Utilities for Role Based Access Control
Python Implementation of the FastMiner and Optimal Boolean Matrix Decomposition/RMP algorithms for implementing Role Based Access Control, as described in the following papers:
- RoleMiner: Mining roles using subset enumeration
- Optimal Boolean Matrix Decomposition: Application to Role Engineering
The objective of Role Based Access Control (RBAC) is to determine the "best" set of roles that accurately describes user access without overfitting. In many ways this is similar to signal processing where "noise" (or one off permissions/entitlements) must be removed before the analysis is conducted, and then a series of candidate roles is generated on that cleaned data, since an exhaustive search of all possible roles is generally not possible (on the order of 2^n). Once the Candidate Roles are found, we can further structure Basic Role Mining Problem (RMP) beyond just "Find the smallest number of roles that describes the cleaned data" by relaxing constraints (aka Regularization).
Possible regularizers in layman's terms could be somethign like the following:
- "Roles must have at least 5 different entitlements, or we don't consider it a valid role"
- "We want to ignore roles are only valid for less than 3 users, except the admin role"
Broadly, iterating through this process of generating candidate roles and iterating through the best choices with different regularization terms is very similar to Simulated Annealing.
Install the latest version of the RoleMiner code & dependencies with pip:
$ pip install -U RoleMiner
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|Filename, size||File type||Python version||Upload date||Hashes|
|Filename, size RoleMiner-0.1.1-py3-none-any.whl (4.9 kB)||File type Wheel||Python version py3||Upload date||Hashes View|
|Filename, size RoleMiner-0.1.1.tar.gz (4.0 kB)||File type Source||Python version None||Upload date||Hashes View|
Hashes for RoleMiner-0.1.1-py3-none-any.whl