Role recommender-RBAC: Optimizing user-role assignments in RBAC

In a rapidly changing IT environment, access to the resources involved in various projects might change randomly based on the role-based access control (RBAC) system. Hence, the security administrator needs to dynamically maintain the role assignments to users for optimizing user-role assignments. The manual updation of user-role assignments is prone to error and increases administrative workload. Therefore, a role recommendation model is introduced for the RBAC system to optimize user-role assignments based on user behaviour patterns. It is shown that the model automatically revokes and refurbishes the user-role assignments by observing user access behaviour. This model is used in the cloud for providing Role-Assignment-as-a-Service to optimize the cost of built-in roles. Several experiments are conducted to verify the proposed model using the Amazon access sample dataset. The experimental results show that the efficiency of the proposed model is 50% higher than the state-of-the-art.