rmmdi: a novel framework for role mining based on the
TRANSCRIPT
Research ArticleRMMDI A Novel Framework for Role Mining Based onthe Multi-Domain Information
Wei Bai Zhisong Pan Shize Guo and Zhe Chen
Command amp Control Engineering College Army Engineering University of PLA Nanjing 210014 China
Correspondence should be addressed to Zhisong Pan hotpzshotmailcom
Received 20 November 2018 Revised 14 March 2019 Accepted 24 April 2019 Published 11 June 2019
Guest Editor Rohit Ranchal
Copyright copy 2019 Wei Bai et al This is an open access article distributed under the Creative Commons Attribution License whichpermits unrestricted use distribution and reproduction in any medium provided the original work is properly cited
Role-based access control (RBAC) is widely adopted in network security management and role mining technology has beenextensively used to automatically generate user roles from datasets in a bottom-up way However almost all role mining methodsdiscover the user roles from existing user-permission assignments which neglect the dependency relationships between userpermissions To extend the ability of role mining technology this paper proposes a novel role mining framework based on multi-domain informationThe framework estimates the similarity between different permissions based on the fundamental informationin the physical network and digital domains and attaches interdependent permissions to the same role Three simulated networkscenarios with different multi-domain configurations are used to validate the effectiveness of our methodThe experimental resultsshow that the method can not only capture the interdependent relationships between permissions but also detect user roles andpermissions more reasonably
1 Introduction
Access control is a fundamental concern in network securitymanagement Role-based access control (RBAC) has becomethe dominant model for both commercial and research fields[1 2] The key point of RBAC is to determine proper roles tocapture business needs which is named as role engineeringThere are mainly two kinds of approaches to find user rolestop-down and bottom-up The top-down approaches alwaysperform a deep analysis of business processes and identifyuser roles manually [3] while the bottom-up approachesalways discover the user roles from existing datasets automat-ically which are also named as role mining as they usuallyresort to data mining techniques [4 5]
Existing rolemining approachesmainly discover a properuser-role assignment relation 119880119860 sube 119880119878119864119877119878 times 119877119874119871119864119878 and aproper role-permission assignment relation 119875119860 sube 119877119874119871119864119878 times119875119864119877119872119878 from an existing user-permission assignment rela-tion119880119875119860 sube 119880119878119864119877119878times119875119864119877119872119878 In the process user-permissionassignments are considered to be independent Howeverconsidering a typical service authorization process users areauthorized by multiple policy control points including gatemachines firewalls or identity authentication systemsThose
systems are always configured separately andmay grant userswithmore permissions than they deserve For example userswho are authorized to enter certain space may have theopportunity to use the terminals belong to other users inthe same space users can connect the server behind thefirewall remotely to bypass the access control lists and accessunauthorized services users can use the assigned passwordsto crack similar passwords for other unauthorized servicesetc In a word if the interdependent relationships are nottaken into consideration users with certain roles would getextra permissions introducing security vulnerabilities intonetwork systems
To address the above-mentioned issues this paper pro-poses a novel rolemining framework named as RMMDI fromthe perspective of network security management Insteadof mining user roles from user-permission assignments theframework discovers user roles from the fundamental infor-mation in multiple domains including the physical domainnetwork domain and digital domain The framework isaimed at outputting a flat RBAC state that divides user per-missions into several disjoint subsets The user permissionsin one set tend to be interdependent while the permissionsin different sets tend to be independent If a permission
HindawiSecurity and Communication NetworksVolume 2019 Article ID 8085303 15 pageshttpsdoiorg10115520198085303
2 Security and Communication Networks
set is assigned to a user role a user assigned some roles isunlikely to get extra permissions assigned to other roles Assuch potential security risks involved in the user-permissionassignments process can be avoided
The rest of this paper is organized as follows In Section 2some general works are briefly reviewed Section 3 presentsthe proposed framework in detail Section 4 shows theexperimental setup and results and Section 5 presents a com-prehensive discussion At last Section 6 provides concludingremarks
2 Related Work
21 Role Mining RBAC has become a dominating model foraccess control in network security Instead of assigning per-missions to the user directly RBAC introduces the conceptof roles to make access control system more compact andcomprehensive [6] A role is defined as a collection of permis-sions The key point of RBAC is to generate proper roles Inthis process the bottom-up approach named as role mininggets muchmore attention than the top-down approach as thelatter is time-consuming and human-intensive [3]
Kuhlmann et al first proposed the concept of role miningfor finding roles from user-permission assignment data [7]Traditional role mining approaches are mainly divided intotwo classes based on their output [5 8 9] The first classis to output a prioritized list of candidate roles each ofwhich is assigned a priority value A larger priority valuemeans the role is more important or useful Complete Miner(CM) and Fast Miner (FM) are two typical algorithms of thefirst class which identify overlapping clusters by analyzingthe subset enumeration in an unsupervised way [10] Thesecond class is to output a complete RBAC state under acertain cost There are also a lot of classic algorithms inthe class for example OFFIS Role mining tool with ClusterAnalysis (ORCA) [11] Hierarchical Miner (HM) [12] GraphOptimization (GO) [13] HP Role Minimization (HPr) [14]and HP Edge Minimization (HPe) [14]
Besides those traditional role mining algorithms thereare also many important approaches that emerged in recentyears For example Frank et al proposed a probabilisticapproach to improve the role mining process by takingaccount of the business information The approach uti-lized the similarity between user-permission relations todetect exceptional assignments and wrong assignments [15]Besides entropy-based methods were used in this approachto analyze the impact of business knowledge on role mining[16] Alessandro et al presented an approach that allowedrole engineers to leverage business information In the rolemining process the access data was divided into smallersubsets from a business perspective firstly and then tradi-tional methods can be used to discover roles with businessmeanings [5] Iran et al proposed a method based on formalconcept lattices to discover roles with semantic meanings[12] as well as a method based on logistic PCA (PrincipalComponent Analysis) to eliminate data noises [17] Du Xand Change X proposed two algorithms based on artificialintelligence ie the genetic algorithm and ant colony opti-mization algorithm [18] Dong et al proposed both fast exact
and heuristic methods based on biclique network cover tominimize role number or edge number [19]
With regard to goodness measure several metrics havebeen proposed in the literature including minimizing thenumber of roles [10 20] minimizing the number of edges[13 14 19] minimizing the number of user-role assignmentand permission-role assignment relations [13] minimizingboth the number of roles and edges [21] and minimizing theadministrative cost [22]These optimization goals can be uni-formly represented by the Weighted Structural Complexity(WSC) [8 9]
Although there are a lot of effective role miningapproaches most of them neglect the relationships betweenuser permissions From the perspective of network securitymanagement user permissions are not independent A useror potential attacker may get extra permissions from thepreassigned permissions which may introduce fatal risksto network security Hence in the framework RMMDIwe model the interrelationships between user permissionsfrom multi-domain configuration information and get morereasonable user roles mitigating the vulnerabilities andstrengthening network security
22 Multi-Domain Information Modeling Traditional net-work security analysis mainly concentrates on the networkdomain with a few concerns on other domains Howeverwith the deepening of research on insider threat an increas-ing number of studies have shown that the attacker will attackthe network not only in digital ways but also through thephysical domain and social domain
The existingmethods of jointmodeling of networkmulti-domain information mainly define multi-domain informa-tion by using the formalized methods and then make infer-ence based on the logical rules to judge whether the systemcan reach the unsafe state Probst et al proposed a formalmodel for describing scenarios that span the physical anddigital domain [23 24] Kotenko et al proposed a model fordescribing attacks that use social engineering and physicalaccess based on the preconditions and postconditions ofatomic actions [25] Scott et al built a security model thatadds a spatial relationship between the elements in theambient calculus [26] Dimkov presented a security modelnamed as Portunes graph to abstract the environment of anorganization into a stratified graph which involved the infor-mation in physical digital and social domain information[27] Kammuller and Probst combined formal modeling andanalysis of infrastructures of organizationswith a sociologicalexplanation to provide a framework for insider threat analysis[28]
In this paper we take possible interaction effects amongmulti-domain permissions into consideration which are thebasis of similar permission finding and role mining based onmultiple domain information
23 Multi-View Community Detection The community is auniversal property in many complex networks which meansthat network nodes can be divided into small groups [26]Traditional community detection methods only utilize singlenetwork information And several multiview community
Security and Communication Networks 3
Basic information
acquisition
Relationship network
construction
Community detection
and role definition
Multi-domain entity information
Multi-domain relationship information
Rolepermission assignmentsUser roles
Device Perspective Service Network
Information Perspective Service Network
Multi-view Service Network
Figure 1 Role mining framework based on multi-domain information
detection methods have been proposed which utilize moreinformation and achieve better performance
Nonnegative Matrix Factorization (NMF) [29] is a clas-sic clustering method and several multi-view communitydetection methods based on NMF are proposed Akata etal proposed a method to jointly factorize multiple datamatrices through a shared coefficient matrix [30] Liu et alproposed MultiNMF that regularizes the coefficient matriceslearned from different views towards a common consensusfor clustering [31] He et al extended NMF for multiviewclustering by jointly factorizing themultiplematrices throughcoregularization [32] Pei et al proposed a nonnegativematrix tri-factorization (NMTF) based clustering frameworkwith three types of graph regularization [33] Li et al pro-posed a framework based on regularized joint nonnegativematrix factorization (RJNMF) to utilize link and contentinformation jointly to enhance the community detectionaccuracy [34]
In the framework RMMDI we use the Pairwise Coreg-ularized NMF clustering algorithm proposed in [32] tomerge the information from two service networks (views)Experiments show that it can get more information thanfrom a single view and make the role mining results morereasonable
3 Role Mining Framework Based onMulti-Domain Information
In this paper we proposed a role mining framework based onthe multi-domain information which is named as RMMDIThe framework is aimed at dividing possible user permissionsinto several disjoint subsets and assigning each subset to auser roleThen users are assigned with one ormore necessaryroles according to the permission they deserveThe structureof RMMDI is shown in Figure 1 The framework can bedivided into three modules basic information acquisitionrelationship network construction and community detectionand role definition
The basic information acquisition module obtains thenecessary basic information from the target network includ-ing multi-domain entity information and relationship infor-mation The relationship network construction module con-structs eight networks based on the obtained basic infor-mation including the intermediate networks and ultimatenetworks The community detection and role definitionmodule detects permission communities on the ultimatenetworks by a multi-view community detection method anddefines possible user roles
31 Basic Information Acquisition The basic informationacquisition module is to collect network basic informationincluding the entities and entity relationships in the physicaldomain network domain and information domain whichare the foundation of relationship network construction
311 Entity There are five kinds of entities involved in theframework ie space object service info and user
Entity space represents specific physical space such as citycampus building or room which is in the physical domainAll the space entities are represented as a set 119873119878 Entityobject is also located at the physical domain and representsnetwork device like router switch or terminal All the objectentities are represented as a set 119873119874 Entity service is in thenetwork domain and represents network service like HTTP(Hypertext Transfer Protocol) FTP (File Transfer Protocol)and Email All the service entities are represented as a set119873119881 Entity info is in the digital domain and represents theinformation like password data or digital file All the infoentities are represented as a set 119873119868 Entity user representsnetwork user All the user entities are represented as a set119873119880312 Relationships There are seven kinds of relationshipsinvolved in the framework ie spatial similarity relation-ships containment relationships service access relationshipslocal management relationships remote management rela-tionships service domination relationships and info domi-nation relationships
4 Security and Communication Networks
Spatial similarity relationships are described by thematrix119872119878119878 isin 119860119878times119878 where 119860 = 0 1 and 119878 = |119873119878|119872119878119878(119894 119895)is determined by
119872119878119878 (119894 119895) =
1 if (119894 = 119895) or u (119894 119895) + u (119895 119894) gt 1205760 otherwise
(1)
where 119906(119894 119895) is the number of users who can move fromspace 119899119904119894 to space 119899119904119895 and 120576 is the threshold value rangingfrom 0 to 2|119873119880|
Device containment relationships are described by thematrix 119872119874119878 isin 119860119874times119878 where 119860 = 0 1 119874 = |119873119874| and119878 = |119873119878|119872119874119878(119894 119895) is determined by the following
119872119874119878 (119894 119895) =
1 if object 119899119900119894 locates in space 1198991199041198950 otherwise
(2)
Service access relationships are described by the matrix119872119881119874 isin 119860119881times119874 where 119860 = 0 1 119881 = |119873119881| and 119874 = |119873119874|119872119881119874(119894 119895) is determined by the following
119872119881119874 (119894 119895)
=
1 if service 119899V119894 can be reach by device 1198991199001198950 119900119905ℎ119890119903119908119894119904119890
(3)
Local management relationships are described by thematrix 119872119874119881 119871 isin 119860119874times119881 where 119860 = 0 1 119874 = |119873119874| and119881 = |119873119881|119872119874119881 119871(119894 119895) is determined by the following
119872119874119881 119871 (i j)
=
1 if device 119899119900119894 can be managed by service 119899V119895 locally0 otherwise
(4)
Remote management relationships are described by thematrix 119872119874119881 119877 isin 119860119874times119881 where 119860 = 0 1 119874 = |119873119874| and119881 = |119873119881|119872119874119881 119877(119894 119895) is determined by the following
119872119874119881 119877 (119894 119895)
=
1 if device 119899119900119894 can be managed by service 119899V119895 remotely
0 otherwise
(5)
Service domination relationships are described by thematrix 119872119881119868 isin 119860119881times119868 where 119860 = 0 1 119881 = |119873119881| and119868 = |119873119868|119872119881119868(119894 119895) is determined by the following
119872119881119868 (119894 119895)
=
1 if the password of service 119899V119894 is 1198991198941198950 otherwise
(6)
Info domination relationships are described by thematrix119872119868119868 isin 119860119868times119868 where 119860 = 0 1 and 119868 = |119873119868| 119872119868119868(119894 119895) isdetermined by
119872119868119868 (119894 119895) =
1 if (119899119894119895 997888rarr 119899119894119894) or (119899119894119894 997888rarr 119899119894119895)0 otherwise
(7)
where symbol 119886 997888rarr 119887 indicates that information 119886 isdominated by information 119887 It means there is a service V isin119873119881 whose password is 119887 and from which the users can getinformation 11988632 RelationshipNetwork Construction Therelationship net-work construction module is to construct basic relationshipnetworks based on the obtained basic information As shownin Figure 2 there are eight networks to be constructedin total The ultimate goal of this module is to form theDevice View Service Network (DVSN) Information ViewService Network (IVSN) and Multiview Service Network(MVSN) These three ultimate networks are used in commu-nity detection and role definition Besides the three ultimatenetworks there are other five networks involved in user-rolemining which are named as LocalManagement ViewDeviceNetwork (LMVDN) Remote Management View DeviceNetwork (RMVDN) Local Information View Device Net-work (LIVDN) Remote Information View Device Network(RIVDN) and Multiview Device Network (MVDN) Thefive intermediate networks are the foundation to constructultimate networks The meanings of intermediate networksand ultimate networks are described as follows
321 Intermediate Networks The five intermediate networksare described as undirected weighted graphs whose adja-cency matrices are constructed from the seven basic relation-ship matrices
LMVDN The LMVDN represents the similarity betweendevices from a spatial (localmanagement) perspective whichmeans the devices located at similarity spaces are moresimilar than others The network is represented by theadjacencymatrix119860119874119874 119878 whose values represent the similarityof two devices The matrix is determined by the following
119860119874119874 119878 = 119872119874119878119872119878119878 (119872119874119878)119879 (8)
RMVDNThe RMVDN represents the similarity betweendevices from a remote management perspective whichmeans the devices that can be managed by similar manage-ment services are more similar than others The network isrepresented by the adjacencymatrix119860119874119874 119877 whose values rep-resent the similarity of two devicesThematrix is determinedby the following
119860119874119874 119877 = 119872119874 119881119877119872119881119874 + (119872119874 119881119877119872119881119874)119879 (9)
LIVDN The LIVDN represents the similarity betweendevices from the perspective of local management servicepassword which means the devices with similar local man-agement service password are more similar than others Thenetwork is represented by the adjacencymatrix119860119874119874 119868119871 whosevalues represent the similarity of two devices The matrix isdetermined by the following
119860119874119874 119868119871 = 119872119874119881 119871119872119881119868119872119868119868 (119872119874119881 119871119872119881119868)119879 (10)
RIVDN The RIVDN represents the similarity betweendevices from the perspective of remote management service
Security and Communication Networks 5
Local Management View Device Network
Remote ManagementView Device Network
Local Information View Device Network
Remote Information View Device Network
Multi-view DeviceNetwork
Device View Service Network
Information View Service Network
Multi-view Service Network
Spatial SimilarityRelationships
Remote ManagementRelationships
Service AccessRelationships
Local ManagementRelationships
Device ContainmentRelationships
Information DominationRelationships
Service dominationrelations
Figure 2 Relationship networks constructed in RMMDI
password which means the devices with similar remotemanagement service password are more similar than othersThe network is represented by the adjacency matrix 119860119874119874 119868119877whose values represent the similarity of two devices Thematrix is determined by the following
119860119874119874 119868119877 = 119872119874119881 119877119872119881119868119872119868119868 (119872119874119881 119877119872119881119868)119879 (11)
MVDN The MVDN represents the similarity betweendevices from multiple perspectives which merges the rela-tionships from the local management perspective and theremote management perspectiveThe network is representedby the adjacency matrix 119860119874119874 whose values represent thesimilarity of two devices The matrix is determined by
119860119874119874 = 119860119874119874 119878 sdot 119860119874119874 119868119871 + 119860119874119874 119877 sdot 119860119874119874 119868119877 (12)
where the symbol sdotmeans dot product of two matrices
322 Ultimate Networks The three ultimate networks arealso described as undirected weighted graphs whose adja-cency matrices are constructed from the seven basic relation-ship matrices and five intermediate networks
DVSN The DVSN represents the similarity of servicepermissions from a device perspective which means theservices accessed by similar devices are more similar thanothers The network is represented by the adjacency matrix119860119881119881 119863 whose values represent the similarity of two devicesThe matrix is determined by
119860119881119881 119863lowast = 119872119881119874119860119874119874 (119872119881119874)119879 (13)
119860119881119881 119863 = relationFilter (119860119881119881 119863lowast 120582) (14)
where relationFilter(119866 120582) is the function of filtering edgesfrom the original graph whose parameter 119866 is the originalgraph and 120582 is the ratio of edges to be reserved
As the matrix 119860119881119881 119863lowast is a fully connected matrix inwhich the edges with small weight have negative impacts oncommunity results we use a function relationFilter(119866 120582) tofilter the low weight edges from the network In function119903119890119897119886119905119894119900119899119865119894119897119905119890119903(119866 120582) for any node 119899 in the graph 119866 we onlyreserve the top 120582timesedgeNum(119899) edges with the largest weightIf two edges have the same weight we reserve the edgebetween the node 119899 and the neighbor node with a higherdegree
IVSN The IVSN represents the similarity of servicepermissions from an information perspective which meansthe services with a similar password are more similar thanothers The network is represented by the adjacency matrix119860119881119881 119868 whose values represent the similarity of two devicesThe matrix is determined by
119860119881119881 119868 = relationFilter (119872119881119868119860119868119868 (119872119881119868)119879 120582) (15)
where relationFilter(119866 120582) is the same edges filteringfunction in formula (14)
MVSN The MVSN represents the similarity of servicepermissions from multiple perspectives which merges thesimilarity relationships from the device perspective and theinformation perspective The network is represented by theadjacency matrix 119860119881119881 whose values represent the similarityof two devices The matrix is determined by the following
119860119881119881 = 119860119881119881 119863 + 119860119881119881 119868 (16)
6 Security and Communication Networks
Input nonnegative matrices 119860119881119881 119863 119860119881119881 119868 number of communities 119896 parameters 120582119863 120582119868 120582119863119868Output Service Community Division 119862 = c1 1198882 sdot sdot sdot 119888k(1) Initialize119882VV D ge 0119867119881119881 119863 ge 0119882VV I ge 0119867119881119881 119868 ge 0(2) While Objective function does not converge and the Number of iterations is less thanThreshold do(3) Update119867119881119881 119863 according to Formula (18)(4) Update119867119881119881 119868 according to Formula (19)(5) Update119882VV D according to Formula (20)(6) Update119882VV I according to Formula (21)(7) end while(8) Divide nodes to communities division 119862 = c1 1198882 sdot sdot sdot 119888k according to the coefficient matrix119882VV D
(9) return 119862 = c1 1198882 sdot sdot sdot 119888k
Algorithm 1 Permission community detection algorithm (PCDA)
33 Community Discovery and User-Role Definition Afterbuilding the ultimate networks services can be dividedinto community relations through multi-view clusteringalgorithm where all service permissions are divided into acommunity division119862 = 1198881 1198882 sdot sdot sdot 119888119896Then for each 119888119894 isin 119862a role can be defined correspondingly In this way all networkservice permissions can be naturally assigned to 119896 classeswhere the possible values of 119896 can be determined throughalgorithms such as maximummodule degree
In multiview service community discovery we usethe Pairwise Coregularized NMF clustering algorithm(PCoNMF) proposed in [32] which is based on regularizedjoint NMF The objective function of service communitydiscovery is formulated as follows
119869 = 120582119863100381710038171003817100381710038171003817119860119881119881 119863 minus119882119881119881 119863 (119867119881119881 119863)T100381710038171003817100381710038171003817
2
119865
+ 120582119868100381710038171003817100381710038171003817119860119881119881 119868 minus119882119881119881 119868 (119867119881119881 119868)T100381710038171003817100381710038171003817
2
119865
+ 12058211986311986810038171003817100381710038171003817119882119881119881 119863 minus119882119881119881 11986810038171003817100381710038171003817
2
119865
119904119905 119867119881119881 119863 ge 0 119867119881119881 119868 ge 0
(17)
The hypothesis behind PCoNMF is to regularize thecoefficient matrices of the different views to a commonconsensus which is then used for clustering PCoNMF alsoadopts alternating optimization to minimize the objectivefunction The optimization works as follows (1) fix the valueof 119882119881119881 119863 and 119882119881119881 119868 while minimizing 119869 over 119867119881119881 119863 and119867119881119881 119868 then (2) fix the value of 119867119881119881 119863 and 119867119881119881 119868 whileminimizing 119869over119882119881119881 119863 and119882119881119881 119868We repeat the two stepsuntil the iteration threshold is achieved
According to [32] the update rules are as follows
119867119881119881 119863 larr997888 119867119881119881 119863 sdot (119882119881119881 119863)119879119860119881119881 119863
(119882119881119881 119863)119879119882119881119881 119863119860119881119881 119863(18)
119867119881119881 119868 larr997888 119867119881119881 119868 sdot (119882119881119881 119868)119879119860119881119881 119868
(119882119881119881 119868)119879119882119881119881 119868119860119881119881 119868(19)
119882119881119881 119863 larr997888
119882119881119881 119863 sdot 120582119863119860119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119868
120582119863119882119881119881 119863119867119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119863(20)
119882119881119881 119868 larr997888
119882119881119881 119868 sdot 120582119868119860119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119863
120582119868119882119881119881 119868119867119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119868(21)
Hence the permission community detection algorithm isshown as Algorithm 1
4 Experiments and Results
In this section we evaluate our role mining method based onthemulti-domain information of a simulated network whichis the simplification of the inner network of Corporation M
41 Experiment Environment We built a simulation networkfor experiments including a router a firewall an IntrusionPrevention System (IPS) 3 switches (Switch1 Switch2 andSwitch3) 6 servers (WServer DServer FServer GServerOServer and IServer) 3 gate machines (GM1 GM2 andGM3) and 13 terminals (T1 T2 T3 T13) We used aHUAWEI S7706 as the core router three HUAWEI S5700as switches a TOPSEC NGFW 4000-UF as the firewall aTOPSEC IDP 3000 as IPS and computers from Dell and HPas the servers or terminalsThe router enabled 3-layer routingand the firewall were configured with bidirectional accesscontrol lists All the servers and terminals were installedwith different versions of Windows including Windows2003 Server Windows XP and Windows 7 We deployedan entrance guard system including 3 gate machines and aserver (GServer) The gate machines used face recognitiontechnology to determine whether a person can pass or notAn office automation system was deployed on the OServerwhose database was deployed on the DServer We alsodeployed two websites and an FTP using IIS (Internet Infor-mation Services) onWServer IServer and FServer Similarlythe websites depended on the same database deployed on
Security and Communication Networks 7
T1
T8
Switch1Firewall Switch 3
Database Server(DServer)
Web Server(WServer)
Ftp Server(FServer)
IPS
Gate Server(GServer)
OA Server(OServer)
Inner Web Server(IServer)
Gate Machine1Gate Machine3(GM1)
(GM3)
T7
Gate Machine2(GM2)
T13
Building 2
Building 3Building 1
Router
Figure 3 An example network
DServer The physical link relationships among devices areshown in Figure 3
All the devices are distributed in 12 rooms in 3 buildings10 devices are located in building 1 terminal T1 T2 andT3 arein room 1-1 T4 and T5 are in room 1-4 T6 and T7 are in room1-5 Switch1 is in room 1-2 and GM1 is in the hall of building1 (room 1-3) 8 devices are located in building 2 terminals T8and T9 are in room 2-1 T10 and T11 are in room 2-4 T12 andT13 are in room 2-5 Switch2 is in room 2-2 and GM2 is inthe hall of building 2 (room 2-3) 10 devices are located inbuilding 3 router firewall IPS Switch3 and all servers are inroom 3-1 and GM3 is in the hall of building 3 (room 3-2)
There were 34 services in the network including 28management services and 6 business services The manage-ment services were used for device management while thebusiness services were used for corporation business Eachdevice was managed by a management service The routerand switches enabled SSH service The servers and terminalsenabled the Remote Desktop Service In addition the gatemachines enabled web-based management interfaces Thewebsite deployed on WServer provided a web service onport 80 named as WS W which was used to publish publicinformationThe FServer provided an FTP service on port 21named as FS Fwhichwas used byNetworkAdministrators toshare informationTheGServer provided a data transmissionservice on port 8080 named as GS T which was usedto synchronize data between GM machine and GServerThe OServer provided a web service on port 80 named asOS W which was used to document circulation for all usersThe IServer provided a web service on port 80 named asIS W which was used by Server Administrators to shareinformationTheDServer provided a database service on port
1433 named as DS D which was used to provide underlyingsupport for WS W OS W and IS W
There were 33 passwords in the analysis Each serviceexcept for WS W and OS W has a password Besides119873119880119871119871 was added to represent the empty password All theinformation involved is shown in Table 1
There were 13 users involved in analysis named fromUser1 to User13 who used terminals T1 to T13 and knewpasswords T1 M P to T13 M P respectively Using the top-down approaches the network security administrators hadgotten 5 user roles for the business information which werenamed as Ordinary User Server Administrator DatabaseAdministrator NetworkAdministrator and Security Admin-istratorThe role-permission assignments are listed in Table 2
42 Baseline Methods To demonstrate the effectiveness ofour method we compare our approach with two groups ofbaselines The first group comprises 5 clustering methods 2single view methods and 3 multiview methods The secondgroup comprises 4 traditional role mining methods ORCA(OFFIS Role mining tool with Cluster Analysis) CM (Com-plete Miner) HPr (HP Role Minimization) and HPe (HPEdge Minimization)
421 Clustering Methods SP (Spectral Clustering) SP [35] isa classical single view clustering algorithm which makes useof the eigenvalues of the data similarity matrix to performdimensionality reduction before clustering in fewer dimen-sionsThe similaritymatrix is provided as an input consistingof a quantitative assessment of the relative similarity of eachpair of points in the dataset
SymNMF SymNMF [36] is a clustering algorithm basedon NMF which takes a nonnegative and symmetric matrix as
8 Security and Communication Networks
