Description:

RoleMiner 0.1.1

RoleMiner
Python Implementation of the FastMiner and Optimal Boolean Matrix Decomposition/RMP algorithms for implementing Role Based Access Control, as described in the following papers:

RoleMiner: Mining roles using subset enumeration
Optimal Boolean Matrix Decomposition: Application to Role Engineering

Overview
The objective of Role Based Access Control (RBAC) is to determine the "best" set of roles that accurately describes user access without overfitting. In many ways this is similar to signal processing where "noise" (or one off permissions/entitlements) must be removed before the analysis is conducted, and then a series of candidate roles is generated on that cleaned data, since an exhaustive search of all possible roles is generally not possible (on the order of 2^n). Once the Candidate Roles are found, we can further structure Basic Role Mining Problem (RMP) beyond just "Find the smallest number of roles that describes the cleaned data" by relaxing constraints (aka Regularization).
Possible regularizers in layman's terms could be somethign like the following:

"Roles must have at least 5 different entitlements, or we don't consider it a valid role"
"We want to ignore roles are only valid for less than 3 users, except the admin role"

Broadly, iterating through this process of generating candidate roles and iterating through the best choices with different regularization terms is very similar to Simulated Annealing.
Installation
Install the latest version of the RoleMiner code & dependencies with pip:
$ pip install -U RoleMiner

License

For personal and professional use. You cannot resell or redistribute these repositories in their original state.

Share

• Share on Facebook
• Share on Twitter