The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The uses of role hierarchies in access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Which problems have strongly exponential complexity?
Journal of Computer and System Sciences
Distributed and Parallel Databases
Tight Bounds for Testing Bipartiteness in General Graphs
SIAM Journal on Computing
A reference monitor for workflow systems with constrained task execution
Proceedings of the tenth ACM symposium on Access control models and technologies
Parameterized Complexity Theory (Texts in Theoretical Computer Science. An EATCS Series)
Parameterized Complexity Theory (Texts in Theoretical Computer Science. An EATCS Series)
On problems without polynomial kernels
Journal of Computer and System Sciences
Set Partitioning via Inclusion-Exclusion
SIAM Journal on Computing
Satisfiability and Resiliency in Workflow Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
Obstruction-Free Authorization Enforcement: Aligning Security with Business Objectives
CSF '11 Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium
Slightly superexponential parameterized problems
Proceedings of the twenty-second annual ACM-SIAM symposium on Discrete Algorithms
Parameterized complexity of maxsat above average
LATIN'12 Proceedings of the 10th Latin American international conference on Theoretical Informatics
Constraint satisfaction problems: convexity makes all different constraints tractable
IJCAI'11 Proceedings of the Twenty-Second international joint conference on Artificial Intelligence - Volume Volume One
Constraint expressions and workflow satisfiability
Proceedings of the 18th ACM symposium on Access control models and technologies
On the Parameterized Complexity and Kernelization of the Workflow Satisfiability Problem
ACM Transactions on Information and System Security (TISSEC)
Enforcement of entailment constraints in distributed service-based business processes
Information and Software Technology
Hi-index | 0.00 |
A workflow specification defines a set of steps and the order in which those steps must be executed. Security requirements may impose constraints on which groups of users are permitted to perform subsets of those steps. A workflow specification is said to be satisfiable if there exists an assignment of users to workflow steps that satisfies all the constraints. An algorithm for determining whether such an assignment exists is important, both as a static analysis tool for workflow specifications, and for the construction of run-time reference monitors for workflow management systems. Finding such an assignment is a hard problem in general, but work by Wang and Li in 2010 using the theory of parameterized complexity suggests that efficient algorithms exist under reasonable assumptions about workflow specifications. In this paper, we improve the complexity bounds for the workflow satisfiability problem. We also generalize and extend the types of constraints that may be defined in a workflow specification and prove that the satisfiability problem remains fixed-parameter tractable for such constraints.