Specification and Enforcement of the General User Authorization Query Problem in Role Based Access Control System

Xiaopu Ma, Yan Liu, Li Zhao, Yihua Lan, Jianfeng Lu
2014 Open Automation and Control Systems Journal  
The User Authorization Query (UAQ) problem in Role Based Access Control (RBAC) is assigning roles to users in an appropriate manner. That is, take as input a set of permissions that a user requests to have in a session, and determine whether there exists an optimum set of roles to active. However the existing definition of UAQ is inadequate, it only considers the number of permissions whereas the number of roles is also equally important, has been largely ignored. In addition, little attention
more » ... , little attention has been paid to the complexity analysis of the UAQ problem with the consideration of the both permission and role numbers in the literature. In this paper, we give a general definition of UAQ with the name of GUAQ by introducing the consideration for the number of both permissions and roles, and then study the computational complexity of the GUAQ problem into three subcases. Furthermore, we propose an approach for finding a safe resolution for GUAQ, which employ the preprocessing and reduction to SAT solver that greatly reduce the running time.
doi:10.2174/1874444301406010692 fatcat:6ahjim2n5jf6fg5gu44f7eotda