The bi-objective workflow satisfiability problem and workflow resiliency

نویسندگان

  • Jason Crampton
  • Gregory Gutin
  • Daniel Karapetyan
  • Rémi Watrigant
چکیده

A computerized workflow management system may enforce a security policy, specified in terms of authorized actions and constraints, thereby restricting which users can perform particular steps in a workflow. The existence of a security policy may mean that a workflow is unsatisfiable, in the sense that it is impossible to find a valid plan (an assignment of steps to authorized users such that all constraints are satisfied). Work in the literature focuses on the workflow satisfiability problem, a decision problem that outputs a valid plan if the instance is satisfiable (and a negative result otherwise). In this paper, we introduce the BI-OBJECTIVE WORKFLOW SATISFIABILITY PROBLEM (BO-WSP), which enables us to solve optimization problems related to workflows and security policies. In particular, we are able to compute a “least bad” plan when some components of the security policy may be violated. In general, BO-WSP is intractable from both the classical and parameterized complexity point of view (where the parameter is the number of steps). We prove that computing a Pareto front for BO-WSP is fixed-parameter tractable (FPT) if we restrict our attention to user-independent constraints. This result has important practical consequences, since most constraints of practical interest in the literature are user-independent. Our proof is constructive and defines an algorithm, the implementation of which we describe and evaluate. We also present a second algorithm to compute a Pareto front which solves multiples instances of a related problem using mixed integer programming (MIP). We compare the performance of both our algorithms on synthetic instances, and show that the FPT algorithm outperforms the MIP-based one by several orders of magnitude on most instances. Finally, we study the important question of workflow resiliency and prove new results establishing that known decision problems are fixed-parameter tractable when restricted to user-independent constraints. We then propose a new way of modeling the availability of users and demonstrate that many questions related to resiliency in the context of this new model may be reduced to instances of BO-WSP.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Satisfiability and Resiliency in Workflow Systems

We propose the role-and-relation-based access control (RBAC) model for workflow systems. In RBAC, in addition to auser’s role memberships, the user’s relationships with other users help determine whether the user is allowed to perform acertain step in a workflow. For example, a constraint may require that two steps must not be performed by users who havea conflict of interest. We al...

متن کامل

A Survey on Workflow Satisfiability, Resiliency, and Related Problems

Workflows specify collections of tasks that must be executed under the responsibility or supervision of human users. Workflow management systems and workflow-driven applications need to enforce security policies in the form of access control, specifying which users can execute which tasks, and authorization constraints, such as Separation of Duty, further restricting the execution of tasks at r...

متن کامل

Enhancing Workflow Systems Resiliency by Using Delegation and Priority Concepts

Enforcing dynamic access control constraints in workflow management systems (WFMS) is a very important requirement with regard to security issues. However, respecting those constraints may prohibit the completion of a workflow instance in the case of the lack of authorized users. Such situation is known in the literature as a WSP (Workflow Satisfiability Problem). The ability of a WFMS to use d...

متن کامل

Deciding realizability through LTL(F) model checking

Many business processes are modeled as workflows, which often need to comply with business rules, legal requirements, and authorization policies. Workflow satisfiability is the problem of determining whether there exists a workflow instance that realizes the workflow specification while simultaneously complying with such constraints. This problem has already been studied by the computer securit...

متن کامل

Quantitative Workflow Resiliency

A workflow is resilient when the unavailability of some users does not force to choose between a violation of the security policy or an early termination of the workflow. Although checking for the resiliency of a workflow is a well-studied problem, solutions usually only provide a binary answer to the problem, leaving a workflow designer with little help when the workflow is not resilient. We p...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Journal of Computer Security

دوره 25  شماره 

صفحات  -

تاریخ انتشار 2017