Role based access control is well accepted as the standard best practice for access control within applications and organizations. Role engineering, the task of defining roles and associating permissions to them, is essential to realize the full benefits of the role-based access control paradigm. The essential question is how to devise a complete and correct set of roles; this depends on how you define goodness/interestingness. (When is a role good/interesting?) We formulate the role mining problem (RMP) as a Boolean matrix decomposition problem and introduce different variants of the RMP that have pragmatic implications. Formulating the problem as a Boolean matrix decomposition makes our results applicable to several other domains, including text mining, recommender systems, and knowledge discovery from databases.
Dr. Vijay Atluri received her B.Tech. in Electronics and Communications Engineering from Jawaharlal Nehru Technological University, Kakinada, India, her M.Tech. in Electronics and Communications Engineering from the Indian Institute of Technology, Kharagpur, India, and her Ph.D. in Information Technology from George Mason University, USA. She is currently a Professor of Computer Information Systems in the MSIS Department, and research director for the Center for Information Management, Integration and Connectivity (CIMIC) at Rutgers University. Dr. Atluri's research interests include Information Systems Security, Privacy, Databases, Workflow Management, Spatial Databases, Multimedia, and Distributed Systems. Currently, she serves as the Vice-chair for the ACM Special Interest Group on Security Audit and Control (SIGSAC), and chair of the IFIP WG11.3 on Data and Application Security. In 1996, she was the receipient of the National Science Foundation CAREER Award. In 1999, she received the Rutgers University Research Award for outstanding research contributions. Dr. Atluri is a senior member of the IEEE Computer Society and member of the ACM.