49 research outputs found
The bi-objective workflow satisfiability problem and workflow resiliency
A computerized workflow management system may enforce a security policy, specified in terms of authorized actions and constraints, thereby restricting which users can perform particular steps in a workflow. The existence of a security policy may mean that a workflow is unsatisfiable, in the sense that it is impossible to find a valid plan (an assignment of steps to authorized users such that all constraints are satisfied). Work in the literature focuses on the workflow satisfiability problem, a decision problem that outputs a valid plan if the instance is satisfiable (and a negative result otherwise). In this paper, we introduce the Bi-Objective Workflow Satisfiability Problem (BO-WSP), which enables us to solve optimization problems related to workflows and security policies. In particular, we are able to compute a “least bad” plan when some components of the security policy may be violated. In general, BO-WSP is intractable from both the classical and parameterized complexity point of view (where the parameter is the number of steps). We prove that computing a Pareto front for BO-WSP is fixed-parameter tractable (FPT) if we restrict our attention to user-independent constraints. This result has important practical consequences, since most constraints of practical interest in the literature are user-independent. Our proof is constructive and defines an algorithm, the implementation of which we describe and evaluate. We also present a second algorithm to compute a Pareto front which solves multiples instances of a related problem using mixed integer programming (MIP). We compare the performance of both our algorithms on synthetic instances, and show that the FPT algorithm outperforms the MIP-based one by several orders of magnitude on most instances. Finally, we study the important question of workflow resiliency and prove new results establishing that known decision problems are fixed-parameter tractable when restricted to user-independent constraints. We then propose a new way of modeling the availability of users and demonstrate that many questions related to resiliency in the context of this new model may be reduced to instances of BO-WSP
Valued Authorization Policy Existence Problem:Theory and Experiments
Recent work has shown that many problems of satisfiability and resiliency in
workflows may be viewed as special cases of the authorization policy existence
problem (APEP), which returns an authorization policy if one exists and 'No'
otherwise. However, in many practical settings it would be more useful to
obtain a 'least bad' policy than just a 'No', where 'least bad' is
characterized by some numerical value indicating the extent to which the policy
violates the base authorization relation and constraints. Accordingly, we
introduce the Valued APEP, which returns an authorization policy of minimum
weight, where the (non-negative) weight is determined by the constraints
violated by the returned solution. We then establish a number of results
concerning the parameterized complexity of Valued APEP. We prove that the
problem is fixed-parameter tractable (FPT) if the set of constraints satisfies
two restrictions, but is intractable if only one of these restrictions holds.
(Most constraints known to be of practical use satisfy both restrictions.) We
also introduce a new type of resiliency for workflow satisfiability problem,
show how it can be addressed using Valued APEP and use this to build a set of
benchmark instances for Valued APEP. Following a set of computational
experiments with two mixed integer programming (MIP) formulations, we
demonstrate that the Valued APEP formulation based on the user profile concept
has FPT-like running time and usually significantly outperforms a naive
formulation.Comment: 32 pages, 5 figures. Preliminary version appeared in SACMAT 2021
(https://doi.org/10.1145/3450569.3463571). Some of the theoretical results
(algorithms) have been improved. Computational experiments have been added to
this versio
Obstructions in Security-Aware Business Processes
This Open Access book explores the dilemma-like stalemate between security and regulatory compliance in business processes on the one hand and business continuity and governance on the other. The growing number of regulations, e.g., on information security, data protection, or privacy, implemented in increasingly digitized businesses can have an obstructive effect on the automated execution of business processes. Such security-related obstructions can particularly occur when an access control-based implementation of regulations blocks the execution of business processes. By handling obstructions, security in business processes is supposed to be improved. For this, the book presents a framework that allows the comprehensive analysis, detection, and handling of obstructions in a security-sensitive way. Thereby, methods based on common organizational security policies, process models, and logs are proposed. The Petri net-based modeling and related semantic and language-based research, as well as the analysis of event data and machine learning methods finally lead to the development of algorithms and experiments that can detect and resolve obstructions and are reproducible with the provided software
Towards Better Understanding of User Authorization Query Problem via Multi-variable Complexity Analysis
User authorization queries in the context of role-based access control have
attracted considerable interest in the last 15 years. Such queries are used to
determine whether it is possible to allocate a set of roles to a user that
enables the user to complete a task, in the sense that all the permissions
required to complete the task are assigned to the roles in that set. Answering
such a query, in general, must take into account a number of factors,
including, but not limited to, the roles to which the user is assigned and
constraints on the sets of roles that can be activated. Answering such a query
is known to be NP-hard. The presence of multiple parameters and the need to
find efficient and exact solutions to the problem suggest that a multi-variate
approach will enable us to better understand the complexity of the user
authorization query problem (UAQ). In this paper, we establish a number of
complexity results for UAQ. Specifically, we show the problem remains hard even
when quite restrictive conditions are imposed on the structure of the problem.
Our FPT results show that we have to use either a parameter with potentially
quite large values or quite a restricted version of UAQ. Moreover, our second
FPT algorithm is complex and requires sophisticated, state-of-the-art
techniques. In short, our results show that it is unlikely that all variants of
UAQ that arise in practice can be solved reasonably quickly in general.Comment: Accepted for publication in ACM Transactions on Privacy and Security
(TOPS