About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
CCS 2010
Workshop paper
Towards an integrated approach to role engineering
Abstract
Although role-based access control has become a preferred method to manage access control, it constitutes a significant effort to develop and maintain a role structure. Role engineering, the process of defining roles and assigning permissions and users to the roles, aims to define an accurate and complete set of roles using a variety of inputs. In this paper, we describe a unified approach to role engineering supporting a combination of different methodologies, and its partial implementation in the IBM Tivoli Role Modeling Assistant, a role engineering platform reflecting the dual importance of top-down and bottom-up data collection and analysis. Data, imported from multiple sources such as LDAP registries, human resource extracts in CSV format as well as from interviews with the organization's users and subject matter experts, can be browsed, filtered, and visualized. Roles can be created and edited manually or generated automatically from mining results. © 2010 ACM.