Role-based provisioning has been adopted as a standard component in leading Identity Management products due to its low administration cost. However, the cost of adjusting existing roles to entitlements from newly deployed applications is usually very high. In this paper, a learning-based approach to automate the provisioning process is proposed and its effectiveness is verified by real provisioning data. Specific learning issues related to provisioning are identified and relevant solutions are presented. Categories and Subject Descriptors C.2.0 [Computer Communication Networks]: General—security and protection; D.4.6 [Operating Systems]: Security and Protection—Access Controls; K.6.5 [Management of Computing and Information Systems]: Security and Protection General Terms Management, Security, Standardization Keywords Provisioning, Access Control, Classification, Role
Qun Ni, Jorge Lobo, Seraphin B. Calo, Pankaj Rohat