Evaluating the Risk of Adopting RBAC Roles

Abstract. We propose a framework to evaluate the risk incurred when managing users and permissions through RBAC. The risk analysis framework does not require roles to be defined, thus making it applicable before the role engineering phase. In particular, the proposed approach highlights users and permissions that markedly deviate from others, and that might consequently be prone to error when roles are operating. By focusing on such users and permissions during the role definition process, it is possible to mitigate the risk of unauthorized accesses and role misuse

A new role mining framework to elicit business roles and to mitigate enterprise risk

Role-based access control (RBAC) allows to effectively manage the risk derived from granting access to resources, provided that designed roles are business-driven. Role mining represents an essential tool for role engineers, but existing techniques are not able to elicit roles with an associated clear business meaning. Hence, it is difficult to mitigate risk, to simplify business governance, and to ensure compliance throughout the enterprise. To elicit meaningful roles, we propose a methodology where data to analyze are decomposed into smaller subsets according to the provided business information. We introduce two indices. minability and similarity, that drive the decomposition process by providing the expected complexity to find roles with business meaning. The proposed methodology is rooted on a sound theoretical framework. Moreover. experiments on real enterprise data support its effectiveness. (C) 2010 Elsevier B.V. All rights reserved

The Trilogy of Science: Filling the Knowledge Management Gap with Knowledge Science and Theory

The international knowledge management field has different ways of investigating, developing, believing, and studying knowledge management. Knowledge management (KM) is distinguished deductively by know-how, and its intangible nature establishes different approaches to KM concepts, practices, and developments. Exploratory research and theoretical principles have formed functional intelligences from 1896 to 2013, leading to a knowledge management knowledge science (KMKS) concept that derived a grounded theory of knowledge activity (KAT). This study addressed the impact of knowledge production problems on KM practice. The purpose of this qualitative meta-analysis study was to fit KM practice within the framework of knowledge science (KS) study. Themed questions and research variables focused on field mechanisms, operative functions, principle theory, and relationships of KMKS. The action research used by American practitioners has not established a formal structure for KS. The meta-data-analysis examined 385 transdisciplinary peer-reviewed articles using social science, service science, and systems science databases, with a selection of interdisciplinary studies that had a practice-research-theory framework. Key attributes utilizing Boolean limiters, words, phrases and publication dates, along with triangulation, language analysis and coding through analytic software identified commonalities of the data under study. Findings reflect that KM has not become a theoretically saturated field. KS as the forensic science of KM creates a paradigm shift, causes social change that averts rapid shifts in management direction and uncertainty, and connects KM philosophy and science of knowledge. These findings have social change implications by informing the work of managers and academics to generate a methodical applied science