Role engineering: from theory to practice.

Role Based Access Control (RBAC) is the de facto standard in access control models, and is widely used in many applications and organizations of all sizes. However, the task of finding an appropriate set of roles, called role engineering, remains the most challenging roadblock to effective deployment. In recent years, this problem has attracted a lot of attention, with several bottom-up approaches being proposed, under the field of role mining. However, most of these theoretical approaches cannot be directly applied to large scale datasets, which is where they are most necessary. Therefore, in this paper, we look at how to make role mining practical and usable for actual deployment. We propose a six steps methodology that makes role mining scalable without sacrificing on utility and is agnostic to the actual role mining technique used. The experimental evaluation validates the viability of our approach.