{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,16]],"date-time":"2026-01-16T07:12:57Z","timestamp":1768547577922,"version":"3.49.0"},"reference-count":28,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2023,5,24]],"date-time":"2023-05-24T00:00:00Z","timestamp":1684886400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,5,24]],"date-time":"2023-05-24T00:00:00Z","timestamp":1684886400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100002347","name":"Bundesministerium f\u00fcr Bildung und Forschung","doi-asserted-by":"publisher","award":["16KIS1000"],"award-info":[{"award-number":["16KIS1000"]}],"id":[{"id":"10.13039\/501100002347","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Hochschule Karlsruhe HKA"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["SN COMPUT. SCI."],"abstract":"<jats:title>Abstract<\/jats:title><jats:p>To ensure the security of current information systems, role-based access control (RBAC) is a widely used concept. For this purpose, based on an initial assignment of permissions to users, permissions are grouped to roles, which are then assigned to users. The corresponding (NP-complete) optimization problem, the so-called role mining problem (RMP), aims at finding a minimal set of roles and a corresponding assignment of those roles to users. Previously, the RMP has been considered as a static optimization problem. However, the application of RBAC in real business use cases requires the inclusion of dynamically occurring events that reflect changes in the business environment of companies, as well as events that result from direct user interaction with the role mining process. Therefore, in this paper, we provide a comprehensive overview and classification of the most relevant events for role mining and present methods for integrating them into the framework of an evolutionary role mining algorithm. The functional performance of these methods as well as the overall performance gain of dynamic role mining compared to the static approach is then examined in a series of experiments.<\/jats:p>","DOI":"10.1007\/s42979-023-01805-1","type":"journal-article","created":{"date-parts":[[2023,5,24]],"date-time":"2023-05-24T10:02:50Z","timestamp":1684922570000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Dynamic Optimization of Role Concepts for Role-Based Access Control Using Evolutionary Algorithms"],"prefix":"10.1007","volume":"4","author":[{"given":"Simon","family":"Anderer","sequence":"first","affiliation":[]},{"given":"Tobias","family":"Kempter","sequence":"additional","affiliation":[]},{"given":"Bernd","family":"Scheuermann","sequence":"additional","affiliation":[]},{"given":"Sanaz","family":"Mostaghim","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,5,24]]},"reference":[{"key":"1805_CR1","doi-asserted-by":"publisher","unstructured":"Verizon. Data breach investigations report 2019. Comput Fraud Security. 2019;2019(6):4. https:\/\/doi.org\/10.1016\/S1361-3723(19)30060-0.","DOI":"10.1016\/S1361-3723(19)30060-0"},{"issue":"2","key":"1805_CR2","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"RS Sandhu","year":"1996","unstructured":"Sandhu RS, Coyne EJ, Feinstein HL, Youman CE. Role-based access control models. Computer. 1996;29(2):38\u201347. https:\/\/doi.org\/10.1109\/2.485845.","journal-title":"Computer"},{"key":"1805_CR3","doi-asserted-by":"crossref","unstructured":"Vaidya J, Atluri V, Guo Q, Lotz V, Thuraisingham B. (eds) The role mining problem. (eds Lotz V, Thuraisingham B.) Proceedings of the 12th ACM symposium on Access control models and technologies\u2014SACMAT \u201907, 175\u2013184 (ACM Press, New York, 2007).","DOI":"10.1145\/1266840.1266870"},{"key":"1805_CR4","doi-asserted-by":"crossref","unstructured":"Anderer S, Kempter T, Scheuermann B, Mostaghim S. The dynamic role mining problem: role mining in dynamically changing business environments, 37\u201348. INSTICC (SciTePress, 2021).","DOI":"10.5220\/0010654000003063"},{"key":"1805_CR5","doi-asserted-by":"crossref","unstructured":"Colantonio A, Di Pietro R, Ocello A, Wainwright RL, Haddad HM. (eds) A cost-driven approach to role