n|---||||| | ||
| 008 | 120528s2012 si a ob 001 0 eng d | ||
| 010 | |a 2011278916 | ||
| 040 | |a EBLCP |b eng |e pn |c EBLCP |d OCLCQ |d YDXCP |d N$T |d IDEBK |d E7B |d I9W |d OCLCQ |d DEBSZ |d CDX |d OCLCA |d B24X7 |d COO |d OCLCQ |d LGG |d OCLCF |d OCLCQ |d JBG |d AGLDB |d MOR |d PIFAG |d ZCU |d LIV |d OCLCQ |d MERUC |d OCLCQ |d U3W |d OCLCA |d UUM |d STF |d WRM |d VTS |d NRAMU |d ICG |d INT |d VT2 |d AU@ |d OCLCQ |d WYU |d OCLCQ |d DKC |d OCLCQ |d M8D |d UKAHL |d OCLCQ |d LEAUB |d UKCRE |d LDP |d VLY |d TUHNV |d OCLCO |d OCLCQ |d OCLCO |d OCLCL |d SXB |d OCLCQ | ||
| 019 | |a 793804761 |a 794902721 |a 817084835 |a 961685922 |a 962719324 |a 966388259 |a 988457029 |a 988461491 |a 991928127 |a 1037704741 |a 1038568802 |a 1045513777 |a 1055399282 |a 1058169128 |a 1058332480 |a 1065691047 |a 1081226612 |a 1086441894 |a 1153522002 |a 1162426400 |a 1228572261 |a 1241792540 |a 1243610328 |a 1272920684 |a 1290060652 |a 1300523039 | ||
| 020 | |a 9789814366151 |q (electronic bk.) | ||
| 020 | |a 9814366153 |q (electronic bk.) | ||
| 020 | |a 9814374008 | ||
| 020 | |a 9789814374002 | ||
| 020 | |a 1280669632 | ||
| 020 | |a 9781280669637 | ||
| 020 | |a 9786613646569 | ||
| 020 | |a 6613646563 | ||
| 035 | |a (OCoLC)794328384 |z (OCoLC)793804761 |z (OCoLC)794902721 |z (OCoLC)817084835 |z (OCoLC)961685922 |z (OCoLC)962719324 |z (OCoLC)966388259 |z (OCoLC)988457029 |z (OCoLC)988461491 |z (OCoLC)991928127 |z (OCoLC)1037704741 |z (OCoLC)1038568802 |z (OCoLC)1045513777 |z (OCoLC)1055399282 |z (OCoLC)1058169128 |z (OCoLC)1058332480 |z (OCoLC)1065691047 |z (OCoLC)1081226612 |z (OCoLC)1086441894 |z (OCoLC)1153522002 |z (OCoLC)1162426400 |z (OCoLC)1228572261 |z (OCoLC)1241792540 |z (OCoLC)1243610328 |z (OCoLC)1272920684 |z (OCoLC)1290060652 |z (OCoLC)1300523039 | ||
| 050 | 4 | |a QA76.9.D343 | |
| 072 | 7 | |a COM |x 021030 |2 bisacsh | |
| 072 | 7 | |a UNF |2 bicssc | |
| 082 | 7 | |a 006.312 | |
| 049 | |a MAIN | ||
| 100 | 1 | |a Colantonio, Alessandro. | |
| 245 | 1 | 0 | |a Role mining in business : |b taming role-based access control administration / |c Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello. |
| 260 | |a Singapore : |b World Scientific, |c 2012. | ||
| 300 | |a 1 online resource (xx, 274 pages :) | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 347 | |a data file |2 rda | ||
| 380 | |a Bibliography | ||
| 520 | |a With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) -- a policy-neutral access control model that serves as a bridge between academia and industry -- is probably the most suitable security model for commercial applications. Interestingly, role design determines RBAC's cost. When there are hundreds or thousands of users within an organization, with individual functions and responsibilities to be accurately reflected in terms of a. | ||
| 504 | |a Includes bibliographical references (pages 259-267) and index. | ||
| 588 | 0 | |a Print version record. | |
| 505 | 0 | |a 1. Managing access rights. 1.1. Challenges of controlling access. 1.2. Access control concepts. 1.3. Access control models. 1.4. Final remarks -- 2. Role-based access control. 2.1. RBAC basics. 2.2. RBAC standards. 2.3. Advantages of RBAC. 2.4. Obstacles to migrating to RBAC. 2.5. Final remarks -- 3. Role engineering. 3.1. Modeling roles. 3.2. Role engineering approaches. 3.3. Parts of a role engineering task. 3.4. Guidelines. 3.5. Final remarks -- 4. A step-to-step methodology for role mining. 4.1. Role mining steps. 4.2. Understanding access control data. 4.3. Data preparation. 4.4. Role definition. 4.5. Final remarks -- 5. The hidden structure of roles. 5.1. Formalization of the role mining problem. 5.2. Graph-based approach. 5.3. Matrix-based approach. 5.4. Permission-powerset lattice. 5.5. Final remarks -- 6. Enumerating candidate roles. 6.1. Eliciting patterns from access data. 6.2. Minimizing the number of roles. 6.3. Estimating the minimum number of roles. 6.4. Final remarks -- 7. Minimizing the effort of administering RBAC. 7.1. A cost-driven approach to role engineering. 7.2. Problem formalization. 7.3. Finding optimal role-sets. 7.4. Finding sub-optimal role-sets. 7.5. Final remarks -- 8. Measuring the meaning of roles. 8.1. Meaningful roles. 8.2. Modeling business. 8.3. Measuring the meaning of roles. 8.4. Spread indices in action. 8.5. Final remarks -- 9. Visual role mining. 9.1. Role visualization problem. 9.2. Matrix sorting algorithm. 9.3. Visual elicitation of roles. 9.4. A visual approach to role engineering. 9.5. Experimental results. 9.6. Final remarks -- 10. Splitting up the mining task. 10.1. A divide-and-conquer approach. 10.2. Complexity measures. 10.3. Similarity. 10.4. Minability. 10.5. Considerations about minability and similarity. 10.6. Conditioned indices. 10.7. Application to a real case. 10.8. Final remarks -- 11. Stable roles. 11.1. Stable assignments and stable roles. 11.2. Pruning unstable assignments. 11.3. Stability and mining complexity. 11.4. Pruning examples. 11.5. Final remarks -- 12. Imputing missing grants. 12.1. Missing values. 12.2. AB[symbol]A : Adaptive Bicluster-Based Approach. 12.3. Algorithm description. 12.4. Testing AB[symbol]A. 12.5. Final remarks -- 13. The risk of meaningless roles. 13.1. Assessing risky system configurations. 13.2. Risk model. 13.3. Risk metrics. 13.4. Analysis of a real case. 13.5. Final remarks -- 14. Ranking users and permissions. 14.1. Stability. 14.2. Framework description. 14.3. Experimental results. 14.4. Final remarks. | |
| 546 | |a English. | ||
| 650 | 0 | |a Computers |x Access control. |0 http://id.loc.gov/authorities/subjects/sh85029553 | |
| 650 | 0 | |a Computer security. | |
| 650 | 0 | |a Computer networks. |0 http://id.loc.gov/authorities/subjects/sh85029513 | |
| 650 | 6 | |a Ordinateurs |x Accès |x Contrôle. | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Réseaux d'ordinateurs. | |
| 650 | 7 | |a COMPUTERS |x Database Management |x Data Mining. |2 bisacsh | |
| 650 | 7 | |a Computer networks |2 fast | |
| 650 | 7 | |a Computer security |2 fast | |
| 650 | 7 | |a Computers |x Access control |2 fast | |
| 700 | 1 | |a Di Pietro, Roberto |c (Computer scientist) |1 https://id.oclc.org/worldcat/entity/E39PCjGTgMWY3vFyMdqTwFf76q |0 http://id.loc.gov/authorities/names/no2008189613 | |
| 700 | 1 | |a Ocello, Alberto. | |
| 758 | |i has work: |a Role mining in business (Text) |1 https://id.oclc.org/worldcat/entity/E39PCG8HjKTHVTx47HGwdfvVfq |4 https://id.oclc.org/worldcat/ontology/hasWork | ||
| 776 | 0 | 8 | |i Print version: |a Colantonio, Alessandro. |t Role mining in business. |d Singapore : World Scientific, ©2012 |z 9789814374002 |w (OCoLC)753630176 |
| 966 | 4 | 0 | |l DE-862 |p ZDB-4-EBA |q FWS_PDA_EBA |u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=457188 |3 Volltext |
| 966 | 4 | 0 | |l DE-863 |p ZDB-4-EBA |q FWS_PDA_EBA |u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=457188 |3 Volltext |
| 938 | |a Askews and Holts Library Services |b ASKH |n AH25565400 | ||
| 938 | |a Books 24x7 |b B247 |n bks00063234 | ||
| 938 | |a Coutts Information Services |b COUT |n 23981246 | ||
| 938 | |a EBL - Ebook Library |b EBLB |n EBL919089 | ||
| 938 | |a ebrary |b EBRY |n ebr10563504 | ||
| 938 | |a EBSCOhost |b EBSC |n 457188 | ||
| 938 | |a ProQuest MyiLibrary Digital eBook Collection |b IDEB |n 364656 | ||
| 938 | |a YBP Library Services |b YANK |n 7280424 | ||
| 994 | |a 92 |b GEBAY | ||
| 912 | |a ZDB-4-EBA | ||
| 049 | |a DE-862 | ||
| 049 | |a DE-863 | ||
Datensatz im Suchindex
| DE-BY-FWS_katkey | ZDB-4-EBA-ocn794328384 |
|---|---|
| _version_ | 1826941683758006272 |
| adam_text | |
| any_adam_object | |
| author | Colantonio, Alessandro |
| author2 | Di Pietro, Roberto (Computer scientist) Ocello, Alberto |
| author2_role | |
| author2_variant | p r d pr prd a o ao |
| author_GND | http://id.loc.gov/authorities/names/no2008189613 |
| author_facet | Colantonio, Alessandro Di Pietro, Roberto (Computer scientist) Ocello, Alberto |
| author_role | |
| author_sort | Colantonio, Alessandro |
| author_variant | a c ac |
| building | Verbundindex |
| bvnumber | localFWS |
| callnumber-first | Q - Science |
| callnumber-label | QA76 |
| callnumber-raw | QA76.9.D343 |
| callnumber-search | QA76.9.D343 |
| callnumber-sort | QA 276.9 D343 |
| callnumber-subject | QA - Mathematics |
| collection | ZDB-4-EBA |
