role mining
Home > Security Definitions - Role mining
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

role mining


Word of the Day
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


DEFINITION - Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise. In a business setting, roles are defined according to job competency, authority and responsibility. The ultimate intent of role mining is to achieve optimal security administration based on the role each individual plays within the organization.

Role mining can be done in three ways, called bottom-up, top-down and by-example. In bottom-up role mining, users are given pre-existing roles based on their skills or duties. In top-down role mining, roles are formulated to match the skills or duties of individual users. In by-example role mining, roles are matched with user skills and duties as defined by managers.

Advantages of effective role mining include:

  • Optimal assignment of roles to user privileges
  • Identification of users who operate outside the normal pattern
  • Detecting and eliminating redundant or superfluous roles or user privileges
  • Keeping role definitions and user privileges up-to-date
  • Eliminating potential security loopholes and minimizing consequent risks

LAST UPDATED: 03 Mar 2008

Read more about role mining:
- Marco Casassa Mont discusses "The Role of Role Mining in Enterprises."
- J. Vaidya, V. Atluri, and Q. Guo offer an in-depth technical description of role mining.
- The National Institute of Science and Technology maintains a Web site devoted to RBAC.


Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com


BROWSE BY TAG
Identity Management Technology and Strategy,   Enterprise User Provisioning Tools,   Enterprise Identity and Access Management,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


RELATED CONTENT
Privileged account management critical to data security
Regulatory requirements and economic realities are pressuring enterprises to secure their privileged accounts.
Making the case for enterprise IAM centralized access control
Central access to multiple applications and systems can raise the level of security while getting rid of red tape, so how do you go about creating...
Best practices for a privileged access policy to secure user accounts
Enterprises need to secure accounts belonging to actual users by reviewing and monitoring their privileged access.

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
AAA server  (SearchSecurity.com)
authentication, authorization, and accounting  (SearchSecurity.com)




Get More role mining Answers
Find Targeted role mining Answers for Channel Professionals
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts