City Research Online

Abstract

In a rapidly changing IT environment, access to the resources involved in various projects might change randomly based on the role-based access control (RBAC) system. Hence, the security administrator needs to dynamically maintain the role assignments to users for optimizing user-role assignments. The manual updation of user-role assignments is prone to error and increases administrative workload. Therefore, a role recommendation model is introduced for the RBAC system to optimize user-role assignments based on user behaviour patterns. It is shown that the model automatically revokes and refurbishes the user-role assignments by observing user access behaviour. This model is used in the cloud for providing Role-Assignment-as-a-Service to optimize the cost of built-in roles. Several experiments are conducted to verify the proposed model using the Amazon access sample dataset. The experimental results show that the efficiency of the proposed model is 50% higher than the state-of-the-art.

Publication Type:	Article
Additional Information:	© 2020. This article has been published in Computer Communications by Elsevier, doi: https://doi.org/10.1016/j.comcom.2020.12.006. This manuscript version is made available under the CC-BY-NC-ND 4.0 license https://creativecommons.org/licenses/by-nc-nd/4.0/
Publisher Keywords:	Access control, Cloud computing, Hidden Markov model, RBAC, Role recommendation
Subjects:	Q Science > QA Mathematics > QA75 Electronic computers. Computer science T Technology > TK Electrical engineering. Electronics Nuclear engineering
Departments:	School of Science & Technology > Engineering
SWORD Depositor:	Symplectic Administrator

Export

Downloads