IIT Home Page CNR Home Page

Role Mining Over Big and Noisy Data: Theory and Some Applications

Role-Based Access Control is a widely adopted access control model. According to this model, roles are created for various job functions within the organization. The permissions required to perform certain operations are assigned to specific roles. System users, in turn, are assigned to appropriate roles based on their responsibilities and qualifications. Through role assignments they acquire the permissions to perform particular system functions. By deploying RBAC systems, organizations obtain several benefits such as simplified access control administration, improved organizational productivity, and security policy enforcement. Companies that plan to use RBAC model are usually large or medium organizations that are currently using other access control models and/or legacy systems. Despite the benefits related to RBAC, it is sometimes hard for these organizations to adopt such a model. Indeed, there is an important issue that needs to be addressed: the model must be customized to capture the needs and functions of the company. For this purpose, the role engineering discipline has been introduced.
This talk is devoted to role mining techniques, and their applications to big and noisy datasets. Most of the existing theoretical approaches cannot be directly applied to large datasets. Indeed, such algorithms have a complexity that is not linear compared to the number of users or permissions to analyze. The main drawbacks of traditional role mining tasks that are based on minimality measures are highlighted. Then, by using graph modelling, information theory tools, and machine learning algorithms we show how to reduce the role mining effort by making it practical and usable.

Short Bio
Nino Vincenzo Verde is a PhD candidate in Mathematics at "Roma Tre" University, Roma, Italy. He received the Master's Degree in Computer Science at "La Sapienza" University, Rome, Italy, in September 2007. His main interests include access control and sensors/ad-hoc network security. In particular, he is involved in the definition of new models, tools and techniques for the role engineering task in Role-Based Access Control systems. Further, he is currently working on the security of wireless and ad-hoc networks for the protection of Critical Infrastructures.

From 24/01/2012-15.00 to 24/01/2012-18.00 , Aula Seminari IIT

Speaker: Nino Vincenzo Verde, Universita' di "Roma Tre".

Responsible: Fabio Martinelli