| contents | 1. Managing access rights. 1.1. Challenges of controlling access. 1.2. Access control concepts. 1.3. Access control models. 1.4. Final remarks -- 2. Role-based access control. 2.1. RBAC basics. 2.2. RBAC standards. 2.3. Advantages of RBAC. 2.4. Obstacles to migrating to RBAC. 2.5. Final remarks -- 3. Role engineering. 3.1. Modeling roles. 3.2. Role engineering approaches. 3.3. Parts of a role engineering task. 3.4. Guidelines. 3.5. Final remarks -- 4. A step-to-step methodology for role mining. 4.1. Role mining steps. 4.2. Understanding access control data. 4.3. Data preparation. 4.4. Role definition. 4.5. Final remarks -- 5. The hidden structure of roles. 5.1. Formalization of the role mining problem. 5.2. Graph-based approach. 5.3. Matrix-based approach. 5.4. Permission-powerset lattice. 5.5. Final remarks -- 6. Enumerating candidate roles. 6.1. Eliciting patterns from access data. 6.2. Minimizing the number of roles. 6.3. Estimating the minimum number of roles. 6.4. Final remarks -- 7. Minimizing the effort of administering RBAC. 7.1. A cost-driven approach to role engineering. 7.2. Problem formalization. 7.3. Finding optimal role-sets. 7.4. Finding sub-optimal role-sets. 7.5. Final remarks -- 8. Measuring the meaning of roles. 8.1. Meaningful roles. 8.2. Modeling business. 8.3. Measuring the meaning of roles. 8.4. Spread indices in action. 8.5. Final remarks -- 9. Visual role mining. 9.1. Role visualization problem. 9.2. Matrix sorting algorithm. 9.3. Visual elicitation of roles. 9.4. A visual approach to role engineering. 9.5. Experimental results. 9.6. Final remarks -- 10. Splitting up the mining task. 10.1. A divide-and-conquer approach. 10.2. Complexity measures. 10.3. Similarity. 10.4. Minability. 10.5. Considerations about minability and similarity. 10.6. Conditioned indices. 10.7. Application to a real case. 10.8. Final remarks -- 11. Stable roles. 11.1. Stable assignments and stable roles. 11.2. Pruning unstable assignments. 11.3. Stability and mining complexity. 11.4. Pruning examples. 11.5. Final remarks -- 12. Imputing missing grants. 12.1. Missing values. 12.2. AB[symbol]A : Adaptive Bicluster-Based Approach. 12.3. Algorithm description. 12.4. Testing AB[symbol]A. 12.5. Final remarks -- 13. The risk of meaningless roles. 13.1. Assessing risky system configurations. 13.2. Risk model. 13.3. Risk metrics. 13.4. Analysis of a real case. 13.5. Final remarks -- 14. Ranking users and permissions. 14.1. Stability. 14.2. Framework description. 14.3. Experimental results. 14.4. Final remarks. |
| ctrlnum | (OCoLC)794328384 |
| dewey-full | 006.312 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 006 - Special computer methods |
| dewey-raw | 006.312 |
| dewey-search | 006.312 |
| dewey-sort | 16.312 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>07286cam a2200757Ma 4500</leader><controlfield tag="001">ZDB-4-EBA-ocn794328384</controlfield><controlfield tag="003">OCoLC</controlfield><controlfield tag="005">20240705115654.0</controlfield><controlfield tag="006">m o d </controlfield><controlfield tag="007">cr |n|---|||||</controlfield><controlfield tag="008">120528s2012 si a ob 001 0 eng d</controlfield><datafield tag="010" ind1=" " ind2=" "><subfield code="a"> 2011278916</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">EBLCP</subfield><subfield code="b">eng</subfield><subfield code="e">pn</subfield><subfield code="c">EBLCP</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">YDXCP</subfield><subfield code="d">N$T</subfield><subfield code="d">IDEBK</subfield><subfield code="d">E7B</subfield><subfield code="d">I9W</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">DEBSZ</subfield><subfield code="d">CDX</subfield><subfield code="d">OCLCA</subfield><subfield code="d">B24X7</subfield><subfield code="d">COO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">LGG</subfield><subfield code="d">OCLCF</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">JBG</subfield><subfield code="d">AGLDB</subfield><subfield code="d">MOR</subfield><subfield code="d">PIFAG</subfield><subfield code="d">ZCU</subfield><subfield code="d">LIV</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">MERUC</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">U3W</subfield><subfield code="d">OCLCA</subfield><subfield code="d">UUM</subfield><subfield code="d">STF</subfield><subfield code="d">WRM</subfield><subfield code="d">VTS</subfield><subfield code="d">NRAMU</subfield><subfield code="d">ICG</subfield><subfield code="d">INT</subfield><subfield code="d">VT2</subfield><subfield