Sage Journals: Discover world-class research

Abstract

A computerized workflow management system may enforce a security policy, specified in terms of authorized actions and constraints, thereby restricting which users can perform particular steps in a workflow. The existence of a security policy may mean that a workflow is unsatisfiable, in the sense that it is impossible to find a valid plan (an assignment of steps to authorized users such that all constraints are satisfied). Work in the literature focuses on the workflow satisfiability problem, a decision problem that outputs a valid plan if the instance is satisfiable (and a negative result otherwise).

In this paper, we introduce the Bi-Objective Workflow Satisfiability Problem (BO-WSP), which enables us to solve optimization problems related to workflows and security policies. In particular, we are able to compute a “least bad” plan when some components of the security policy may be violated. In general, BO-WSP is intractable from both the classical and parameterized complexity point of view (where the parameter is the number of steps). We prove that computing a Pareto front for BO-WSP is fixed-parameter tractable (FPT) if we restrict our attention to user-independent constraints. This result has important practical consequences, since most constraints of practical interest in the literature are user-independent.

Our proof is constructive and defines an algorithm, the implementation of which we describe and evaluate. We also present a second algorithm to compute a Pareto front which solves multiples instances of a related problem using mixed integer programming (MIP). We compare the performance of both our algorithms on synthetic instances, and show that the FPT algorithm outperforms the MIP-based one by several orders of magnitude on most instances.

Finally, we study the important question of workflow resiliency and prove new results establishing that known decision problems are fixed-parameter tractable when restricted to user-independent constraints. We then propose a new way of modeling the availability of users and demonstrate that many questions related to resiliency in the context of this new model may be reduced to instances of BO-WSP.

Keywords

Access control bi-objective workflow satisfiability problem fixed-parameter tractability resiliency

Get full access to this article

View all access options for this article.

References

American National Standards Institute, ANSI INCITS 359–2004 for Role Based Access Control, 2004.

D.A.

Basin ,

S.J.

Burri and

Karjoth , Optimal workflow-aware authorizations, in: 17th ACM Symposium on Access Control Models and Technologies, SACMAT’12, June 20–22, 2012,

Atluri ,

Vaidya ,

Kern and

Kantarcioglu , eds, ACM, Newark, NJ, USA, 2012, pp. 93–102. doi:10.1145/2295136.2295154.

D.F.C.

Brewer and

M.J.

Nash , The Chinese Wall security policy, in: IEEE Symposium on Security and Privacy, IEEE Computer Society, 1989, pp. 206–214.

A.D.

Brucker and

Petritsch , Extending access control models with break-glass, in: SACMAT 2009, Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, Stresa, Italy, June 3–5, 2009,

Carminati and

Joshi, eds, ACM, 2009, pp. 197–206.

Chen and

Crampton , Risk-aware role-based access control, in: Security and Trust Management – 7th International Workshop, STM 2011, Copenhagen, Denmark, June 27–28, 2011,

Meadows and

M.C.F.

Gago , eds, Lecture Notes in Computer Science, Vol. 7170, Springer, 2011, pp. 140–156. doi:10.1007/978-3-642-29963-6_11.

Cheng ,

Rohatgi ,

Keser ,

P.A.

Karger ,

G.M.

Wagner and

A.S.

Reninger , Fuzzy multi-level security: An experiment on quantified risk-adaptive access control, in: 2007 IEEE Symposium on Security and Privacy (S&P 2007), 20–23 May 2007, IEEE Computer Society, Oakland, California, USA, 2007, pp. 222–230. doi:10.1109/SP.2007.21.

Cohen ,

Crampton ,

Gagarin ,

Gutin and

Jones , Engineering algorithms for workflow satisfiability problem with user-independent constraints, in: Frontiers in Algorithmics, FAW 2014,

Chen ,

Hopcroft and

Wang , eds, Lecture Notes in Computer Science, Vol. 8497, Springer, 2014, pp. 48–59. doi:10.1007/978-3-319-08016-1_5.

Cohen ,

Crampton ,

Gagarin ,

Gutin and

Jones , Iterative plan construction for the workflow satisfiability problem, J. Artif. Intel. Res. 51 (2014), 555–577.

Crampton ,

Crowston ,

Gutin ,

Jones and

M.S.

Ramanujan , Fixed-parameter tractability of workflow satisfiability in the presence of seniority constraints, in: FAW-AAIM,

M.R.

Fellows ,

Tan and

Zhu , eds, Lecture Notes in Computer Science, Vol. 7924, Springer, 2013, pp. 198–209.

10.

