基于形式概念分析的语义角色挖掘算法

Semantic Roles Mining Algorithms Based on Formal Concept Analysis

基于角色的访问控制(Role-Based Access Control,RBAC)在管理和安全方面具有优势,经过20多年的发展后已被广泛应用于各个领域,如何将数据繁多的非RBAC系统迁移成RBAC系统已经成为一个意义重大的难题。角色是RBAC的基本特征,因此角色挖掘是RBAC系统实施的一个重要环节。基于形式概念分析生成用户权限概念格及用户属性概念格,将用户权限概念格翻转后映射为初始候选角色状态,通过约简操作和精简操作来挖掘角色,然后对用户权限概念格及用户属性概念格进行相似性分析,通过定义最近似表达式为角色赋予语义,使得生成的角色具有以下两点优势:1)结构层次,有效地减轻了管理员授权的负担,提高了授权管理的效率;2)语义意义,能够与现实生活中的概念相关联,增强了角色的可解释性。最后,通过实验验证了该算法的正确性和有效性。

Role-based access control(RBAC)with the advantages of management and security has been widely used in various fields after more than 20 years of development.How to migrate a non-RBAC system with a variety of data into an RBAC system has become a significant problem.Role is a basic feature of RBAC,therefore,role mining is an important part of the implementation of RBAC system.In this paper,the user-permission concept lattice and user-attribute concept lattice were generated based on formal concept analysis.After the user-permission concept lattice was reversed,it was mapped to initial candidate role state,and the final role state was mined by reduction and pruning operations.And then,the most approximate expressions were defined to give semantic meanings to roles by analyzing the similarity between user-permission concept lattice and user-attribute concept lattice.The generated roles have two advantages,one is structural hierarchy,which effectively reduces the authorization burden of administrator,and the other one is semantic meanings,which can be associated with the concepts in real life,enhancing the interpretability of role.Finally,the expe-rimental results verify the correctness and effectiveness of the proposed algorithm.