Mining Role Based on Permission Weight and Role Similarity

Authors

  • Xiaopu Ma, Li Zhao, Quan Liu

Abstract

In hospital information management systems, role-based access control model has become the preferred model due to its many advantages. In order to construct the role-based access control model, role engineering was proposed. However, most of these approaches don't consider the importance of each permission, furthermore, they also don't consider the similarity between the derived roles while just derive the roles. For this reason, we take into account some fundamental factors such as the different object attributes, the different operation attributes, the different user attributes and the different assignment relations between users and permissions to reflect every permission’s importance. Then we define permission’s weight based on the different attributes to reflect each permission’s importance in the system and the similarity between roles. Furthermore, we propose a two stage role generation algorithm to derive the initial roles based on the permission weight and generate the final roles based on the similarity between initial roles that can improve the generated role state accuracy simultaneously. Finally, we design corresponding experiments to prove the effectiveness of the algorithm. Objectives: Role-based access control model has become the normal model used in enterprise security information management systems. For example, it can be used in hospital information management system to prevent personal privacy and information security. This paper aims at building a RBAC system which can better reflect the system function and security requirements. Methods: We take into account some fundamental factors to reflect each permission’s importance and the similarity between roles. Results: Our algorithm based on permission weight and role similarity can cut down the role state value and the role assignment cost in some cases. Conclusions: We propose a two stage role generation algorithm to derive the initial roles based on the permission weight and generate the final roles based on the similarity between initial roles than can improve the generated role state accuracy.

Published

2020-02-29

Issue

Section

Articles