Satisfiability and resiliency in workflow authorization systems

ACM Transactions on Information and System Security

Volumn 13, Issue 4, 2010, Pages

  Wang, Qihua ^a   Li, Ninghui ^b  

^a IBM ALMADEN RESEARCH CENTER   (United States)

^b PURDUE UNIVERSITY   (United States)

Author keywords

Access control; Fault tolerant; Policy design

Indexed keywords

AUTHORIZATION SYSTEMS; COMPUTATIONAL PROBLEM; CONFLICTS OF INTEREST; FAULT TOLERANT; PARAMETERIZED COMPLEXITY; POLICY DESIGN; SAT SOLVERS; SATISFIABILITY; SATISFIABILITY PROBLEMS; WORK-FLOW SYSTEMS;

COMPUTATIONAL COMPLEXITY; FORMAL LOGIC; MANAGEMENT; SECURITY SYSTEMS;

ACCESS CONTROL;

EID: 78651384017     PISSN: 10949224     EISSN: 15577406     Source Type: Journal    
DOI: 10.1145/1880022.1880034     Document Type: Article

References (24)

1. AHN, G.-J. AND SANDHU, R. S. 1999. The RSL99 language for role-based separation of duty constraints. In Proceedings of the 4th Workshop on Role-Based Access Control. 43-54.
2. AHN, G.-J. AND SANDHU, R. S. 2000. Role-Based authorization constraints specification. ACM Trans. Inf. Syst. Secur. 3, 4, 207-226.
3. ATLURI, V. AND HUANG, W. 1996. An authorization model for workflows. In Proceedings of the 4th European Symposium on Research in Computer Security (ESORICS). 44-64.
4. BERTINO, E., FERRARI, E., AND ATLURI, V. 1999. The specification and enforcement of authorization constraints in workflow management systems. ACM Trans. Inf. Syst. Secur. 2, 1, 65-104.
5. CHEN, F. AND SANDHU, R. S. 1996. Constraints for role-based access control. In Proceedings of the 1st ACM Workshop on Role-Based Access Control (RBAC'95). ACM, New York, 14.
6. CHEN, H. AND LI, N. 2006. Constraint generation for separation of duty. In Proceedings of the 9th ACM Symposium on Access Control Models and Technologies (SACMAT). 130-138.
7. CLARK, D. D. AND WILSON, D. R. 1987. A comparision of commercial and military computer security policies. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 184-194.
8. CRAMPTON, J. 2003. Specifying and enforcing constraints in role-based access control. In Proceedings of the 8th ACM Symposium on Access Control Models and Technologies (SACMAT'03). 43-50.
9. CRAMPTON, J. 2005. A reference monitor for workflow systems with constrained task execution. In Proceedings of the 10th ACM Symposium on Access Control Models and Technologies (SACMAT'05). 38-47.
10. DOWNEY, R. AND FELLOWS, M. 1999. Parameterized Complexity. Springer.
11. DU, D., GU, J., AND PARDALOS, P. M. Eds. 1997. Satisfiability Problem: Theory and Applications. DIMACS Series in Discrete Mathematics and Theoretical Computer Science, vol. 35, AMS Press.
12. GLIGOR, V. D.,GAVRILA, S. I., AND FERRAIOLO, D. F. 1998. On the formal definition of separationof- duty policies and their composition. In Proceedings of IEEE Symposium on Research in Security and Privacy. 172-183.
13. JAEGER, T. 1999. On the increasing importance of constraints. In Proceedings of the ACMWorkshop on Role-Based Access Control (RBAC). 33-42.
14. JAEGER, T. AND TIDSWELL, J. E. 2001. Practical safety in flexible access control models. ACM Trans. Inf. Syst. Secur. 4, 2, 158-190.
15. LE BERRE D. (PROJECT LEADER). 2006. SAT4J: A satisfiability library for Java. http://www.sat4j.org/.
16. LI, N., TRIPUNITARA, M. V., AND BIZRI, Z. On mutually exclusive roles and separation of duty. ACM Trans. Inf. Syst. Secur. In press.
17. LI, N., TRIPUNITARA, M. V., AND WANG, Q. 2006. Resiliency policies in access control. In Proceedings of the ACM Conference on Computer and Communications Security (CCS).
18. LI, N.,WANG, Q., AND TRIPUNITARA, M. 2009. Resiliency policies in access control. ACM Trans. Inf. Syst. Secur. 12, 4, 1-34.
19. SANDHU, R. S., COYNE, E. J., FEINSTEIN, H. L., AND YOUMAN, C. E. 1996. Role-Based access control models. IEEE Comput. 29, 2, 38-47.
20. SIMON, T. T. AND ZURKO, M. E. 1997. Separation of duty in role-based environments. In Proceedings of the 10th Computer Security Foundations Workshop. IEEE Computer Society Press, 183-194.
21. STOLLER, S. D., YANG, P., RAMAKRISHNAN, C. R., AND GOFMAN, M. I. 2007. Efficient policy analysis for administrative role based access control. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS'07). ACM, New York, 445-455.
22. TAN, K., CRAMPTON, J., AND GUNTER, C. 2004. The consistency of task-based authorization constraints in workflow systems. In Proceedings of the 17th IEEE Computer Security Foundations Workshop (CSFW). 155-169.
23. TIDSWELL, J. AND JAEGER, T. 2000. An access control model for simplifying constraint expression. In Proceedings of ACM Conference on Computer and Communications Security. 154-163.
24. WARNER, J. AND ATLURI, V. 2006. Inter-Instance authorization constraints for secure workflow management. In Proceedings ACM Symposium on Access Control Models and Technologies (SACMAT). 190-199.