On Monday, November 18, 2019 Pitt Cyber, along with SCI and LERSAIS, will be holding a Cybersecurity Seminar at the University of Pittsburgh focused on “Optimal User Assignment in Constrained Role-Based Access Control Systems,” presented by Shamik Sural. 

Seminar Details

Date: November, 18, 2019

Time: 11:00 a.m. to Noon

Location: Third floor, Information Sciences Building, 135 N. Bellefield Avenue, Pittsburgh PA, 15213

Seminar Description

One of the critical requirements towards the success of any business organization is efficient management of its human capital. In a typically resource-constrained organizational environment, maximizing the utilization of its available workforce is imperative. However, tasks cannot simply be assigned to arbitrary employees since they need to have the necessary capabilities for executing the same. Furthermore, security constraints forbid any ad hoc assignments and also enforce major dependencies on other employees who have access to the same tasks. Owing to the increasing size and scale of organizations, both in terms of the number of employees as well as resources to be managed, it is imperative that efficient computational solutions be developed to automate the process of employee to task assignment.

Since role-based access control (RBAC) is still the most commonly used access control model for commercial information systems, we consider organizational policies and constraints to be modeled with RBAC. In the first part of the talk, we will look into the problem of determining a minimal set of users and their role assignments in an RBAC system with a set of Separation of Duty and Cardinality constraints. We model it as a hypergraph coloring problem and provide efficient heuristics for its solution. We next consider a related though different situation in which the goal is to achieve optimal user deployment for a given set of users, roles, and constraints. Here optimality is in the sense of maximizing the number of assignments of users to roles.

Our experimental results show the efficiency of the proposed approaches while generating close to optimal solutions.

 

ÃÜÌÒÊÓÆµ Institute for Cyber Security