User Authorization in a System with a Role-Based Access Control on the Basis of the Analytic Hierarchy Process
This work addresses security and efficiency in access control systems for organizations, presenting an incremental improvement by automating role selection with objective metrics.
The paper tackles the problem of optimal user authorization in role-based access control systems by minimizing permission leakage risks, using the analytic hierarchy process to select roles based on quantitative graph characteristics without subjective expert input.
The problem of optimal authorization of a user in a system with a role-based access control policy is considered. The main criterion is to minimize the risks of permission leakage. The choice of the role for authorization is based on the analytic hierarchy process. The substantiation of a choice of criteria for formation of a hierarchy of the first level is given. An algorithm for calculating weight coefficients is presented, based on the quantitative characteristics of the role graph and not dependent on subjective expert evaluations. The complexity is estimated and the scalability of the proposed algorithm is discussed.