code="d">AU@</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">WYU</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">DKC</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">M8D</subfield><subfield code="d">UKAHL</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">LEAUB</subfield><subfield code="d">UKCRE</subfield><subfield code="d">LDP</subfield><subfield code="d">VLY</subfield><subfield code="d">TUHNV</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCL</subfield><subfield code="d">SXB</subfield><subfield code="d">OCLCQ</subfield></datafield><datafield tag="019" ind1=" " ind2=" "><subfield code="a">793804761</subfield><subfield code="a">794902721</subfield><subfield code="a">817084835</subfield><subfield code="a">961685922</subfield><subfield code="a">962719324</subfield><subfield code="a">966388259</subfield><subfield code="a">988457029</subfield><subfield code="a">988461491</subfield><subfield code="a">991928127</subfield><subfield code="a">1037704741</subfield><subfield code="a">1038568802</subfield><subfield code="a">1045513777</subfield><subfield code="a">1055399282</subfield><subfield code="a">1058169128</subfield><subfield code="a">1058332480</subfield><subfield code="a">1065691047</subfield><subfield code="a">1081226612</subfield><subfield code="a">1086441894</subfield><subfield code="a">1153522002</subfield><subfield code="a">1162426400</subfield><subfield code="a">1228572261</subfield><subfield code="a">1241792540</subfield><subfield code="a">1243610328</subfield><subfield code="a">1272920684</subfield><subfield code="a">1290060652</subfield><subfield code="a">1300523039</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9789814366151</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9814366153</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9814374008</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9789814374002</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1280669632</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781280669637</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9786613646569</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">6613646563</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)794328384</subfield><subfield code="z">(OCoLC)793804761</subfield><subfield code="z">(OCoLC)794902721</subfield><subfield code="z">(OCoLC)817084835</subfield><subfield code="z">(OCoLC)961685922</subfield><subfield code="z">(OCoLC)962719324</subfield><subfield code="z">(OCoLC)966388259</subfield><subfield code="z">(OCoLC)988457029</subfield><subfield code="z">(OCoLC)988461491</subfield><subfield code="z">(OCoLC)991928127</subfield><subfield code="z">(OCoLC)1037704741</subfield><subfield code="z">(OCoLC)1038568802</subfield><subfield code="z">(OCoLC)1045513777</subfield><subfield code="z">(OCoLC)1055399282</subfield><subfield code="z">(OCoLC)1058169128</subfield><subfield code="z">(OCoLC)1058332480</subfield><subfield code="z">(OCoLC)1065691047</subfield><subfield code="z">(OCoLC)1081226612</subfield><subfield code="z">(OCoLC)1086441894</subfield><subfield code="z">(OCoLC)1153522002</subfield><subfield code="z">(OCoLC)1162426400</subfield><subfield code="z">(OCoLC)1228572261</subfield><subfield code="z">(OCoLC)1241792540</subfield><subfield code="z">(OCoLC)1243610328</subfield><subfield code="z">(OCoLC)1272920684</subfield><subfield code="z">(OCoLC)1290060652</subfield><subfield code="z">(OCoLC)1300523039</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">QA76.9.D343</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="x">021030</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">UNF</subfield><subfield code="2">bicssc</subfield></datafield><datafield tag="082" ind1="7" ind2=" "><subfield code="a">006.312</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">MAIN</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Colantonio, Alessandro.</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Role mining in business :</subfield><subfield code="b">taming role-based access control administration /</subfield><subfield code="c">Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello.</subfield></datafield><datafield tag="260" ind1=" " ind2=" "><subfield code="a">Singapore :</subfield><subfield code="b">World Scientific,</subfield><subfield code="c">2012.</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (xx, 274 pages :)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="347" ind1=" " ind2=" "><subfield code="a">data file</subfield><subfield code="2">rda</subfield></datafield><datafield tag="380" ind1=" " ind2=" "><subfield code="a">Bibliography</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) -- a policy-neutral access control model that serves as a bridge between academia and industry -- is probably the most suitable security model for commercial applications. Interestingly, role design determines RBAC's cost. When there are hundreds or thousands of users within an organization, with individual functions and responsibilities to be accurately reflected in terms of a.</subfield></datafield><datafield tag="504" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references (pages 259-267) and index.</subfield></datafield><datafield tag="588" ind1="0" ind2=" "><subfield code="a">Print version record.</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">1. Managing access rights. 1.1. Challenges of controlling access. 1.2. Access control concepts. 1.3. Access control models. 1.4. Final remarks -- 2. Role-based access control. 2.1. RBAC basics. 2.2. RBAC standards. 2.3. Advantages of RBAC. 2.4. Obstacles to migrating to RBAC. 2.5. Final remarks -- 3. Role engineering. 3.1. Modeling roles. 3.2. Role engineering approaches. 3.3. Parts of a role engineering task. 3.4. Guidelines. 3.5. Final remarks -- 4. A step-to-step methodology for role mining. 4.1. Role mining steps. 4.2. Understanding access control data. 4.3. Data preparation. 4.4. Role definition. 4.5. Final remarks -- 5. The hidden structure of roles. 5.1. Formalization of the role mining problem. 5.2. Graph-based approach. 5.3. Matrix-based approach. 5.4. Permission-powerset lattice. 5.5. Final remarks -- 6. Enumerating candidate roles. 6.1. Eliciting patterns from access data. 6.2. Minimizing the number of roles. 6.3. Estimating the minimum number of roles. 6.4. Final remarks -- 7. Minimizing the effort of administering RBAC. 7.1. A cost-driven approach to role engineering. 7.2. Problem formalization. 7.3. Finding optimal role-sets. 7.4. Finding sub-optimal role-sets. 7.5. Final remarks -- 8. Measuring the meaning of roles. 8.1. Meaningful roles. 8.2. Modeling business. 8.3. Measuring the meaning of roles. 8.4. Spread indices in action. 8.5. Final remarks -- 9. Visual role mining. 9.1. Role visualization problem. 9.2. Matrix sorting algorithm. 9.3. Visual elicitation of roles. 9.4. A visual approach to role engineering. 9.5. Experimental results. 9.6. Final remarks -- 10. Splitting up the mining task. 10.1. A divide-and-conquer approach. 10.2. Complexity measures. 10.3. Similarity. 10.4. Minability. 10.5. Considerations about minability and similarity. 10.6. Conditioned indices. 10.7. Application to a real case. 10.8. Final remarks -- 11. Stable roles. 11.1. Stable assignments and stable roles. 11.2. Pruning unstable assignments. 11.3. Stability and mining complexity. 11.4. Pruning examples. 11.5. Final remarks -- 12. Imputing missing grants. 12.1. Missing values. 12.2. AB[symbol]A : Adaptive Bicluster-Based Approach. 12.3. Algorithm description. 12.4. Testing AB[symbol]A. 12.5. Final remarks -- 13. The risk of meaningless roles. 13.1. Assessing risky system configurations. 13.2. Risk model. 13.3. Risk metrics. 13.4. Analysis of a real case. 13.5. Final remarks -- 14. Ranking users and permissions. 14.1. Stability. 14.2. Framework description. 14.3. Experimental results. 14.4. Final remarks.</subfield></datafield><datafield tag="546" ind1=" " ind2=" "><subfield code="a">English.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computers</subfield><subfield code="x">Access control.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh85029553</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer security.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer networks.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh85029513</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Ordinateurs</subfield><subfield code="x">Accès</subfield><subfield code="x">Contrôle.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Sécurité informatique.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Réseaux d'ordinateurs.</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS</subfield><subfield code="x">Database Management</subfield><subfield code="x">Data Mining.