Table 1 Device related information
Device Location Services Password Device Location Services PasswordT1 R1-1 T1 M T1 M P GM2 R2-3 G2 M G2 M PT2 R1-1 T2 M T2 M P GM3 R3-2 G3 M G3 M PT3 R1-1 T3 M T3 M P Switch1 R1-2 S1 M S1 M PT4 R1-4 T4 M T4 M P Switch2 R2-2 S2 M S2 M PT5 R1-4 T5 M T5 M P Switch3 R3-1 S3 M S3 M PT6 R1-5 T6 M T6 M P Router R3-1 R M R M PT7 R1-5 T7 M T7 M P Firewall R3-1 F M F M PT8 R2-1 T8 M T8 M P IPS R3-1 IPS M IPS M P
T9 R2-1 T9 M T9 M P WServer R3-1 WS W - -WS M WS M P
T10 R2-4 T10 M T10 M P DServer R3-1 DS D DS D PDS M DS M P
T11 R2-4 T11 M T11 M P FServer R3-1 FS F FS F PFS M FS M P
T12 R2-5 T12 M T12 M P GServer R3-1 GS T GS T PGS M GS M P
T13 R2-5 T13 M T13 M P OServer R3-1 OS W ndashOS M OS M P
GM1 R1-3 G1 M G1 M P IServer R3-1 IS W IS W PIS M IS M P
Table 2 User role-permission assignments by top-down methods
Roles Service PermissionsOrdinary User WS W OS WServer Administrator WS M FS M GS M OS M IS M DS M IS WDatabase Administrator DS DNetwork Administrator S1 M S2 MS3 M R M FS FSecurity Administrator F M IPS M G1 M G2 M G3 M GS T
an input The matrix contains pairwise similarity values of asimilarity graph and is approximated by a lower rank matrixinstead of the product of two lower rank matrices
PCoSpec (Pairwise Coregularized Spectral clustering)and CCoSpec (Center-wise Coregularized Spectral cluster-ing) Two coregularization schemes are adopted in spec-tral clustering framework [37] PCoSpec utilizes a pairwisecoregularization to enforce the eigenvectors of each pairto be similar and CCoSpec employs the centroid-basedcoregularization to enforce the eigenvectors to be similar witha common center
CCoNMF (Cluster-wise Coregularized NMF clustering)CCoNMF extends NMF for multiview clustering by jointlyfactorizing the multiple matrices through cluster-wise coreg-ularization [32] which enforces the cluster similarity matri-ces to be similar
RMSC (Robust Multiview Spectral Clustering) RMSC[38] is a multiview spectral clustering method based onMarkov chain which explicitly handles the possible noise inthe transition probability matrices associated with differentviews
422Mining BaselineMethods ORCAORCA [11] is the firstrole mining algorithm which uses the hierarchical clusteringtechnology to discover user rolesThe algorithm defines each
permission as an initial cluster first then merges the clustersand forms a role hierarchy
Complete Miner (CM) CM [10] is another classic rolemining algorithm proposed in 2006 It starts by creating aninitial set of roles for the distinct user-permission sets thencomputes all possible intersection sets of the initial roles andoutputs a list of candidate roles
HP Role Minimization and HP Edge Minimization HPRole Minimization (HPr) and HP Edge Minimization (HPe)[14] are the role mining algorithms based on minimumbiclique coverage HPr tries to find a minimal set of roles thatoverride the user-permission assignment relationship whileHPe uses a heuristic method to find the smallest number ofedges of an RBAC system
43 Experiments Setup
431 Scenarios Construction To validate our frameworkand method we built 3 scenarios named as Scenario1 (S1)Scenario2 (S2) and Scenario3 (S3) based on the basic exper-imental environment shown in Figure 3 and assigned usersone ormore user roles which is shown in Table 3We can findout that each user in S1 was assigned only 1 user role whilethey were assigned 2 user roles in S2 In S3 users working
Security and Communication Networks 9
Table 3 User-role assignments in different scenario
Scenario OrdinaryUser
ServerAdministrator
DatabaseAdministrator
NetworkAdministrator
SecurityAdministrator
S1 User1 User2User3 User4 User5 User6 User7 User8 User9
User10User11 User12 User13
S2 All Users User7 User8 User11 User12User13 User4 User5 User9 User10
S3
User1 User2User5 User6
User9User10User13
User4 User7 User8 User11 User12
in one roommay be assigned different user roles which mayintroduce more vulnerabilities to network security
For each scenario we first configured the gate machinesand firewall according to Tables 2 and 3 Spatial accesscontrol lists were added on gate machines making usershave physical access to devices they managed or used whilenetwork access control lists were added on the firewallmaking the terminals have network access to the targetservices
It should be noted that there were potential conflictsamong multi-domain configurations on the semantic levelTake the user User4 in S1 as example User4 was a ServerAdministrator and should not access service DS M and thefirewall had forbidden T4 to access service DS D directlybut T4 was permitted to access service WS M and therewas no firewall between WServer and DServer Thus User4can use T4 to log in WServer remotely first and then accessservice DS D (he can get the password DS D P from theconfiguration files on WServer) This is a typical semanticconflict between the network access control lists Similarlyas User4 had the ability to access DS D physically by enteringthe room 3-1 there is another conflict between the networkaccess control list and the spatial access control list Thoseconflicts may result in extra permissions for users
Then we extracted basic information from the networkand established the necessary relationshipmatrices Note thatthere were 16 space entities 28 object entities 34 serviceentities 32 information entities and 13 user entities in allthe 3 scenarios The relationship matrices 119872119874119878 isin R28times16119872119881119868 isin R34times32119872119874119881 119871 isin R28times34 and119872119874119881 119877 isin R28times34 werethe same in all three scenarios where |119872119874119878|0 = |119872119874119881 119871|0 =|119872119874119881 119877|0 = 28 and |119872119881119868|0 = 34 The matrices 119872119878119878 isinR16times16 and119872119881119874 isin R34times28 varied from scenario to scenariodepending on the configurations of gate machines or firewallFor each space pair (S1 S2) we counted the users who canmove from S1 to S2 under each scenario and set the parameter120576 = 14when constructing thematrix119872119878119878The results showedthat |119872119878119878|0 = 46 in S1 |119872119878119878|0 = 46 in S2 and |119872119878119878|0 = 42in S3 We used the scanner NMAP to get the accessibilityrelationships between devices and services establishing thematrix 119872119881119874 The results showed that |119872119881119874|0 = 549 in S1|119872119881119874|0 = 566 in S2 and |119872119878119878|0 = 548 in S3
Finally we detected the user roles by RMMDI and com-pared the results with the two groups of baseline methods
On the one hand we performed the role mining baselinemethods based on the user-permission assignment (UPA)matrices constructed from the firewall configurations andcompared the results with RMMDI On the other hand westudied the best parameters for each clustering method andthen compared the effectiveness of RMMDI with the clus-tering baseline methods Accuracy and normalized mutualinformation (NMI) [31ndash33 36] were adopted to evaluate thecommunity detection effectiveness of different parameterswhose values both range from 0 to 1 and a higher valuemeans better effectiveness We calculated the accuracy andNMI of different clustering methods with ground truth afterstudying the best parameters for each clustering method Inthe experiments we constructed two ground truthsmanuallyIn one ground truth we divided 21 service permissionsinto 5 roles according to Table 2 In the other groundtruth we combined the roles ldquoDatabase Administratorrdquo withldquoServer Administratorrdquo and classified 21 service permissionsinto 4 roles For one community detection result we com-pared it with the two ground truths and calculated metricsseparately
44 Result
441 Role Mining Results Firstly we performed the baselinerole mining methods based on the firewall configurationsAs the firewall only conducted the network access controllists it can only reflect the accessibility between devices andservices Since each terminal was assigned to a user we canget the 3 different UPA matrices from it As we wanted tofind disjoint service subnets we used 119882 = ⟨1 1 1infininfin⟩as the optimization objective In order to save space only thepermission divisions are shown in Table 4 We found that thepermission divisionswere almost the same as those in Table 2whichmeant that the role miningmethods can find no errorsfrom the top-down approach
Then we also performed the RMMDI on all scenarioswith the role number 119896 = 5100 times for each scenario Themajority of the results were different from the result shownin Table 2 The most frequent result (222 in 300 times) islisted as Table 5 Comparing with Table 2 we counted thenumber of inconsistent classification results of each serviceAll 18 services were classified inconsistently for 572 timesin total And the top 2 services with the most inconsistent
10 Security and Communication Networks
Table 4 Role mining results of baselines on all scenarios
Scenario Method Role Permissions
S1
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
S2 HPr
Role1 WS W OS W
Role2 WS W OS W WS M FS MGS M OS M IS M DS M IS W
Role3 WS W OS W DS D
Role4 WS W OS W S1 M S2 MS3 M R M FS F
Role5 WS W OS W F M IPS M GS T
S2
ORCACMHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 WS W OS W DS DRole4 S1 M S2 M S3 M R M FS FRole5 F M IPS M GS T
S3
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
Table 5 The most common result of RMMDI when k=5
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 GS TRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M
classification times were DS D (282 times) and GS T (258times)
Finally we changed the role number 119896 = 4 and performedthe experiments 100 times under each scenario The mostcommon results are shown in Table 6
442 Parameter Study Results We studied the parametersused in RMMDI as well as the baseline clustering methodsWe performed a series of experiments for a series of differentparameters and tried to find out the optimal parameters Theexperiments were conducted under S2 with role number 119896 =4
We first studied the parameters used in baseline meth-ods including 120582119901 119904119901119890119888 in PCoSpec 120582119888 119904119901119890119888 119863 and 120582119888 119904119901119890119888 119868 inCCoSpec and 120582119903119898119904119888 in RMSC With each parameter we set120582 = 005 and studied 30 different values between 0005 and100 When 120582119901 119904119901119890119888 = 015 120582119888 119904119901119890119888 119863 = 8 120582119888 119904119901119890119888 119868 = 1 and
120582119903119898119904119888 = 015 the methods had relatively better effectivenesson the dataset
Then we studied the parameters in PCoNMF andCCoNMF There are 3 parameters 120582119863 120582119868 and 120582119863119868 120582119863 and120582119868 represent the weights of view 119860119881119881 119863 and 119860119881119881 119868 while 120582119863119868is the regularization parameter We studied 27 different ratiosof 120582119863 to 120582119868 between 10 and 002 as well as 10 different valuesof 120582119863119868 between 01 and 10 The experiments were conducted50 times for each pair The results are shown in Figures 4and 5 We found that the parameters 120582119863 and 120582119868 had littleimpact on both the accuracy and NMI when 120582119863120582119868 lt 1 and05 lt 120582119863119868 lt 15 so we used 120582119863 = 1 120582119868 = 3 and 120582119863119868 = 09in the study of 120582 and the clustering experiments shown inSection 443
Finally we studied the parameter 120582 used in RMMDI Weperformed an experiment with a series of 120582 from 005 to 1with step size 05 and observed their impacts on the clustering
Security and Communication Networks 11
Table 6 The most common result of RMMDI when k=4
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 S1 M S2 MS3 M R M FS FRole4 F M IPS M GS T
06
065
07
075
08
085
09
501 401 301 201 151 101 91 71 51 31 11 12 13 15 17 19 115 120 125 130 140 150
PCoNMF_ACCPCoNMF_NMICCoNMF_NMICCoNMF_ACC
Figure 4 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863120582119868
effectiveness (shown in Figure 6) The other parameters wereset as mentioned in the previous paragraph
We found that the curves showed a downward trend inwhole and the accuracy and NMI got greater values when 120582was around 03 which was used for the experiments shownin Section 443
443 Clustering Results We also conducted experiments tocompare the effectiveness of RMMDI with the clusteringbaseline methods We performed all algorithms 200 times oneach scenario and compared results with the ground truthshown in Table 4 All the other parameters were set as theoptimal values mentioned in Section 442 The results arelisted in Tables 7ndash9 in which the results of SP and SymNMF
were the larger result of 3 different inputs 119860119881119881 119860119881119881 119863 and119860119881119881 119868 Most of those values were from the input 119860119881119881 119868
5 Discussion
Wepropose a novel user role framework which uses multipledomain information to mine user roles other than thepreassigned user-permission assignment matrix
It is proved that the framework is suitable for role miningFor the three scenarios used in the experiment different usersare assigned to different user roles One user may be assignedone or more user roles and one user role may be assigned toseveral users For the results listed in Tables 7 and 8 we canfind that the accuracy of the proposed framework is greater
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
2 Security and Communication Networks
set is assigned to a user role a user assigned some roles isunlikely to get extra permissions assigned to other roles Assuch potential security risks involved in the user-permissionassignments process can be avoided
The rest of this paper is organized as follows In Section 2some general works are briefly reviewed Section 3 presentsthe proposed framework in detail Section 4 shows theexperimental setup and results and Section 5 presents a com-prehensive discussion At last Section 6 provides concludingremarks
2 Related Work
21 Role Mining RBAC has become a dominating model foraccess control in network security Instead of assigning per-missions to the user directly RBAC introduces the conceptof roles to make access control system more compact andcomprehensive [6] A role is defined as a collection of permis-sions The key point of RBAC is to generate proper roles Inthis process the bottom-up approach named as role mininggets muchmore attention than the top-down approach as thelatter is time-consuming and human-intensive [3]
Kuhlmann et al first proposed the concept of role miningfor finding roles from user-permission assignment data [7]Traditional role mining approaches are mainly divided intotwo classes based on their output [5 8 9] The first classis to output a prioritized list of candidate roles each ofwhich is assigned a priority value A larger priority valuemeans the role is more important or useful Complete Miner(CM) and Fast Miner (FM) are two typical algorithms of thefirst class which identify overlapping clusters by analyzingthe subset enumeration in an unsupervised way [10] Thesecond class is to output a complete RBAC state under acertain cost There are also a lot of classic algorithms inthe class for example OFFIS Role mining tool with ClusterAnalysis (ORCA) [11] Hierarchical Miner (HM) [12] GraphOptimization (GO) [13] HP Role Minimization (HPr) [14]and HP Edge Minimization (HPe) [14]
Besides those traditional role mining algorithms thereare also many important approaches that emerged in recentyears For example Frank et al proposed a probabilisticapproach to improve the role mining process by takingaccount of the business information The approach uti-lized the similarity between user-permission relations todetect exceptional assignments and wrong assignments [15]Besides entropy-based methods were used in this approachto analyze the impact of business knowledge on role mining[16] Alessandro et al presented an approach that allowedrole engineers to leverage business information In the rolemining process the access data was divided into smallersubsets from a business perspective firstly and then tradi-tional methods can be used to discover roles with businessmeanings [5] Iran et al proposed a method based on formalconcept lattices to discover roles with semantic meanings[12] as well as a method based on logistic PCA (PrincipalComponent Analysis) to eliminate data noises [17] Du Xand Change X proposed two algorithms based on artificialintelligence ie the genetic algorithm and ant colony opti-mization algorithm [18] Dong et al proposed both fast exact
and heuristic methods based on biclique network cover tominimize role number or edge number [19]
With regard to goodness measure several metrics havebeen proposed in the literature including minimizing thenumber of roles [10 20] minimizing the number of edges[13 14 19] minimizing the number of user-role assignmentand permission-role assignment relations [13] minimizingboth the number of roles and edges [21] and minimizing theadministrative cost [22]These optimization goals can be uni-formly represented by the Weighted Structural Complexity(WSC) [8 9]
Although there are a lot of effective role miningapproaches most of them neglect the relationships betweenuser permissions From the perspective of network securitymanagement user permissions are not independent A useror potential attacker may get extra permissions from thepreassigned permissions which may introduce fatal risksto network security Hence in the framework RMMDIwe model the interrelationships between user permissionsfrom multi-domain configuration information and get morereasonable user roles mitigating the vulnerabilities andstrengthening network security
22 Multi-Domain Information Modeling Traditional net-work security analysis mainly concentrates on the networkdomain with a few concerns on other domains Howeverwith the deepening of research on insider threat an increas-ing number of studies have shown that the attacker will attackthe network not only in digital ways but also through thephysical domain and social domain
The existingmethods of jointmodeling of networkmulti-domain information mainly define multi-domain informa-tion by using the formalized methods and then make infer-ence based on the logical rules to judge whether the systemcan reach the unsafe state Probst et al proposed a formalmodel for describing scenarios that span the physical anddigital domain [23 24] Kotenko et al proposed a model fordescribing attacks that use social engineering and physicalaccess based on the preconditions and postconditions ofatomic actions [25] Scott et al built a security model thatadds a spatial relationship between the elements in theambient calculus [26] Dimkov presented a security modelnamed as Portunes graph to abstract the environment of anorganization into a stratified graph which involved the infor-mation in physical digital and social domain information[27] Kammuller and Probst combined formal modeling andanalysis of infrastructures of organizationswith a sociologicalexplanation to provide a framework for insider threat analysis[28]
In this paper we take possible interaction effects amongmulti-domain permissions into consideration which are thebasis of similar permission finding and role mining based onmultiple domain information
23 Multi-View Community Detection The community is auniversal property in many complex networks which meansthat network nodes can be divided into small groups [26]Traditional community detection methods only utilize singlenetwork information And several multiview community
Security and Communication Networks 3
Basic information
acquisition
Relationship network
construction
Community detection
and role definition
Multi-domain entity information
Multi-domain relationship information
Rolepermission assignmentsUser roles
Device Perspective Service Network
Information Perspective Service Network
Multi-view Service Network
Figure 1 Role mining framework based on multi-domain information
detection methods have been proposed which utilize moreinformation and achieve better performance
Nonnegative Matrix Factorization (NMF) [29] is a clas-sic clustering method and several multi-view communitydetection methods based on NMF are proposed Akata etal proposed a method to jointly factorize multiple datamatrices through a shared coefficient matrix [30] Liu et alproposed MultiNMF that regularizes the coefficient matriceslearned from different views towards a common consensusfor clustering [31] He et al extended NMF for multiviewclustering by jointly factorizing themultiplematrices throughcoregularization [32] Pei et al proposed a nonnegativematrix tri-factorization (NMTF) based clustering frameworkwith three types of graph regularization [33] Li et al pro-posed a framework based on regularized joint nonnegativematrix factorization (RJNMF) to utilize link and contentinformation jointly to enhance the community detectionaccuracy [34]
In the framework RMMDI we use the Pairwise Coreg-ularized NMF clustering algorithm proposed in [32] tomerge the information from two service networks (views)Experiments show that it can get more information thanfrom a single view and make the role mining results morereasonable
3 Role Mining Framework Based onMulti-Domain Information
In this paper we proposed a role mining framework based onthe multi-domain information which is named as RMMDIThe framework is aimed at dividing possible user permissionsinto several disjoint subsets and assigning each subset to auser roleThen users are assigned with one ormore necessaryroles according to the permission they deserveThe structureof RMMDI is shown in Figure 1 The framework can bedivided into three modules basic information acquisitionrelationship network construction and community detectionand role definition
The basic information acquisition module obtains thenecessary basic information from the target network includ-ing multi-domain entity information and relationship infor-mation The relationship network construction module con-structs eight networks based on the obtained basic infor-mation including the intermediate networks and ultimatenetworks The community detection and role definitionmodule detects permission communities on the ultimatenetworks by a multi-view community detection method anddefines possible user roles
31 Basic Information Acquisition The basic informationacquisition module is to collect network basic informationincluding the entities and entity relationships in the physicaldomain network domain and information domain whichare the foundation of relationship network construction
311 Entity There are five kinds of entities involved in theframework ie space object service info and user
Entity space represents specific physical space such as citycampus building or room which is in the physical domainAll the space entities are represented as a set 119873119878 Entityobject is also located at the physical domain and representsnetwork device like router switch or terminal All the objectentities are represented as a set 119873119874 Entity service is in thenetwork domain and represents network service like HTTP(Hypertext Transfer Protocol) FTP (File Transfer Protocol)and Email All the service entities are represented as a set119873119881 Entity info is in the digital domain and represents theinformation like password data or digital file All the infoentities are represented as a set 119873119868 Entity user representsnetwork user All the user entities are represented as a set119873119880312 Relationships There are seven kinds of relationshipsinvolved in the framework ie spatial similarity relation-ships containment relationships service access relationshipslocal management relationships remote management rela-tionships service domination relationships and info domi-nation relationships
4 Security and Communication Networks
Spatial similarity relationships are described by thematrix119872119878119878 isin 119860119878times119878 where 119860 = 0 1 and 119878 = |119873119878|119872119878119878(119894 119895)is determined by
119872119878119878 (119894 119895) =
1 if (119894 = 119895) or u (119894 119895) + u (119895 119894) gt 1205760 otherwise
(1)
where 119906(119894 119895) is the number of users who can move fromspace 119899119904119894 to space 119899119904119895 and 120576 is the threshold value rangingfrom 0 to 2|119873119880|
Device containment relationships are described by thematrix 119872119874119878 isin 119860119874times119878 where 119860 = 0 1 119874 = |119873119874| and119878 = |119873119878|119872119874119878(119894 119895) is determined by the following
119872119874119878 (119894 119895) =
1 if object 119899119900119894 locates in space 1198991199041198950 otherwise
(2)
Service access relationships are described by the matrix119872119881119874 isin 119860119881times119874 where 119860 = 0 1 119881 = |119873119881| and 119874 = |119873119874|119872119881119874(119894 119895) is determined by the following
119872119881119874 (119894 119895)
=
1 if service 119899V119894 can be reach by device 1198991199001198950 119900119905ℎ119890119903119908119894119904119890
(3)
Local management relationships are described by thematrix 119872119874119881 119871 isin 119860119874times119881 where 119860 = 0 1 119874 = |119873119874| and119881 = |119873119881|119872119874119881 119871(119894 119895) is determined by the following
119872119874119881 119871 (i j)
=
1 if device 119899119900119894 can be managed by service 119899V119895 locally0 otherwise
(4)
Remote management relationships are described by thematrix 119872119874119881 119877 isin 119860119874times119881 where 119860 = 0 1 119874 = |119873119874| and119881 = |119873119881|119872119874119881 119877(119894 119895) is determined by the following
119872119874119881 119877 (119894 119895)
=
1 if device 119899119900119894 can be managed by service 119899V119895 remotely
0 otherwise
(5)
Service domination relationships are described by thematrix 119872119881119868 isin 119860119881times119868 where 119860 = 0 1 119881 = |119873119881| and119868 = |119873119868|119872119881119868(119894 119895) is determined by the following
119872119881119868 (119894 119895)
=
1 if the password of service 119899V119894 is 1198991198941198950 otherwise
(6)
Info domination relationships are described by thematrix119872119868119868 isin 119860119868times119868 where 119860 = 0 1 and 119868 = |119873119868| 119872119868119868(119894 119895) isdetermined by
119872119868119868 (119894 119895) =
1 if (119899119894119895 997888rarr 119899119894119894) or (119899119894119894 997888rarr 119899119894119895)0 otherwise
(7)
where symbol 119886 997888rarr 119887 indicates that information 119886 isdominated by information 119887 It means there is a service V isin119873119881 whose password is 119887 and from which the users can getinformation 11988632 RelationshipNetwork Construction Therelationship net-work construction module is to construct basic relationshipnetworks based on the obtained basic information As shownin Figure 2 there are eight networks to be constructedin total The ultimate goal of this module is to form theDevice View Service Network (DVSN) Information ViewService Network (IVSN) and Multiview Service Network(MVSN) These three ultimate networks are used in commu-nity detection and role definition Besides the three ultimatenetworks there are other five networks involved in user-rolemining which are named as LocalManagement ViewDeviceNetwork (LMVDN) Remote Management View DeviceNetwork (RMVDN) Local Information View Device Net-work (LIVDN) Remote Information View Device Network(RIVDN) and Multiview Device Network (MVDN) Thefive intermediate networks are the foundation to constructultimate networks The meanings of intermediate networksand ultimate networks are described as follows
321 Intermediate Networks The five intermediate networksare described as undirected weighted graphs whose adja-cency matrices are constructed from the seven basic relation-ship matrices
LMVDN The LMVDN represents the similarity betweendevices from a spatial (localmanagement) perspective whichmeans the devices located at similarity spaces are moresimilar than others The network is represented by theadjacencymatrix119860119874119874 119878 whose values represent the similarityof two devices The matrix is determined by the following
119860119874119874 119878 = 119872119874119878119872119878119878 (119872119874119878)119879 (8)
RMVDNThe RMVDN represents the similarity betweendevices from a remote management perspective whichmeans the devices that can be managed by similar manage-ment services are more similar than others The network isrepresented by the adjacencymatrix119860119874119874 119877 whose values rep-resent the similarity of two devicesThematrix is determinedby the following
119860119874119874 119877 = 119872119874 119881119877119872119881119874 + (119872119874 119881119877119872119881119874)119879 (9)
LIVDN The LIVDN represents the similarity betweendevices from the perspective of local management servicepassword which means the devices with similar local man-agement service password are more similar than others Thenetwork is represented by the adjacencymatrix119860119874119874 119868119871 whosevalues represent the similarity of two devices The matrix isdetermined by the following
119860119874119874 119868119871 = 119872119874119881 119871119872119881119868119872119868119868 (119872119874119881 119871119872119881119868)119879 (10)
RIVDN The RIVDN represents the similarity betweendevices from the perspective of remote management service
Security and Communication Networks 5
Local Management View Device Network
Remote ManagementView Device Network
Local Information View Device Network
Remote Information View Device Network
Multi-view DeviceNetwork
Device View Service Network
Information View Service Network
Multi-view Service Network
Spatial SimilarityRelationships
Remote ManagementRelationships
Service AccessRelationships
Local ManagementRelationships
Device ContainmentRelationships
Information DominationRelationships
Service dominationrelations
Figure 2 Relationship networks constructed in RMMDI
password which means the devices with similar remotemanagement service password are more similar than othersThe network is represented by the adjacency matrix 119860119874119874 119868119877whose values represent the similarity of two devices Thematrix is determined by the following
119860119874119874 119868119877 = 119872119874119881 119877119872119881119868119872119868119868 (119872119874119881 119877119872119881119868)119879 (11)
MVDN The MVDN represents the similarity betweendevices from multiple perspectives which merges the rela-tionships from the local management perspective and theremote management perspectiveThe network is representedby the adjacency matrix 119860119874119874 whose values represent thesimilarity of two devices The matrix is determined by
119860119874119874 = 119860119874119874 119878 sdot 119860119874119874 119868119871 + 119860119874119874 119877 sdot 119860119874119874 119868119877 (12)
where the symbol sdotmeans dot product of two matrices
322 Ultimate Networks The three ultimate networks arealso described as undirected weighted graphs whose adja-cency matrices are constructed from the seven basic relation-ship matrices and five intermediate networks
DVSN The DVSN represents the similarity of servicepermissions from a device perspective which means theservices accessed by similar devices are more similar thanothers The network is represented by the adjacency matrix119860119881119881 119863 whose values represent the similarity of two devicesThe matrix is determined by
119860119881119881 119863lowast = 119872119881119874119860119874119874 (119872119881119874)119879 (13)
119860119881119881 119863 = relationFilter (119860119881119881 119863lowast 120582) (14)
where relationFilter(119866 120582) is the function of filtering edgesfrom the original graph whose parameter 119866 is the originalgraph and 120582 is the ratio of edges to be reserved
As the matrix 119860119881119881 119863lowast is a fully connected matrix inwhich the edges with small weight have negative impacts oncommunity results we use a function relationFilter(119866 120582) tofilter the low weight edges from the network In function119903119890119897119886119905119894119900119899119865119894119897119905119890119903(119866 120582) for any node 119899 in the graph 119866 we onlyreserve the top 120582timesedgeNum(119899) edges with the largest weightIf two edges have the same weight we reserve the edgebetween the node 119899 and the neighbor node with a higherdegree
IVSN The IVSN represents the similarity of servicepermissions from an information perspective which meansthe services with a similar password are more similar thanothers The network is represented by the adjacency matrix119860119881119881 119868 whose values represent the similarity of two devicesThe matrix is determined by
119860119881119881 119868 = relationFilter (119872119881119868119860119868119868 (119872119881119868)119879 120582) (15)
where relationFilter(119866 120582) is the same edges filteringfunction in formula (14)
MVSN The MVSN represents the similarity of servicepermissions from multiple perspectives which merges thesimilarity relationships from the device perspective and theinformation perspective The network is represented by theadjacency matrix 119860119881119881 whose values represent the similarityof two devices The matrix is determined by the following
119860119881119881 = 119860119881119881 119863 + 119860119881119881 119868 (16)
6 Security and Communication Networks
