role mining

Role mining can be done in three ways, called bottom-up, top-down and by-example. In bottom-up role mining, users are given pre-existing roles based on their skills or duties. In top-down role mining, roles are formulated to match the skills or duties of individual users. In by-example role mining, roles are matched with user skills and duties as defined by managers.

Advantages of effective role mining include:

• Optimal assignment of roles to user privileges
• Identification of users who operate outside the normal pattern
• Detecting and eliminating redundant or superfluous roles or user privileges
• Keeping role definitions and user privileges up-to-date
• Eliminating potential security loopholes and minimizing consequent risks

Read more about role mining: - Marco Casassa Mont discusses "The Role of Role Mining in Enterprises." - J. Vaidya, V. Atluri, and Q. Guo offer an in-depth technical description of role mining. - The National Institute of Science and Technology maintains a Web site devoted to RBAC.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Former LendingTree employees pilfer firm's customer database The online mortgage lending exchange site said several of its former employees shared their passwords with unapproved lenders to access customer... Hitachi acquires M-Tech Systems for identity management M-Tech will become Hitachi ID Systems under the deal. The M-Tech acquisition is part of a broader trend of companies aggressively acquiring IAM... Sun shifts strategy with GRC push Sun Microsystems is making a move into the governance, risk and compliance market, ramping up the competition against Oracle, IBM, CA and others.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary AAA server  (SearchSecurity.com) authentication, authorization, and accounting  (SearchSecurity.com)