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer networks</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer security</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computers</subfield><subfield code="x">Access control</subfield><subfield code="2">fast</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Di Pietro, Roberto</subfield><subfield code="c">(Computer scientist)</subfield><subfield code="1">https://id.oclc.org/worldcat/entity/E39PCjGTgMWY3vFyMdqTwFf76q</subfield><subfield code="0">http://id.loc.gov/authorities/names/no2008189613</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Ocello, Alberto.</subfield></datafield><datafield tag="758" ind1=" " ind2=" "><subfield code="i">has work:</subfield><subfield code="a">Role mining in business (Text)</subfield><subfield code="1">https://id.oclc.org/worldcat/entity/E39PCG8HjKTHVTx47HGwdfvVfq</subfield><subfield code="4">https://id.oclc.org/worldcat/ontology/hasWork</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Print version:</subfield><subfield code="a">Colantonio, Alessandro.</subfield><subfield code="t">Role mining in business.</subfield><subfield code="d">Singapore : World Scientific, ©2012</subfield><subfield code="z">9789814374002</subfield><subfield code="w">(OCoLC)753630176</subfield></datafield><datafield tag="966" ind1="4" ind2="0"><subfield code="l">DE-862</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=457188</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="966" ind1="4" ind2="0"><subfield code="l">DE-863</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=457188</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">Askews and Holts Library Services</subfield><subfield code="b">ASKH</subfield><subfield code="n">AH25565400</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">Books 24x7</subfield><subfield code="b">B247</subfield><subfield code="n">bks00063234</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">Coutts Information Services</subfield><subfield code="b">COUT</subfield><subfield code="n">23981246</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">EBL - Ebook Library</subfield><subfield code="b">EBLB</subfield><subfield code="n">EBL919089</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">ebrary</subfield><subfield code="b">EBRY</subfield><subfield code="n">ebr10563504</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">EBSCOhost</subfield><subfield code="b">EBSC</subfield><subfield code="n">457188</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">ProQuest MyiLibrary Digital eBook Collection</subfield><subfield code="b">IDEB</subfield><subfield code="n">364656</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">YBP Library Services</subfield><subfield code="b">YANK</subfield><subfield code="n">7280424</subfield></datafield><datafield tag="994" ind1=" " ind2=" "><subfield code="a">92</subfield><subfield code="b">GEBAY</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-862</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-863</subfield></datafield></record></collection> |
| id | ZDB-4-EBA-ocn794328384 |
| illustrated | Illustrated |
| indexdate | 2025-03-18T14:16:01Z |
| institution | BVB |
| isbn | 9789814366151 9814366153 9814374008 9789814374002 1280669632 9781280669637 9786613646569 6613646563 |
| language | English |
| lccn | 2011278916 |
| oclc_num | 794328384 |
| open_access_boolean | |
| owner | MAIN DE-862 DE-BY-FWS DE-863 DE-BY-FWS |
| owner_facet | MAIN DE-862 DE-BY-FWS DE-863 DE-BY-FWS |
| physical | 1 online resource (xx, 274 pages :) |
| psigel | ZDB-4-EBA FWS_PDA_EBA ZDB-4-EBA |
| publishDate | 2012 |
| publishDateSearch | 2012 |
| publishDateSort | 2012 |
| publisher | World Scientific, |
| record_format | marc |