Input nonnegative matrices 119860119881119881 119863 119860119881119881 119868 number of communities 119896 parameters 120582119863 120582119868 120582119863119868Output Service Community Division 119862 = c1 1198882 sdot sdot sdot 119888k(1) Initialize119882VV D ge 0119867119881119881 119863 ge 0119882VV I ge 0119867119881119881 119868 ge 0(2) While Objective function does not converge and the Number of iterations is less thanThreshold do(3) Update119867119881119881 119863 according to Formula (18)(4) Update119867119881119881 119868 according to Formula (19)(5) Update119882VV D according to Formula (20)(6) Update119882VV I according to Formula (21)(7) end while(8) Divide nodes to communities division 119862 = c1 1198882 sdot sdot sdot 119888k according to the coefficient matrix119882VV D
(9) return 119862 = c1 1198882 sdot sdot sdot 119888k
Algorithm 1 Permission community detection algorithm (PCDA)
33 Community Discovery and User-Role Definition Afterbuilding the ultimate networks services can be dividedinto community relations through multi-view clusteringalgorithm where all service permissions are divided into acommunity division119862 = 1198881 1198882 sdot sdot sdot 119888119896Then for each 119888119894 isin 119862a role can be defined correspondingly In this way all networkservice permissions can be naturally assigned to 119896 classeswhere the possible values of 119896 can be determined throughalgorithms such as maximummodule degree
In multiview service community discovery we usethe Pairwise Coregularized NMF clustering algorithm(PCoNMF) proposed in [32] which is based on regularizedjoint NMF The objective function of service communitydiscovery is formulated as follows
119869 = 120582119863100381710038171003817100381710038171003817119860119881119881 119863 minus119882119881119881 119863 (119867119881119881 119863)T100381710038171003817100381710038171003817
2
119865
+ 120582119868100381710038171003817100381710038171003817119860119881119881 119868 minus119882119881119881 119868 (119867119881119881 119868)T100381710038171003817100381710038171003817
2
119865
+ 12058211986311986810038171003817100381710038171003817119882119881119881 119863 minus119882119881119881 11986810038171003817100381710038171003817
2
119865
119904119905 119867119881119881 119863 ge 0 119867119881119881 119868 ge 0
(17)
The hypothesis behind PCoNMF is to regularize thecoefficient matrices of the different views to a commonconsensus which is then used for clustering PCoNMF alsoadopts alternating optimization to minimize the objectivefunction The optimization works as follows (1) fix the valueof 119882119881119881 119863 and 119882119881119881 119868 while minimizing 119869 over 119867119881119881 119863 and119867119881119881 119868 then (2) fix the value of 119867119881119881 119863 and 119867119881119881 119868 whileminimizing 119869over119882119881119881 119863 and119882119881119881 119868We repeat the two stepsuntil the iteration threshold is achieved
According to [32] the update rules are as follows
119867119881119881 119863 larr997888 119867119881119881 119863 sdot (119882119881119881 119863)119879119860119881119881 119863
(119882119881119881 119863)119879119882119881119881 119863119860119881119881 119863(18)
119867119881119881 119868 larr997888 119867119881119881 119868 sdot (119882119881119881 119868)119879119860119881119881 119868
(119882119881119881 119868)119879119882119881119881 119868119860119881119881 119868(19)
119882119881119881 119863 larr997888
119882119881119881 119863 sdot 120582119863119860119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119868
120582119863119882119881119881 119863119867119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119863(20)
119882119881119881 119868 larr997888
119882119881119881 119868 sdot 120582119868119860119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119863
120582119868119882119881119881 119868119867119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119868(21)
Hence the permission community detection algorithm isshown as Algorithm 1
4 Experiments and Results
In this section we evaluate our role mining method based onthemulti-domain information of a simulated network whichis the simplification of the inner network of Corporation M
41 Experiment Environment We built a simulation networkfor experiments including a router a firewall an IntrusionPrevention System (IPS) 3 switches (Switch1 Switch2 andSwitch3) 6 servers (WServer DServer FServer GServerOServer and IServer) 3 gate machines (GM1 GM2 andGM3) and 13 terminals (T1 T2 T3 T13) We used aHUAWEI S7706 as the core router three HUAWEI S5700as switches a TOPSEC NGFW 4000-UF as the firewall aTOPSEC IDP 3000 as IPS and computers from Dell and HPas the servers or terminalsThe router enabled 3-layer routingand the firewall were configured with bidirectional accesscontrol lists All the servers and terminals were installedwith different versions of Windows including Windows2003 Server Windows XP and Windows 7 We deployedan entrance guard system including 3 gate machines and aserver (GServer) The gate machines used face recognitiontechnology to determine whether a person can pass or notAn office automation system was deployed on the OServerwhose database was deployed on the DServer We alsodeployed two websites and an FTP using IIS (Internet Infor-mation Services) onWServer IServer and FServer Similarlythe websites depended on the same database deployed on
Security and Communication Networks 7
T1
T8
Switch1Firewall Switch 3
Database Server(DServer)
Web Server(WServer)
Ftp Server(FServer)
IPS
Gate Server(GServer)
OA Server(OServer)
Inner Web Server(IServer)
Gate Machine1Gate Machine3(GM1)
(GM3)
T7
Gate Machine2(GM2)
T13
Building 2
Building 3Building 1
Router
Figure 3 An example network
DServer The physical link relationships among devices areshown in Figure 3
All the devices are distributed in 12 rooms in 3 buildings10 devices are located in building 1 terminal T1 T2 andT3 arein room 1-1 T4 and T5 are in room 1-4 T6 and T7 are in room1-5 Switch1 is in room 1-2 and GM1 is in the hall of building1 (room 1-3) 8 devices are located in building 2 terminals T8and T9 are in room 2-1 T10 and T11 are in room 2-4 T12 andT13 are in room 2-5 Switch2 is in room 2-2 and GM2 is inthe hall of building 2 (room 2-3) 10 devices are located inbuilding 3 router firewall IPS Switch3 and all servers are inroom 3-1 and GM3 is in the hall of building 3 (room 3-2)
There were 34 services in the network including 28management services and 6 business services The manage-ment services were used for device management while thebusiness services were used for corporation business Eachdevice was managed by a management service The routerand switches enabled SSH service The servers and terminalsenabled the Remote Desktop Service In addition the gatemachines enabled web-based management interfaces Thewebsite deployed on WServer provided a web service onport 80 named as WS W which was used to publish publicinformationThe FServer provided an FTP service on port 21named as FS Fwhichwas used byNetworkAdministrators toshare informationTheGServer provided a data transmissionservice on port 8080 named as GS T which was usedto synchronize data between GM machine and GServerThe OServer provided a web service on port 80 named asOS W which was used to document circulation for all usersThe IServer provided a web service on port 80 named asIS W which was used by Server Administrators to shareinformationTheDServer provided a database service on port
1433 named as DS D which was used to provide underlyingsupport for WS W OS W and IS W
There were 33 passwords in the analysis Each serviceexcept for WS W and OS W has a password Besides119873119880119871119871 was added to represent the empty password All theinformation involved is shown in Table 1
There were 13 users involved in analysis named fromUser1 to User13 who used terminals T1 to T13 and knewpasswords T1 M P to T13 M P respectively Using the top-down approaches the network security administrators hadgotten 5 user roles for the business information which werenamed as Ordinary User Server Administrator DatabaseAdministrator NetworkAdministrator and Security Admin-istratorThe role-permission assignments are listed in Table 2
42 Baseline Methods To demonstrate the effectiveness ofour method we compare our approach with two groups ofbaselines The first group comprises 5 clustering methods 2single view methods and 3 multiview methods The secondgroup comprises 4 traditional role mining methods ORCA(OFFIS Role mining tool with Cluster Analysis) CM (Com-plete Miner) HPr (HP Role Minimization) and HPe (HPEdge Minimization)
421 Clustering Methods SP (Spectral Clustering) SP [35] isa classical single view clustering algorithm which makes useof the eigenvalues of the data similarity matrix to performdimensionality reduction before clustering in fewer dimen-sionsThe similaritymatrix is provided as an input consistingof a quantitative assessment of the relative similarity of eachpair of points in the dataset
SymNMF SymNMF [36] is a clustering algorithm basedon NMF which takes a nonnegative and symmetric matrix as
8 Security and Communication Networks
Table 1 Device related information
Device Location Services Password Device Location Services PasswordT1 R1-1 T1 M T1 M P GM2 R2-3 G2 M G2 M PT2 R1-1 T2 M T2 M P GM3 R3-2 G3 M G3 M PT3 R1-1 T3 M T3 M P Switch1 R1-2 S1 M S1 M PT4 R1-4 T4 M T4 M P Switch2 R2-2 S2 M S2 M PT5 R1-4 T5 M T5 M P Switch3 R3-1 S3 M S3 M PT6 R1-5 T6 M T6 M P Router R3-1 R M R M PT7 R1-5 T7 M T7 M P Firewall R3-1 F M F M PT8 R2-1 T8 M T8 M P IPS R3-1 IPS M IPS M P
T9 R2-1 T9 M T9 M P WServer R3-1 WS W - -WS M WS M P
T10 R2-4 T10 M T10 M P DServer R3-1 DS D DS D PDS M DS M P
T11 R2-4 T11 M T11 M P FServer R3-1 FS F FS F PFS M FS M P
T12 R2-5 T12 M T12 M P GServer R3-1 GS T GS T PGS M GS M P
T13 R2-5 T13 M T13 M P OServer R3-1 OS W ndashOS M OS M P
GM1 R1-3 G1 M G1 M P IServer R3-1 IS W IS W PIS M IS M P
Table 2 User role-permission assignments by top-down methods
Roles Service PermissionsOrdinary User WS W OS WServer Administrator WS M FS M GS M OS M IS M DS M IS WDatabase Administrator DS DNetwork Administrator S1 M S2 MS3 M R M FS FSecurity Administrator F M IPS M G1 M G2 M G3 M GS T
an input The matrix contains pairwise similarity values of asimilarity graph and is approximated by a lower rank matrixinstead of the product of two lower rank matrices
PCoSpec (Pairwise Coregularized Spectral clustering)and CCoSpec (Center-wise Coregularized Spectral cluster-ing) Two coregularization schemes are adopted in spec-tral clustering framework [37] PCoSpec utilizes a pairwisecoregularization to enforce the eigenvectors of each pairto be similar and CCoSpec employs the centroid-basedcoregularization to enforce the eigenvectors to be similar witha common center
CCoNMF (Cluster-wise Coregularized NMF clustering)CCoNMF extends NMF for multiview clustering by jointlyfactorizing the multiple matrices through cluster-wise coreg-ularization [32] which enforces the cluster similarity matri-ces to be similar
RMSC (Robust Multiview Spectral Clustering) RMSC[38] is a multiview spectral clustering method based onMarkov chain which explicitly handles the possible noise inthe transition probability matrices associated with differentviews
422Mining BaselineMethods ORCAORCA [11] is the firstrole mining algorithm which uses the hierarchical clusteringtechnology to discover user rolesThe algorithm defines each
permission as an initial cluster first then merges the clustersand forms a role hierarchy
Complete Miner (CM) CM [10] is another classic rolemining algorithm proposed in 2006 It starts by creating aninitial set of roles for the distinct user-permission sets thencomputes all possible intersection sets of the initial roles andoutputs a list of candidate roles
HP Role Minimization and HP Edge Minimization HPRole Minimization (HPr) and HP Edge Minimization (HPe)[14] are the role mining algorithms based on minimumbiclique coverage HPr tries to find a minimal set of roles thatoverride the user-permission assignment relationship whileHPe uses a heuristic method to find the smallest number ofedges of an RBAC system
43 Experiments Setup
431 Scenarios Construction To validate our frameworkand method we built 3 scenarios named as Scenario1 (S1)Scenario2 (S2) and Scenario3 (S3) based on the basic exper-imental environment shown in Figure 3 and assigned usersone ormore user roles which is shown in Table 3We can findout that each user in S1 was assigned only 1 user role whilethey were assigned 2 user roles in S2 In S3 users working
Security and Communication Networks 9
Table 3 User-role assignments in different scenario
Scenario OrdinaryUser
ServerAdministrator
DatabaseAdministrator
NetworkAdministrator
SecurityAdministrator
S1 User1 User2User3 User4 User5 User6 User7 User8 User9
User10User11 User12 User13
S2 All Users User7 User8 User11 User12User13 User4 User5 User9 User10
S3
User1 User2User5 User6
User9User10User13
User4 User7 User8 User11 User12
in one roommay be assigned different user roles which mayintroduce more vulnerabilities to network security
For each scenario we first configured the gate machinesand firewall according to Tables 2 and 3 Spatial accesscontrol lists were added on gate machines making usershave physical access to devices they managed or used whilenetwork access control lists were added on the firewallmaking the terminals have network access to the targetservices
It should be noted that there were potential conflictsamong multi-domain configurations on the semantic levelTake the user User4 in S1 as example User4 was a ServerAdministrator and should not access service DS M and thefirewall had forbidden T4 to access service DS D directlybut T4 was permitted to access service WS M and therewas no firewall between WServer and DServer Thus User4can use T4 to log in WServer remotely first and then accessservice DS D (he can get the password DS D P from theconfiguration files on WServer) This is a typical semanticconflict between the network access control lists Similarlyas User4 had the ability to access DS D physically by enteringthe room 3-1 there is another conflict between the networkaccess control list and the spatial access control list Thoseconflicts may result in extra permissions for users
Then we extracted basic information from the networkand established the necessary relationshipmatrices Note thatthere were 16 space entities 28 object entities 34 serviceentities 32 information entities and 13 user entities in allthe 3 scenarios The relationship matrices 119872119874119878 isin R28times16119872119881119868 isin R34times32119872119874119881 119871 isin R28times34 and119872119874119881 119877 isin R28times34 werethe same in all three scenarios where |119872119874119878|0 = |119872119874119881 119871|0 =|119872119874119881 119877|0 = 28 and |119872119881119868|0 = 34 The matrices 119872119878119878 isinR16times16 and119872119881119874 isin R34times28 varied from scenario to scenariodepending on the configurations of gate machines or firewallFor each space pair (S1 S2) we counted the users who canmove from S1 to S2 under each scenario and set the parameter120576 = 14when constructing thematrix119872119878119878The results showedthat |119872119878119878|0 = 46 in S1 |119872119878119878|0 = 46 in S2 and |119872119878119878|0 = 42in S3 We used the scanner NMAP to get the accessibilityrelationships between devices and services establishing thematrix 119872119881119874 The results showed that |119872119881119874|0 = 549 in S1|119872119881119874|0 = 566 in S2 and |119872119878119878|0 = 548 in S3
Finally we detected the user roles by RMMDI and com-pared the results with the two groups of baseline methods
On the one hand we performed the role mining baselinemethods based on the user-permission assignment (UPA)matrices constructed from the firewall configurations andcompared the results with RMMDI On the other hand westudied the best parameters for each clustering method andthen compared the effectiveness of RMMDI with the clus-tering baseline methods Accuracy and normalized mutualinformation (NMI) [31ndash33 36] were adopted to evaluate thecommunity detection effectiveness of different parameterswhose values both range from 0 to 1 and a higher valuemeans better effectiveness We calculated the accuracy andNMI of different clustering methods with ground truth afterstudying the best parameters for each clustering method Inthe experiments we constructed two ground truthsmanuallyIn one ground truth we divided 21 service permissionsinto 5 roles according to Table 2 In the other groundtruth we combined the roles ldquoDatabase Administratorrdquo withldquoServer Administratorrdquo and classified 21 service permissionsinto 4 roles For one community detection result we com-pared it with the two ground truths and calculated metricsseparately
44 Result
441 Role Mining Results Firstly we performed the baselinerole mining methods based on the firewall configurationsAs the firewall only conducted the network access controllists it can only reflect the accessibility between devices andservices Since each terminal was assigned to a user we canget the 3 different UPA matrices from it As we wanted tofind disjoint service subnets we used 119882 = ⟨1 1 1infininfin⟩as the optimization objective In order to save space only thepermission divisions are shown in Table 4 We found that thepermission divisionswere almost the same as those in Table 2whichmeant that the role miningmethods can find no errorsfrom the top-down approach
Then we also performed the RMMDI on all scenarioswith the role number 119896 = 5100 times for each scenario Themajority of the results were different from the result shownin Table 2 The most frequent result (222 in 300 times) islisted as Table 5 Comparing with Table 2 we counted thenumber of inconsistent classification results of each serviceAll 18 services were classified inconsistently for 572 timesin total And the top 2 services with the most inconsistent
10 Security and Communication Networks
Table 4 Role mining results of baselines on all scenarios
Scenario Method Role Permissions
S1
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
S2 HPr
Role1 WS W OS W
Role2 WS W OS W WS M FS MGS M OS M IS M DS M IS W
Role3 WS W OS W DS D
Role4 WS W OS W S1 M S2 MS3 M R M FS F
Role5 WS W OS W F M IPS M GS T
S2
ORCACMHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 WS W OS W DS DRole4 S1 M S2 M S3 M R M FS FRole5 F M IPS M GS T
S3
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
Table 5 The most common result of RMMDI when k=5
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 GS TRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M
classification times were DS D (282 times) and GS T (258times)
Finally we changed the role number 119896 = 4 and performedthe experiments 100 times under each scenario The mostcommon results are shown in Table 6
442 Parameter Study Results We studied the parametersused in RMMDI as well as the baseline clustering methodsWe performed a series of experiments for a series of differentparameters and tried to find out the optimal parameters Theexperiments were conducted under S2 with role number 119896 =4
We first studied the parameters used in baseline meth-ods including 120582119901 119904119901119890119888 in PCoSpec 120582119888 119904119901119890119888 119863 and 120582119888 119904119901119890119888 119868 inCCoSpec and 120582119903119898119904119888 in RMSC With each parameter we set120582 = 005 and studied 30 different values between 0005 and100 When 120582119901 119904119901119890119888 = 015 120582119888 119904119901119890119888 119863 = 8 120582119888 119904119901119890119888 119868 = 1 and
120582119903119898119904119888 = 015 the methods had relatively better effectivenesson the dataset
Then we studied the parameters in PCoNMF andCCoNMF There are 3 parameters 120582119863 120582119868 and 120582119863119868 120582119863 and120582119868 represent the weights of view 119860119881119881 119863 and 119860119881119881 119868 while 120582119863119868is the regularization parameter We studied 27 different ratiosof 120582119863 to 120582119868 between 10 and 002 as well as 10 different valuesof 120582119863119868 between 01 and 10 The experiments were conducted50 times for each pair The results are shown in Figures 4and 5 We found that the parameters 120582119863 and 120582119868 had littleimpact on both the accuracy and NMI when 120582119863120582119868 lt 1 and05 lt 120582119863119868 lt 15 so we used 120582119863 = 1 120582119868 = 3 and 120582119863119868 = 09in the study of 120582 and the clustering experiments shown inSection 443
Finally we studied the parameter 120582 used in RMMDI Weperformed an experiment with a series of 120582 from 005 to 1with step size 05 and observed their impacts on the clustering
Security and Communication Networks 11
Table 6 The most common result of RMMDI when k=4
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 S1 M S2 MS3 M R M FS FRole4 F M IPS M GS T
06
065
07
075
08
085
09
501 401 301 201 151 101 91 71 51 31 11 12 13 15 17 19 115 120 125 130 140 150
PCoNMF_ACCPCoNMF_NMICCoNMF_NMICCoNMF_ACC
Figure 4 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863120582119868
effectiveness (shown in Figure 6) The other parameters wereset as mentioned in the previous paragraph
We found that the curves showed a downward trend inwhole and the accuracy and NMI got greater values when 120582was around 03 which was used for the experiments shownin Section 443
443 Clustering Results We also conducted experiments tocompare the effectiveness of RMMDI with the clusteringbaseline methods We performed all algorithms 200 times oneach scenario and compared results with the ground truthshown in Table 4 All the other parameters were set as theoptimal values mentioned in Section 442 The results arelisted in Tables 7ndash9 in which the results of SP and SymNMF
were the larger result of 3 different inputs 119860119881119881 119860119881119881 119863 and119860119881119881 119868 Most of those values were from the input 119860119881119881 119868
5 Discussion
Wepropose a novel user role framework which uses multipledomain information to mine user roles other than thepreassigned user-permission assignment matrix
It is proved that the framework is suitable for role miningFor the three scenarios used in the experiment different usersare assigned to different user roles One user may be assignedone or more user roles and one user role may be assigned toseveral users For the results listed in Tables 7 and 8 we canfind that the accuracy of the proposed framework is greater
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
Security and Communication Networks 3
Basic information
acquisition
Relationship network
construction
Community detection
and role definition
Multi-domain entity information
Multi-domain relationship information
Rolepermission assignmentsUser roles
Device Perspective Service Network
Information Perspective Service Network
Multi-view Service Network
Figure 1 Role mining framework based on multi-domain information
detection methods have been proposed which utilize moreinformation and achieve better performance
Nonnegative Matrix Factorization (NMF) [29] is a clas-sic clustering method and several multi-view communitydetection methods based on NMF are proposed Akata etal proposed a method to jointly factorize multiple datamatrices through a shared coefficient matrix [30] Liu et alproposed MultiNMF that regularizes the coefficient matriceslearned from different views towards a common consensusfor clustering [31] He et al extended NMF for multiviewclustering by jointly factorizing themultiplematrices throughcoregularization [32] Pei et al proposed a nonnegativematrix tri-factorization (NMTF) based clustering frameworkwith three types of graph regularization [33] Li et al pro-posed a framework based on regularized joint nonnegativematrix factorization (RJNMF) to utilize link and contentinformation jointly to enhance the community detectionaccuracy [34]
In the framework RMMDI we use the Pairwise Coreg-ularized NMF clustering algorithm proposed in [32] tomerge the information from two service networks (views)Experiments show that it can get more information thanfrom a single view and make the role mining results morereasonable
3 Role Mining Framework Based onMulti-Domain Information
In this paper we proposed a role mining framework based onthe multi-domain information which is named as RMMDIThe framework is aimed at dividing possible user permissionsinto several disjoint subsets and assigning each subset to auser roleThen users are assigned with one ormore necessaryroles according to the permission they deserveThe structureof RMMDI is shown in Figure 1 The framework can bedivided into three modules basic information acquisitionrelationship network construction and community detectionand role definition
The basic information acquisition module obtains thenecessary basic information from the target network includ-ing multi-domain entity information and relationship infor-mation The relationship network construction module con-structs eight networks based on the obtained basic infor-mation including the intermediate networks and ultimatenetworks The community detection and role definitionmodule detects permission communities on the ultimatenetworks by a multi-view community detection method anddefines possible user roles
31 Basic Information Acquisition The basic informationacquisition module is to collect network basic informationincluding the entities and entity relationships in the physicaldomain network domain and information domain whichare the foundation of relationship network construction
311 Entity There are five kinds of entities involved in theframework ie space object service info and user
Entity space represents specific physical space such as citycampus building or room which is in the physical domainAll the space entities are represented as a set 119873119878 Entityobject is also located at the physical domain and representsnetwork device like router switch or terminal All the objectentities are represented as a set 119873119874 Entity service is in thenetwork domain and represents network service like HTTP(Hypertext Transfer Protocol) FTP (File Transfer Protocol)and Email All the service entities are represented as a set119873119881 Entity info is in the digital domain and represents theinformation like password data or digital file All the infoentities are represented as a set 119873119868 Entity user representsnetwork user All the user entities are represented as a set119873119880312 Relationships There are seven kinds of relationshipsinvolved in the framework ie spatial similarity relation-ships containment relationships service access relationshipslocal management relationships remote management rela-tionships service domination relationships and info domi-nation relationships
4 Security and Communication Networks
Spatial similarity relationships are described by thematrix119872119878119878 isin 119860119878times119878 where 119860 = 0 1 and 119878 = |119873119878|119872119878119878(119894 119895)is determined by
119872119878119878 (119894 119895) =
1 if (119894 = 119895) or u (119894 119895) + u (119895 119894) gt 1205760 otherwise
(1)
where 119906(119894 119895) is the number of users who can move fromspace 119899119904119894 to space 119899119904119895 and 120576 is the threshold value rangingfrom 0 to 2|119873119880|
Device containment relationships are described by thematrix 119872119874119878 isin 119860119874times119878 where 119860 = 0 1 119874 = |119873119874| and119878 = |119873119878|119872119874119878(119894 119895) is determined by the following
119872119874119878 (119894 119895) =
1 if object 119899119900119894 locates in space 1198991199041198950 otherwise
(2)
Service access relationships are described by the matrix119872119881119874 isin 119860119881times119874 where 119860 = 0 1 119881 = |119873119881| and 119874 = |119873119874|119872119881119874(119894 119895) is determined by the following
119872119881119874 (119894 119895)
=
1 if service 119899V119894 can be reach by device 1198991199001198950 119900119905ℎ119890119903119908119894119904119890
(3)
Local management relationships are described by thematrix 119872119874119881 119871 isin 119860119874times119881 where 119860 = 0 1 119874 = |119873119874| and119881 = |119873119881|119872119874119881 119871(119894 119895) is determined by the following
119872119874119881 119871 (i j)
=
1 if device 119899119900119894 can be managed by service 119899V119895 locally0 otherwise
(4)
Remote management relationships are described by thematrix 119872119874119881 119877 isin 119860119874times119881 where 119860 = 0 1 119874 = |119873119874| and119881 = |119873119881|119872119874119881 119877(119894 119895) is determined by the following
119872119874119881 119877 (119894 119895)
=
1 if device 119899119900119894 can be managed by service 119899V119895 remotely
0 otherwise
(5)
Service domination relationships are described by thematrix 119872119881119868 isin 119860119881times119868 where 119860 = 0 1 119881 = |119873119881| and119868 = |119873119868|119872119881119868(119894 119895) is determined by the following
119872119881119868 (119894 119895)
=
1 if the password of service 119899V119894 is 1198991198941198950 otherwise
(6)
Info domination relationships are described by thematrix119872119868119868 isin 119860119868times119868 where 119860 = 0 1 and 119868 = |119873119868| 119872119868119868(119894 119895) isdetermined by
119872119868119868 (119894 119895) =
1 if (119899119894119895 997888rarr 119899119894119894) or (119899119894119894 997888rarr 119899119894119895)0 otherwise
(7)
where symbol 119886 997888rarr 119887 indicates that information 119886 isdominated by information 119887 It means there is a service V isin119873119881 whose password is 119887 and from which the users can getinformation 11988632 RelationshipNetwork Construction Therelationship net-work construction module is to construct basic relationshipnetworks based on the obtained basic information As shownin Figure 2 there are eight networks to be constructedin total The ultimate goal of this module is to form theDevice View Service Network (DVSN) Information ViewService Network (IVSN) and Multiview Service Network(MVSN) These three ultimate networks are used in commu-nity detection and role definition Besides the three ultimatenetworks there are other five networks involved in user-rolemining which are named as LocalManagement ViewDeviceNetwork (LMVDN) Remote Management View DeviceNetwork (RMVDN) Local Information View Device Net-work (LIVDN) Remote Information View Device Network(RIVDN) and Multiview Device Network (MVDN) Thefive intermediate networks are the foundation to constructultimate networks The meanings of intermediate networksand ultimate networks are described as follows
321 Intermediate Networks The five intermediate networksare described as undirected weighted graphs whose adja-cency matrices are constructed from the seven basic relation-ship matrices
LMVDN The LMVDN represents the similarity betweendevices from a spatial (localmanagement) perspective whichmeans the devices located at similarity spaces are moresimilar than others The network is represented by theadjacencymatrix119860119874119874 119878 whose values represent the similarityof two devices The matrix is determined by the following
119860119874119874 119878 = 119872119874119878119872119878119878 (119872119874119878)119879 (8)
RMVDNThe RMVDN represents the similarity betweendevices from a remote management perspective whichmeans the devices that can be managed by similar manage-ment services are more similar than others The network isrepresented by the adjacencymatrix119860119874119874 119877 whose values rep-resent the similarity of two devicesThematrix is determinedby the following
119860119874119874 119877 = 119872119874 119881119877119872119881119874 + (119872119874 119881119877119872119881119874)119879 (9)
LIVDN The LIVDN represents the similarity betweendevices from the perspective of local management servicepassword which means the devices with similar local man-agement service password are more similar than others Thenetwork is represented by the adjacencymatrix119860119874119874 119868119871 whosevalues represent the similarity of two devices The matrix isdetermined by the following
119860119874119874 119868119871 = 119872119874119881 119871119872119881119868119872119868119868 (119872119874119881 119871119872119881119868)119879 (10)
RIVDN The RIVDN represents the similarity betweendevices from the perspective of remote management service
Security and Communication Networks 5
Local Management View Device Network
Remote ManagementView Device Network
Local Information View Device Network
Remote Information View Device Network
Multi-view DeviceNetwork
Device View Service Network
Information View Service Network
Multi-view Service Network
Spatial SimilarityRelationships
Remote ManagementRelationships
Service AccessRelationships
Local ManagementRelationships
Device ContainmentRelationships
Information DominationRelationships
Service dominationrelations
Figure 2 Relationship networks constructed in RMMDI
password which means the devices with similar remotemanagement service password are more similar than othersThe network is represented by the adjacency matrix 119860119874119874 119868119877whose values represent the similarity of two devices Thematrix is determined by the following
119860119874119874 119868119877 = 119872119874119881 119877119872119881119868119872119868119868 (119872119874119881 119877119872119881119868)119879 (11)
MVDN The MVDN represents the similarity betweendevices from multiple perspectives which merges the rela-tionships from the local management perspective and theremote management perspectiveThe network is representedby the adjacency matrix 119860119874119874 whose values represent thesimilarity of two devices The matrix is determined by
