A Role Engineering Approach based on Spectral Clustering Analysis for RESTful Permissions in Cloud

With the widely application of cloud, a series of privacy challenges arise. Generally, encryption methods are used to ensure privacy, which may result in high computation and communication overheads. Access control is another fundamental and important measure to protect resources. Usually cloud computing systems are managed through RESTful web services and users can conduct access control measures like role-based access control (RBAC) to manage the permissions to RESTful resources. By running integration test, test cases and the corresponding RESTful permissions can be parsed out automatically. We are the first to define the role engineering problem based on integration test and summarize three metrics for role engineering. Then we propose a novel role engineering method based on spectral clustering analysis which supporting more feature set such as permission weight, role hierarchy and customized number of roles. Finally, we conduct experiments using real integration test on three cloud computing systems to demonstrate the effectiveness and performance, outperforming prior works.