Skip to content

Improve RBAC role mining evidence#1963

Open
DENGXUELIN wants to merge 1 commit into
UnitOneAI:mainfrom
DENGXUELIN:improve/rbac-role-mining-fixtures-1699
Open

Improve RBAC role mining evidence#1963
DENGXUELIN wants to merge 1 commit into
UnitOneAI:mainfrom
DENGXUELIN:improve/rbac-role-mining-fixtures-1699

Conversation

@DENGXUELIN

@DENGXUELIN DENGXUELIN commented Jun 8, 2026

Copy link
Copy Markdown

Summary

  • Adds a role-mining dataset quality gate to rbac-design.
  • Requires source coverage, extraction date, observation window, entitlement normalization, account filtering, permission-use evidence, owner validation, and outlier remediation before mined roles are promoted.
  • Adds vulnerable and benign fixtures for dirty versus validated role-mining datasets.

Issue

Fixes #1699

Validation

  • git diff --check origin/main...HEAD
  • Markdown fence balance check
  • Added-line ASCII check
  • Content marker check for RBAC-MINE-* and fixture expectations
  • git merge-tree --write-tree origin/main HEAD

Bounty

Requested tier: Improver Moderate ($100) if accepted/merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[REVIEW] rbac-design: add role-mining dataset quality evidence gates

1 participant

@DENGXUELIN