119860119874119874 = 119860119874119874 119878 sdot 119860119874119874 119868119871 + 119860119874119874 119877 sdot 119860119874119874 119868119877 (12)
where the symbol sdotmeans dot product of two matrices
322 Ultimate Networks The three ultimate networks arealso described as undirected weighted graphs whose adja-cency matrices are constructed from the seven basic relation-ship matrices and five intermediate networks
DVSN The DVSN represents the similarity of servicepermissions from a device perspective which means theservices accessed by similar devices are more similar thanothers The network is represented by the adjacency matrix119860119881119881 119863 whose values represent the similarity of two devicesThe matrix is determined by
119860119881119881 119863lowast = 119872119881119874119860119874119874 (119872119881119874)119879 (13)
119860119881119881 119863 = relationFilter (119860119881119881 119863lowast 120582) (14)
where relationFilter(119866 120582) is the function of filtering edgesfrom the original graph whose parameter 119866 is the originalgraph and 120582 is the ratio of edges to be reserved
As the matrix 119860119881119881 119863lowast is a fully connected matrix inwhich the edges with small weight have negative impacts oncommunity results we use a function relationFilter(119866 120582) tofilter the low weight edges from the network In function119903119890119897119886119905119894119900119899119865119894119897119905119890119903(119866 120582) for any node 119899 in the graph 119866 we onlyreserve the top 120582timesedgeNum(119899) edges with the largest weightIf two edges have the same weight we reserve the edgebetween the node 119899 and the neighbor node with a higherdegree
IVSN The IVSN represents the similarity of servicepermissions from an information perspective which meansthe services with a similar password are more similar thanothers The network is represented by the adjacency matrix119860119881119881 119868 whose values represent the similarity of two devicesThe matrix is determined by
119860119881119881 119868 = relationFilter (119872119881119868119860119868119868 (119872119881119868)119879 120582) (15)
where relationFilter(119866 120582) is the same edges filteringfunction in formula (14)
MVSN The MVSN represents the similarity of servicepermissions from multiple perspectives which merges thesimilarity relationships from the device perspective and theinformation perspective The network is represented by theadjacency matrix 119860119881119881 whose values represent the similarityof two devices The matrix is determined by the following
119860119881119881 = 119860119881119881 119863 + 119860119881119881 119868 (16)
6 Security and Communication Networks
Input nonnegative matrices 119860119881119881 119863 119860119881119881 119868 number of communities 119896 parameters 120582119863 120582119868 120582119863119868Output Service Community Division 119862 = c1 1198882 sdot sdot sdot 119888k(1) Initialize119882VV D ge 0119867119881119881 119863 ge 0119882VV I ge 0119867119881119881 119868 ge 0(2) While Objective function does not converge and the Number of iterations is less thanThreshold do(3) Update119867119881119881 119863 according to Formula (18)(4) Update119867119881119881 119868 according to Formula (19)(5) Update119882VV D according to Formula (20)(6) Update119882VV I according to Formula (21)(7) end while(8) Divide nodes to communities division 119862 = c1 1198882 sdot sdot sdot 119888k according to the coefficient matrix119882VV D
(9) return 119862 = c1 1198882 sdot sdot sdot 119888k
Algorithm 1 Permission community detection algorithm (PCDA)
33 Community Discovery and User-Role Definition Afterbuilding the ultimate networks services can be dividedinto community relations through multi-view clusteringalgorithm where all service permissions are divided into acommunity division119862 = 1198881 1198882 sdot sdot sdot 119888119896Then for each 119888119894 isin 119862a role can be defined correspondingly In this way all networkservice permissions can be naturally assigned to 119896 classeswhere the possible values of 119896 can be determined throughalgorithms such as maximummodule degree
In multiview service community discovery we usethe Pairwise Coregularized NMF clustering algorithm(PCoNMF) proposed in [32] which is based on regularizedjoint NMF The objective function of service communitydiscovery is formulated as follows
119869 = 120582119863100381710038171003817100381710038171003817119860119881119881 119863 minus119882119881119881 119863 (119867119881119881 119863)T100381710038171003817100381710038171003817
2
119865
+ 120582119868100381710038171003817100381710038171003817119860119881119881 119868 minus119882119881119881 119868 (119867119881119881 119868)T100381710038171003817100381710038171003817
2
119865
+ 12058211986311986810038171003817100381710038171003817119882119881119881 119863 minus119882119881119881 11986810038171003817100381710038171003817
2
119865
119904119905 119867119881119881 119863 ge 0 119867119881119881 119868 ge 0
(17)
The hypothesis behind PCoNMF is to regularize thecoefficient matrices of the different views to a commonconsensus which is then used for clustering PCoNMF alsoadopts alternating optimization to minimize the objectivefunction The optimization works as follows (1) fix the valueof 119882119881119881 119863 and 119882119881119881 119868 while minimizing 119869 over 119867119881119881 119863 and119867119881119881 119868 then (2) fix the value of 119867119881119881 119863 and 119867119881119881 119868 whileminimizing 119869over119882119881119881 119863 and119882119881119881 119868We repeat the two stepsuntil the iteration threshold is achieved
According to [32] the update rules are as follows
119867119881119881 119863 larr997888 119867119881119881 119863 sdot (119882119881119881 119863)119879119860119881119881 119863
(119882119881119881 119863)119879119882119881119881 119863119860119881119881 119863(18)
119867119881119881 119868 larr997888 119867119881119881 119868 sdot (119882119881119881 119868)119879119860119881119881 119868
(119882119881119881 119868)119879119882119881119881 119868119860119881119881 119868(19)
119882119881119881 119863 larr997888
119882119881119881 119863 sdot 120582119863119860119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119868
120582119863119882119881119881 119863119867119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119863(20)
119882119881119881 119868 larr997888
119882119881119881 119868 sdot 120582119868119860119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119863
120582119868119882119881119881 119868119867119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119868(21)
Hence the permission community detection algorithm isshown as Algorithm 1
4 Experiments and Results
In this section we evaluate our role mining method based onthemulti-domain information of a simulated network whichis the simplification of the inner network of Corporation M
41 Experiment Environment We built a simulation networkfor experiments including a router a firewall an IntrusionPrevention System (IPS) 3 switches (Switch1 Switch2 andSwitch3) 6 servers (WServer DServer FServer GServerOServer and IServer) 3 gate machines (GM1 GM2 andGM3) and 13 terminals (T1 T2 T3 T13) We used aHUAWEI S7706 as the core router three HUAWEI S5700as switches a TOPSEC NGFW 4000-UF as the firewall aTOPSEC IDP 3000 as IPS and computers from Dell and HPas the servers or terminalsThe router enabled 3-layer routingand the firewall were configured with bidirectional accesscontrol lists All the servers and terminals were installedwith different versions of Windows including Windows2003 Server Windows XP and Windows 7 We deployedan entrance guard system including 3 gate machines and aserver (GServer) The gate machines used face recognitiontechnology to determine whether a person can pass or notAn office automation system was deployed on the OServerwhose database was deployed on the DServer We alsodeployed two websites and an FTP using IIS (Internet Infor-mation Services) onWServer IServer and FServer Similarlythe websites depended on the same database deployed on
Security and Communication Networks 7
T1
T8
Switch1Firewall Switch 3
Database Server(DServer)
Web Server(WServer)
Ftp Server(FServer)
IPS
Gate Server(GServer)
OA Server(OServer)
Inner Web Server(IServer)
Gate Machine1Gate Machine3(GM1)
(GM3)
T7
Gate Machine2(GM2)
T13
Building 2
Building 3Building 1
Router
Figure 3 An example network
DServer The physical link relationships among devices areshown in Figure 3
All the devices are distributed in 12 rooms in 3 buildings10 devices are located in building 1 terminal T1 T2 andT3 arein room 1-1 T4 and T5 are in room 1-4 T6 and T7 are in room1-5 Switch1 is in room 1-2 and GM1 is in the hall of building1 (room 1-3) 8 devices are located in building 2 terminals T8and T9 are in room 2-1 T10 and T11 are in room 2-4 T12 andT13 are in room 2-5 Switch2 is in room 2-2 and GM2 is inthe hall of building 2 (room 2-3) 10 devices are located inbuilding 3 router firewall IPS Switch3 and all servers are inroom 3-1 and GM3 is in the hall of building 3 (room 3-2)
There were 34 services in the network including 28management services and 6 business services The manage-ment services were used for device management while thebusiness services were used for corporation business Eachdevice was managed by a management service The routerand switches enabled SSH service The servers and terminalsenabled the Remote Desktop Service In addition the gatemachines enabled web-based management interfaces Thewebsite deployed on WServer provided a web service onport 80 named as WS W which was used to publish publicinformationThe FServer provided an FTP service on port 21named as FS Fwhichwas used byNetworkAdministrators toshare informationTheGServer provided a data transmissionservice on port 8080 named as GS T which was usedto synchronize data between GM machine and GServerThe OServer provided a web service on port 80 named asOS W which was used to document circulation for all usersThe IServer provided a web service on port 80 named asIS W which was used by Server Administrators to shareinformationTheDServer provided a database service on port
1433 named as DS D which was used to provide underlyingsupport for WS W OS W and IS W
There were 33 passwords in the analysis Each serviceexcept for WS W and OS W has a password Besides119873119880119871119871 was added to represent the empty password All theinformation involved is shown in Table 1
There were 13 users involved in analysis named fromUser1 to User13 who used terminals T1 to T13 and knewpasswords T1 M P to T13 M P respectively Using the top-down approaches the network security administrators hadgotten 5 user roles for the business information which werenamed as Ordinary User Server Administrator DatabaseAdministrator NetworkAdministrator and Security Admin-istratorThe role-permission assignments are listed in Table 2
42 Baseline Methods To demonstrate the effectiveness ofour method we compare our approach with two groups ofbaselines The first group comprises 5 clustering methods 2single view methods and 3 multiview methods The secondgroup comprises 4 traditional role mining methods ORCA(OFFIS Role mining tool with Cluster Analysis) CM (Com-plete Miner) HPr (HP Role Minimization) and HPe (HPEdge Minimization)
421 Clustering Methods SP (Spectral Clustering) SP [35] isa classical single view clustering algorithm which makes useof the eigenvalues of the data similarity matrix to performdimensionality reduction before clustering in fewer dimen-sionsThe similaritymatrix is provided as an input consistingof a quantitative assessment of the relative similarity of eachpair of points in the dataset
SymNMF SymNMF [36] is a clustering algorithm basedon NMF which takes a nonnegative and symmetric matrix as
8 Security and Communication Networks
Table 1 Device related information
Device Location Services Password Device Location Services PasswordT1 R1-1 T1 M T1 M P GM2 R2-3 G2 M G2 M PT2 R1-1 T2 M T2 M P GM3 R3-2 G3 M G3 M PT3 R1-1 T3 M T3 M P Switch1 R1-2 S1 M S1 M PT4 R1-4 T4 M T4 M P Switch2 R2-2 S2 M S2 M PT5 R1-4 T5 M T5 M P Switch3 R3-1 S3 M S3 M PT6 R1-5 T6 M T6 M P Router R3-1 R M R M PT7 R1-5 T7 M T7 M P Firewall R3-1 F M F M PT8 R2-1 T8 M T8 M P IPS R3-1 IPS M IPS M P
T9 R2-1 T9 M T9 M P WServer R3-1 WS W - -WS M WS M P
T10 R2-4 T10 M T10 M P DServer R3-1 DS D DS D PDS M DS M P
T11 R2-4 T11 M T11 M P FServer R3-1 FS F FS F PFS M FS M P
T12 R2-5 T12 M T12 M P GServer R3-1 GS T GS T PGS M GS M P
T13 R2-5 T13 M T13 M P OServer R3-1 OS W ndashOS M OS M P
GM1 R1-3 G1 M G1 M P IServer R3-1 IS W IS W PIS M IS M P
Table 2 User role-permission assignments by top-down methods
Roles Service PermissionsOrdinary User WS W OS WServer Administrator WS M FS M GS M OS M IS M DS M IS WDatabase Administrator DS DNetwork Administrator S1 M S2 MS3 M R M FS FSecurity Administrator F M IPS M G1 M G2 M G3 M GS T
an input The matrix contains pairwise similarity values of asimilarity graph and is approximated by a lower rank matrixinstead of the product of two lower rank matrices
PCoSpec (Pairwise Coregularized Spectral clustering)and CCoSpec (Center-wise Coregularized Spectral cluster-ing) Two coregularization schemes are adopted in spec-tral clustering framework [37] PCoSpec utilizes a pairwisecoregularization to enforce the eigenvectors of each pairto be similar and CCoSpec employs the centroid-basedcoregularization to enforce the eigenvectors to be similar witha common center
CCoNMF (Cluster-wise Coregularized NMF clustering)CCoNMF extends NMF for multiview clustering by jointlyfactorizing the multiple matrices through cluster-wise coreg-ularization [32] which enforces the cluster similarity matri-ces to be similar
RMSC (Robust Multiview Spectral Clustering) RMSC[38] is a multiview spectral clustering method based onMarkov chain which explicitly handles the possible noise inthe transition probability matrices associated with differentviews
422Mining BaselineMethods ORCAORCA [11] is the firstrole mining algorithm which uses the hierarchical clusteringtechnology to discover user rolesThe algorithm defines each
permission as an initial cluster first then merges the clustersand forms a role hierarchy
Complete Miner (CM) CM [10] is another classic rolemining algorithm proposed in 2006 It starts by creating aninitial set of roles for the distinct user-permission sets thencomputes all possible intersection sets of the initial roles andoutputs a list of candidate roles
HP Role Minimization and HP Edge Minimization HPRole Minimization (HPr) and HP Edge Minimization (HPe)[14] are the role mining algorithms based on minimumbiclique coverage HPr tries to find a minimal set of roles thatoverride the user-permission assignment relationship whileHPe uses a heuristic method to find the smallest number ofedges of an RBAC system
43 Experiments Setup
431 Scenarios Construction To validate our frameworkand method we built 3 scenarios named as Scenario1 (S1)Scenario2 (S2) and Scenario3 (S3) based on the basic exper-imental environment shown in Figure 3 and assigned usersone ormore user roles which is shown in Table 3We can findout that each user in S1 was assigned only 1 user role whilethey were assigned 2 user roles in S2 In S3 users working
Security and Communication Networks 9
Table 3 User-role assignments in different scenario
Scenario OrdinaryUser
ServerAdministrator
DatabaseAdministrator
NetworkAdministrator
SecurityAdministrator
S1 User1 User2User3 User4 User5 User6 User7 User8 User9
User10User11 User12 User13
S2 All Users User7 User8 User11 User12User13 User4 User5 User9 User10
S3
User1 User2User5 User6
User9User10User13
User4 User7 User8 User11 User12
in one roommay be assigned different user roles which mayintroduce more vulnerabilities to network security
For each scenario we first configured the gate machinesand firewall according to Tables 2 and 3 Spatial accesscontrol lists were added on gate machines making usershave physical access to devices they managed or used whilenetwork access control lists were added on the firewallmaking the terminals have network access to the targetservices
It should be noted that there were potential conflictsamong multi-domain configurations on the semantic levelTake the user User4 in S1 as example User4 was a ServerAdministrator and should not access service DS M and thefirewall had forbidden T4 to access service DS D directlybut T4 was permitted to access service WS M and therewas no firewall between WServer and DServer Thus User4can use T4 to log in WServer remotely first and then accessservice DS D (he can get the password DS D P from theconfiguration files on WServer) This is a typical semanticconflict between the network access control lists Similarlyas User4 had the ability to access DS D physically by enteringthe room 3-1 there is another conflict between the networkaccess control list and the spatial access control list Thoseconflicts may result in extra permissions for users
Then we extracted basic information from the networkand established the necessary relationshipmatrices Note thatthere were 16 space entities 28 object entities 34 serviceentities 32 information entities and 13 user entities in allthe 3 scenarios The relationship matrices 119872119874119878 isin R28times16119872119881119868 isin R34times32119872119874119881 119871 isin R28times34 and119872119874119881 119877 isin R28times34 werethe same in all three scenarios where |119872119874119878|0 = |119872119874119881 119871|0 =|119872119874119881 119877|0 = 28 and |119872119881119868|0 = 34 The matrices 119872119878119878 isinR16times16 and119872119881119874 isin R34times28 varied from scenario to scenariodepending on the configurations of gate machines or firewallFor each space pair (S1 S2) we counted the users who canmove from S1 to S2 under each scenario and set the parameter120576 = 14when constructing thematrix119872119878119878The results showedthat |119872119878119878|0 = 46 in S1 |119872119878119878|0 = 46 in S2 and |119872119878119878|0 = 42in S3 We used the scanner NMAP to get the accessibilityrelationships between devices and services establishing thematrix 119872119881119874 The results showed that |119872119881119874|0 = 549 in S1|119872119881119874|0 = 566 in S2 and |119872119878119878|0 = 548 in S3
Finally we detected the user roles by RMMDI and com-pared the results with the two groups of baseline methods
On the one hand we performed the role mining baselinemethods based on the user-permission assignment (UPA)matrices constructed from the firewall configurations andcompared the results with RMMDI On the other hand westudied the best parameters for each clustering method andthen compared the effectiveness of RMMDI with the clus-tering baseline methods Accuracy and normalized mutualinformation (NMI) [31ndash33 36] were adopted to evaluate thecommunity detection effectiveness of different parameterswhose values both range from 0 to 1 and a higher valuemeans better effectiveness We calculated the accuracy andNMI of different clustering methods with ground truth afterstudying the best parameters for each clustering method Inthe experiments we constructed two ground truthsmanuallyIn one ground truth we divided 21 service permissionsinto 5 roles according to Table 2 In the other groundtruth we combined the roles ldquoDatabase Administratorrdquo withldquoServer Administratorrdquo and classified 21 service permissionsinto 4 roles For one community detection result we com-pared it with the two ground truths and calculated metricsseparately
44 Result
441 Role Mining Results Firstly we performed the baselinerole mining methods based on the firewall configurationsAs the firewall only conducted the network access controllists it can only reflect the accessibility between devices andservices Since each terminal was assigned to a user we canget the 3 different UPA matrices from it As we wanted tofind disjoint service subnets we used 119882 = ⟨1 1 1infininfin⟩as the optimization objective In order to save space only thepermission divisions are shown in Table 4 We found that thepermission divisionswere almost the same as those in Table 2whichmeant that the role miningmethods can find no errorsfrom the top-down approach
Then we also performed the RMMDI on all scenarioswith the role number 119896 = 5100 times for each scenario Themajority of the results were different from the result shownin Table 2 The most frequent result (222 in 300 times) islisted as Table 5 Comparing with Table 2 we counted thenumber of inconsistent classification results of each serviceAll 18 services were classified inconsistently for 572 timesin total And the top 2 services with the most inconsistent
10 Security and Communication Networks
Table 4 Role mining results of baselines on all scenarios
Scenario Method Role Permissions
S1
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
S2 HPr
Role1 WS W OS W
Role2 WS W OS W WS M FS MGS M OS M IS M DS M IS W
Role3 WS W OS W DS D
Role4 WS W OS W S1 M S2 MS3 M R M FS F
Role5 WS W OS W F M IPS M GS T
S2
ORCACMHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 WS W OS W DS DRole4 S1 M S2 M S3 M R M FS FRole5 F M IPS M GS T
S3
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
Table 5 The most common result of RMMDI when k=5
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 GS TRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M
classification times were DS D (282 times) and GS T (258times)
Finally we changed the role number 119896 = 4 and performedthe experiments 100 times under each scenario The mostcommon results are shown in Table 6
442 Parameter Study Results We studied the parametersused in RMMDI as well as the baseline clustering methodsWe performed a series of experiments for a series of differentparameters and tried to find out the optimal parameters Theexperiments were conducted under S2 with role number 119896 =4
We first studied the parameters used in baseline meth-ods including 120582119901 119904119901119890119888 in PCoSpec 120582119888 119904119901119890119888 119863 and 120582119888 119904119901119890119888 119868 inCCoSpec and 120582119903119898119904119888 in RMSC With each parameter we set120582 = 005 and studied 30 different values between 0005 and100 When 120582119901 119904119901119890119888 = 015 120582119888 119904119901119890119888 119863 = 8 120582119888 119904119901119890119888 119868 = 1 and
120582119903119898119904119888 = 015 the methods had relatively better effectivenesson the dataset
Then we studied the parameters in PCoNMF andCCoNMF There are 3 parameters 120582119863 120582119868 and 120582119863119868 120582119863 and120582119868 represent the weights of view 119860119881119881 119863 and 119860119881119881 119868 while 120582119863119868is the regularization parameter We studied 27 different ratiosof 120582119863 to 120582119868 between 10 and 002 as well as 10 different valuesof 120582119863119868 between 01 and 10 The experiments were conducted50 times for each pair The results are shown in Figures 4and 5 We found that the parameters 120582119863 and 120582119868 had littleimpact on both the accuracy and NMI when 120582119863120582119868 lt 1 and05 lt 120582119863119868 lt 15 so we used 120582119863 = 1 120582119868 = 3 and 120582119863119868 = 09in the study of 120582 and the clustering experiments shown inSection 443
Finally we studied the parameter 120582 used in RMMDI Weperformed an experiment with a series of 120582 from 005 to 1with step size 05 and observed their impacts on the clustering
Security and Communication Networks 11
Table 6 The most common result of RMMDI when k=4
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 S1 M S2 MS3 M R M FS FRole4 F M IPS M GS T
06
065
07
075
08
085
09
501 401 301 201 151 101 91 71 51 31 11 12 13 15 17 19 115 120 125 130 140 150
PCoNMF_ACCPCoNMF_NMICCoNMF_NMICCoNMF_ACC
Figure 4 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863120582119868
effectiveness (shown in Figure 6) The other parameters wereset as mentioned in the previous paragraph
We found that the curves showed a downward trend inwhole and the accuracy and NMI got greater values when 120582was around 03 which was used for the experiments shownin Section 443
443 Clustering Results We also conducted experiments tocompare the effectiveness of RMMDI with the clusteringbaseline methods We performed all algorithms 200 times oneach scenario and compared results with the ground truthshown in Table 4 All the other parameters were set as theoptimal values mentioned in Section 442 The results arelisted in Tables 7ndash9 in which the results of SP and SymNMF
were the larger result of 3 different inputs 119860119881119881 119860119881119881 119863 and119860119881119881 119868 Most of those values were from the input 119860119881119881 119868
5 Discussion
Wepropose a novel user role framework which uses multipledomain information to mine user roles other than thepreassigned user-permission assignment matrix
It is proved that the framework is suitable for role miningFor the three scenarios used in the experiment different usersare assigned to different user roles One user may be assignedone or more user roles and one user role may be assigned toseveral users For the results listed in Tables 7 and 8 we canfind that the accuracy of the proposed framework is greater
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
4 Security and Communication Networks
Spatial similarity relationships are described by thematrix119872119878119878 isin 119860119878times119878 where 119860 = 0 1 and 119878 = |119873119878|119872119878119878(119894 119895)is determined by
119872119878119878 (119894 119895) =
1 if (119894 = 119895) or u (119894 119895) + u (119895 119894) gt 1205760 otherwise
(1)
where 119906(119894 119895) is the number of users who can move fromspace 119899119904119894 to space 119899119904119895 and 120576 is the threshold value rangingfrom 0 to 2|119873119880|
Device containment relationships are described by thematrix 119872119874119878 isin 119860119874times119878 where 119860 = 0 1 119874 = |119873119874| and119878 = |119873119878|119872119874119878(119894 119895) is determined by the following
119872119874119878 (119894 119895) =
1 if object 119899119900119894 locates in space 1198991199041198950 otherwise
(2)
Service access relationships are described by the matrix119872119881119874 isin 119860119881times119874 where 119860 = 0 1 119881 = |119873119881| and 119874 = |119873119874|119872119881119874(119894 119895) is determined by the following
119872119881119874 (119894 119895)
=
1 if service 119899V119894 can be reach by device 1198991199001198950 119900119905ℎ119890119903119908119894119904119890
(3)
Local management relationships are described by thematrix 119872119874119881 119871 isin 119860119874times119881 where 119860 = 0 1 119874 = |119873119874| and119881 = |119873119881|119872119874119881 119871(119894 119895) is determined by the following
119872119874119881 119871 (i j)
=
1 if device 119899119900119894 can be managed by service 119899V119895 locally0 otherwise
(4)
Remote management relationships are described by thematrix 119872119874119881 119877 isin 119860119874times119881 where 119860 = 0 1 119874 = |119873119874| and119881 = |119873119881|119872119874119881 119877(119894 119895) is determined by the following
119872119874119881 119877 (119894 119895)
=
1 if device 119899119900119894 can be managed by service 119899V119895 remotely
0 otherwise
(5)
Service domination relationships are described by thematrix 119872119881119868 isin 119860119881times119868 where 119860 = 0 1 119881 = |119873119881| and119868 = |119873119868|119872119881119868(119894 119895) is determined by the following
119872119881119868 (119894 119895)
=
1 if the password of service 119899V119894 is 1198991198941198950 otherwise
(6)
Info domination relationships are described by thematrix119872119868119868 isin 119860119868times119868 where 119860 = 0 1 and 119868 = |119873119868| 119872119868119868(119894 119895) isdetermined by
119872119868119868 (119894 119895) =
1 if (119899119894119895 997888rarr 119899119894119894) or (119899119894119894 997888rarr 119899119894119895)0 otherwise
(7)
where symbol 119886 997888rarr 119887 indicates that information 119886 isdominated by information 119887 It means there is a service V isin119873119881 whose password is 119887 and from which the users can getinformation 11988632 RelationshipNetwork Construction Therelationship net-work construction module is to construct basic relationshipnetworks based on the obtained basic information As shownin Figure 2 there are eight networks to be constructedin total The ultimate goal of this module is to form theDevice View Service Network (DVSN) Information ViewService Network (IVSN) and Multiview Service Network(MVSN) These three ultimate networks are used in commu-nity detection and role definition Besides the three ultimatenetworks there are other five networks involved in user-rolemining which are named as LocalManagement ViewDeviceNetwork (LMVDN) Remote Management View DeviceNetwork (RMVDN) Local Information View Device Net-work (LIVDN) Remote Information View Device Network(RIVDN) and Multiview Device Network (MVDN) Thefive intermediate networks are the foundation to constructultimate networks The meanings of intermediate networksand ultimate networks are described as follows
321 Intermediate Networks The five intermediate networksare described as undirected weighted graphs whose adja-cency matrices are constructed from the seven basic relation-ship matrices
LMVDN The LMVDN represents the similarity betweendevices from a spatial (localmanagement) perspective whichmeans the devices located at similarity spaces are moresimilar than others The network is represented by theadjacencymatrix119860119874119874 119878 whose values represent the similarityof two devices The matrix is determined by the following
119860119874119874 119878 = 119872119874119878119872119878119878 (119872119874119878)119879 (8)
RMVDNThe RMVDN represents the similarity betweendevices from a remote management perspective whichmeans the devices that can be managed by similar manage-ment services are more similar than others The network isrepresented by the adjacencymatrix119860119874119874 119877 whose values rep-resent the similarity of two devicesThematrix is determinedby the following
119860119874119874 119877 = 119872119874 119881119877119872119881119874 + (119872119874 119881119877119872119881119874)119879 (9)
LIVDN The LIVDN represents the similarity betweendevices from the perspective of local management servicepassword which means the devices with similar local man-agement service password are more similar than others Thenetwork is represented by the adjacencymatrix119860119874119874 119868119871 whosevalues represent the similarity of two devices The matrix isdetermined by the following
119860119874119874 119868119871 = 119872119874119881 119871119872119881119868119872119868119868 (119872119874119881 119871119872119881119868)119879 (10)
RIVDN The RIVDN represents the similarity betweendevices from the perspective of remote management service
Security and Communication Networks 5
Local Management View Device Network
Remote ManagementView Device Network
Local Information View Device Network
Remote Information View Device Network
Multi-view DeviceNetwork
Device View Service Network
Information View Service Network
Multi-view Service Network
Spatial SimilarityRelationships
Remote ManagementRelationships
Service AccessRelationships
Local ManagementRelationships
Device ContainmentRelationships
Information DominationRelationships
Service dominationrelations
Figure 2 Relationship networks constructed in RMMDI
password which means the devices with similar remotemanagement service password are more similar than othersThe network is represented by the adjacency matrix 119860119874119874 119868119877whose values represent the similarity of two devices Thematrix is determined by the following
119860119874119874 119868119877 = 119872119874119881 119877119872119881119868119872119868119868 (119872119874119881 119877119872119881119868)119879 (11)
MVDN The MVDN represents the similarity betweendevices from multiple perspectives which merges the rela-tionships from the local management perspective and theremote management perspectiveThe network is representedby the adjacency matrix 119860119874119874 whose values represent thesimilarity of two devices The matrix is determined by
119860119874119874 = 119860119874119874 119878 sdot 119860119874119874 119868119871 + 119860119874119874 119877 sdot 119860119874119874 119868119877 (12)
where the symbol sdotmeans dot product of two matrices
322 Ultimate Networks The three ultimate networks arealso described as undirected weighted graphs whose adja-cency matrices are constructed from the seven basic relation-ship matrices and five intermediate networks
DVSN The DVSN represents the similarity of servicepermissions from a device perspective which means theservices accessed by similar devices are more similar thanothers The network is represented by the adjacency matrix119860119881119881 119863 whose values represent the similarity of two devicesThe matrix is determined by
119860119881119881 119863lowast = 119872119881119874119860119874119874 (119872119881119874)119879 (13)
119860119881119881 119863 = relationFilter (119860119881119881 119863lowast 120582) (14)
where relationFilter(119866 120582) is the function of filtering edgesfrom the original graph whose parameter 119866 is the originalgraph and 120582 is the ratio of edges to be reserved
