VisMAP: Visual Mining of Attribute-Based Access Control Policies.

Policy mining has been identified as one of the most challenging tasks towards deployment of Attribute-Based Access Control (ABAC) in any organization. This work introduces a novel approach for visual mining of ABAC policies. The fundamental objective is to graphically portray the existing accesses to facilitate visual elucidation and mining of meaningful authorization rules. We represent the existing accesses in the form of a binary matrix and formulate the problem of finding the best representation of the binary matrix as a minimization problem. The authorization rules are then extracted from the visual representation of the access control matrix in such a way that the number of rules required to satisfy all the existing accesses is minimum. The problem is shown to be NP-Complete and hence, heuristic solution is proposed. We experimentally evaluate our proposed approach on a number of synthetically generated data sets to study its robustness and scalability in a variety of situations.