| spelling | Colantonio, Alessandro. Role mining in business : taming role-based access control administration / Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello. Singapore : World Scientific, 2012. 1 online resource (xx, 274 pages :) text txt rdacontent computer c rdamedia online resource cr rdacarrier data file rda Bibliography With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) -- a policy-neutral access control model that serves as a bridge between academia and industry -- is probably the most suitable security model for commercial applications. Interestingly, role design determines RBAC's cost. When there are hundreds or thousands of users within an organization, with individual functions and responsibilities to be accurately reflected in terms of a. Includes bibliographical references (pages 259-267) and index. Print version record. 1. Managing access rights. 1.1. Challenges of controlling access. 1.2. Access control concepts. 1.3. Access control models. 1.4. Final remarks -- 2. Role-based access control. 2.1. RBAC basics. 2.2. RBAC standards. 2.3. Advantages of RBAC. 2.4. Obstacles to migrating to RBAC. 2.5. Final remarks -- 3. Role engineering. 3.1. Modeling roles. 3.2. Role engineering approaches. 3.3. Parts of a role engineering task. 3.4. Guidelines. 3.5. Final remarks -- 4. A step-to-step methodology for role mining. 4.1. Role mining steps. 4.2. Understanding access control data. 4.3. Data preparation. 4.4. Role definition. 4.5. Final remarks -- 5. The hidden structure of roles. 5.1. Formalization of the role mining problem. 5.2. Graph-based approach. 5.3. Matrix-based approach. 5.4. Permission-powerset lattice. 5.5. Final remarks -- 6. Enumerating candidate roles. 6.1. Eliciting patterns from access data. 6.2. Minimizing the number of roles. 6.3. Estimating the minimum number of roles. 6.4. Final remarks -- 7. Minimizing the effort of administering RBAC. 7.1. A cost-driven approach to role engineering. 7.2. Problem formalization. 7.3. Finding optimal role-sets. 7.4. Finding sub-optimal role-sets. 7.5. Final remarks -- 8. Measuring the meaning of roles. 8.1. Meaningful roles. 8.2. Modeling business. 8.3. Measuring the meaning of roles. 8.4. Spread indices in action. 8.5. Final remarks -- 9. Visual role mining. 9.1. Role visualization problem. 9.2. Matrix sorting algorithm. 9.3. Visual elicitation of roles. 9.4. A visual approach to role engineering. 9.5. Experimental results. 9.6. Final remarks -- 10. Splitting up the mining task. 10.1. A divide-and-conquer approach. 10.2. Complexity measures. 10.3. Similarity. 10.4. Minability. 10.5. Considerations about minability and similarity. 10.6. Conditioned indices. 10.7. Application to a real case. 10.8. Final remarks -- 11. Stable roles. 11.1. Stable assignments and stable roles. 11.2. Pruning unstable assignments. 11.3. Stability and mining complexity. 11.4. Pruning examples. 11.5. Final remarks -- 12. Imputing missing grants. 12.1. Missing values. 12.2. AB[symbol]A : Adaptive Bicluster-Based Approach. 12.3. Algorithm description. 12.4. Testing AB[symbol]A. 12.5. Final remarks -- 13. The risk of meaningless roles. 13.1. Assessing risky system configurations. 13.2. Risk model. 13.3. Risk metrics. 13.4. Analysis of a real case. 13.5. Final remarks -- 14. Ranking users and permissions. 14.1. Stability. 14.2. Framework description. 14.3. Experimental results. 14.4. Final remarks. English. Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Computer security. Computer networks. http://id.loc.gov/authorities/subjects/sh85029513 Ordinateurs Accès Contrôle. Sécurité informatique. Réseaux d'ordinateurs. COMPUTERS Database Management Data Mining. bisacsh Computer networks fast Computer security fast Computers Access control fast Di Pietro, Roberto (Computer scientist) https://id.oclc.org/worldcat/entity/E39PCjGTgMWY3vFyMdqTwFf76q http://id.loc.gov/authorities/names/no2008189613 Ocello, Alberto. has work: Role mining in business (Text) https://id.oclc.org/worldcat/entity/E39PCG8HjKTHVTx47HGwdfvVfq https://id.oclc.org/worldcat/ontology/hasWork Print version: Colantonio, Alessandro. Role mining in business. Singapore : World Scientific, ©2012 9789814374002 (OCoLC)753630176 |