As the matrix 119860119881119881 119863lowast is a fully connected matrix inwhich the edges with small weight have negative impacts oncommunity results we use a function relationFilter(119866 120582) tofilter the low weight edges from the network In function119903119890119897119886119905119894119900119899119865119894119897119905119890119903(119866 120582) for any node 119899 in the graph 119866 we onlyreserve the top 120582timesedgeNum(119899) edges with the largest weightIf two edges have the same weight we reserve the edgebetween the node 119899 and the neighbor node with a higherdegree
IVSN The IVSN represents the similarity of servicepermissions from an information perspective which meansthe services with a similar password are more similar thanothers The network is represented by the adjacency matrix119860119881119881 119868 whose values represent the similarity of two devicesThe matrix is determined by
119860119881119881 119868 = relationFilter (119872119881119868119860119868119868 (119872119881119868)119879 120582) (15)
where relationFilter(119866 120582) is the same edges filteringfunction in formula (14)
MVSN The MVSN represents the similarity of servicepermissions from multiple perspectives which merges thesimilarity relationships from the device perspective and theinformation perspective The network is represented by theadjacency matrix 119860119881119881 whose values represent the similarityof two devices The matrix is determined by the following
119860119881119881 = 119860119881119881 119863 + 119860119881119881 119868 (16)
6 Security and Communication Networks
Input nonnegative matrices 119860119881119881 119863 119860119881119881 119868 number of communities 119896 parameters 120582119863 120582119868 120582119863119868Output Service Community Division 119862 = c1 1198882 sdot sdot sdot 119888k(1) Initialize119882VV D ge 0119867119881119881 119863 ge 0119882VV I ge 0119867119881119881 119868 ge 0(2) While Objective function does not converge and the Number of iterations is less thanThreshold do(3) Update119867119881119881 119863 according to Formula (18)(4) Update119867119881119881 119868 according to Formula (19)(5) Update119882VV D according to Formula (20)(6) Update119882VV I according to Formula (21)(7) end while(8) Divide nodes to communities division 119862 = c1 1198882 sdot sdot sdot 119888k according to the coefficient matrix119882VV D
(9) return 119862 = c1 1198882 sdot sdot sdot 119888k
Algorithm 1 Permission community detection algorithm (PCDA)
33 Community Discovery and User-Role Definition Afterbuilding the ultimate networks services can be dividedinto community relations through multi-view clusteringalgorithm where all service permissions are divided into acommunity division119862 = 1198881 1198882 sdot sdot sdot 119888119896Then for each 119888119894 isin 119862a role can be defined correspondingly In this way all networkservice permissions can be naturally assigned to 119896 classeswhere the possible values of 119896 can be determined throughalgorithms such as maximummodule degree
In multiview service community discovery we usethe Pairwise Coregularized NMF clustering algorithm(PCoNMF) proposed in [32] which is based on regularizedjoint NMF The objective function of service communitydiscovery is formulated as follows
119869 = 120582119863100381710038171003817100381710038171003817119860119881119881 119863 minus119882119881119881 119863 (119867119881119881 119863)T100381710038171003817100381710038171003817
2
119865
+ 120582119868100381710038171003817100381710038171003817119860119881119881 119868 minus119882119881119881 119868 (119867119881119881 119868)T100381710038171003817100381710038171003817
2
119865
+ 12058211986311986810038171003817100381710038171003817119882119881119881 119863 minus119882119881119881 11986810038171003817100381710038171003817
2
119865
119904119905 119867119881119881 119863 ge 0 119867119881119881 119868 ge 0
(17)
The hypothesis behind PCoNMF is to regularize thecoefficient matrices of the different views to a commonconsensus which is then used for clustering PCoNMF alsoadopts alternating optimization to minimize the objectivefunction The optimization works as follows (1) fix the valueof 119882119881119881 119863 and 119882119881119881 119868 while minimizing 119869 over 119867119881119881 119863 and119867119881119881 119868 then (2) fix the value of 119867119881119881 119863 and 119867119881119881 119868 whileminimizing 119869over119882119881119881 119863 and119882119881119881 119868We repeat the two stepsuntil the iteration threshold is achieved
According to [32] the update rules are as follows
119867119881119881 119863 larr997888 119867119881119881 119863 sdot (119882119881119881 119863)119879119860119881119881 119863
(119882119881119881 119863)119879119882119881119881 119863119860119881119881 119863(18)
119867119881119881 119868 larr997888 119867119881119881 119868 sdot (119882119881119881 119868)119879119860119881119881 119868
(119882119881119881 119868)119879119882119881119881 119868119860119881119881 119868(19)
119882119881119881 119863 larr997888
119882119881119881 119863 sdot 120582119863119860119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119868
120582119863119882119881119881 119863119867119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119863(20)
119882119881119881 119868 larr997888
119882119881119881 119868 sdot 120582119868119860119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119863
120582119868119882119881119881 119868119867119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119868(21)
Hence the permission community detection algorithm isshown as Algorithm 1
4 Experiments and Results
In this section we evaluate our role mining method based onthemulti-domain information of a simulated network whichis the simplification of the inner network of Corporation M
41 Experiment Environment We built a simulation networkfor experiments including a router a firewall an IntrusionPrevention System (IPS) 3 switches (Switch1 Switch2 andSwitch3) 6 servers (WServer DServer FServer GServerOServer and IServer) 3 gate machines (GM1 GM2 andGM3) and 13 terminals (T1 T2 T3 T13) We used aHUAWEI S7706 as the core router three HUAWEI S5700as switches a TOPSEC NGFW 4000-UF as the firewall aTOPSEC IDP 3000 as IPS and computers from Dell and HPas the servers or terminalsThe router enabled 3-layer routingand the firewall were configured with bidirectional accesscontrol lists All the servers and terminals were installedwith different versions of Windows including Windows2003 Server Windows XP and Windows 7 We deployedan entrance guard system including 3 gate machines and aserver (GServer) The gate machines used face recognitiontechnology to determine whether a person can pass or notAn office automation system was deployed on the OServerwhose database was deployed on the DServer We alsodeployed two websites and an FTP using IIS (Internet Infor-mation Services) onWServer IServer and FServer Similarlythe websites depended on the same database deployed on
Security and Communication Networks 7
T1
T8
Switch1Firewall Switch 3
Database Server(DServer)
Web Server(WServer)
Ftp Server(FServer)
IPS
Gate Server(GServer)
OA Server(OServer)
Inner Web Server(IServer)
Gate Machine1Gate Machine3(GM1)
(GM3)
T7
Gate Machine2(GM2)
T13
Building 2
Building 3Building 1
Router
Figure 3 An example network
DServer The physical link relationships among devices areshown in Figure 3
All the devices are distributed in 12 rooms in 3 buildings10 devices are located in building 1 terminal T1 T2 andT3 arein room 1-1 T4 and T5 are in room 1-4 T6 and T7 are in room1-5 Switch1 is in room 1-2 and GM1 is in the hall of building1 (room 1-3) 8 devices are located in building 2 terminals T8and T9 are in room 2-1 T10 and T11 are in room 2-4 T12 andT13 are in room 2-5 Switch2 is in room 2-2 and GM2 is inthe hall of building 2 (room 2-3) 10 devices are located inbuilding 3 router firewall IPS Switch3 and all servers are inroom 3-1 and GM3 is in the hall of building 3 (room 3-2)
There were 34 services in the network including 28management services and 6 business services The manage-ment services were used for device management while thebusiness services were used for corporation business Eachdevice was managed by a management service The routerand switches enabled SSH service The servers and terminalsenabled the Remote Desktop Service In addition the gatemachines enabled web-based management interfaces Thewebsite deployed on WServer provided a web service onport 80 named as WS W which was used to publish publicinformationThe FServer provided an FTP service on port 21named as FS Fwhichwas used byNetworkAdministrators toshare informationTheGServer provided a data transmissionservice on port 8080 named as GS T which was usedto synchronize data between GM machine and GServerThe OServer provided a web service on port 80 named asOS W which was used to document circulation for all usersThe IServer provided a web service on port 80 named asIS W which was used by Server Administrators to shareinformationTheDServer provided a database service on port
1433 named as DS D which was used to provide underlyingsupport for WS W OS W and IS W
There were 33 passwords in the analysis Each serviceexcept for WS W and OS W has a password Besides119873119880119871119871 was added to represent the empty password All theinformation involved is shown in Table 1
There were 13 users involved in analysis named fromUser1 to User13 who used terminals T1 to T13 and knewpasswords T1 M P to T13 M P respectively Using the top-down approaches the network security administrators hadgotten 5 user roles for the business information which werenamed as Ordinary User Server Administrator DatabaseAdministrator NetworkAdministrator and Security Admin-istratorThe role-permission assignments are listed in Table 2
42 Baseline Methods To demonstrate the effectiveness ofour method we compare our approach with two groups ofbaselines The first group comprises 5 clustering methods 2single view methods and 3 multiview methods The secondgroup comprises 4 traditional role mining methods ORCA(OFFIS Role mining tool with Cluster Analysis) CM (Com-plete Miner) HPr (HP Role Minimization) and HPe (HPEdge Minimization)
421 Clustering Methods SP (Spectral Clustering) SP [35] isa classical single view clustering algorithm which makes useof the eigenvalues of the data similarity matrix to performdimensionality reduction before clustering in fewer dimen-sionsThe similaritymatrix is provided as an input consistingof a quantitative assessment of the relative similarity of eachpair of points in the dataset
SymNMF SymNMF [36] is a clustering algorithm basedon NMF which takes a nonnegative and symmetric matrix as
8 Security and Communication Networks
Table 1 Device related information
Device Location Services Password Device Location Services PasswordT1 R1-1 T1 M T1 M P GM2 R2-3 G2 M G2 M PT2 R1-1 T2 M T2 M P GM3 R3-2 G3 M G3 M PT3 R1-1 T3 M T3 M P Switch1 R1-2 S1 M S1 M PT4 R1-4 T4 M T4 M P Switch2 R2-2 S2 M S2 M PT5 R1-4 T5 M T5 M P Switch3 R3-1 S3 M S3 M PT6 R1-5 T6 M T6 M P Router R3-1 R M R M PT7 R1-5 T7 M T7 M P Firewall R3-1 F M F M PT8 R2-1 T8 M T8 M P IPS R3-1 IPS M IPS M P
T9 R2-1 T9 M T9 M P WServer R3-1 WS W - -WS M WS M P
T10 R2-4 T10 M T10 M P DServer R3-1 DS D DS D PDS M DS M P
T11 R2-4 T11 M T11 M P FServer R3-1 FS F FS F PFS M FS M P
T12 R2-5 T12 M T12 M P GServer R3-1 GS T GS T PGS M GS M P
T13 R2-5 T13 M T13 M P OServer R3-1 OS W ndashOS M OS M P
GM1 R1-3 G1 M G1 M P IServer R3-1 IS W IS W PIS M IS M P
Table 2 User role-permission assignments by top-down methods
Roles Service PermissionsOrdinary User WS W OS WServer Administrator WS M FS M GS M OS M IS M DS M IS WDatabase Administrator DS DNetwork Administrator S1 M S2 MS3 M R M FS FSecurity Administrator F M IPS M G1 M G2 M G3 M GS T
an input The matrix contains pairwise similarity values of asimilarity graph and is approximated by a lower rank matrixinstead of the product of two lower rank matrices
PCoSpec (Pairwise Coregularized Spectral clustering)and CCoSpec (Center-wise Coregularized Spectral cluster-ing) Two coregularization schemes are adopted in spec-tral clustering framework [37] PCoSpec utilizes a pairwisecoregularization to enforce the eigenvectors of each pairto be similar and CCoSpec employs the centroid-basedcoregularization to enforce the eigenvectors to be similar witha common center
CCoNMF (Cluster-wise Coregularized NMF clustering)CCoNMF extends NMF for multiview clustering by jointlyfactorizing the multiple matrices through cluster-wise coreg-ularization [32] which enforces the cluster similarity matri-ces to be similar
RMSC (Robust Multiview Spectral Clustering) RMSC[38] is a multiview spectral clustering method based onMarkov chain which explicitly handles the possible noise inthe transition probability matrices associated with differentviews
422Mining BaselineMethods ORCAORCA [11] is the firstrole mining algorithm which uses the hierarchical clusteringtechnology to discover user rolesThe algorithm defines each
permission as an initial cluster first then merges the clustersand forms a role hierarchy
Complete Miner (CM) CM [10] is another classic rolemining algorithm proposed in 2006 It starts by creating aninitial set of roles for the distinct user-permission sets thencomputes all possible intersection sets of the initial roles andoutputs a list of candidate roles
HP Role Minimization and HP Edge Minimization HPRole Minimization (HPr) and HP Edge Minimization (HPe)[14] are the role mining algorithms based on minimumbiclique coverage HPr tries to find a minimal set of roles thatoverride the user-permission assignment relationship whileHPe uses a heuristic method to find the smallest number ofedges of an RBAC system
43 Experiments Setup
431 Scenarios Construction To validate our frameworkand method we built 3 scenarios named as Scenario1 (S1)Scenario2 (S2) and Scenario3 (S3) based on the basic exper-imental environment shown in Figure 3 and assigned usersone ormore user roles which is shown in Table 3We can findout that each user in S1 was assigned only 1 user role whilethey were assigned 2 user roles in S2 In S3 users working
Security and Communication Networks 9
Table 3 User-role assignments in different scenario
Scenario OrdinaryUser
ServerAdministrator
DatabaseAdministrator
NetworkAdministrator
SecurityAdministrator
S1 User1 User2User3 User4 User5 User6 User7 User8 User9
User10User11 User12 User13
S2 All Users User7 User8 User11 User12User13 User4 User5 User9 User10
S3
User1 User2User5 User6
User9User10User13
User4 User7 User8 User11 User12
in one roommay be assigned different user roles which mayintroduce more vulnerabilities to network security
For each scenario we first configured the gate machinesand firewall according to Tables 2 and 3 Spatial accesscontrol lists were added on gate machines making usershave physical access to devices they managed or used whilenetwork access control lists were added on the firewallmaking the terminals have network access to the targetservices
It should be noted that there were potential conflictsamong multi-domain configurations on the semantic levelTake the user User4 in S1 as example User4 was a ServerAdministrator and should not access service DS M and thefirewall had forbidden T4 to access service DS D directlybut T4 was permitted to access service WS M and therewas no firewall between WServer and DServer Thus User4can use T4 to log in WServer remotely first and then accessservice DS D (he can get the password DS D P from theconfiguration files on WServer) This is a typical semanticconflict between the network access control lists Similarlyas User4 had the ability to access DS D physically by enteringthe room 3-1 there is another conflict between the networkaccess control list and the spatial access control list Thoseconflicts may result in extra permissions for users
Then we extracted basic information from the networkand established the necessary relationshipmatrices Note thatthere were 16 space entities 28 object entities 34 serviceentities 32 information entities and 13 user entities in allthe 3 scenarios The relationship matrices 119872119874119878 isin R28times16119872119881119868 isin R34times32119872119874119881 119871 isin R28times34 and119872119874119881 119877 isin R28times34 werethe same in all three scenarios where |119872119874119878|0 = |119872119874119881 119871|0 =|119872119874119881 119877|0 = 28 and |119872119881119868|0 = 34 The matrices 119872119878119878 isinR16times16 and119872119881119874 isin R34times28 varied from scenario to scenariodepending on the configurations of gate machines or firewallFor each space pair (S1 S2) we counted the users who canmove from S1 to S2 under each scenario and set the parameter120576 = 14when constructing thematrix119872119878119878The results showedthat |119872119878119878|0 = 46 in S1 |119872119878119878|0 = 46 in S2 and |119872119878119878|0 = 42in S3 We used the scanner NMAP to get the accessibilityrelationships between devices and services establishing thematrix 119872119881119874 The results showed that |119872119881119874|0 = 549 in S1|119872119881119874|0 = 566 in S2 and |119872119878119878|0 = 548 in S3
Finally we detected the user roles by RMMDI and com-pared the results with the two groups of baseline methods
On the one hand we performed the role mining baselinemethods based on the user-permission assignment (UPA)matrices constructed from the firewall configurations andcompared the results with RMMDI On the other hand westudied the best parameters for each clustering method andthen compared the effectiveness of RMMDI with the clus-tering baseline methods Accuracy and normalized mutualinformation (NMI) [31ndash33 36] were adopted to evaluate thecommunity detection effectiveness of different parameterswhose values both range from 0 to 1 and a higher valuemeans better effectiveness We calculated the accuracy andNMI of different clustering methods with ground truth afterstudying the best parameters for each clustering method Inthe experiments we constructed two ground truthsmanuallyIn one ground truth we divided 21 service permissionsinto 5 roles according to Table 2 In the other groundtruth we combined the roles ldquoDatabase Administratorrdquo withldquoServer Administratorrdquo and classified 21 service permissionsinto 4 roles For one community detection result we com-pared it with the two ground truths and calculated metricsseparately
44 Result
441 Role Mining Results Firstly we performed the baselinerole mining methods based on the firewall configurationsAs the firewall only conducted the network access controllists it can only reflect the accessibility between devices andservices Since each terminal was assigned to a user we canget the 3 different UPA matrices from it As we wanted tofind disjoint service subnets we used 119882 = ⟨1 1 1infininfin⟩as the optimization objective In order to save space only thepermission divisions are shown in Table 4 We found that thepermission divisionswere almost the same as those in Table 2whichmeant that the role miningmethods can find no errorsfrom the top-down approach
Then we also performed the RMMDI on all scenarioswith the role number 119896 = 5100 times for each scenario Themajority of the results were different from the result shownin Table 2 The most frequent result (222 in 300 times) islisted as Table 5 Comparing with Table 2 we counted thenumber of inconsistent classification results of each serviceAll 18 services were classified inconsistently for 572 timesin total And the top 2 services with the most inconsistent
10 Security and Communication Networks
Table 4 Role mining results of baselines on all scenarios
Scenario Method Role Permissions
S1
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
S2 HPr
Role1 WS W OS W
Role2 WS W OS W WS M FS MGS M OS M IS M DS M IS W
Role3 WS W OS W DS D
Role4 WS W OS W S1 M S2 MS3 M R M FS F
Role5 WS W OS W F M IPS M GS T
S2
ORCACMHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 WS W OS W DS DRole4 S1 M S2 M S3 M R M FS FRole5 F M IPS M GS T
S3
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
Table 5 The most common result of RMMDI when k=5
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 GS TRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M
classification times were DS D (282 times) and GS T (258times)
Finally we changed the role number 119896 = 4 and performedthe experiments 100 times under each scenario The mostcommon results are shown in Table 6
442 Parameter Study Results We studied the parametersused in RMMDI as well as the baseline clustering methodsWe performed a series of experiments for a series of differentparameters and tried to find out the optimal parameters Theexperiments were conducted under S2 with role number 119896 =4
We first studied the parameters used in baseline meth-ods including 120582119901 119904119901119890119888 in PCoSpec 120582119888 119904119901119890119888 119863 and 120582119888 119904119901119890119888 119868 inCCoSpec and 120582119903119898119904119888 in RMSC With each parameter we set120582 = 005 and studied 30 different values between 0005 and100 When 120582119901 119904119901119890119888 = 015 120582119888 119904119901119890119888 119863 = 8 120582119888 119904119901119890119888 119868 = 1 and
120582119903119898119904119888 = 015 the methods had relatively better effectivenesson the dataset
Then we studied the parameters in PCoNMF andCCoNMF There are 3 parameters 120582119863 120582119868 and 120582119863119868 120582119863 and120582119868 represent the weights of view 119860119881119881 119863 and 119860119881119881 119868 while 120582119863119868is the regularization parameter We studied 27 different ratiosof 120582119863 to 120582119868 between 10 and 002 as well as 10 different valuesof 120582119863119868 between 01 and 10 The experiments were conducted50 times for each pair The results are shown in Figures 4and 5 We found that the parameters 120582119863 and 120582119868 had littleimpact on both the accuracy and NMI when 120582119863120582119868 lt 1 and05 lt 120582119863119868 lt 15 so we used 120582119863 = 1 120582119868 = 3 and 120582119863119868 = 09in the study of 120582 and the clustering experiments shown inSection 443
Finally we studied the parameter 120582 used in RMMDI Weperformed an experiment with a series of 120582 from 005 to 1with step size 05 and observed their impacts on the clustering
Security and Communication Networks 11
Table 6 The most common result of RMMDI when k=4
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 S1 M S2 MS3 M R M FS FRole4 F M IPS M GS T
06
065
07
075
08
085
09
501 401 301 201 151 101 91 71 51 31 11 12 13 15 17 19 115 120 125 130 140 150
PCoNMF_ACCPCoNMF_NMICCoNMF_NMICCoNMF_ACC
Figure 4 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863120582119868
effectiveness (shown in Figure 6) The other parameters wereset as mentioned in the previous paragraph
We found that the curves showed a downward trend inwhole and the accuracy and NMI got greater values when 120582was around 03 which was used for the experiments shownin Section 443
443 Clustering Results We also conducted experiments tocompare the effectiveness of RMMDI with the clusteringbaseline methods We performed all algorithms 200 times oneach scenario and compared results with the ground truthshown in Table 4 All the other parameters were set as theoptimal values mentioned in Section 442 The results arelisted in Tables 7ndash9 in which the results of SP and SymNMF
were the larger result of 3 different inputs 119860119881119881 119860119881119881 119863 and119860119881119881 119868 Most of those values were from the input 119860119881119881 119868
5 Discussion
Wepropose a novel user role framework which uses multipledomain information to mine user roles other than thepreassigned user-permission assignment matrix
It is proved that the framework is suitable for role miningFor the three scenarios used in the experiment different usersare assigned to different user roles One user may be assignedone or more user roles and one user role may be assigned toseveral users For the results listed in Tables 7 and 8 we canfind that the accuracy of the proposed framework is greater
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
Security and Communication Networks 5
Local Management View Device Network
Remote ManagementView Device Network
Local Information View Device Network
Remote Information View Device Network
Multi-view DeviceNetwork
Device View Service Network
Information View Service Network
Multi-view Service Network
Spatial SimilarityRelationships
Remote ManagementRelationships
Service AccessRelationships
Local ManagementRelationships
Device ContainmentRelationships
Information DominationRelationships
Service dominationrelations
Figure 2 Relationship networks constructed in RMMDI
password which means the devices with similar remotemanagement service password are more similar than othersThe network is represented by the adjacency matrix 119860119874119874 119868119877whose values represent the similarity of two devices Thematrix is determined by the following
119860119874119874 119868119877 = 119872119874119881 119877119872119881119868119872119868119868 (119872119874119881 119877119872119881119868)119879 (11)
MVDN The MVDN represents the similarity betweendevices from multiple perspectives which merges the rela-tionships from the local management perspective and theremote management perspectiveThe network is representedby the adjacency matrix 119860119874119874 whose values represent thesimilarity of two devices The matrix is determined by
119860119874119874 = 119860119874119874 119878 sdot 119860119874119874 119868119871 + 119860119874119874 119877 sdot 119860119874119874 119868119877 (12)
where the symbol sdotmeans dot product of two matrices
322 Ultimate Networks The three ultimate networks arealso described as undirected weighted graphs whose adja-cency matrices are constructed from the seven basic relation-ship matrices and five intermediate networks
DVSN The DVSN represents the similarity of servicepermissions from a device perspective which means theservices accessed by similar devices are more similar thanothers The network is represented by the adjacency matrix119860119881119881 119863 whose values represent the similarity of two devicesThe matrix is determined by
119860119881119881 119863lowast = 119872119881119874119860119874119874 (119872119881119874)119879 (13)
119860119881119881 119863 = relationFilter (119860119881119881 119863lowast 120582) (14)
where relationFilter(119866 120582) is the function of filtering edgesfrom the original graph whose parameter 119866 is the originalgraph and 120582 is the ratio of edges to be reserved
As the matrix 119860119881119881 119863lowast is a fully connected matrix inwhich the edges with small weight have negative impacts oncommunity results we use a function relationFilter(119866 120582) tofilter the low weight edges from the network In function119903119890119897119886119905119894119900119899119865119894119897119905119890119903(119866 120582) for any node 119899 in the graph 119866 we onlyreserve the top 120582timesedgeNum(119899) edges with the largest weightIf two edges have the same weight we reserve the edgebetween the node 119899 and the neighbor node with a higherdegree
IVSN The IVSN represents the similarity of servicepermissions from an information perspective which meansthe services with a similar password are more similar thanothers The network is represented by the adjacency matrix119860119881119881 119868 whose values represent the similarity of two devicesThe matrix is determined by
119860119881119881 119868 = relationFilter (119872119881119868119860119868119868 (119872119881119868)119879 120582) (15)
where relationFilter(119866 120582) is the same edges filteringfunction in formula (14)
MVSN The MVSN represents the similarity of servicepermissions from multiple perspectives which merges thesimilarity relationships from the device perspective and theinformation perspective The network is represented by theadjacency matrix 119860119881119881 whose values represent the similarityof two devices The matrix is determined by the following
119860119881119881 = 119860119881119881 119863 + 119860119881119881 119868 (16)
6 Security and Communication Networks
Input nonnegative matrices 119860119881119881 119863 119860119881119881 119868 number of communities 119896 parameters 120582119863 120582119868 120582119863119868Output Service Community Division 119862 = c1 1198882 sdot sdot sdot 119888k(1) Initialize119882VV D ge 0119867119881119881 119863 ge 0119882VV I ge 0119867119881119881 119868 ge 0(2) While Objective function does not converge and the Number of iterations is less thanThreshold do(3) Update119867119881119881 119863 according to Formula (18)(4) Update119867119881119881 119868 according to Formula (19)(5) Update119882VV D according to Formula (20)(6) Update119882VV I according to Formula (21)(7) end while(8) Divide nodes to communities division 119862 = c1 1198882 sdot sdot sdot 119888k according to the coefficient matrix119882VV D
(9) return 119862 = c1 1198882 sdot sdot sdot 119888k
Algorithm 1 Permission community detection algorithm (PCDA)
33 Community Discovery and User-Role Definition Afterbuilding the ultimate networks services can be dividedinto community relations through multi-view clusteringalgorithm where all service permissions are divided into acommunity division119862 = 1198881 1198882 sdot sdot sdot 119888119896Then for each 119888119894 isin 119862a role can be defined correspondingly In this way all networkservice permissions can be naturally assigned to 119896 classeswhere the possible values of 119896 can be determined throughalgorithms such as maximummodule degree
In multiview service community discovery we usethe Pairwise Coregularized NMF clustering algorithm(PCoNMF) proposed in [32] which is based on regularizedjoint NMF The objective function of service communitydiscovery is formulated as follows
119869 = 120582119863100381710038171003817100381710038171003817119860119881119881 119863 minus119882119881119881 119863 (119867119881119881 119863)T100381710038171003817100381710038171003817
2
119865
+ 120582119868100381710038171003817100381710038171003817119860119881119881 119868 minus119882119881119881 119868 (119867119881119881 119868)T100381710038171003817100381710038171003817
2
119865
+ 12058211986311986810038171003817100381710038171003817119882119881119881 119863 minus119882119881119881 11986810038171003817100381710038171003817
2
119865
119904119905 119867119881119881 119863 ge 0 119867119881119881 119868 ge 0
(17)
The hypothesis behind PCoNMF is to regularize thecoefficient matrices of the different views to a commonconsensus which is then used for clustering PCoNMF alsoadopts alternating optimization to minimize the objectivefunction The optimization works as follows (1) fix the valueof 119882119881119881 119863 and 119882119881119881 119868 while minimizing 119869 over 119867119881119881 119863 and119867119881119881 119868 then (2) fix the value of 119867119881119881 119863 and 119867119881119881 119868 whileminimizing 119869over119882119881119881 119863 and119882119881119881 119868We repeat the two stepsuntil the iteration threshold is achieved
According to [32] the update rules are as follows
119867119881119881 119863 larr997888 119867119881119881 119863 sdot (119882119881119881 119863)119879119860119881119881 119863
(119882119881119881 119863)119879119882119881119881 119863119860119881119881 119863(18)
119867119881119881 119868 larr997888 119867119881119881 119868 sdot (119882119881119881 119868)119879119860119881119881 119868
(119882119881119881 119868)119879119882119881119881 119868119860119881119881 119868(19)
119882119881119881 119863 larr997888
119882119881119881 119863 sdot 120582119863119860119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119868
120582119863119882119881119881 119863119867119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119863(20)
119882119881119881 119868 larr997888
119882119881119881 119868 sdot 120582119868119860119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119863
120582119868119882119881119881 119868119867119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119868(21)
Hence the permission community detection algorithm isshown as Algorithm 1
4 Experiments and Results
In this section we evaluate our role mining method based onthemulti-domain information of a simulated network whichis the simplification of the inner network of Corporation M
41 Experiment Environment We built a simulation networkfor experiments including a router a firewall an IntrusionPrevention System (IPS) 3 switches (Switch1 Switch2 andSwitch3) 6 servers (WServer DServer FServer GServerOServer and IServer) 3 gate machines (GM1 GM2 andGM3) and 13 terminals (T1 T2 T3 T13) We used aHUAWEI S7706 as the core router three HUAWEI S5700as switches a TOPSEC NGFW 4000-UF as the firewall aTOPSEC IDP 3000 as IPS and computers from Dell and HPas the servers or terminalsThe router enabled 3-layer routingand the firewall were configured with bidirectional accesscontrol lists All the servers and terminals were installedwith different versions of Windows including Windows2003 Server Windows XP and Windows 7 We deployedan entrance guard system including 3 gate machines and aserver (GServer) The gate machines used face recognitiontechnology to determine whether a person can pass or notAn office automation system was deployed on the OServerwhose database was deployed on the DServer We alsodeployed two websites and an FTP using IIS (Internet Infor-mation Services) onWServer IServer and FServer Similarlythe websites depended on the same database deployed on
Security and Communication Networks 7
T1
T8
Switch1Firewall Switch 3
Database Server(DServer)
Web Server(WServer)
Ftp Server(FServer)
IPS
Gate Server(GServer)
OA Server(OServer)
Inner Web Server(IServer)
Gate Machine1Gate Machine3(GM1)
(GM3)
T7
Gate Machine2(GM2)
T13
Building 2
Building 3Building 1
Router
Figure 3 An example network
