@InProceedings{	  frank.ea:probabilistic:2009,
  abstract	= {Role mining algorithms address an important access
		  controlproblem: configuring a role-based access control
		  system.Given a direct assignment of users to permissions,
		  rolemining discovers a set of roles together with an
		  assignmentof users to roles. The results should closely
		  agree with thedirect assignment. Moreover, the roles should
		  be understandablefrom the business perspective in that they
		  reflectfunctional roles within the enterprise. This
		  requires hybridrole mining methods that work with both
		  direct assignmentsand business information from the
		  enterprise.In this paper, we provide statistical measures
		  to analyzethe relevance of different kinds of business
		  information fordefining roles. We then present an approach
		  that incorporatesrelevant business information into a
		  probabilisticmodel with an associated algorithm for hybrid
		  role mining.Experiments on actual enterprise data show that
		  our algorithmyields roles that both explain the given
		  user-permissionassignments and are meaningful from the
		  business perspective.},
  author	= {Mario Frank and Andreas P. Streich and David Basin and
		  Joachim M. Buhmann},
  booktitle	= {16th ACM Conference on Computer and Communications
		  Security (CCS 2009)},
  copyright	= {ACM},
  language	= {USenglish},
  month		= 11,
  publisher	= {ACM},
  title		= {A Probabilistic Approach to Hybrid Role Mining},
  url		= {http://www.mariofrank.net/paper/ccs09_frank_Hybrid Role
		  Mining.pdf},
  year		= 2009,
  user		= {mafrank}
}