Skip to main content
SpringerLink
Log in
Book cover

International Conference on Data Warehousing and Knowledge Discovery

DaWaK 2002: Data Warehousing and Knowledge Discovery pp 104–113Cite as

An Algorithm for Building User-Role Profiles in a Trust Environment1

Part of the Lecture Notes in Computer Science book series (LNCS,volume 2454)

Abstract

A good direction towards building secure systems that operate efficiently in large-scale environments (like the World Wide Web) is the deployment of Role Based Access Control Methods (RBAC). RBAC architectures do not deal with each user separately, but with discrete roles that users can acquire in the system. The goal of this paper is to present a classification algorithm that during its training phase, classifies roles of the users in clusters. The behavior of each user that enters the system holding a specific role is traced via audit trails and any misbehavior is detected and reported (classification phase). This algorithm will be incorporated in the Role Server architecture, currently under development, enhancing its ability to dynamically adjust the amount of trust of each user and update the corresponding role assignments.

Keywords

  • Intrusion Detection
  • Anomaly Detection
  • Intrusion Detection System
  • Audit Data
  • Role Base Access Control

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This research is supported by the CERIAS and NSF grants CCR-9901712 and CCR-0001788

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (Canada)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Webtrends log analyzer. http://www.webtrends.com

  2. R. Agrawal and R. Srikant: “Fast Algorithms for mining association rules”. In Proc. Of the 20th VLDB Conference, pages 487–499, Santiago, Chile, 1994

    Google Scholar 

  3. G-J. Ahn, R. Sandhu: “Role-based Authorization Constraints Specification”. ACM Transactions on Information and System Security, Vol. 3, No. 4, ACM, November 2000.

    Google Scholar 

  4. S. Axelsson: “ Intrusion Detection Systems: A Survey and Taxonomy”, Technical Report No 99-15, Dept. of Computer Engineering, Chalmers University of Technology, Sweden, March 2000

    Google Scholar 

  5. A. Buchner and M. Mulvenna: “Discovering internet marketing intelligence throughout online analytical web usage mining”. SIGMOD Record, 27(4):54–61, 1998.

    CrossRef  Google Scholar 

  6. M.S. Chen, J.S. Park and P.S. Yu: “Data Mining for path traversal patterns in web environment”. In 16th International Conference on Distributed Computing Systems, pages 385–392, 1996.

    Google Scholar 

  7. R. Cooley, B. Mobasher and J. Srivastave: “Data preparation for mining world wide web browsing patterns”. Knowledge and Information Systems, 1(1), 1999.

    Google Scholar 

  8. B.S. Everitt: “Cluster Analysis”, Halsted Press, Third Edition, 1993

    Google Scholar 

  9. D. Fasulo: “An Analysis of Recent Work on Clustering Algorithms”, TR. Computer Sciences Dpt., Washington University, 1999.

    Google Scholar 

  10. A.D. Gordon: “Classification: Methods for Exploratory Analysis of Multivariate Data”. Chapman and Hall, 1981.

    Google Scholar 

  11. J. Han and M. Kambler: “Data Mining, Concepts and Techniques ”, Morgan Kaufmann Publishers

    Google Scholar 

  12. A.K. Jain and R.C. Dubes: “Algorithms for Clustering Data”. Prentice Hall, 1988.

    Google Scholar 

  13. A. Joshi and R. Krishnapuram: “On Mining Web Access Logs”. ACM SIGMOD Workshop on Research Issues in Data Mining and Knowledge Discovery, 2000

    Google Scholar 

  14. L. Kaufman and P.J. Rousseeuw: “Finding Groups in Data: An Introduction to Cluster Analysis”, John Wiley & Sons, Inc, 1990.

    Google Scholar 

  15. R. Krishnapuram, A. Joshi, L. Yi: “A Fuzzy Relative of the k-Medoids Algorithm with Application to Web Document and Snippet Clustering”.

    Google Scholar 

  16. R. Krishnapuram and J. M. Keller: “A possibilistic approach to clustering”. IEEE Transactions on Fuzzy Systems, 1(2):98–110, May 1993

    CrossRef  Google Scholar 

  17. S. Kumar and E. Spafford: “A pattern Matching Model for Misuse Intrusion Detection”. In Proc. Of the 17th National Computer Security Conference, pp. 11–21, 1994.

    Google Scholar 

  18. S. Kumar and E. Spafford: “A software Architecture to Support Misuse Intrusion Detection”. Dpt. Of Computer Sciences, Purdue University, CDS_TR_95-009, 1995.

    Google Scholar 

  19. Terran Lane and Carla E. Brodley: “Temporal sequence learning and data reduction for anomaly detection”, ACM Transactions on Information Systems Security 2(3) (Aug. 1999), Pages 295–331.

    CrossRef  Google Scholar 

  20. W. Lee and S.J. Stolfo: “A Framework for Constructing Features and Models for Intrusion Detection Systems”, ACM Transactions on Information and Security, Vol.3, No. 4, pp. 227–261, November 2000

    CrossRef  Google Scholar 

  21. T. Lunt: “Detecting Intruders in Computer Systems”. Conference on Auditing and Computer Technology, 1993

    Google Scholar 

  22. T. Lunt, A. Tamaru, F. Gilham, R. Jagannathan, P. Neumann, H. Javitz, A. Valdes and T. Garvey: “A real-time intrusion detection expert system (IDES)-final technical report”. Technical Report, Computer Science Laboratory, SRI International, Menlo Park, California, 1992.

    Google Scholar 

  23. H. Mannila, H. Toivonen and A.I. Verkamo: “Discovering Frequent Episodes in Sequences”. In Proc. Of the 1st International Conference on Knowledge Discovery and Data Mining, 1997.

    Google Scholar 

  24. O. Nasraoui, R. Krishnapuram and A. Joshi: “ Mining web access logs using fuzzy relational clustering algorithm based on robust estimator”. In 18th International World Wide Web Conference, Toronto, Canada, 1999.

    Google Scholar 

  25. J. S. Park, R. S. Sandhu, S. Ghanta: “RBAC on the Web by Secure Cookies”. Proc. of the IFIP Workshop on Database Security, pp. 49–62, 1999.

    Google Scholar 

  26. J. S. Park, R. S. Sandhu: “Smart certificates: Extending x.509 for secure attribute services on the web”. Proc. of the 22nd NIST-NCSC National Information Systems Security Conference, Arlington, VA, October 1999.

    Google Scholar 

  27. C. Shahabi, A. Zarkesh, J. Adibi and V. Shah: “Knowledge Discovery from users web page navigation”. In Workshop on Research Issues in Data Engineering, Birmingham, England, 1997.

    Google Scholar 

  28. N. Ye and X. Li: “ A Scalable Clustering Technique for Intrusion Signature Recognition”, Proc. Of Workshop on Information Assurance and Security, NY-USA, June 2001

    Google Scholar 

  29. Y. Zhong, B. Bhargava, M. Mahoui: “Trustworthiness Based Authorization on WWW”. Proc. of the Workshop on Security in Distributed Data Warehousing. New Orleans, 2001

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Education and Research in Information Assurance and Security (CERIAS) and Department of Computer Sciences, Purdue University, 47907, West Lafayette, IN, USA

    Evimaria Terzi, Yuhui Zhong & Bharat Bhargava

  2. Department of Management Information Systems, Krannert Graduate School of Management, Purdue University, 47907, West Lafayette, IN, USA

    Pankaj

  3. Department of Computer Science, University of Missouri-Rolla, 65409, Rolla, MO, USA

    Sanjay Madria

Authors
  1. Evimaria Terzi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yuhui Zhong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bharat Bhargava
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Pankaj
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Sanjay Madria
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Graduate School of Informatics, Kyoto University, Yoshida-Honmachi, Sakyo-ku, 606-8501, Kyoto, Japan

    Yahiko Kambayashi

  2. Institute for Computer Science and Business Informatics, University of Vienna, Liebiggasse 4, 1010, Vienna, Austria

    Werner Winiwarter

  3. Center for Spatial Information Science (CSIS), University of Tokyo, 4-6-1, Komaba, Meguro-ku, 153-8904, Tokyo, Japan

    Masatoshi Arikawa

Rights and permissions

Reprints and Permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Terzi, E., Zhong, Y., Bhargava, B., Pankaj, Madria, S. (2002). An Algorithm for Building User-Role Profiles in a Trust Environment1 . In: Kambayashi, Y., Winiwarter, W., Arikawa, M. (eds) Data Warehousing and Knowledge Discovery. DaWaK 2002. Lecture Notes in Computer Science, vol 2454. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46145-0_11

Download citation

  • DOI: https://doi.org/10.1007/3-540-46145-0_11

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-44123-6

  • Online ISBN: 978-3-540-46145-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

search

Navigation