Set Covering Problems in Role-Based Access Control
Interest in role-based access control has generated considerable research activity in recent years. A number of interesting problems related to the well known set cover problem have come to light as a result of this activity. However, the computational complexity of some of these problems is still not known. In this paper, we explore some variations on the set cover problem and use these variations to establish the computational complexity of these problems. Most significantly, we introduce the minimal cover problem – a generalization of the set cover problem – which we use to determine the complexity of the inter-domain role mapping problem.
Unable to display preview. Download preview PDF.
- 2.American National Standards Institute: ANSI INCITS 359-2004 for Role Based Access Control (2004)Google Scholar
- 3.Du, S., Joshi, J.B.D.: Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, pp. 228–236 (2006)Google Scholar
- 4.Chen, L., Crampton, J.: Inter-domain role mapping and least privilege. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, pp. 157–162 (2007)Google Scholar
- 5.Zhang, Y., Joshi, J.B.D.: UAQ: A framework for user authorization query processing in RBAC extended with hybrid hierarchy and constraints. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, pp. 83–92 (2008)Google Scholar
- 6.Wickramaarachchi, G.T., Qardaji, W.H., Li, N.: An efficient framework for user authorization queries in RBAC systems. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, pp. 23–32 (2009)Google Scholar
- 7.Li, N., Tripunitara, M.V., Bizri, Z.: On mutually exclusive roles and separation-of-duty. ACM Transactions on Information and System Security 10(2) (2007)Google Scholar
- 9.Chen, H., Li, N.: Constraint generation for separation of duty. In: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, pp. 130–138 (2006)Google Scholar