| 发明名称 |
Computer-implemented method for role discovery and simplification in access control systems |
| 摘要 |
A method includes selecting a first biclique role in a plurality of roles and finding all roles in the plurality that have a set of vertices of a second type that is a subset of a set of vertices of the second type in the first role; removing each of the subsets from the set of vertices of the second type corresponding to the first role; and reassigning the vertices of the first type to the roles such that original associations between the vertices of the first type and the vertices of the second type are maintained. |
| 申请公布号 |
US9405922(B2) |
申请公布日期 |
2016.08.02 |
| 申请号 |
US200912348832 |
申请日期 |
2009.01.05 |
| 申请人 |
Hewlett Packard Enterprise Development LP |
发明人 |
Schreiber Robert S.;Horne William G. |
| 分类号 |
G06F21/00;G06F21/62 |
主分类号 |
G06F21/00 |
| 代理机构 |
|
代理人 |
VanCott Fabian |
| 主权项 |
1. A method of migrating an electronic access control system for a number of available electronic resources from an Access Control List to a Role-Based Access Control (RBAC) system, the method comprising, with a processor:
discovering a plurality of roles, wherein each of said roles is a biclique covering of a set of vertices of a first type and a corresponding set of vertices of a second type; selecting a first role in said plurality and finding all roles in said plurality that have a set of vertices of said second type that is a subset of said set of vertices of said second type in said first role; removing each of said subsets from said set of vertices of said second type corresponding to said first role; reassigning said vertices of said first type to said roles such that original associations between said vertices of said first type and said vertices of said second type are maintained; and performing access control for the available electronic resources using said roles and vertices in an RBAC system. |
| 地址 |
Houston TX US |