DServer The physical link relationships among devices areshown in Figure 3
All the devices are distributed in 12 rooms in 3 buildings10 devices are located in building 1 terminal T1 T2 andT3 arein room 1-1 T4 and T5 are in room 1-4 T6 and T7 are in room1-5 Switch1 is in room 1-2 and GM1 is in the hall of building1 (room 1-3) 8 devices are located in building 2 terminals T8and T9 are in room 2-1 T10 and T11 are in room 2-4 T12 andT13 are in room 2-5 Switch2 is in room 2-2 and GM2 is inthe hall of building 2 (room 2-3) 10 devices are located inbuilding 3 router firewall IPS Switch3 and all servers are inroom 3-1 and GM3 is in the hall of building 3 (room 3-2)
There were 34 services in the network including 28management services and 6 business services The manage-ment services were used for device management while thebusiness services were used for corporation business Eachdevice was managed by a management service The routerand switches enabled SSH service The servers and terminalsenabled the Remote Desktop Service In addition the gatemachines enabled web-based management interfaces Thewebsite deployed on WServer provided a web service onport 80 named as WS W which was used to publish publicinformationThe FServer provided an FTP service on port 21named as FS Fwhichwas used byNetworkAdministrators toshare informationTheGServer provided a data transmissionservice on port 8080 named as GS T which was usedto synchronize data between GM machine and GServerThe OServer provided a web service on port 80 named asOS W which was used to document circulation for all usersThe IServer provided a web service on port 80 named asIS W which was used by Server Administrators to shareinformationTheDServer provided a database service on port
1433 named as DS D which was used to provide underlyingsupport for WS W OS W and IS W
There were 33 passwords in the analysis Each serviceexcept for WS W and OS W has a password Besides119873119880119871119871 was added to represent the empty password All theinformation involved is shown in Table 1
There were 13 users involved in analysis named fromUser1 to User13 who used terminals T1 to T13 and knewpasswords T1 M P to T13 M P respectively Using the top-down approaches the network security administrators hadgotten 5 user roles for the business information which werenamed as Ordinary User Server Administrator DatabaseAdministrator NetworkAdministrator and Security Admin-istratorThe role-permission assignments are listed in Table 2
42 Baseline Methods To demonstrate the effectiveness ofour method we compare our approach with two groups ofbaselines The first group comprises 5 clustering methods 2single view methods and 3 multiview methods The secondgroup comprises 4 traditional role mining methods ORCA(OFFIS Role mining tool with Cluster Analysis) CM (Com-plete Miner) HPr (HP Role Minimization) and HPe (HPEdge Minimization)
421 Clustering Methods SP (Spectral Clustering) SP [35] isa classical single view clustering algorithm which makes useof the eigenvalues of the data similarity matrix to performdimensionality reduction before clustering in fewer dimen-sionsThe similaritymatrix is provided as an input consistingof a quantitative assessment of the relative similarity of eachpair of points in the dataset
SymNMF SymNMF [36] is a clustering algorithm basedon NMF which takes a nonnegative and symmetric matrix as
8 Security and Communication Networks
Table 1 Device related information
Device Location Services Password Device Location Services PasswordT1 R1-1 T1 M T1 M P GM2 R2-3 G2 M G2 M PT2 R1-1 T2 M T2 M P GM3 R3-2 G3 M G3 M PT3 R1-1 T3 M T3 M P Switch1 R1-2 S1 M S1 M PT4 R1-4 T4 M T4 M P Switch2 R2-2 S2 M S2 M PT5 R1-4 T5 M T5 M P Switch3 R3-1 S3 M S3 M PT6 R1-5 T6 M T6 M P Router R3-1 R M R M PT7 R1-5 T7 M T7 M P Firewall R3-1 F M F M PT8 R2-1 T8 M T8 M P IPS R3-1 IPS M IPS M P
T9 R2-1 T9 M T9 M P WServer R3-1 WS W - -WS M WS M P
T10 R2-4 T10 M T10 M P DServer R3-1 DS D DS D PDS M DS M P
T11 R2-4 T11 M T11 M P FServer R3-1 FS F FS F PFS M FS M P
T12 R2-5 T12 M T12 M P GServer R3-1 GS T GS T PGS M GS M P
T13 R2-5 T13 M T13 M P OServer R3-1 OS W ndashOS M OS M P
GM1 R1-3 G1 M G1 M P IServer R3-1 IS W IS W PIS M IS M P
Table 2 User role-permission assignments by top-down methods
Roles Service PermissionsOrdinary User WS W OS WServer Administrator WS M FS M GS M OS M IS M DS M IS WDatabase Administrator DS DNetwork Administrator S1 M S2 MS3 M R M FS FSecurity Administrator F M IPS M G1 M G2 M G3 M GS T
an input The matrix contains pairwise similarity values of asimilarity graph and is approximated by a lower rank matrixinstead of the product of two lower rank matrices
PCoSpec (Pairwise Coregularized Spectral clustering)and CCoSpec (Center-wise Coregularized Spectral cluster-ing) Two coregularization schemes are adopted in spec-tral clustering framework [37] PCoSpec utilizes a pairwisecoregularization to enforce the eigenvectors of each pairto be similar and CCoSpec employs the centroid-basedcoregularization to enforce the eigenvectors to be similar witha common center
CCoNMF (Cluster-wise Coregularized NMF clustering)CCoNMF extends NMF for multiview clustering by jointlyfactorizing the multiple matrices through cluster-wise coreg-ularization [32] which enforces the cluster similarity matri-ces to be similar
RMSC (Robust Multiview Spectral Clustering) RMSC[38] is a multiview spectral clustering method based onMarkov chain which explicitly handles the possible noise inthe transition probability matrices associated with differentviews
422Mining BaselineMethods ORCAORCA [11] is the firstrole mining algorithm which uses the hierarchical clusteringtechnology to discover user rolesThe algorithm defines each
permission as an initial cluster first then merges the clustersand forms a role hierarchy
Complete Miner (CM) CM [10] is another classic rolemining algorithm proposed in 2006 It starts by creating aninitial set of roles for the distinct user-permission sets thencomputes all possible intersection sets of the initial roles andoutputs a list of candidate roles
HP Role Minimization and HP Edge Minimization HPRole Minimization (HPr) and HP Edge Minimization (HPe)[14] are the role mining algorithms based on minimumbiclique coverage HPr tries to find a minimal set of roles thatoverride the user-permission assignment relationship whileHPe uses a heuristic method to find the smallest number ofedges of an RBAC system
43 Experiments Setup
431 Scenarios Construction To validate our frameworkand method we built 3 scenarios named as Scenario1 (S1)Scenario2 (S2) and Scenario3 (S3) based on the basic exper-imental environment shown in Figure 3 and assigned usersone ormore user roles which is shown in Table 3We can findout that each user in S1 was assigned only 1 user role whilethey were assigned 2 user roles in S2 In S3 users working
Security and Communication Networks 9
Table 3 User-role assignments in different scenario
Scenario OrdinaryUser
ServerAdministrator
DatabaseAdministrator
NetworkAdministrator
SecurityAdministrator
S1 User1 User2User3 User4 User5 User6 User7 User8 User9
User10User11 User12 User13
S2 All Users User7 User8 User11 User12User13 User4 User5 User9 User10
S3
User1 User2User5 User6
User9User10User13
User4 User7 User8 User11 User12
in one roommay be assigned different user roles which mayintroduce more vulnerabilities to network security
For each scenario we first configured the gate machinesand firewall according to Tables 2 and 3 Spatial accesscontrol lists were added on gate machines making usershave physical access to devices they managed or used whilenetwork access control lists were added on the firewallmaking the terminals have network access to the targetservices
It should be noted that there were potential conflictsamong multi-domain configurations on the semantic levelTake the user User4 in S1 as example User4 was a ServerAdministrator and should not access service DS M and thefirewall had forbidden T4 to access service DS D directlybut T4 was permitted to access service WS M and therewas no firewall between WServer and DServer Thus User4can use T4 to log in WServer remotely first and then accessservice DS D (he can get the password DS D P from theconfiguration files on WServer) This is a typical semanticconflict between the network access control lists Similarlyas User4 had the ability to access DS D physically by enteringthe room 3-1 there is another conflict between the networkaccess control list and the spatial access control list Thoseconflicts may result in extra permissions for users
Then we extracted basic information from the networkand established the necessary relationshipmatrices Note thatthere were 16 space entities 28 object entities 34 serviceentities 32 information entities and 13 user entities in allthe 3 scenarios The relationship matrices 119872119874119878 isin R28times16119872119881119868 isin R34times32119872119874119881 119871 isin R28times34 and119872119874119881 119877 isin R28times34 werethe same in all three scenarios where |119872119874119878|0 = |119872119874119881 119871|0 =|119872119874119881 119877|0 = 28 and |119872119881119868|0 = 34 The matrices 119872119878119878 isinR16times16 and119872119881119874 isin R34times28 varied from scenario to scenariodepending on the configurations of gate machines or firewallFor each space pair (S1 S2) we counted the users who canmove from S1 to S2 under each scenario and set the parameter120576 = 14when constructing thematrix119872119878119878The results showedthat |119872119878119878|0 = 46 in S1 |119872119878119878|0 = 46 in S2 and |119872119878119878|0 = 42in S3 We used the scanner NMAP to get the accessibilityrelationships between devices and services establishing thematrix 119872119881119874 The results showed that |119872119881119874|0 = 549 in S1|119872119881119874|0 = 566 in S2 and |119872119878119878|0 = 548 in S3
Finally we detected the user roles by RMMDI and com-pared the results with the two groups of baseline methods
On the one hand we performed the role mining baselinemethods based on the user-permission assignment (UPA)matrices constructed from the firewall configurations andcompared the results with RMMDI On the other hand westudied the best parameters for each clustering method andthen compared the effectiveness of RMMDI with the clus-tering baseline methods Accuracy and normalized mutualinformation (NMI) [31ndash33 36] were adopted to evaluate thecommunity detection effectiveness of different parameterswhose values both range from 0 to 1 and a higher valuemeans better effectiveness We calculated the accuracy andNMI of different clustering methods with ground truth afterstudying the best parameters for each clustering method Inthe experiments we constructed two ground truthsmanuallyIn one ground truth we divided 21 service permissionsinto 5 roles according to Table 2 In the other groundtruth we combined the roles ldquoDatabase Administratorrdquo withldquoServer Administratorrdquo and classified 21 service permissionsinto 4 roles For one community detection result we com-pared it with the two ground truths and calculated metricsseparately
44 Result
441 Role Mining Results Firstly we performed the baselinerole mining methods based on the firewall configurationsAs the firewall only conducted the network access controllists it can only reflect the accessibility between devices andservices Since each terminal was assigned to a user we canget the 3 different UPA matrices from it As we wanted tofind disjoint service subnets we used 119882 = ⟨1 1 1infininfin⟩as the optimization objective In order to save space only thepermission divisions are shown in Table 4 We found that thepermission divisionswere almost the same as those in Table 2whichmeant that the role miningmethods can find no errorsfrom the top-down approach
Then we also performed the RMMDI on all scenarioswith the role number 119896 = 5100 times for each scenario Themajority of the results were different from the result shownin Table 2 The most frequent result (222 in 300 times) islisted as Table 5 Comparing with Table 2 we counted thenumber of inconsistent classification results of each serviceAll 18 services were classified inconsistently for 572 timesin total And the top 2 services with the most inconsistent
10 Security and Communication Networks
Table 4 Role mining results of baselines on all scenarios
Scenario Method Role Permissions
S1
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
S2 HPr
Role1 WS W OS W
Role2 WS W OS W WS M FS MGS M OS M IS M DS M IS W
Role3 WS W OS W DS D
Role4 WS W OS W S1 M S2 MS3 M R M FS F
Role5 WS W OS W F M IPS M GS T
S2
ORCACMHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 WS W OS W DS DRole4 S1 M S2 M S3 M R M FS FRole5 F M IPS M GS T
S3
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
Table 5 The most common result of RMMDI when k=5
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 GS TRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M
classification times were DS D (282 times) and GS T (258times)
Finally we changed the role number 119896 = 4 and performedthe experiments 100 times under each scenario The mostcommon results are shown in Table 6
442 Parameter Study Results We studied the parametersused in RMMDI as well as the baseline clustering methodsWe performed a series of experiments for a series of differentparameters and tried to find out the optimal parameters Theexperiments were conducted under S2 with role number 119896 =4
We first studied the parameters used in baseline meth-ods including 120582119901 119904119901119890119888 in PCoSpec 120582119888 119904119901119890119888 119863 and 120582119888 119904119901119890119888 119868 inCCoSpec and 120582119903119898119904119888 in RMSC With each parameter we set120582 = 005 and studied 30 different values between 0005 and100 When 120582119901 119904119901119890119888 = 015 120582119888 119904119901119890119888 119863 = 8 120582119888 119904119901119890119888 119868 = 1 and
120582119903119898119904119888 = 015 the methods had relatively better effectivenesson the dataset
Then we studied the parameters in PCoNMF andCCoNMF There are 3 parameters 120582119863 120582119868 and 120582119863119868 120582119863 and120582119868 represent the weights of view 119860119881119881 119863 and 119860119881119881 119868 while 120582119863119868is the regularization parameter We studied 27 different ratiosof 120582119863 to 120582119868 between 10 and 002 as well as 10 different valuesof 120582119863119868 between 01 and 10 The experiments were conducted50 times for each pair The results are shown in Figures 4and 5 We found that the parameters 120582119863 and 120582119868 had littleimpact on both the accuracy and NMI when 120582119863120582119868 lt 1 and05 lt 120582119863119868 lt 15 so we used 120582119863 = 1 120582119868 = 3 and 120582119863119868 = 09in the study of 120582 and the clustering experiments shown inSection 443
Finally we studied the parameter 120582 used in RMMDI Weperformed an experiment with a series of 120582 from 005 to 1with step size 05 and observed their impacts on the clustering
Security and Communication Networks 11
Table 6 The most common result of RMMDI when k=4
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 S1 M S2 MS3 M R M FS FRole4 F M IPS M GS T
06
065
07
075
08
085
09
501 401 301 201 151 101 91 71 51 31 11 12 13 15 17 19 115 120 125 130 140 150
PCoNMF_ACCPCoNMF_NMICCoNMF_NMICCoNMF_ACC
Figure 4 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863120582119868
effectiveness (shown in Figure 6) The other parameters wereset as mentioned in the previous paragraph
We found that the curves showed a downward trend inwhole and the accuracy and NMI got greater values when 120582was around 03 which was used for the experiments shownin Section 443
443 Clustering Results We also conducted experiments tocompare the effectiveness of RMMDI with the clusteringbaseline methods We performed all algorithms 200 times oneach scenario and compared results with the ground truthshown in Table 4 All the other parameters were set as theoptimal values mentioned in Section 442 The results arelisted in Tables 7ndash9 in which the results of SP and SymNMF
were the larger result of 3 different inputs 119860119881119881 119860119881119881 119863 and119860119881119881 119868 Most of those values were from the input 119860119881119881 119868
5 Discussion
Wepropose a novel user role framework which uses multipledomain information to mine user roles other than thepreassigned user-permission assignment matrix
It is proved that the framework is suitable for role miningFor the three scenarios used in the experiment different usersare assigned to different user roles One user may be assignedone or more user roles and one user role may be assigned toseveral users For the results listed in Tables 7 and 8 we canfind that the accuracy of the proposed framework is greater
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
6 Security and Communication Networks
Input nonnegative matrices 119860119881119881 119863 119860119881119881 119868 number of communities 119896 parameters 120582119863 120582119868 120582119863119868Output Service Community Division 119862 = c1 1198882 sdot sdot sdot 119888k(1) Initialize119882VV D ge 0119867119881119881 119863 ge 0119882VV I ge 0119867119881119881 119868 ge 0(2) While Objective function does not converge and the Number of iterations is less thanThreshold do(3) Update119867119881119881 119863 according to Formula (18)(4) Update119867119881119881 119868 according to Formula (19)(5) Update119882VV D according to Formula (20)(6) Update119882VV I according to Formula (21)(7) end while(8) Divide nodes to communities division 119862 = c1 1198882 sdot sdot sdot 119888k according to the coefficient matrix119882VV D
(9) return 119862 = c1 1198882 sdot sdot sdot 119888k
Algorithm 1 Permission community detection algorithm (PCDA)
33 Community Discovery and User-Role Definition Afterbuilding the ultimate networks services can be dividedinto community relations through multi-view clusteringalgorithm where all service permissions are divided into acommunity division119862 = 1198881 1198882 sdot sdot sdot 119888119896Then for each 119888119894 isin 119862a role can be defined correspondingly In this way all networkservice permissions can be naturally assigned to 119896 classeswhere the possible values of 119896 can be determined throughalgorithms such as maximummodule degree
In multiview service community discovery we usethe Pairwise Coregularized NMF clustering algorithm(PCoNMF) proposed in [32] which is based on regularizedjoint NMF The objective function of service communitydiscovery is formulated as follows
119869 = 120582119863100381710038171003817100381710038171003817119860119881119881 119863 minus119882119881119881 119863 (119867119881119881 119863)T100381710038171003817100381710038171003817
2
119865
+ 120582119868100381710038171003817100381710038171003817119860119881119881 119868 minus119882119881119881 119868 (119867119881119881 119868)T100381710038171003817100381710038171003817
2
119865
+ 12058211986311986810038171003817100381710038171003817119882119881119881 119863 minus119882119881119881 11986810038171003817100381710038171003817
2
119865
119904119905 119867119881119881 119863 ge 0 119867119881119881 119868 ge 0
(17)
The hypothesis behind PCoNMF is to regularize thecoefficient matrices of the different views to a commonconsensus which is then used for clustering PCoNMF alsoadopts alternating optimization to minimize the objectivefunction The optimization works as follows (1) fix the valueof 119882119881119881 119863 and 119882119881119881 119868 while minimizing 119869 over 119867119881119881 119863 and119867119881119881 119868 then (2) fix the value of 119867119881119881 119863 and 119867119881119881 119868 whileminimizing 119869over119882119881119881 119863 and119882119881119881 119868We repeat the two stepsuntil the iteration threshold is achieved
According to [32] the update rules are as follows
119867119881119881 119863 larr997888 119867119881119881 119863 sdot (119882119881119881 119863)119879119860119881119881 119863
(119882119881119881 119863)119879119882119881119881 119863119860119881119881 119863(18)
119867119881119881 119868 larr997888 119867119881119881 119868 sdot (119882119881119881 119868)119879119860119881119881 119868
(119882119881119881 119868)119879119882119881119881 119868119860119881119881 119868(19)
119882119881119881 119863 larr997888
119882119881119881 119863 sdot 120582119863119860119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119868
120582119863119882119881119881 119863119867119881119881 119863 (119867119881119881 119863)119879 + 120582119863119868119882119881119881 119863(20)
119882119881119881 119868 larr997888
119882119881119881 119868 sdot 120582119868119860119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119863
120582119868119882119881119881 119868119867119881119881 119868 (119867119881119881 119868)119879 + 120582119863119868119882119881119881 119868(21)
Hence the permission community detection algorithm isshown as Algorithm 1
4 Experiments and Results
In this section we evaluate our role mining method based onthemulti-domain information of a simulated network whichis the simplification of the inner network of Corporation M
41 Experiment Environment We built a simulation networkfor experiments including a router a firewall an IntrusionPrevention System (IPS) 3 switches (Switch1 Switch2 andSwitch3) 6 servers (WServer DServer FServer GServerOServer and IServer) 3 gate machines (GM1 GM2 andGM3) and 13 terminals (T1 T2 T3 T13) We used aHUAWEI S7706 as the core router three HUAWEI S5700as switches a TOPSEC NGFW 4000-UF as the firewall aTOPSEC IDP 3000 as IPS and computers from Dell and HPas the servers or terminalsThe router enabled 3-layer routingand the firewall were configured with bidirectional accesscontrol lists All the servers and terminals were installedwith different versions of Windows including Windows2003 Server Windows XP and Windows 7 We deployedan entrance guard system including 3 gate machines and aserver (GServer) The gate machines used face recognitiontechnology to determine whether a person can pass or notAn office automation system was deployed on the OServerwhose database was deployed on the DServer We alsodeployed two websites and an FTP using IIS (Internet Infor-mation Services) onWServer IServer and FServer Similarlythe websites depended on the same database deployed on
Security and Communication Networks 7
T1
T8
Switch1Firewall Switch 3
Database Server(DServer)
Web Server(WServer)
Ftp Server(FServer)
IPS
Gate Server(GServer)
OA Server(OServer)
Inner Web Server(IServer)
Gate Machine1Gate Machine3(GM1)
(GM3)
T7
Gate Machine2(GM2)
T13
Building 2
Building 3Building 1
Router
Figure 3 An example network
DServer The physical link relationships among devices areshown in Figure 3
All the devices are distributed in 12 rooms in 3 buildings10 devices are located in building 1 terminal T1 T2 andT3 arein room 1-1 T4 and T5 are in room 1-4 T6 and T7 are in room1-5 Switch1 is in room 1-2 and GM1 is in the hall of building1 (room 1-3) 8 devices are located in building 2 terminals T8and T9 are in room 2-1 T10 and T11 are in room 2-4 T12 andT13 are in room 2-5 Switch2 is in room 2-2 and GM2 is inthe hall of building 2 (room 2-3) 10 devices are located inbuilding 3 router firewall IPS Switch3 and all servers are inroom 3-1 and GM3 is in the hall of building 3 (room 3-2)
There were 34 services in the network including 28management services and 6 business services The manage-ment services were used for device management while thebusiness services were used for corporation business Eachdevice was managed by a management service The routerand switches enabled SSH service The servers and terminalsenabled the Remote Desktop Service In addition the gatemachines enabled web-based management interfaces Thewebsite deployed on WServer provided a web service onport 80 named as WS W which was used to publish publicinformationThe FServer provided an FTP service on port 21named as FS Fwhichwas used byNetworkAdministrators toshare informationTheGServer provided a data transmissionservice on port 8080 named as GS T which was usedto synchronize data between GM machine and GServerThe OServer provided a web service on port 80 named asOS W which was used to document circulation for all usersThe IServer provided a web service on port 80 named asIS W which was used by Server Administrators to shareinformationTheDServer provided a database service on port
1433 named as DS D which was used to provide underlyingsupport for WS W OS W and IS W
There were 33 passwords in the analysis Each serviceexcept for WS W and OS W has a password Besides119873119880119871119871 was added to represent the empty password All theinformation involved is shown in Table 1
There were 13 users involved in analysis named fromUser1 to User13 who used terminals T1 to T13 and knewpasswords T1 M P to T13 M P respectively Using the top-down approaches the network security administrators hadgotten 5 user roles for the business information which werenamed as Ordinary User Server Administrator DatabaseAdministrator NetworkAdministrator and Security Admin-istratorThe role-permission assignments are listed in Table 2
42 Baseline Methods To demonstrate the effectiveness ofour method we compare our approach with two groups ofbaselines The first group comprises 5 clustering methods 2single view methods and 3 multiview methods The secondgroup comprises 4 traditional role mining methods ORCA(OFFIS Role mining tool with Cluster Analysis) CM (Com-plete Miner) HPr (HP Role Minimization) and HPe (HPEdge Minimization)
421 Clustering Methods SP (Spectral Clustering) SP [35] isa classical single view clustering algorithm which makes useof the eigenvalues of the data similarity matrix to performdimensionality reduction before clustering in fewer dimen-sionsThe similaritymatrix is provided as an input consistingof a quantitative assessment of the relative similarity of eachpair of points in the dataset
SymNMF SymNMF [36] is a clustering algorithm basedon NMF which takes a nonnegative and symmetric matrix as
8 Security and Communication Networks
Table 1 Device related information
Device Location Services Password Device Location Services PasswordT1 R1-1 T1 M T1 M P GM2 R2-3 G2 M G2 M PT2 R1-1 T2 M T2 M P GM3 R3-2 G3 M G3 M PT3 R1-1 T3 M T3 M P Switch1 R1-2 S1 M S1 M PT4 R1-4 T4 M T4 M P Switch2 R2-2 S2 M S2 M PT5 R1-4 T5 M T5 M P Switch3 R3-1 S3 M S3 M PT6 R1-5 T6 M T6 M P Router R3-1 R M R M PT7 R1-5 T7 M T7 M P Firewall R3-1 F M F M PT8 R2-1 T8 M T8 M P IPS R3-1 IPS M IPS M P
T9 R2-1 T9 M T9 M P WServer R3-1 WS W - -WS M WS M P
T10 R2-4 T10 M T10 M P DServer R3-1 DS D DS D PDS M DS M P
T11 R2-4 T11 M T11 M P FServer R3-1 FS F FS F PFS M FS M P
T12 R2-5 T12 M T12 M P GServer R3-1 GS T GS T PGS M GS M P
T13 R2-5 T13 M T13 M P OServer R3-1 OS W ndashOS M OS M P
GM1 R1-3 G1 M G1 M P IServer R3-1 IS W IS W PIS M IS M P
Table 2 User role-permission assignments by top-down methods
Roles Service PermissionsOrdinary User WS W OS WServer Administrator WS M FS M GS M OS M IS M DS M IS WDatabase Administrator DS DNetwork Administrator S1 M S2 MS3 M R M FS FSecurity Administrator F M IPS M G1 M G2 M G3 M GS T
an input The matrix contains pairwise similarity values of asimilarity graph and is approximated by a lower rank matrixinstead of the product of two lower rank matrices
PCoSpec (Pairwise Coregularized Spectral clustering)and CCoSpec (Center-wise Coregularized Spectral cluster-ing) Two coregularization schemes are adopted in spec-tral clustering framework [37] PCoSpec utilizes a pairwisecoregularization to enforce the eigenvectors of each pairto be similar and CCoSpec employs the centroid-basedcoregularization to enforce the eigenvectors to be similar witha common center
CCoNMF (Cluster-wise Coregularized NMF clustering)CCoNMF extends NMF for multiview clustering by jointlyfactorizing the multiple matrices through cluster-wise coreg-ularization [32] which enforces the cluster similarity matri-ces to be similar
RMSC (Robust Multiview Spectral Clustering) RMSC[38] is a multiview spectral clustering method based onMarkov chain which explicitly handles the possible noise inthe transition probability matrices associated with differentviews
422Mining BaselineMethods ORCAORCA [11] is the firstrole mining algorithm which uses the hierarchical clusteringtechnology to discover user rolesThe algorithm defines each
permission as an initial cluster first then merges the clustersand forms a role hierarchy
Complete Miner (CM) CM [10] is another classic rolemining algorithm proposed in 2006 It starts by creating aninitial set of roles for the distinct user-permission sets thencomputes all possible intersection sets of the initial roles andoutputs a list of candidate roles
HP Role Minimization and HP Edge Minimization HPRole Minimization (HPr) and HP Edge Minimization (HPe)[14] are the role mining algorithms based on minimumbiclique coverage HPr tries to find a minimal set of roles thatoverride the user-permission assignment relationship whileHPe uses a heuristic method to find the smallest number ofedges of an RBAC system
43 Experiments Setup
431 Scenarios Construction To validate our frameworkand method we built 3 scenarios named as Scenario1 (S1)Scenario2 (S2) and Scenario3 (S3) based on the basic exper-imental environment shown in Figure 3 and assigned usersone ormore user roles which is shown in Table 3We can findout that each user in S1 was assigned only 1 user role whilethey were assigned 2 user roles in S2 In S3 users working
Security and Communication Networks 9
Table 3 User-role assignments in different scenario
Scenario OrdinaryUser
ServerAdministrator
DatabaseAdministrator
NetworkAdministrator
SecurityAdministrator
S1 User1 User2User3 User4 User5 User6 User7 User8 User9
User10User11 User12 User13
S2 All Users User7 User8 User11 User12User13 User4 User5 User9 User10
S3
User1 User2User5 User6
User9User10User13
User4 User7 User8 User11 User12
in one roommay be assigned different user roles which mayintroduce more vulnerabilities to network security
For each scenario we first configured the gate machinesand firewall according to Tables 2 and 3 Spatial accesscontrol lists were added on gate machines making usershave physical access to devices they managed or used whilenetwork access control lists were added on the firewallmaking the terminals have network access to the targetservices
It should be noted that there were potential conflictsamong multi-domain configurations on the semantic levelTake the user User4 in S1 as example User4 was a ServerAdministrator and should not access service DS M and thefirewall had forbidden T4 to access service DS D directlybut T4 was permitted to access service WS M and therewas no firewall between WServer and DServer Thus User4can use T4 to log in WServer remotely first and then accessservice DS D (he can get the password DS D P from theconfiguration files on WServer) This is a typical semanticconflict between the network access control lists Similarlyas User4 had the ability to access DS D physically by enteringthe room 3-1 there is another conflict between the networkaccess control list and the spatial access control list Thoseconflicts may result in extra permissions for users
Then we extracted basic information from the networkand established the necessary relationshipmatrices Note thatthere were 16 space entities 28 object entities 34 serviceentities 32 information entities and 13 user entities in allthe 3 scenarios The relationship matrices 119872119874119878 isin R28times16119872119881119868 isin R34times32119872119874119881 119871 isin R28times34 and119872119874119881 119877 isin R28times34 werethe same in all three scenarios where |119872119874119878|0 = |119872119874119881 119871|0 =|119872119874119881 119877|0 = 28 and |119872119881119868|0 = 34 The matrices 119872119878119878 isinR16times16 and119872119881119874 isin R34times28 varied from scenario to scenariodepending on the configurations of gate machines or firewallFor each space pair (S1 S2) we counted the users who canmove from S1 to S2 under each scenario and set the parameter120576 = 14when constructing thematrix119872119878119878The results showedthat |119872119878119878|0 = 46 in S1 |119872119878119878|0 = 46 in S2 and |119872119878119878|0 = 42in S3 We used the scanner NMAP to get the accessibilityrelationships between devices and services establishing thematrix 119872119881119874 The results showed that |119872119881119874|0 = 549 in S1|119872119881119874|0 = 566 in S2 and |119872119878119878|0 = 548 in S3
Finally we detected the user roles by RMMDI and com-pared the results with the two groups of baseline methods
On the one hand we performed the role mining baselinemethods based on the user-permission assignment (UPA)matrices constructed from the firewall configurations andcompared the results with RMMDI On the other hand westudied the best parameters for each clustering method andthen compared the effectiveness of RMMDI with the clus-tering baseline methods Accuracy and normalized mutualinformation (NMI) [31ndash33 36] were adopted to evaluate thecommunity detection effectiveness of different parameterswhose values both range from 0 to 1 and a higher valuemeans better effectiveness We calculated the accuracy andNMI of different clustering methods with ground truth afterstudying the best parameters for each clustering method Inthe experiments we constructed two ground truthsmanuallyIn one ground truth we divided 21 service permissionsinto 5 roles according to Table 2 In the other groundtruth we combined the roles ldquoDatabase Administratorrdquo withldquoServer Administratorrdquo and classified 21 service permissionsinto 4 roles For one community detection result we com-pared it with the two ground truths and calculated metricsseparately
