Abstract
In recent years, several combinatorial problems were introduced in the area of access control. Typically, such problems deal with an authorization policy, seen as a relation \( UR \subseteq U\times R\), where \((u, r) \in UR \) means that user u is authorized to access resource r. Li, Tripunitara and Wang (2009) introduced the Resiliency Checking Problem (RCP), in which we are given an authorization policy, a subset of resources \(P \subseteq R\), as well as integers \(s \ge 0\), \(d \ge 1\) and \(t \ge 1\). It asks whether upon removal of any set of at most s users, there still exist d pairwise disjoint sets of at most t users such that each set has collectively access to all resources in P. This problem possesses several parameters which appear to take small values in practice. We thus analyze the parameterized complexity of RCP with respect to these parameters, by considering all possible combinations of |P|, s, d, t. In all but one case, we are able to settle whether the problem is in FPT, XP, W[2]-hard, para-NP-hard or para-coNP-hard. We also consider the restricted case where \(s=0\) for which we determine the complexity for all possible combinations of the parameters.
This research was partially supported by EPSRC grant EP/K005162/1. Gutin’s research was also supported by Royal Society Wolfson Research Merit Award.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Note that one can aggregate several parameters \(p_1, \dots , p_m\) by defining \(k=p_1+\dots +p_m\), in which case we will say the parameter is \((p_1, \dots , p_m)\).
- 2.
coNP\(^{\text {NP}}\) is the set of problems whose complement can be solved by a non-deterministic Turing machine having access to an oracle to a problem in NP.
- 3.
The ETH claims that SAT cannot be solved in \(O^*(2^{o(n)})\), where n is the number of variables in the CNF formula [7].
References
Crampton, J., Gutin, G., Watrigant, R.: A multivariate approach for checking resiliency in access control. CoRR: 1604.01550 (2016)
Creignou, N.: The class of problems that are linearly equivalent to satisfiability or a uniform method for proving NP-completeness. Theoret. Comput. Sci. 145(1–2), 111–145 (1995)
Cygan, M., Fomin, F.V., Kowalik, L., Lokshtanov, D., Marx, D., Pilipczuk, M., Pilipczuk, M., Saurabh, S.: Parameterized Algorithms. Springer, Switzerland (2015)
Dom, M., Lokshtanov, D., Saurabh, S.: Incompressibility through colors and IDs. In: Albers, S., Marchetti-Spaccamela, A., Matias, Y., Nikoletseas, S., Thomas, W. (eds.) ICALP 2009, Part I. LNCS, vol. 5555, pp. 378–389. Springer, Heidelberg (2009)
Downey, R.G., Fellows, M.R.: Fundamentals of Parameterized Complexity. Texts in Computer Science. Springer, London (2013)
Frank, A., Tardos, É.: An application of simultaneous diophantine approximation in combinatorial optimization. Combinatorica 7(1), 49–65 (1987)
Impagliazzo, R., Paturi, R., Zane, F.: Which problems have strongly exponential complexity? J. Comput. Syst. Sci. 63(4), 512–530 (2001)
Kannan, R.: Minkowski’s convex body theorem and integer programming. Math. Oper. Res. 12(3), 415–440 (1987)
Lenstra, H.W.: Integer programming with a fixed number of variables. Math. Oper. Res. 8(4), 538–548 (1983)
Li, N., Tripunitara, M.V., Wang, Q.: Resiliency policies in access control. ACM Trans. Inf. Syst. Secur. 12(4), 113–137 (2009)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29(2), 38–47 (1996)
Wang, Q., Li, N.: Satisfiability and resiliency in workflow authorization systems. ACM Trans. Inf. Syst. Secur. 13(4), 40 (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Crampton, J., Gutin, G., Watrigant, R. (2016). A Multivariate Approach for Checking Resiliency in Access Control. In: Dondi, R., Fertin, G., Mauri, G. (eds) Algorithmic Aspects in Information and Management. AAIM 2016. Lecture Notes in Computer Science(), vol 9778. Springer, Cham. https://doi.org/10.1007/978-3-319-41168-2_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-41168-2_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-41167-5
Online ISBN: 978-3-319-41168-2
eBook Packages: Computer ScienceComputer Science (R0)