| spellingShingle | Colantonio, Alessandro Role mining in business : taming role-based access control administration / 1. Managing access rights. 1.1. Challenges of controlling access. 1.2. Access control concepts. 1.3. Access control models. 1.4. Final remarks -- 2. Role-based access control. 2.1. RBAC basics. 2.2. RBAC standards. 2.3. Advantages of RBAC. 2.4. Obstacles to migrating to RBAC. 2.5. Final remarks -- 3. Role engineering. 3.1. Modeling roles. 3.2. Role engineering approaches. 3.3. Parts of a role engineering task. 3.4. Guidelines. 3.5. Final remarks -- 4. A step-to-step methodology for role mining. 4.1. Role mining steps. 4.2. Understanding access control data. 4.3. Data preparation. 4.4. Role definition. 4.5. Final remarks -- 5. The hidden structure of roles. 5.1. Formalization of the role mining problem. 5.2. Graph-based approach. 5.3. Matrix-based approach. 5.4. Permission-powerset lattice. 5.5. Final remarks -- 6. Enumerating candidate roles. 6.1. Eliciting patterns from access data. 6.2. Minimizing the number of roles. 6.3. Estimating the minimum number of roles. 6.4. Final remarks -- 7. Minimizing the effort of administering RBAC. 7.1. A cost-driven approach to role engineering. 7.2. Problem formalization. 7.3. Finding optimal role-sets. 7.4. Finding sub-optimal role-sets. 7.5. Final remarks -- 8. Measuring the meaning of roles. 8.1. Meaningful roles. 8.2. Modeling business. 8.3. Measuring the meaning of roles. 8.4. Spread indices in action. 8.5. Final remarks -- 9. Visual role mining. 9.1. Role visualization problem. 9.2. Matrix sorting algorithm. 9.3. Visual elicitation of roles. 9.4. A visual approach to role engineering. 9.5. Experimental results. 9.6. Final remarks -- 10. Splitting up the mining task. 10.1. A divide-and-conquer approach. 10.2. Complexity measures. 10.3. Similarity. 10.4. Minability. 10.5. Considerations about minability and similarity. 10.6. Conditioned indices. 10.7. Application to a real case. 10.8. Final remarks -- 11. Stable roles. 11.1. Stable assignments and stable roles. 11.2. Pruning unstable assignments. 11.3. Stability and mining complexity. 11.4. Pruning examples. 11.5. Final remarks -- 12. Imputing missing grants. 12.1. Missing values. 12.2. AB[symbol]A : Adaptive Bicluster-Based Approach. 12.3. Algorithm description. 12.4. Testing AB[symbol]A. 12.5. Final remarks -- 13. The risk of meaningless roles. 13.1. Assessing risky system configurations. 13.2. Risk model. 13.3. Risk metrics. 13.4. Analysis of a real case. 13.5. Final remarks -- 14. Ranking users and permissions. 14.1. Stability. 14.2. Framework description. 14.3. Experimental results. 14.4. Final remarks. Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Computer security. Computer networks. http://id.loc.gov/authorities/subjects/sh85029513 Ordinateurs Accès Contrôle. Sécurité informatique. Réseaux d'ordinateurs. COMPUTERS Database Management Data Mining. bisacsh Computer networks fast Computer security fast Computers Access control fast |
| subject_GND | http://id.loc.gov/authorities/subjects/sh85029553 http://id.loc.gov/authorities/subjects/sh85029513 |
| title | Role mining in business : taming role-based access control administration / |
| title_auth | Role mining in business : taming role-based access control administration / |
| title_exact_search | Role mining in business : taming role-based access control administration / |
| title_full | Role mining in business : taming role-based access control administration / Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello. |
| title_fullStr | Role mining in business : taming role-based access control administration / Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello. |
| title_full_unstemmed | Role mining in business : taming role-based access control administration / Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello. |
| title_short | Role mining in business : |
| title_sort | role mining in business taming role based access control administration |
| title_sub | taming role-based access control administration / |
| topic | Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Computer security. Computer networks. http://id.loc.gov/authorities/subjects/sh85029513 Ordinateurs Accès Contrôle. Sécurité informatique. Réseaux d'ordinateurs. COMPUTERS Database Management Data Mining. bisacsh Computer networks fast Computer security fast Computers Access control fast |
| topic_facet | Computers Access control. Computer security. Computer networks. Ordinateurs Accès Contrôle. Sécurité informatique. Réseaux d'ordinateurs. COMPUTERS Database Management Data Mining. Computer networks Computer security Computers Access control |
| work_keys_str_mv | AT colantonioalessandro rolemininginbusinesstamingrolebasedaccesscontroladministration AT dipietroroberto rolemininginbusinesstamingrolebasedaccesscontroladministration AT ocelloalberto rolemininginbusinesstamingrolebasedaccesscontroladministration |