Using the graph-theoretic approach to solving the Role Mining problem

The problem of Roles Mining is to build a role-based security policy for large information systems based on an analysis of the set of allowed user permissions. The article presents an algorithm for analyzing the matrix of authorized user permissions for optimal role formation. A set of permissions for an individual user is treated as a transaction. As a transaction record, used authority to act on the system. After that, the algorithm of searching for associative rules for the set of authorities is applied. Only associative rules are considered, including one power as a prerequisite and one as a consequence. A graph of the relationship of authority in the given system is being constructed. This graph is oriented weighted. The weight of the arc is determined by the support of the corresponding associative rule. For the graph constructed, clustering is performed using the community search algorithm. A hierarchy of communities is being built. Powers unite in roles if they are part of the same community. The hierarchy of communities defines the hierarchy of roles. The proposed algorithm can be used both for building a role-based security policy, and for optimizing an already existing role hierarchy.