6 research outputs found
Solving the Workflow Satisfiability Problem using General Purpose Solvers
The workflow satisfiability problem (WSP) is a well-studied problem in access
control seeking allocation of authorised users to every step of the workflow,
subject to workflow specification constraints. It was noticed that the number
of steps is typically small compared to the number of users in the
real-world instances of WSP; therefore is considered as the parameter in
WSP parametrised complexity research. While WSP in general was shown to be
W[1]-hard, WSP restricted to a special case of user-independent (UI)
constraints is fixed-parameter tractable (FPT). However, restriction to the UI
constraints might be impractical.
To efficiently handle non-UI constraints, we introduce the notion of
branching factor of a constraint. As long as the branching factors of the
constraints are relatively small and the number of non-UI constraints is
reasonable, WSP can be solved in FPT time.
Extending the results from Karapetyan et al. (2019), we demonstrate that
general-purpose solvers are capable of achieving FPT-like performance on WSP
with arbitrary constraints when used with appropriate formulations. This
enables one to tackle most of practical WSP instances. While important on its
own, we hope that this result will also motivate researchers to look for
FPT-aware formulations of other FPT problems.Comment: Associated data: http://doi.org/10.17639/nott.711
From Conventional to State-of-the-Art IoT Access Control Models
open access articleThe advent in Online Social Networks (OSN) and Internet of Things (IoT) has created a new world of collaboration and communication between people and devices. The domain of internet of things uses billions of devices (ranging from tiny sensors to macro scale devices) that continuously produce and exchange huge amounts of data with people and applications. Similarly, more than a billion people are connected through social networking sites to collaborate and share their knowledge. The applications of IoT such as smart health, smart city, social networking, video surveillance and vehicular communication are quickly evolving people’s daily lives. These applications provide accurate, information-rich and personalized services to the users. However, providing personalized information comes at the cost of accessing private information of users such as their location, social relationship details, health information and daily activities. When the information is accessible online, there is always a chance that it can be used maliciously by unauthorized entities. Therefore, an effective access control mechanism must be employed to ensure the security and privacy of entities using OSN and IoT services. Access control refers to a process which can restrict user’s access to data and resources. It enforces access rules to grant authorized users an access to resources and prevent others. This survey examines the increasing literature on access control for traditional models in general, and for OSN and IoT in specific. Challenges and problems related to access control mechanisms are explored to facilitate the adoption of access control solutions in OSN and IoT scenarios. The survey provides a review of the requirements for access control enforcement, discusses several security issues in access control, and elaborates underlying principles and limitations of famous access control models. We evaluate the feasibility of current access control models for OSN and IoT and provide the future development direction of access control for the sam
Access control and quality attributes of open data: Applications and techniques
Open Datasets provide one of the most popular ways to acquire insight and information about individuals, organizations and multiple streams of knowledge. Exploring Open Datasets by applying comprehensive and rigorous techniques for data processing can provide the ground for innovation and value for everyone if the data are handled in a legal and controlled way. In our study, we propose an argumentation and abductive reasoning approach for data processing which is based on the
data quality background. Explicitly, we draw on the literature of data
management and quality for the attributes of the data, and we extend this background through the development of our techniques. Our aim is to provide herein a brief overview of the data quality aspects, as well as indicative applications and examples of our approach. Our overall objective is to bring serious intent and propose a structured way for access control and processing of open data with a focus on the data quality aspects
Indeterminacy-aware prediction model for authentication in IoT.
The Internet of Things (IoT) has opened a new chapter in data access. It has brought obvious opportunities as well as major security and privacy challenges. Access control is one of the challenges in IoT. This holds true as the existing, conventional access control paradigms do not fit into IoT, thus access control requires more investigation and remains an open issue. IoT has a number of inherent characteristics, including scalability, heterogeneity and dynamism, which hinder access control. While most of the impact of these characteristics have been well studied in the literature, we highlighted “indeterminacy” in authentication as a neglected research issue. This work stresses that an indeterminacy-resilient model for IoT authentication is missing from the literature. According to our findings, indeterminacy consists of at least two facets: “uncertainty” and “ambiguity”. As a result, various relevant theories were studied in this work. Our proposed framework is based on well-known machine learning models and Attribute-Based Access Control (ABAC). To implement and evaluate our framework, we first generate datasets, in which the location of the users is a main dataset attribute, with the aim to analyse the role of user mobility in the performance of the prediction models. Next, multiple classification algorithms were used with our datasets in order to build our best-fit prediction models. Our results suggest that our prediction models are able to determine the class of the authentication requests while considering both the uncertainty and ambiguity in the IoT system