Satisfiability analysis of workflows with control-flow patterns and authorization constraints

Ping Yang; Xing Xie; Indrakshi Ray; Shiyong Lu

doi:10.1109/TSC.2013.31

Satisfiability analysis of workflows with control-flow patterns and authorization constraints

Ping Yang
, Xing Xie
, Indrakshi Ray
, Shiyong Lu

School of Computing

Binghamton University

Colorado State University
Wayne State University

Research output: Contribution to journal › Article › peer-review

20 Scopus citations

Abstract

Workflow security has become increasingly important and challenging in today's open service world. While much research has been conducted on various security issues of workflow systems, the workflow satisfiability problem, which asks whether a set of users together can complete a workflow, is recently identified as an important research problem that needs more investigation. In this paper, we study the computational complexity of the problem along two directions: one is by considering either one path or all paths of a workflow, and the other is by considering the possible patterns in a workflow. We have shown that the general workflow satisfiability analysis problem is intractable. This result motivates us to consider restrictions on workflow control-flow patterns and access control policies, and to identify tractable cases of practical interest.

Original language	English
Article number	6517190
Pages (from-to)	237-251
Number of pages	15
Journal	IEEE Transactions on Services Computing
Volume	7
Issue number	2
DOIs	https://doi.org/10.1109/TSC.2013.31
State	Published - 2014

Keywords

Workflow satisfiability analysis
access control

Access to Document

10.1109/TSC.2013.31

Cite this

@article{5a8e796e0687442fb5bee0814edda819,

title = "Satisfiability analysis of workflows with control-flow patterns and authorization constraints",

abstract = "Workflow security has become increasingly important and challenging in today's open service world. While much research has been conducted on various security issues of workflow systems, the workflow satisfiability problem, which asks whether a set of users together can complete a workflow, is recently identified as an important research problem that needs more investigation. In this paper, we study the computational complexity of the problem along two directions: one is by considering either one path or all paths of a workflow, and the other is by considering the possible patterns in a workflow. We have shown that the general workflow satisfiability analysis problem is intractable. This result motivates us to consider restrictions on workflow control-flow patterns and access control policies, and to identify tractable cases of practical interest.",

keywords = "Workflow satisfiability analysis, access control",

author = "Ping Yang and Xing Xie and Indrakshi Ray and Shiyong Lu",

year = "2014",

doi = "10.1109/TSC.2013.31",

language = "English",

volume = "7",

pages = "237--251",

journal = "IEEE Transactions on Services Computing",

issn = "1939-1374",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

number = "2",

}

TY - JOUR

T1 - Satisfiability analysis of workflows with control-flow patterns and authorization constraints

AU - Yang, Ping

AU - Xie, Xing

AU - Ray, Indrakshi

AU - Lu, Shiyong

PY - 2014

Y1 - 2014

N2 - Workflow security has become increasingly important and challenging in today's open service world. While much research has been conducted on various security issues of workflow systems, the workflow satisfiability problem, which asks whether a set of users together can complete a workflow, is recently identified as an important research problem that needs more investigation. In this paper, we study the computational complexity of the problem along two directions: one is by considering either one path or all paths of a workflow, and the other is by considering the possible patterns in a workflow. We have shown that the general workflow satisfiability analysis problem is intractable. This result motivates us to consider restrictions on workflow control-flow patterns and access control policies, and to identify tractable cases of practical interest.

AB - Workflow security has become increasingly important and challenging in today's open service world. While much research has been conducted on various security issues of workflow systems, the workflow satisfiability problem, which asks whether a set of users together can complete a workflow, is recently identified as an important research problem that needs more investigation. In this paper, we study the computational complexity of the problem along two directions: one is by considering either one path or all paths of a workflow, and the other is by considering the possible patterns in a workflow. We have shown that the general workflow satisfiability analysis problem is intractable. This result motivates us to consider restrictions on workflow control-flow patterns and access control policies, and to identify tractable cases of practical interest.

KW - Workflow satisfiability analysis

KW - access control

UR - https://www.scopus.com/pages/publications/84903163805

U2 - 10.1109/TSC.2013.31

DO - 10.1109/TSC.2013.31

M3 - Article

SN - 1939-1374

VL - 7

SP - 237

EP - 251

JO - IEEE Transactions on Services Computing

JF - IEEE Transactions on Services Computing

IS - 2

M1 - 6517190

ER -

Satisfiability analysis of workflows with control-flow patterns and authorization constraints

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this