engineering. (eds Wainwright RL, Haddad HM.) Proceedings of the 2008 ACM symposium on Applied computing - SAC \u201908, 2129\u20132136 (ACM Press, New York, USA, 2008).","DOI":"10.1145\/1363686.1364198"},{"key":"1805_CR6","doi-asserted-by":"publisher","unstructured":"Anderer S, Scheuermann B, Mostaghim S, Bauerle P, Beil M. RMPlib: A library of benchmarks for the role mining problem, SACMAT \u201921, 3\u201313 (Association for Computing Machinery, New York, 2021). https:\/\/doi.org\/10.1145\/3450569.3463566.","DOI":"10.1145\/3450569.3463566"},{"issue":"4","key":"1805_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2871148","volume":"48","author":"B Mitra","year":"2016","unstructured":"Mitra B, Sural S, Vaidya J, Atluri V. A survey of role mining. ACM Comput Surv. 2016;48(4):1\u201337. https:\/\/doi.org\/10.1145\/2871148.","journal-title":"ACM Comput Surv."},{"key":"1805_CR8","doi-asserted-by":"crossref","unstructured":"Blundo C, Cimato S, Shin SY, Ossowski S, Schumacher M, Palakal MJ, Hung C-C. (eds) A simple role mining algorithm. (eds Shin SY, Ossowski S, Schumacher M, Palakal MJ, Hung C-C.) Proceedings of the 2010 ACM Symposium on Applied Computing - SAC \u201910, 1958\u20131962 (ACM Press, New York, 2010).","DOI":"10.1145\/1774088.1774503"},{"key":"1805_CR9","doi-asserted-by":"crossref","unstructured":"Kumar R, Sural S, Gupta A. in Mining RBAC roles under cardinality constraint (eds Jha S, Mathuria A.) Information Systems Security, Vol. 6503 of Lecture Notes in Computer Science 171\u2013185 (Springer Berlin Heidelberg, Berlin, 2010).","DOI":"10.1007\/978-3-642-17714-9_13"},{"key":"1805_CR10","doi-asserted-by":"crossref","unstructured":"Molloy I et\u00a0al. Carminati B, Joshi J. (eds) Evaluating role mining algorithms. (eds Carminati B, Joshi J.) Proceedings of the 14th ACM symposium on Access control models and technologies - SACMAT \u201909, 95\u2013104 (ACM Press, New York, 2009).","DOI":"10.1145\/1542207.1542224"},{"key":"1805_CR11","doi-asserted-by":"crossref","unstructured":"Schlegelmilch J, Steffens U, Ferrari E, Ahn G-J. (eds) Role mining with ORCA. (eds Ferrari E, Ahn G-J.) Proceedings of the tenth ACM symposium on Access control models and technologies - SACMAT \u201905, 168\u2013176 (ACM Press, New York, 2005).","DOI":"10.1145\/1063979.1064008"},{"issue":"3","key":"1805_CR12","doi-asserted-by":"publisher","first-page":"300","DOI":"10.1109\/TDSC.2008.61","volume":"7","author":"J Vaidya","year":"2010","unstructured":"Vaidya J, Atluri V, Warner J, Guo Q. Role engineering via prioritized subset enumeration. IEEE Trans Dependable Secure Comput. 2010;7(3):300\u201314. https:\/\/doi.org\/10.1109\/TDSC.2008.61.","journal-title":"IEEE Trans Dependable Secure Comput."},{"issue":"1","key":"1805_CR13","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/s10878-013-9633-9","volume":"30","author":"H Huang","year":"2015","unstructured":"Huang H, Shang F, Liu J, Du H. Handling least privilege problem and role mining in RBAC. J Combinatorial Optim. 2015;30(1):63\u201386. https:\/\/doi.org\/10.1007\/s10878-013-9633-9.","journal-title":"J Combinatorial Optim."},{"key":"1805_CR14","doi-asserted-by":"crossref","unstructured":"Ene A. et\u00a0al. Ray I, Li N. (eds) Fast exact and heuristic methods for role minimization problems. (eds Ray I, Li N.) Proceedings of the 13th ACM symposium on Access control models and technologies - SACMAT \u201908, 1\u201310 (ACM Press, New York, 2008).","DOI":"10.1145\/1377836.1377838"},{"key":"1805_CR15","doi-asserted-by":"crossref","unstructured":"Zhang D, Ramamohanarao K, Ebringer T, Lotz V, Thuraisingham B. (eds) Role engineering using graph optimisation. (eds Lotz, V. & Thuraisingham, B.) Proceedings of the 12th ACM symposium on Access control models and technologies - SACMAT \u201907, 139\u2013144 (ACM Press, New York, 2007).","DOI":"10.1145\/1266840.1266862"},{"key":"1805_CR16","doi-asserted-by":"crossref","unstructured":"Molloy I et\u00a0al. Ray I, Li N. (eds) Mining roles with semantic meanings. (eds Ray, I. & Li, N.) Proceedings of the 13th ACM symposium on Access control models and technologies - SACMAT \u201908, 21\u201330 (ACM Press, New York, 2008).","DOI":"10.1145\/1377836.1377840"},{"key":"1805_CR17","doi-asserted-by":"crossref","unstructured":"Saenko I, Kotenko I. Genetic algorithms for role mining problem, 646\u2013650 (IEEE, 2011).","DOI":"10.1109\/PDP.2011.63"},{"key":"1805_CR18","doi-asserted-by":"crossref","unstructured":"Saenko I, Kotenko I. Design and performance evaluation of improved genetic algorithm for role mining problem, 269\u2013274 (IEEE, 2012).","DOI":"10.1109\/PDP.2012.31"},{"key":"1805_CR19","doi-asserted-by":"crossref","unstructured":"Saenko I, Kotenko I. Unknown (ed.) Using genetic algorithms for design and reconfiguration of RBAC schemes. (ed.Unknown) Proceedings of the 1st International Workshop on AI for Privacy and Security - PrAISe \u201916, 1\u20139 (ACM Press, New York, 2016).","DOI":"10.1145\/2970030.2970033"},{"key":"1805_CR20","doi-asserted-by":"crossref","unstructured":"Du X, Chang X. Performance of AI algorithms for mining meaningful roles, 2070\u20132076 (IEEE, 2014).","DOI":"10.1109\/CEC.2014.6900321"},{"key":"1805_CR21","doi-asserted-by":"publisher","first-page":"4508","DOI":"10.4028\/www.scientific.net\/AMM.121-126.4508","volume":"121\u2013126","author":"LJ Dong","year":"2011","unstructured":"Dong LJ, Wang MC, Kang XJ. Mining least privilege roles by genetic algorithm. Appl Mech Mater. 2011;121\u2013126:4508\u201312. https:\/\/doi.org\/10.4028\/www.scientific.net\/AMM.121-126.4508.","journal-title":"Appl Mech Mater"},{"key":"1805_CR22","doi-asserted-by":"publisher","unstructured":"Anderer S, Kreppein D, Scheuermann B, Mostaghim S. The addRole-EA: a new evolutionary algorithm for the role mining problem, 155\u2013166 (SCITEPRESS, 2020). https:\/\/doi.org\/10.5220\/0010025401550166.","DOI":"10.5220\/0010025401550166"},{"key":"1805_CR23","doi-asserted-by":"crossref","unstructured":"Eiben AE, Smith JE. et\u00a0al. Introduction to evolutionary computing Vol.\u00a053 (Springer, 2003).","DOI":"10.1007\/978-3-662-05094-1"},{"key":"1805_CR24","doi-asserted-by":"crossref","unstructured":"Anderer S, Halbich M, Scheuermann B, Mostaghim S. Towards real-time fleet-event-handling for the dynamic vehicle routing problem, 35\u201344. INSTICC (SciTePress, 2017).","DOI":"10.5220\/0006491300350044"},{"key":"1805_CR25","unstructured":"K\u00f6nig R, Schneider, S. Nutzerinteraktion bei der computergest\u00fctzten generierung von layouts. Arbeitspapiere Nr. 8 Informatik in der Architektur 2011."},{"key":"1805_CR26","unstructured":"Do Nascimento HAD. User hints for optimisation processes. Ph.D. thesis, University of Sydney. Information Technologies 2003."},{"issue":"7","key":"1805_CR27","doi-asserted-by":"publisher","first-page":"1427","DOI":"10.1007\/s00500-010-0681-0","volume":"15","author":"C Cruz","year":"2011","unstructured":"Cruz C, Gonz\u00e1lez JR, Pelta DA. Optimization in dynamic environments: a survey on problems, methods and measures. Soft Comput. 2011;15(7):1427\u201348.","journal-title":"Soft Comput"},{"key":"1805_CR28","unstructured":"Branke J. Memory enhanced evolutionary algorithms for changing optimization problems. 1999;3:1875\u20131882."}],"container-title":["SN Computer Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-023-01805-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s42979-023-01805-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-023-01805-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,17]],"date-time":"2023-06-17T15:24:55Z","timestamp":1687015495000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s42979-023-01805-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,24]]},"references-count":28,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2023,7]]}},"alternative-id":["1805"],"URL":"https:\/\/doi.org\/10.1007\/s42979-023-01805-1","relation":{},"ISSN":["2661-8907"],"issn-type":[{"value":"2661-8907","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,5,24]]},"assertion":[{"value":"15 March 2022","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 March 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 May 2023","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}],"article-number":"416"}}