Professor Scott Stoller and Ph.D. student Thang Bui received the Best Paper
Award from the 30th Annual IFIP WG 11.3 Working Conference on Data and
Applications Security and Privacy (DBSec 2016) in July 2016, for their paper
on “Mining Hierarchical Temporal Roles with Multiple Metrics”. Role mining
algorithms have potential to significantly reduce the cost of migration from
low-level legacy access control mechanisms, such as Access Control Lists
(ACLs) to Role-Based Access Control (RBAC), by partially automating the
development of an RBAC policy from legacy access control data or access
logs. Several commercial security management products include role mining
algorithms. Their paper presents an algorithm that produces Temporal RBAC
(TRBAC) policies, in which roles are enabled only during specified repeating
time intervals (e.g., 9am-5pm on weekdays). Their algorithm is the first
that produces hierarchical TRBAC policies, and the first that attempts to
generate meaningful roles (i.e., role membership is correlated with user
attributes), while simultaneously minimizing policy size.
