Tutorial 1
Date/Time: Tuesday, October 5th, 2010 16:00pm - 17:30pm
Duration: 1.5 hours
Title: Role Engineering
Presenters: Ian Molloy (IBM T.J. Watson Research) AND Mario Frank (SFIT -- ETH) Abstract:
Role-based access control (RBAC) is a flexible and widely used model for access-control due to its ability to reduce administrative costs, help eliminate errors, and improve the stability and security of a system. The main hindrance to deploying an RBAC system is the high costs associated with migrating an existing access control system over to RBAC, a process known as bottom-up role engineering. This tutorial will focus on role mining, automated techniques for migrating to RBAC. We will define the role mining problem and its many variants, explain some representative approaches to solve it and describe practical measures to evaluate the quality of role mining solutions. Moreover, we will cover practical issues such as coping with noisy data as well as including business information to the role mining process ("hybrid role mining"). Results obtained from a number of real-world datasets will be presented.
Bios:Mr. Mario Frank studied physics at the Ruprecht-Karls-Universität Heidelberg and the University of Sydney. He has a broad interest in understanding and modeling all kinds of data. Since December 2007 he is working towards his PhD at the Swiss Federal Institute of Technology (ETH) in Zurich. His research concerns role mining.
Dr. Ian Molloy is currently a post-doctoral researcher at IBM TJ Watson. He received his PhD from Purdue University in 2010 where his dissertation was on the topic of role mining. His research interests are in the application of data mining and machine learning to problems in access control, security, and privacy.
Last modified: 2010-08-10 16:30:50 EDT