44 Result
441 Role Mining Results Firstly we performed the baselinerole mining methods based on the firewall configurationsAs the firewall only conducted the network access controllists it can only reflect the accessibility between devices andservices Since each terminal was assigned to a user we canget the 3 different UPA matrices from it As we wanted tofind disjoint service subnets we used 119882 = ⟨1 1 1infininfin⟩as the optimization objective In order to save space only thepermission divisions are shown in Table 4 We found that thepermission divisionswere almost the same as those in Table 2whichmeant that the role miningmethods can find no errorsfrom the top-down approach
Then we also performed the RMMDI on all scenarioswith the role number 119896 = 5100 times for each scenario Themajority of the results were different from the result shownin Table 2 The most frequent result (222 in 300 times) islisted as Table 5 Comparing with Table 2 we counted thenumber of inconsistent classification results of each serviceAll 18 services were classified inconsistently for 572 timesin total And the top 2 services with the most inconsistent
10 Security and Communication Networks
Table 4 Role mining results of baselines on all scenarios
Scenario Method Role Permissions
S1
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
S2 HPr
Role1 WS W OS W
Role2 WS W OS W WS M FS MGS M OS M IS M DS M IS W
Role3 WS W OS W DS D
Role4 WS W OS W S1 M S2 MS3 M R M FS F
Role5 WS W OS W F M IPS M GS T
S2
ORCACMHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 WS W OS W DS DRole4 S1 M S2 M S3 M R M FS FRole5 F M IPS M GS T
S3
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
Table 5 The most common result of RMMDI when k=5
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 GS TRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M
classification times were DS D (282 times) and GS T (258times)
Finally we changed the role number 119896 = 4 and performedthe experiments 100 times under each scenario The mostcommon results are shown in Table 6
442 Parameter Study Results We studied the parametersused in RMMDI as well as the baseline clustering methodsWe performed a series of experiments for a series of differentparameters and tried to find out the optimal parameters Theexperiments were conducted under S2 with role number 119896 =4
We first studied the parameters used in baseline meth-ods including 120582119901 119904119901119890119888 in PCoSpec 120582119888 119904119901119890119888 119863 and 120582119888 119904119901119890119888 119868 inCCoSpec and 120582119903119898119904119888 in RMSC With each parameter we set120582 = 005 and studied 30 different values between 0005 and100 When 120582119901 119904119901119890119888 = 015 120582119888 119904119901119890119888 119863 = 8 120582119888 119904119901119890119888 119868 = 1 and
120582119903119898119904119888 = 015 the methods had relatively better effectivenesson the dataset
Then we studied the parameters in PCoNMF andCCoNMF There are 3 parameters 120582119863 120582119868 and 120582119863119868 120582119863 and120582119868 represent the weights of view 119860119881119881 119863 and 119860119881119881 119868 while 120582119863119868is the regularization parameter We studied 27 different ratiosof 120582119863 to 120582119868 between 10 and 002 as well as 10 different valuesof 120582119863119868 between 01 and 10 The experiments were conducted50 times for each pair The results are shown in Figures 4and 5 We found that the parameters 120582119863 and 120582119868 had littleimpact on both the accuracy and NMI when 120582119863120582119868 lt 1 and05 lt 120582119863119868 lt 15 so we used 120582119863 = 1 120582119868 = 3 and 120582119863119868 = 09in the study of 120582 and the clustering experiments shown inSection 443
Finally we studied the parameter 120582 used in RMMDI Weperformed an experiment with a series of 120582 from 005 to 1with step size 05 and observed their impacts on the clustering
Security and Communication Networks 11
Table 6 The most common result of RMMDI when k=4
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 S1 M S2 MS3 M R M FS FRole4 F M IPS M GS T
06
065
07
075
08
085
09
501 401 301 201 151 101 91 71 51 31 11 12 13 15 17 19 115 120 125 130 140 150
PCoNMF_ACCPCoNMF_NMICCoNMF_NMICCoNMF_ACC
Figure 4 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863120582119868
effectiveness (shown in Figure 6) The other parameters wereset as mentioned in the previous paragraph
We found that the curves showed a downward trend inwhole and the accuracy and NMI got greater values when 120582was around 03 which was used for the experiments shownin Section 443
443 Clustering Results We also conducted experiments tocompare the effectiveness of RMMDI with the clusteringbaseline methods We performed all algorithms 200 times oneach scenario and compared results with the ground truthshown in Table 4 All the other parameters were set as theoptimal values mentioned in Section 442 The results arelisted in Tables 7ndash9 in which the results of SP and SymNMF
were the larger result of 3 different inputs 119860119881119881 119860119881119881 119863 and119860119881119881 119868 Most of those values were from the input 119860119881119881 119868
5 Discussion
Wepropose a novel user role framework which uses multipledomain information to mine user roles other than thepreassigned user-permission assignment matrix
It is proved that the framework is suitable for role miningFor the three scenarios used in the experiment different usersare assigned to different user roles One user may be assignedone or more user roles and one user role may be assigned toseveral users For the results listed in Tables 7 and 8 we canfind that the accuracy of the proposed framework is greater
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
Security and Communication Networks 7
T1
T8
Switch1Firewall Switch 3
Database Server(DServer)
Web Server(WServer)
Ftp Server(FServer)
IPS
Gate Server(GServer)
OA Server(OServer)
Inner Web Server(IServer)
Gate Machine1Gate Machine3(GM1)
(GM3)
T7
Gate Machine2(GM2)
T13
Building 2
Building 3Building 1
Router
Figure 3 An example network
DServer The physical link relationships among devices areshown in Figure 3
All the devices are distributed in 12 rooms in 3 buildings10 devices are located in building 1 terminal T1 T2 andT3 arein room 1-1 T4 and T5 are in room 1-4 T6 and T7 are in room1-5 Switch1 is in room 1-2 and GM1 is in the hall of building1 (room 1-3) 8 devices are located in building 2 terminals T8and T9 are in room 2-1 T10 and T11 are in room 2-4 T12 andT13 are in room 2-5 Switch2 is in room 2-2 and GM2 is inthe hall of building 2 (room 2-3) 10 devices are located inbuilding 3 router firewall IPS Switch3 and all servers are inroom 3-1 and GM3 is in the hall of building 3 (room 3-2)
There were 34 services in the network including 28management services and 6 business services The manage-ment services were used for device management while thebusiness services were used for corporation business Eachdevice was managed by a management service The routerand switches enabled SSH service The servers and terminalsenabled the Remote Desktop Service In addition the gatemachines enabled web-based management interfaces Thewebsite deployed on WServer provided a web service onport 80 named as WS W which was used to publish publicinformationThe FServer provided an FTP service on port 21named as FS Fwhichwas used byNetworkAdministrators toshare informationTheGServer provided a data transmissionservice on port 8080 named as GS T which was usedto synchronize data between GM machine and GServerThe OServer provided a web service on port 80 named asOS W which was used to document circulation for all usersThe IServer provided a web service on port 80 named asIS W which was used by Server Administrators to shareinformationTheDServer provided a database service on port
1433 named as DS D which was used to provide underlyingsupport for WS W OS W and IS W
There were 33 passwords in the analysis Each serviceexcept for WS W and OS W has a password Besides119873119880119871119871 was added to represent the empty password All theinformation involved is shown in Table 1
There were 13 users involved in analysis named fromUser1 to User13 who used terminals T1 to T13 and knewpasswords T1 M P to T13 M P respectively Using the top-down approaches the network security administrators hadgotten 5 user roles for the business information which werenamed as Ordinary User Server Administrator DatabaseAdministrator NetworkAdministrator and Security Admin-istratorThe role-permission assignments are listed in Table 2
42 Baseline Methods To demonstrate the effectiveness ofour method we compare our approach with two groups ofbaselines The first group comprises 5 clustering methods 2single view methods and 3 multiview methods The secondgroup comprises 4 traditional role mining methods ORCA(OFFIS Role mining tool with Cluster Analysis) CM (Com-plete Miner) HPr (HP Role Minimization) and HPe (HPEdge Minimization)
421 Clustering Methods SP (Spectral Clustering) SP [35] isa classical single view clustering algorithm which makes useof the eigenvalues of the data similarity matrix to performdimensionality reduction before clustering in fewer dimen-sionsThe similaritymatrix is provided as an input consistingof a quantitative assessment of the relative similarity of eachpair of points in the dataset
SymNMF SymNMF [36] is a clustering algorithm basedon NMF which takes a nonnegative and symmetric matrix as
8 Security and Communication Networks
Table 1 Device related information
Device Location Services Password Device Location Services PasswordT1 R1-1 T1 M T1 M P GM2 R2-3 G2 M G2 M PT2 R1-1 T2 M T2 M P GM3 R3-2 G3 M G3 M PT3 R1-1 T3 M T3 M P Switch1 R1-2 S1 M S1 M PT4 R1-4 T4 M T4 M P Switch2 R2-2 S2 M S2 M PT5 R1-4 T5 M T5 M P Switch3 R3-1 S3 M S3 M PT6 R1-5 T6 M T6 M P Router R3-1 R M R M PT7 R1-5 T7 M T7 M P Firewall R3-1 F M F M PT8 R2-1 T8 M T8 M P IPS R3-1 IPS M IPS M P
T9 R2-1 T9 M T9 M P WServer R3-1 WS W - -WS M WS M P
T10 R2-4 T10 M T10 M P DServer R3-1 DS D DS D PDS M DS M P
T11 R2-4 T11 M T11 M P FServer R3-1 FS F FS F PFS M FS M P
T12 R2-5 T12 M T12 M P GServer R3-1 GS T GS T PGS M GS M P
T13 R2-5 T13 M T13 M P OServer R3-1 OS W ndashOS M OS M P
GM1 R1-3 G1 M G1 M P IServer R3-1 IS W IS W PIS M IS M P
Table 2 User role-permission assignments by top-down methods
Roles Service PermissionsOrdinary User WS W OS WServer Administrator WS M FS M GS M OS M IS M DS M IS WDatabase Administrator DS DNetwork Administrator S1 M S2 MS3 M R M FS FSecurity Administrator F M IPS M G1 M G2 M G3 M GS T
an input The matrix contains pairwise similarity values of asimilarity graph and is approximated by a lower rank matrixinstead of the product of two lower rank matrices
PCoSpec (Pairwise Coregularized Spectral clustering)and CCoSpec (Center-wise Coregularized Spectral cluster-ing) Two coregularization schemes are adopted in spec-tral clustering framework [37] PCoSpec utilizes a pairwisecoregularization to enforce the eigenvectors of each pairto be similar and CCoSpec employs the centroid-basedcoregularization to enforce the eigenvectors to be similar witha common center
CCoNMF (Cluster-wise Coregularized NMF clustering)CCoNMF extends NMF for multiview clustering by jointlyfactorizing the multiple matrices through cluster-wise coreg-ularization [32] which enforces the cluster similarity matri-ces to be similar
RMSC (Robust Multiview Spectral Clustering) RMSC[38] is a multiview spectral clustering method based onMarkov chain which explicitly handles the possible noise inthe transition probability matrices associated with differentviews
422Mining BaselineMethods ORCAORCA [11] is the firstrole mining algorithm which uses the hierarchical clusteringtechnology to discover user rolesThe algorithm defines each
permission as an initial cluster first then merges the clustersand forms a role hierarchy
Complete Miner (CM) CM [10] is another classic rolemining algorithm proposed in 2006 It starts by creating aninitial set of roles for the distinct user-permission sets thencomputes all possible intersection sets of the initial roles andoutputs a list of candidate roles
HP Role Minimization and HP Edge Minimization HPRole Minimization (HPr) and HP Edge Minimization (HPe)[14] are the role mining algorithms based on minimumbiclique coverage HPr tries to find a minimal set of roles thatoverride the user-permission assignment relationship whileHPe uses a heuristic method to find the smallest number ofedges of an RBAC system
43 Experiments Setup
431 Scenarios Construction To validate our frameworkand method we built 3 scenarios named as Scenario1 (S1)Scenario2 (S2) and Scenario3 (S3) based on the basic exper-imental environment shown in Figure 3 and assigned usersone ormore user roles which is shown in Table 3We can findout that each user in S1 was assigned only 1 user role whilethey were assigned 2 user roles in S2 In S3 users working
Security and Communication Networks 9
Table 3 User-role assignments in different scenario
Scenario OrdinaryUser
ServerAdministrator
DatabaseAdministrator
NetworkAdministrator
SecurityAdministrator
S1 User1 User2User3 User4 User5 User6 User7 User8 User9
User10User11 User12 User13
S2 All Users User7 User8 User11 User12User13 User4 User5 User9 User10
S3
User1 User2User5 User6
User9User10User13
User4 User7 User8 User11 User12
in one roommay be assigned different user roles which mayintroduce more vulnerabilities to network security
For each scenario we first configured the gate machinesand firewall according to Tables 2 and 3 Spatial accesscontrol lists were added on gate machines making usershave physical access to devices they managed or used whilenetwork access control lists were added on the firewallmaking the terminals have network access to the targetservices
It should be noted that there were potential conflictsamong multi-domain configurations on the semantic levelTake the user User4 in S1 as example User4 was a ServerAdministrator and should not access service DS M and thefirewall had forbidden T4 to access service DS D directlybut T4 was permitted to access service WS M and therewas no firewall between WServer and DServer Thus User4can use T4 to log in WServer remotely first and then accessservice DS D (he can get the password DS D P from theconfiguration files on WServer) This is a typical semanticconflict between the network access control lists Similarlyas User4 had the ability to access DS D physically by enteringthe room 3-1 there is another conflict between the networkaccess control list and the spatial access control list Thoseconflicts may result in extra permissions for users
Then we extracted basic information from the networkand established the necessary relationshipmatrices Note thatthere were 16 space entities 28 object entities 34 serviceentities 32 information entities and 13 user entities in allthe 3 scenarios The relationship matrices 119872119874119878 isin R28times16119872119881119868 isin R34times32119872119874119881 119871 isin R28times34 and119872119874119881 119877 isin R28times34 werethe same in all three scenarios where |119872119874119878|0 = |119872119874119881 119871|0 =|119872119874119881 119877|0 = 28 and |119872119881119868|0 = 34 The matrices 119872119878119878 isinR16times16 and119872119881119874 isin R34times28 varied from scenario to scenariodepending on the configurations of gate machines or firewallFor each space pair (S1 S2) we counted the users who canmove from S1 to S2 under each scenario and set the parameter120576 = 14when constructing thematrix119872119878119878The results showedthat |119872119878119878|0 = 46 in S1 |119872119878119878|0 = 46 in S2 and |119872119878119878|0 = 42in S3 We used the scanner NMAP to get the accessibilityrelationships between devices and services establishing thematrix 119872119881119874 The results showed that |119872119881119874|0 = 549 in S1|119872119881119874|0 = 566 in S2 and |119872119878119878|0 = 548 in S3
Finally we detected the user roles by RMMDI and com-pared the results with the two groups of baseline methods
On the one hand we performed the role mining baselinemethods based on the user-permission assignment (UPA)matrices constructed from the firewall configurations andcompared the results with RMMDI On the other hand westudied the best parameters for each clustering method andthen compared the effectiveness of RMMDI with the clus-tering baseline methods Accuracy and normalized mutualinformation (NMI) [31ndash33 36] were adopted to evaluate thecommunity detection effectiveness of different parameterswhose values both range from 0 to 1 and a higher valuemeans better effectiveness We calculated the accuracy andNMI of different clustering methods with ground truth afterstudying the best parameters for each clustering method Inthe experiments we constructed two ground truthsmanuallyIn one ground truth we divided 21 service permissionsinto 5 roles according to Table 2 In the other groundtruth we combined the roles ldquoDatabase Administratorrdquo withldquoServer Administratorrdquo and classified 21 service permissionsinto 4 roles For one community detection result we com-pared it with the two ground truths and calculated metricsseparately
44 Result
441 Role Mining Results Firstly we performed the baselinerole mining methods based on the firewall configurationsAs the firewall only conducted the network access controllists it can only reflect the accessibility between devices andservices Since each terminal was assigned to a user we canget the 3 different UPA matrices from it As we wanted tofind disjoint service subnets we used 119882 = ⟨1 1 1infininfin⟩as the optimization objective In order to save space only thepermission divisions are shown in Table 4 We found that thepermission divisionswere almost the same as those in Table 2whichmeant that the role miningmethods can find no errorsfrom the top-down approach
Then we also performed the RMMDI on all scenarioswith the role number 119896 = 5100 times for each scenario Themajority of the results were different from the result shownin Table 2 The most frequent result (222 in 300 times) islisted as Table 5 Comparing with Table 2 we counted thenumber of inconsistent classification results of each serviceAll 18 services were classified inconsistently for 572 timesin total And the top 2 services with the most inconsistent
10 Security and Communication Networks
Table 4 Role mining results of baselines on all scenarios
Scenario Method Role Permissions
S1
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
S2 HPr
Role1 WS W OS W
Role2 WS W OS W WS M FS MGS M OS M IS M DS M IS W
Role3 WS W OS W DS D
Role4 WS W OS W S1 M S2 MS3 M R M FS F
Role5 WS W OS W F M IPS M GS T
S2
ORCACMHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 WS W OS W DS DRole4 S1 M S2 M S3 M R M FS FRole5 F M IPS M GS T
S3
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
Table 5 The most common result of RMMDI when k=5
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 GS TRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M
classification times were DS D (282 times) and GS T (258times)
Finally we changed the role number 119896 = 4 and performedthe experiments 100 times under each scenario The mostcommon results are shown in Table 6
442 Parameter Study Results We studied the parametersused in RMMDI as well as the baseline clustering methodsWe performed a series of experiments for a series of differentparameters and tried to find out the optimal parameters Theexperiments were conducted under S2 with role number 119896 =4
We first studied the parameters used in baseline meth-ods including 120582119901 119904119901119890119888 in PCoSpec 120582119888 119904119901119890119888 119863 and 120582119888 119904119901119890119888 119868 inCCoSpec and 120582119903119898119904119888 in RMSC With each parameter we set120582 = 005 and studied 30 different values between 0005 and100 When 120582119901 119904119901119890119888 = 015 120582119888 119904119901119890119888 119863 = 8 120582119888 119904119901119890119888 119868 = 1 and
120582119903119898119904119888 = 015 the methods had relatively better effectivenesson the dataset
Then we studied the parameters in PCoNMF andCCoNMF There are 3 parameters 120582119863 120582119868 and 120582119863119868 120582119863 and120582119868 represent the weights of view 119860119881119881 119863 and 119860119881119881 119868 while 120582119863119868is the regularization parameter We studied 27 different ratiosof 120582119863 to 120582119868 between 10 and 002 as well as 10 different valuesof 120582119863119868 between 01 and 10 The experiments were conducted50 times for each pair The results are shown in Figures 4and 5 We found that the parameters 120582119863 and 120582119868 had littleimpact on both the accuracy and NMI when 120582119863120582119868 lt 1 and05 lt 120582119863119868 lt 15 so we used 120582119863 = 1 120582119868 = 3 and 120582119863119868 = 09in the study of 120582 and the clustering experiments shown inSection 443
Finally we studied the parameter 120582 used in RMMDI Weperformed an experiment with a series of 120582 from 005 to 1with step size 05 and observed their impacts on the clustering
Security and Communication Networks 11
Table 6 The most common result of RMMDI when k=4
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 S1 M S2 MS3 M R M FS FRole4 F M IPS M GS T
06
065
07
075
08
085
09
501 401 301 201 151 101 91 71 51 31 11 12 13 15 17 19 115 120 125 130 140 150
PCoNMF_ACCPCoNMF_NMICCoNMF_NMICCoNMF_ACC
Figure 4 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863120582119868
effectiveness (shown in Figure 6) The other parameters wereset as mentioned in the previous paragraph
We found that the curves showed a downward trend inwhole and the accuracy and NMI got greater values when 120582was around 03 which was used for the experiments shownin Section 443
443 Clustering Results We also conducted experiments tocompare the effectiveness of RMMDI with the clusteringbaseline methods We performed all algorithms 200 times oneach scenario and compared results with the ground truthshown in Table 4 All the other parameters were set as theoptimal values mentioned in Section 442 The results arelisted in Tables 7ndash9 in which the results of SP and SymNMF
were the larger result of 3 different inputs 119860119881119881 119860119881119881 119863 and119860119881119881 119868 Most of those values were from the input 119860119881119881 119868
5 Discussion
Wepropose a novel user role framework which uses multipledomain information to mine user roles other than thepreassigned user-permission assignment matrix
It is proved that the framework is suitable for role miningFor the three scenarios used in the experiment different usersare assigned to different user roles One user may be assignedone or more user roles and one user role may be assigned toseveral users For the results listed in Tables 7 and 8 we canfind that the accuracy of the proposed framework is greater
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
8 Security and Communication Networks
Table 1 Device related information
Device Location Services Password Device Location Services PasswordT1 R1-1 T1 M T1 M P GM2 R2-3 G2 M G2 M PT2 R1-1 T2 M T2 M P GM3 R3-2 G3 M G3 M PT3 R1-1 T3 M T3 M P Switch1 R1-2 S1 M S1 M PT4 R1-4 T4 M T4 M P Switch2 R2-2 S2 M S2 M PT5 R1-4 T5 M T5 M P Switch3 R3-1 S3 M S3 M PT6 R1-5 T6 M T6 M P Router R3-1 R M R M PT7 R1-5 T7 M T7 M P Firewall R3-1 F M F M PT8 R2-1 T8 M T8 M P IPS R3-1 IPS M IPS M P
T9 R2-1 T9 M T9 M P WServer R3-1 WS W - -WS M WS M P
T10 R2-4 T10 M T10 M P DServer R3-1 DS D DS D PDS M DS M P
T11 R2-4 T11 M T11 M P FServer R3-1 FS F FS F PFS M FS M P
T12 R2-5 T12 M T12 M P GServer R3-1 GS T GS T PGS M GS M P
T13 R2-5 T13 M T13 M P OServer R3-1 OS W ndashOS M OS M P
GM1 R1-3 G1 M G1 M P IServer R3-1 IS W IS W PIS M IS M P
Table 2 User role-permission assignments by top-down methods
Roles Service PermissionsOrdinary User WS W OS WServer Administrator WS M FS M GS M OS M IS M DS M IS WDatabase Administrator DS DNetwork Administrator S1 M S2 MS3 M R M FS FSecurity Administrator F M IPS M G1 M G2 M G3 M GS T
an input The matrix contains pairwise similarity values of asimilarity graph and is approximated by a lower rank matrixinstead of the product of two lower rank matrices
PCoSpec (Pairwise Coregularized Spectral clustering)and CCoSpec (Center-wise Coregularized Spectral cluster-ing) Two coregularization schemes are adopted in spec-tral clustering framework [37] PCoSpec utilizes a pairwisecoregularization to enforce the eigenvectors of each pairto be similar and CCoSpec employs the centroid-basedcoregularization to enforce the eigenvectors to be similar witha common center
CCoNMF (Cluster-wise Coregularized NMF clustering)CCoNMF extends NMF for multiview clustering by jointlyfactorizing the multiple matrices through cluster-wise coreg-ularization [32] which enforces the cluster similarity matri-ces to be similar
RMSC (Robust Multiview Spectral Clustering) RMSC[38] is a multiview spectral clustering method based onMarkov chain which explicitly handles the possible noise inthe transition probability matrices associated with differentviews
422Mining BaselineMethods ORCAORCA [11] is the firstrole mining algorithm which uses the hierarchical clusteringtechnology to discover user rolesThe algorithm defines each
permission as an initial cluster first then merges the clustersand forms a role hierarchy
Complete Miner (CM) CM [10] is another classic rolemining algorithm proposed in 2006 It starts by creating aninitial set of roles for the distinct user-permission sets thencomputes all possible intersection sets of the initial roles andoutputs a list of candidate roles
HP Role Minimization and HP Edge Minimization HPRole Minimization (HPr) and HP Edge Minimization (HPe)[14] are the role mining algorithms based on minimumbiclique coverage HPr tries to find a minimal set of roles thatoverride the user-permission assignment relationship whileHPe uses a heuristic method to find the smallest number ofedges of an RBAC system
43 Experiments Setup
431 Scenarios Construction To validate our frameworkand method we built 3 scenarios named as Scenario1 (S1)Scenario2 (S2) and Scenario3 (S3) based on the basic exper-imental environment shown in Figure 3 and assigned usersone ormore user roles which is shown in Table 3We can findout that each user in S1 was assigned only 1 user role whilethey were assigned 2 user roles in S2 In S3 users working
Security and Communication Networks 9
Table 3 User-role assignments in different scenario
Scenario OrdinaryUser
ServerAdministrator
DatabaseAdministrator
NetworkAdministrator
SecurityAdministrator
S1 User1 User2User3 User4 User5 User6 User7 User8 User9
User10User11 User12 User13
S2 All Users User7 User8 User11 User12User13 User4 User5 User9 User10
S3
User1 User2User5 User6
User9User10User13
User4 User7 User8 User11 User12
in one roommay be assigned different user roles which mayintroduce more vulnerabilities to network security
For each scenario we first configured the gate machinesand firewall according to Tables 2 and 3 Spatial accesscontrol lists were added on gate machines making usershave physical access to devices they managed or used whilenetwork access control lists were added on the firewallmaking the terminals have network access to the targetservices
It should be noted that there were potential conflictsamong multi-domain configurations on the semantic levelTake the user User4 in S1 as example User4 was a ServerAdministrator and should not access service DS M and thefirewall had forbidden T4 to access service DS D directlybut T4 was permitted to access service WS M and therewas no firewall between WServer and DServer Thus User4can use T4 to log in WServer remotely first and then accessservice DS D (he can get the password DS D P from theconfiguration files on WServer) This is a typical semanticconflict between the network access control lists Similarlyas User4 had the ability to access DS D physically by enteringthe room 3-1 there is another conflict between the networkaccess control list and the spatial access control list Thoseconflicts may result in extra permissions for users
Then we extracted basic information from the networkand established the necessary relationshipmatrices Note thatthere were 16 space entities 28 object entities 34 serviceentities 32 information entities and 13 user entities in allthe 3 scenarios The relationship matrices 119872119874119878 isin R28times16119872119881119868 isin R34times32119872119874119881 119871 isin R28times34 and119872119874119881 119877 isin R28times34 werethe same in all three scenarios where |119872119874119878|0 = |119872119874119881 119871|0 =|119872119874119881 119877|0 = 28 and |119872119881119868|0 = 34 The matrices 119872119878119878 isinR16times16 and119872119881119874 isin R34times28 varied from scenario to scenariodepending on the configurations of gate machines or firewallFor each space pair (S1 S2) we counted the users who canmove from S1 to S2 under each scenario and set the parameter120576 = 14when constructing thematrix119872119878119878The results showedthat |119872119878119878|0 = 46 in S1 |119872119878119878|0 = 46 in S2 and |119872119878119878|0 = 42in S3 We used the scanner NMAP to get the accessibilityrelationships between devices and services establishing thematrix 119872119881119874 The results showed that |119872119881119874|0 = 549 in S1|119872119881119874|0 = 566 in S2 and |119872119878119878|0 = 548 in S3
Finally we detected the user roles by RMMDI and com-pared the results with the two groups of baseline methods
On the one hand we performed the role mining baselinemethods based on the user-permission assignment (UPA)matrices constructed from the firewall configurations andcompared the results with RMMDI On the other hand westudied the best parameters for each clustering method andthen compared the effectiveness of RMMDI with the clus-tering baseline methods Accuracy and normalized mutualinformation (NMI) [31ndash33 36] were adopted to evaluate thecommunity detection effectiveness of different parameterswhose values both range from 0 to 1 and a higher valuemeans better effectiveness We calculated the accuracy andNMI of different clustering methods with ground truth afterstudying the best parameters for each clustering method Inthe experiments we constructed two ground truthsmanuallyIn one ground truth we divided 21 service permissionsinto 5 roles according to Table 2 In the other groundtruth we combined the roles ldquoDatabase Administratorrdquo withldquoServer Administratorrdquo and classified 21 service permissionsinto 4 roles For one community detection result we com-pared it with the two ground truths and calculated metricsseparately
44 Result
441 Role Mining Results Firstly we performed the baselinerole mining methods based on the firewall configurationsAs the firewall only conducted the network access controllists it can only reflect the accessibility between devices andservices Since each terminal was assigned to a user we canget the 3 different UPA matrices from it As we wanted tofind disjoint service subnets we used 119882 = ⟨1 1 1infininfin⟩as the optimization objective In order to save space only thepermission divisions are shown in Table 4 We found that thepermission divisionswere almost the same as those in Table 2whichmeant that the role miningmethods can find no errorsfrom the top-down approach
Then we also performed the RMMDI on all scenarioswith the role number 119896 = 5100 times for each scenario Themajority of the results were different from the result shownin Table 2 The most frequent result (222 in 300 times) islisted as Table 5 Comparing with Table 2 we counted thenumber of inconsistent classification results of each serviceAll 18 services were classified inconsistently for 572 timesin total And the top 2 services with the most inconsistent
10 Security and Communication Networks
Table 4 Role mining results of baselines on all scenarios
Scenario Method Role Permissions
S1
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
S2 HPr
Role1 WS W OS W
Role2 WS W OS W WS M FS MGS M OS M IS M DS M IS W
Role3 WS W OS W DS D
Role4 WS W OS W S1 M S2 MS3 M R M FS F
Role5 WS W OS W F M IPS M GS T
S2
ORCACMHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 WS W OS W DS DRole4 S1 M S2 M S3 M R M FS FRole5 F M IPS M GS T
S3
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
Table 5 The most common result of RMMDI when k=5
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 GS TRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M
classification times were DS D (282 times) and GS T (258times)
Finally we changed the role number 119896 = 4 and performedthe experiments 100 times under each scenario The mostcommon results are shown in Table 6
442 Parameter Study Results We studied the parametersused in RMMDI as well as the baseline clustering methodsWe performed a series of experiments for a series of differentparameters and tried to find out the optimal parameters Theexperiments were conducted under S2 with role number 119896 =4
We first studied the parameters used in baseline meth-ods including 120582119901 119904119901119890119888 in PCoSpec 120582119888 119904119901119890119888 119863 and 120582119888 119904119901119890119888 119868 inCCoSpec and 120582119903119898119904119888 in RMSC With each parameter we set120582 = 005 and studied 30 different values between 0005 and100 When 120582119901 119904119901119890119888 = 015 120582119888 119904119901119890119888 119863 = 8 120582119888 119904119901119890119888 119868 = 1 and
120582119903119898119904119888 = 015 the methods had relatively better effectivenesson the dataset