Crampton and

Gutin , Constraint expressions and workflow satisfiability, in: SACMAT,

Conti ,

Vaidya and

Schaad, eds, ACM, 2013, pp. 73–84.

11.

Crampton ,

Gutin and

Karapetyan , Valued workflow satisfiability problem, in: Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, Vienna, Austria, June 1–3, 2015,

E.R.

Weippl ,

Kerschbaum and

A.J.

Lee , eds, ACM, 2015, pp. 3–13. doi:10.1145/2752952.2752961.

12.

Crampton ,

Gutin and

Karapetyan , Source codes of the pattern branch and bound algorithm for the valued workflow satisfiability problem, Retrieved 5 April 2015. doi:10.6084/m9.figshare.136747010.6084/m9.figshare.1367470.

13.

Crampton ,

Gutin and

Yeo , On the parameterized complexity and kernelization of the workflow satisfiability problem, ACM Trans. Inf. Syst. Secur. 16(1) (2013), 4. doi:10.1145/2487222.2487226.

14.

Davey and

Priestley , Introduction to Lattices and Order, 2nd edn, Cambridge University Press, Cambridge, UK, 2002.

15.

Dimmock ,

Belokosztolszki ,

D.M.

Eyers ,

Bacon and

Moody , Using trust and risk in role-based access control policies, in: SACMAT 2004, Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, Yorktown Heights, New York, USA, June 2–4, 2004,

Jaeger and

Ferrari , eds, ACM, 2004, pp. 156–162.

16.

R.G.

Downey and

M.R.

Fellows , Fundamentals of Parameterized Complexity, Springer Verlag, 2013.

17.

Er , A fast algorithm for generation set partitions, The Computer Journal 31 (1988), 283–284. doi:10.1093/comjnl/31.3.283.

18.

Gutin and

Wahlström , Tight lower bounds for the workflow satisfiability problem based on the strong exponential time hypothesis, Information Processing Letters 116 (2016), 223–226. doi:10.1016/j.ipl.2015.11.008.

19.

Impagliazzo ,

Paturi and

Zane , Which problems have strongly exponential complexity?, J. Comput. Syst. Sci. 63(4) (2001), 512–530. doi:10.1006/jcss.2001.1774.

20.

Karapetyan ,

Gagarin and

Gutin , Pattern backtracking algorithm for the workflow satisfiability problem, in: Frontiers in Algorithmics, FAW 2015, Lecture Notes in Computer Science, Vol. 9130, Springer, 2015, pp. 138–149.

21.

H.W.

Kuhn , The Hungarian method for the assignment problem, Naval Research Logistics Quarterly 2(1–2) (1955), 83–97. doi:10.1002/nav.3800020109.

22.

J.C.

Mace ,

Morisset and

A.P.A.

van Moorsel , Quantitative workflow resiliency, in: Computer Security – ESORICS 2014 – 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September 7–11, 2014. Proceedings, Part i,

Kutylowski and

Vaidya , eds, Lecture Notes in Computer Science, Vol. 8712, Springer, 2014, pp. 344–361.

23.

Miettinen , Nonlinear Multiobjective Optimization, Springer, 1999.

24.

Ni ,

Bertino and

Lobo , Risk-based access control systems built on fuzzy inferences, in: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2010, Beijing, China, April 13–16, 2010,

Feng ,

D.A.

Basin and

Liu , eds, ACM, 2010, pp. 250–260.

25.

Niedermeier , Invitation to Fixed-Parameter Algorithms, Oxford University Press, 2006.

26.

Roy ,

Sural ,

A.K.

Majumdar ,

Vaidya and

Atluri , Minimizing organizational user requirement while meeting security constraints, ACM Trans. Manage. Inf. Syst. 6(3) (2015), 12:1–12:25. doi:10.1145/2811269.

27.

Schaad ,

Lotz and

Sohr , A model-checking approach to analysing organisational controls in a loan origination process, in: SACMAT 2006, Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, Lake Tahoe, California, USA, June 7–9, 2006,

D.F.

Ferraiolo and

Ray , eds, ACM, 2006, pp. 139–149.

28.

Wang and

Li , Satisfiability and resiliency in workflow authorization systems, ACM Trans. Inf. Syst. Secur. 13(4) (2010), 40.

29.

E.W.

Weisstein , Markov’s inequality, From MathWorld–A Wolfram Web Resource. Available at: http://mathworld.wolfram.com/MarkovsInequality.html.

The bi-objective workflow satisfiability problem and workflow resiliency 1

Abstract

Keywords

Get full access to this article

References