Then we studied the parameters in PCoNMF andCCoNMF There are 3 parameters 120582119863 120582119868 and 120582119863119868 120582119863 and120582119868 represent the weights of view 119860119881119881 119863 and 119860119881119881 119868 while 120582119863119868is the regularization parameter We studied 27 different ratiosof 120582119863 to 120582119868 between 10 and 002 as well as 10 different valuesof 120582119863119868 between 01 and 10 The experiments were conducted50 times for each pair The results are shown in Figures 4and 5 We found that the parameters 120582119863 and 120582119868 had littleimpact on both the accuracy and NMI when 120582119863120582119868 lt 1 and05 lt 120582119863119868 lt 15 so we used 120582119863 = 1 120582119868 = 3 and 120582119863119868 = 09in the study of 120582 and the clustering experiments shown inSection 443
Finally we studied the parameter 120582 used in RMMDI Weperformed an experiment with a series of 120582 from 005 to 1with step size 05 and observed their impacts on the clustering
Security and Communication Networks 11
Table 6 The most common result of RMMDI when k=4
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 S1 M S2 MS3 M R M FS FRole4 F M IPS M GS T
06
065
07
075
08
085
09
501 401 301 201 151 101 91 71 51 31 11 12 13 15 17 19 115 120 125 130 140 150
PCoNMF_ACCPCoNMF_NMICCoNMF_NMICCoNMF_ACC
Figure 4 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863120582119868
effectiveness (shown in Figure 6) The other parameters wereset as mentioned in the previous paragraph
We found that the curves showed a downward trend inwhole and the accuracy and NMI got greater values when 120582was around 03 which was used for the experiments shownin Section 443
443 Clustering Results We also conducted experiments tocompare the effectiveness of RMMDI with the clusteringbaseline methods We performed all algorithms 200 times oneach scenario and compared results with the ground truthshown in Table 4 All the other parameters were set as theoptimal values mentioned in Section 442 The results arelisted in Tables 7ndash9 in which the results of SP and SymNMF
were the larger result of 3 different inputs 119860119881119881 119860119881119881 119863 and119860119881119881 119868 Most of those values were from the input 119860119881119881 119868
5 Discussion
Wepropose a novel user role framework which uses multipledomain information to mine user roles other than thepreassigned user-permission assignment matrix
It is proved that the framework is suitable for role miningFor the three scenarios used in the experiment different usersare assigned to different user roles One user may be assignedone or more user roles and one user role may be assigned toseveral users For the results listed in Tables 7 and 8 we canfind that the accuracy of the proposed framework is greater
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
Security and Communication Networks 9
Table 3 User-role assignments in different scenario
Scenario OrdinaryUser
ServerAdministrator
DatabaseAdministrator
NetworkAdministrator
SecurityAdministrator
S1 User1 User2User3 User4 User5 User6 User7 User8 User9
User10User11 User12 User13
S2 All Users User7 User8 User11 User12User13 User4 User5 User9 User10
S3
User1 User2User5 User6
User9User10User13
User4 User7 User8 User11 User12
in one roommay be assigned different user roles which mayintroduce more vulnerabilities to network security
For each scenario we first configured the gate machinesand firewall according to Tables 2 and 3 Spatial accesscontrol lists were added on gate machines making usershave physical access to devices they managed or used whilenetwork access control lists were added on the firewallmaking the terminals have network access to the targetservices
It should be noted that there were potential conflictsamong multi-domain configurations on the semantic levelTake the user User4 in S1 as example User4 was a ServerAdministrator and should not access service DS M and thefirewall had forbidden T4 to access service DS D directlybut T4 was permitted to access service WS M and therewas no firewall between WServer and DServer Thus User4can use T4 to log in WServer remotely first and then accessservice DS D (he can get the password DS D P from theconfiguration files on WServer) This is a typical semanticconflict between the network access control lists Similarlyas User4 had the ability to access DS D physically by enteringthe room 3-1 there is another conflict between the networkaccess control list and the spatial access control list Thoseconflicts may result in extra permissions for users
Then we extracted basic information from the networkand established the necessary relationshipmatrices Note thatthere were 16 space entities 28 object entities 34 serviceentities 32 information entities and 13 user entities in allthe 3 scenarios The relationship matrices 119872119874119878 isin R28times16119872119881119868 isin R34times32119872119874119881 119871 isin R28times34 and119872119874119881 119877 isin R28times34 werethe same in all three scenarios where |119872119874119878|0 = |119872119874119881 119871|0 =|119872119874119881 119877|0 = 28 and |119872119881119868|0 = 34 The matrices 119872119878119878 isinR16times16 and119872119881119874 isin R34times28 varied from scenario to scenariodepending on the configurations of gate machines or firewallFor each space pair (S1 S2) we counted the users who canmove from S1 to S2 under each scenario and set the parameter120576 = 14when constructing thematrix119872119878119878The results showedthat |119872119878119878|0 = 46 in S1 |119872119878119878|0 = 46 in S2 and |119872119878119878|0 = 42in S3 We used the scanner NMAP to get the accessibilityrelationships between devices and services establishing thematrix 119872119881119874 The results showed that |119872119881119874|0 = 549 in S1|119872119881119874|0 = 566 in S2 and |119872119878119878|0 = 548 in S3
Finally we detected the user roles by RMMDI and com-pared the results with the two groups of baseline methods
On the one hand we performed the role mining baselinemethods based on the user-permission assignment (UPA)matrices constructed from the firewall configurations andcompared the results with RMMDI On the other hand westudied the best parameters for each clustering method andthen compared the effectiveness of RMMDI with the clus-tering baseline methods Accuracy and normalized mutualinformation (NMI) [31ndash33 36] were adopted to evaluate thecommunity detection effectiveness of different parameterswhose values both range from 0 to 1 and a higher valuemeans better effectiveness We calculated the accuracy andNMI of different clustering methods with ground truth afterstudying the best parameters for each clustering method Inthe experiments we constructed two ground truthsmanuallyIn one ground truth we divided 21 service permissionsinto 5 roles according to Table 2 In the other groundtruth we combined the roles ldquoDatabase Administratorrdquo withldquoServer Administratorrdquo and classified 21 service permissionsinto 4 roles For one community detection result we com-pared it with the two ground truths and calculated metricsseparately
44 Result
441 Role Mining Results Firstly we performed the baselinerole mining methods based on the firewall configurationsAs the firewall only conducted the network access controllists it can only reflect the accessibility between devices andservices Since each terminal was assigned to a user we canget the 3 different UPA matrices from it As we wanted tofind disjoint service subnets we used 119882 = ⟨1 1 1infininfin⟩as the optimization objective In order to save space only thepermission divisions are shown in Table 4 We found that thepermission divisionswere almost the same as those in Table 2whichmeant that the role miningmethods can find no errorsfrom the top-down approach
Then we also performed the RMMDI on all scenarioswith the role number 119896 = 5100 times for each scenario Themajority of the results were different from the result shownin Table 2 The most frequent result (222 in 300 times) islisted as Table 5 Comparing with Table 2 we counted thenumber of inconsistent classification results of each serviceAll 18 services were classified inconsistently for 572 timesin total And the top 2 services with the most inconsistent
10 Security and Communication Networks
Table 4 Role mining results of baselines on all scenarios
Scenario Method Role Permissions
S1
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
S2 HPr
Role1 WS W OS W
Role2 WS W OS W WS M FS MGS M OS M IS M DS M IS W
Role3 WS W OS W DS D
Role4 WS W OS W S1 M S2 MS3 M R M FS F
Role5 WS W OS W F M IPS M GS T
S2
ORCACMHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 WS W OS W DS DRole4 S1 M S2 M S3 M R M FS FRole5 F M IPS M GS T
S3
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
Table 5 The most common result of RMMDI when k=5
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 GS TRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M
classification times were DS D (282 times) and GS T (258times)
Finally we changed the role number 119896 = 4 and performedthe experiments 100 times under each scenario The mostcommon results are shown in Table 6
442 Parameter Study Results We studied the parametersused in RMMDI as well as the baseline clustering methodsWe performed a series of experiments for a series of differentparameters and tried to find out the optimal parameters Theexperiments were conducted under S2 with role number 119896 =4
We first studied the parameters used in baseline meth-ods including 120582119901 119904119901119890119888 in PCoSpec 120582119888 119904119901119890119888 119863 and 120582119888 119904119901119890119888 119868 inCCoSpec and 120582119903119898119904119888 in RMSC With each parameter we set120582 = 005 and studied 30 different values between 0005 and100 When 120582119901 119904119901119890119888 = 015 120582119888 119904119901119890119888 119863 = 8 120582119888 119904119901119890119888 119868 = 1 and
120582119903119898119904119888 = 015 the methods had relatively better effectivenesson the dataset
Then we studied the parameters in PCoNMF andCCoNMF There are 3 parameters 120582119863 120582119868 and 120582119863119868 120582119863 and120582119868 represent the weights of view 119860119881119881 119863 and 119860119881119881 119868 while 120582119863119868is the regularization parameter We studied 27 different ratiosof 120582119863 to 120582119868 between 10 and 002 as well as 10 different valuesof 120582119863119868 between 01 and 10 The experiments were conducted50 times for each pair The results are shown in Figures 4and 5 We found that the parameters 120582119863 and 120582119868 had littleimpact on both the accuracy and NMI when 120582119863120582119868 lt 1 and05 lt 120582119863119868 lt 15 so we used 120582119863 = 1 120582119868 = 3 and 120582119863119868 = 09in the study of 120582 and the clustering experiments shown inSection 443
Finally we studied the parameter 120582 used in RMMDI Weperformed an experiment with a series of 120582 from 005 to 1with step size 05 and observed their impacts on the clustering
Security and Communication Networks 11
Table 6 The most common result of RMMDI when k=4
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 S1 M S2 MS3 M R M FS FRole4 F M IPS M GS T
06
065
07
075
08
085
09
501 401 301 201 151 101 91 71 51 31 11 12 13 15 17 19 115 120 125 130 140 150
PCoNMF_ACCPCoNMF_NMICCoNMF_NMICCoNMF_ACC
Figure 4 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863120582119868
effectiveness (shown in Figure 6) The other parameters wereset as mentioned in the previous paragraph
We found that the curves showed a downward trend inwhole and the accuracy and NMI got greater values when 120582was around 03 which was used for the experiments shownin Section 443
443 Clustering Results We also conducted experiments tocompare the effectiveness of RMMDI with the clusteringbaseline methods We performed all algorithms 200 times oneach scenario and compared results with the ground truthshown in Table 4 All the other parameters were set as theoptimal values mentioned in Section 442 The results arelisted in Tables 7ndash9 in which the results of SP and SymNMF
were the larger result of 3 different inputs 119860119881119881 119860119881119881 119863 and119860119881119881 119868 Most of those values were from the input 119860119881119881 119868
5 Discussion
Wepropose a novel user role framework which uses multipledomain information to mine user roles other than thepreassigned user-permission assignment matrix
It is proved that the framework is suitable for role miningFor the three scenarios used in the experiment different usersare assigned to different user roles One user may be assignedone or more user roles and one user role may be assigned toseveral users For the results listed in Tables 7 and 8 we canfind that the accuracy of the proposed framework is greater
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
10 Security and Communication Networks
Table 4 Role mining results of baselines on all scenarios
Scenario Method Role Permissions
S1
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
S2 HPr
Role1 WS W OS W
Role2 WS W OS W WS M FS MGS M OS M IS M DS M IS W
Role3 WS W OS W DS D
Role4 WS W OS W S1 M S2 MS3 M R M FS F
Role5 WS W OS W F M IPS M GS T
S2
ORCACMHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 WS W OS W DS DRole4 S1 M S2 M S3 M R M FS FRole5 F M IPS M GS T
S3
ORCACMHPrHPe
Role1 WS W OS W
Role2 WS M FS M GS M OS MIS M DS M IS W
Role3 DS DRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M GS T
Table 5 The most common result of RMMDI when k=5
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 GS TRole4 S1 M S2 MS3 M R M FS FRole5 F M IPS M
classification times were DS D (282 times) and GS T (258times)
Finally we changed the role number 119896 = 4 and performedthe experiments 100 times under each scenario The mostcommon results are shown in Table 6
442 Parameter Study Results We studied the parametersused in RMMDI as well as the baseline clustering methodsWe performed a series of experiments for a series of differentparameters and tried to find out the optimal parameters Theexperiments were conducted under S2 with role number 119896 =4
We first studied the parameters used in baseline meth-ods including 120582119901 119904119901119890119888 in PCoSpec 120582119888 119904119901119890119888 119863 and 120582119888 119904119901119890119888 119868 inCCoSpec and 120582119903119898119904119888 in RMSC With each parameter we set120582 = 005 and studied 30 different values between 0005 and100 When 120582119901 119904119901119890119888 = 015 120582119888 119904119901119890119888 119863 = 8 120582119888 119904119901119890119888 119868 = 1 and
120582119903119898119904119888 = 015 the methods had relatively better effectivenesson the dataset
Then we studied the parameters in PCoNMF andCCoNMF There are 3 parameters 120582119863 120582119868 and 120582119863119868 120582119863 and120582119868 represent the weights of view 119860119881119881 119863 and 119860119881119881 119868 while 120582119863119868is the regularization parameter We studied 27 different ratiosof 120582119863 to 120582119868 between 10 and 002 as well as 10 different valuesof 120582119863119868 between 01 and 10 The experiments were conducted50 times for each pair The results are shown in Figures 4and 5 We found that the parameters 120582119863 and 120582119868 had littleimpact on both the accuracy and NMI when 120582119863120582119868 lt 1 and05 lt 120582119863119868 lt 15 so we used 120582119863 = 1 120582119868 = 3 and 120582119863119868 = 09in the study of 120582 and the clustering experiments shown inSection 443
Finally we studied the parameter 120582 used in RMMDI Weperformed an experiment with a series of 120582 from 005 to 1with step size 05 and observed their impacts on the clustering
Security and Communication Networks 11
Table 6 The most common result of RMMDI when k=4
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 S1 M S2 MS3 M R M FS FRole4 F M IPS M GS T
06
065
07
075
08
085
09
501 401 301 201 151 101 91 71 51 31 11 12 13 15 17 19 115 120 125 130 140 150
PCoNMF_ACCPCoNMF_NMICCoNMF_NMICCoNMF_ACC
Figure 4 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863120582119868
effectiveness (shown in Figure 6) The other parameters wereset as mentioned in the previous paragraph
We found that the curves showed a downward trend inwhole and the accuracy and NMI got greater values when 120582was around 03 which was used for the experiments shownin Section 443
443 Clustering Results We also conducted experiments tocompare the effectiveness of RMMDI with the clusteringbaseline methods We performed all algorithms 200 times oneach scenario and compared results with the ground truthshown in Table 4 All the other parameters were set as theoptimal values mentioned in Section 442 The results arelisted in Tables 7ndash9 in which the results of SP and SymNMF
were the larger result of 3 different inputs 119860119881119881 119860119881119881 119863 and119860119881119881 119868 Most of those values were from the input 119860119881119881 119868
5 Discussion
Wepropose a novel user role framework which uses multipledomain information to mine user roles other than thepreassigned user-permission assignment matrix
It is proved that the framework is suitable for role miningFor the three scenarios used in the experiment different usersare assigned to different user roles One user may be assignedone or more user roles and one user role may be assigned toseveral users For the results listed in Tables 7 and 8 we canfind that the accuracy of the proposed framework is greater
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
Security and Communication Networks 11
Table 6 The most common result of RMMDI when k=4
Method Role Permissions
RMMDI
Role1 WS W OS WRole2 WS M FS M GS M OS M IS M DS M IS W DS DRole3 S1 M S2 MS3 M R M FS FRole4 F M IPS M GS T
06
065
07
075
08
085
09
501 401 301 201 151 101 91 71 51 31 11 12 13 15 17 19 115 120 125 130 140 150
PCoNMF_ACCPCoNMF_NMICCoNMF_NMICCoNMF_ACC
Figure 4 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863120582119868
effectiveness (shown in Figure 6) The other parameters wereset as mentioned in the previous paragraph
We found that the curves showed a downward trend inwhole and the accuracy and NMI got greater values when 120582was around 03 which was used for the experiments shownin Section 443
443 Clustering Results We also conducted experiments tocompare the effectiveness of RMMDI with the clusteringbaseline methods We performed all algorithms 200 times oneach scenario and compared results with the ground truthshown in Table 4 All the other parameters were set as theoptimal values mentioned in Section 442 The results arelisted in Tables 7ndash9 in which the results of SP and SymNMF
were the larger result of 3 different inputs 119860119881119881 119860119881119881 119863 and119860119881119881 119868 Most of those values were from the input 119860119881119881 119868
5 Discussion
Wepropose a novel user role framework which uses multipledomain information to mine user roles other than thepreassigned user-permission assignment matrix
It is proved that the framework is suitable for role miningFor the three scenarios used in the experiment different usersare assigned to different user roles One user may be assignedone or more user roles and one user role may be assigned toseveral users For the results listed in Tables 7 and 8 we canfind that the accuracy of the proposed framework is greater
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
12 Security and Communication Networks
Table 7 Accuracy for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 09010 09229 07121 09057 09381 09190 06952S2 08981 09276 06675 09072 09428 09365 05762S3 09210 09181 07070 09035 09365 09333 06333
Table 8 NMI for different methods on 3 scenarios
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 08605 08571 05827 08414 08738 08579 06382S2 08506 08703 04869 08497 08879 08744 0479S3 08692 08538 05958 08464 08774 08719 04890
Table 9 Runtime for different methods on 3 scenarios (s)
Scenario SP SymNMF PCoSpec CCoSpec PCoNMF CCoNMF RMSCS1 00178 00109 01367 01247 08533 11568 00580S2 00145 00091 00973 01108 08518 10866 00440S3 00127 00085 00929 01031 08494 12394 00230
06
065
07
075
08
085
09
01 02 03 04 05 07 09 1 15 3 5 7 9 10
PCoNMF_ACCPCoNMF_NMICCoNMF_ACCCCoNMF_NMI
Figure 5 Evaluating the accuracy and NMI of PCoNMF and CCoNMF on varying 120582119863119868
than 935 in all the three scenarios while the NMI is greaterthan 870 It means that the framework can detect userroles from the multiple domain configuration informationsuccessfully
More importantly it is also demonstrated that the frame-work has the ability to find interdependent relationships
between permissions avoiding potential errors From theexperimental results in Section 441 we find that RMMDItends to integrate user roles ldquoDatabase Administratorrdquo andldquoServer Administratorrdquo Analyzing user potential permis-sions it can be found that all Server Administrators canaccess service DS D as they can both reach the service from
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
Security and Communication Networks 13
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_ACCSNMF_ACCPCoSpec_ACCCCoSpec_ACCPCoNMF_ACCCCoNMF_ACCRMSC_ACC
(a) Evaluating the accuracy of RMMDI on varying 120582
0
01
02
03
04
05
06
07
08
09
1
005 01 015 02 025 03 035 04 045 05 055 06 065 07 075 08 085 09 095 1
SP_NMISNMF_NMIPCoSpec_NMICCoSpec_NMIPCoNMF_NMICCoNMF_NMIRMSC_NMI
(b) Evaluating the NMI of RMMDI on varying 120582
Figure 6 Evaluating the accuracy and NMI of RMMDI on varying 120582
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
14 Security and Communication Networks
other servers and get its password from configuration files inWServer Therefore it may be more appropriate to integrateuser roles ldquoDatabaseAdministratorrdquo and ldquoServerAdministra-torrdquo This trend cannot be found by traditional methods
It is also proved that the performances of differentclustering methods vary in the framework As shown inTables 7 and 8 the accuracy and NMI of PCoNMF arealways the best among all the three scenarios 30 betterthan the worst method It means that a reasonable clusteringmethod will promote the effectiveness of the framework sig-nificantly Comparedwith the single view clusteringmethodsPCoNMF promotes the accuracy and NMI by more than1 which means the reasonable utilization of informationfrommultiple views will get more structure information thanfrom single view Both the PCoSpec and RMSC have a loweraccuracy or NMI whichmeans themultiviewmethods basedon spectral clustering may not be suitable to the datasets
There are 4 parameters involved in the RMMDI in totaland it is important to select proper values to the parametersThe first two parameters 120582119863 and 120582119868 are the weights of views119860119881119881 119863 and 119860119881119881 119868 From the results in Figure 4 we find thatthe view 119860119881119881 119868 has more structure information than 119860119881119881 119863in the experiments and it is reasonable to set a larger 120582119868 anda smaller 120582119863 The third parameter 120582119863119868 is the regularizationparameter that indicates the degree of community proximitybetween the two perspectives A too low 120582119863119868 will not establishthe connection between two views Nevertheless as the view119860119881119881 119868 has more structure information than 119860119881119881 119863 a too big120582119863119868 will reduce the accuracy of the algorithm Therefore amoderate parameter 120582119863119868 (05 lt 120582119863119868 lt 15) will make thealgorithm perform better The last parameter 120582 is used inthe function relationFilter(119866 120582) which means to reserve thetop 120582 times 119890119889119892119890119873119906119898(119899) edges with the largest weight From theresults shown in Figure 6 we find that it is vital to reserve anappropriate proportion of links A big 120582will reservemore lowweight links and the existences of lowweight links will impactthe effectiveness of the framework However a low value of 120582will lost a lot of useful structure information which will havean impact on the effectiveness of the algorithm too
6 Conclusion
In this paper a novel framework for role mining based onmulti-domain information named as RMMDI is proposedThe key idea of the framework is to mine user roles frommultiple domain information rather than existing user-permission assignment matrices In the framework infor-mation from the physical domain network domain anddigital domain is used to find the relationships between userpermissions and multi-view community detection methodsare used to integrate information from different domainsExperiments on 3 simulated network scenarios demonstratethat RMMDI can capture the interdependent relationshipsbetween permissions and perform user-role mining moreeffectively and reasonably
Data Availability
The data used to support the findings of this study areavailable from the corresponding author upon request
Conflicts of Interest
The authors declare that they have no conflicts of interest
Acknowledgments
This work is supported by the grants from the National KeyRampD Program of China (Project No 2017YFB0802800)
References
[1] R S Sandhu E J Coyne H L Feinstein and C E YoumanldquoRole-based access control modelsrdquoThe Computer Journal vol29 pp 38ndash47 1996
[2] A Colantonio R D Pietro A Ocello and N V Verde ldquoAformal framework to elicit roles with business meaning inRBAC systemsrdquo in Proceedings of the 14th ACM Symposiumon Access Control Models And Technologies pp 85ndash94 ACMStresa Italy 2009
[3] A Baumgrass M Strembeck and S Rinderle-Ma ldquoDerivingrole engineering artifacts from business processes and scenariomodelsrdquo in Proceedings of the 16th ACM Symposium on AccessControl Models and Technologies pp 11ndash20 ACM InnsbruckAustria 2011
[4] A Colantonio R Di Pietro A Ocello andN V Verde ldquoTamingrole mining complexity in RBACrdquo Computers amp Security vol29 pp 548ndash564 2010
[5] A Colantonio R Di Pietro andN V Verde ldquoA business-drivendecomposition methodology for role miningrdquo Computers ampSecurity vol 31 no 7 pp 844ndash855 2012
[6] S Hachana F Cuppens N Cuppens-Boulahia and J Garcia-Alfaro ldquoSemantic analysis of role mining results and shadowedroles detectionrdquo Information Security Technical Report vol 17pp 131ndash147 2013
[7] M Kuhlmann D Shohat and G Schimpf ldquoRole mining- revealing business roles for security administration usingdata mining technologyrdquo in Proceedings of the Eighth ACMSymposium on Access Control Models and Technologies pp 179ndash186 ACM Como Italy 2003
[8] I Molloy N Li T Li Z Mao QWang and J Lobo ldquoEvaluatingrole mining algorithmsrdquo in Proceedings of the ACM Symposiumon Access Control Models and Technologies pp 95ndash104 2009
[9] J Jiang X Yuan and R Mao ldquoResearch on role miningalgorithms in RBACrdquo in Proceedings of the 2018 2nd HighPerformance Computing and Cluster Technologies Conferencepp 1ndash5 ACM 2018
[10] J Vaidya V Atluri and J Warner ldquoRoleMiner mining rolesusing subset enumerationrdquo in Proceedings of the 13th ACMConference onComputer andCommunications Security pp 144ndash153 ACM Alexandria Va USA 2006
[11] J Schlegelmilch and U Steffens ldquoRole mining with ORCArdquoin Proceedings of the Tenth ACM Symposium on Access ControlModels and Technologies pp 168ndash176 ACM Stockholm Swe-den 2005
[12] I Molloy H Chen T Li et al ldquoMining roles with semanticmeaningsrdquo in Proceedings of the ACM Symposium on AccessControl Models and Technologies SACMAT rsquo08 pp 21ndash30 EstesPark Colo Usa 2008
[13] D Zhang K Ramamohanarao and T Ebringer ldquoRole engineer-ing using graph optimisationrdquo in Proceedings of the 12th ACM
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
Security and Communication Networks 15
Symposium on Access Control Models and Technologies pp 139ndash144 ACM Sophia Antipolis France June 2007
[14] A Ene W Horne N Milosavljevic et al Fast Exact andHeuristic Methods for Role Minimization Problems 2008
[15] M Frank D Basin and J M Buhmann ldquoA class of probabilisticmodels for role engineeringrdquo in Proceedings of the 15th ACMConference on Computer and Communications Security pp299ndash310 ACM Alexandria Va USA 2008
[16] M Frank A P Streich D A Basin et al ldquoA probabilisticapproach to hybrid role miningrdquo in Proceedings of the AcmConference on Computer amp Communications Security 2009
[17] I Molloy N Li Y Qi et al ldquoMining roles with noisy datardquo inProceedings of the ACM Symposium on Access Control MODELSand Technologies pp 45ndash54 2010
[18] X Du and X Chang ldquoPerformance of AI algorithms for miningmeaningful rolesrdquo in Proceedings of the 2014 IEEE Congress onEvolutionary Computation (CEC) pp 2070ndash2076 2014
[19] L Dong Y Wang R Liu B Pi and L Wu ldquoToward edgeminability for role mining in bipartite networksrdquo Physica AStatistical Mechanics and its Applications vol 462 pp 274ndash2862016
[20] L Wu L Dong Y Wang et al ldquoUniform-scale assessmentof role minimization in bipartite networks and its applicationto access controlrdquo Physica A Statistical Mechanics and itsApplications vol 507 pp 381ndash397 2018
[21] Q Guo J Vaidya and V Atluri ldquoThe role hierarchy miningproblem discovery of optimal role hierarchiesrdquo 2008
[22] A Colantonio R D Pietro and A Ocello ldquoA cost-drivenapproach to role engineeringrdquo in Proceedings of the AcmSymposium on Applied Computing 2008
[23] CW Probst R RHansen andFNielsonWhereCan an InsiderAttack Springer Berlin Germany 2007
[24] CW Probst andR RHansen ldquoAn extensible analysable systemmodelrdquo inElsevierAdvancedTechnology Publications vol 13 pp235ndash246 2008
[25] I KotenkoM Stepashkin and E Doynikova ldquoSecurity analysisof information systems taking into account social engineeringattacksrdquo in Proceedings of the 2011 19th International EuromicroConference on Parallel Distributed and Network-Based Process-ing pp 611ndash618 2011
[26] D Scott A Beresford and A Mycroft ldquoSpatial policies forsentient mobile applicationsrdquo in Proceedings of the 4th IEEEInternational Workshop on Policies for Distributed Systems andNetworks p 147 IEEE Computer Society 2003
[27] TDimkovAlignment of Organizational Security PoliciesTheoryand Practice University of Twente Enschede Netherlands2012
[28] F Kammuller and C W Probst ldquoInvalidating policies usingstructural informationrdquo in Proceedings of the 2013 IEEE Securityand Privacy Workshops pp 76ndash81 2013
[29] D D Lee and H S Seung ldquoLearning the parts of objects bynon-negative matrix factorizationrdquo Nature vol 401 no 6755pp 788ndash791 1999
[30] A Wendel S Sternig M Godec et al ldquoNon-negative matrixfactorization in multimodality data for segmentation and labelpredictionrdquo Computer Vision Winter Workshop 2011
[31] J Liu C Wang J Gao et al ldquoMulti-View clustering via jointnonnegative matrix factorizationrdquo in Proceedings of the 2013SIAM International Conference on Data Mining pp 252ndash2602013
[32] X He M-Y Kan P Xie and X Chen ldquoComment-based multi-view clustering of web 20 itemsrdquo in Proceedings of the 23rdInternational Conference on World Wide Web pp 771ndash782ACM Seoul Korea 2014
[33] Y Pei N Chakraborty and K Sycara ldquoNonnegative matrix tri-factorization with graph regularization for community detec-tion in social networksrdquo in Proceedings of the 24th InternationalConference onArtificial Intelligence pp 2083ndash2089 AAAI PressBuenos Aires Argentina 2015
[34] Z Li Z Pan Y Zhang G Li and G Hu ldquoEfficient communitydetection in heterogeneous social networksrdquo MathematicalProblems in Engineering vol 2016 Article ID 5750645 15 pages2016
[35] U von Luxburg ldquoA tutorial on spectral clusteringrdquo Statistics andComputing vol 17 no 4 pp 395ndash416 2007
[36] D Kuang S Yun and H Park ldquoSymNMF nonnegative low-rank approximation of a similarity matrix for graph clusteringrdquoJournal of Global Optimization vol 62 pp 545ndash574 2015
[37] A Kumar P Rai and H Daume ldquoCo-regularized multi-viewspectral clusteringrdquo Advances in Neural Information ProcessingSystems 2011
[38] R Xia Y Pan L Du et al ldquoRobust multi-view spectral clus-tering via low-rank and sparse decompositionrdquo in Proceedingsof the Twenty-Eighth AAAI Conference on Artificial Intelligencepp 2149ndash2155 AAAI Press Quebec Canada 2014
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom
International Journal of
AerospaceEngineeringHindawiwwwhindawicom Volume 2018
RoboticsJournal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Active and Passive Electronic Components
VLSI Design
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Shock and Vibration
Hindawiwwwhindawicom Volume 2018
Civil EngineeringAdvances in
Acoustics and VibrationAdvances in
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Electrical and Computer Engineering
Journal of
Advances inOptoElectronics
Hindawiwwwhindawicom
Volume 2018
Hindawi Publishing Corporation httpwwwhindawicom Volume 2013Hindawiwwwhindawicom
The Scientific World Journal
Volume 2018
Control Scienceand Engineering
Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom
Journal ofEngineeringVolume 2018
SensorsJournal of
Hindawiwwwhindawicom Volume 2018
International Journal of
RotatingMachinery
Hindawiwwwhindawicom Volume 2018
Modelling ampSimulationin EngineeringHindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Chemical EngineeringInternational Journal of Antennas and
Propagation
International Journal of
Hindawiwwwhindawicom Volume 2018
Hindawiwwwhindawicom Volume 2018
Navigation and Observation
International Journal of
Hindawi
wwwhindawicom Volume 2018
Advances in
Multimedia
Submit your manuscripts atwwwhindawicom