The Open Automation and Control Systems Journal
2014, 6 : 692-698Published online 2014 December 31. DOI: 10.2174/1874444301406010692
Publisher ID: TOAUTOCJ-6-692
Specification and Enforcement of the General User Authorization Query Problem in Role Based Access Control System
ABSTRACT
The User Authorization Query (UAQ) problem in Role Based Access Control (RBAC) is assigning roles to users in an appropriate manner. That is, take as input a set of permissions that a user requests to have in a session, and determine whether there exists an optimum set of roles to active. However the existing definition of UAQ is inadequate, it only considers the number of permissions whereas the number of roles is also equally important, has been largely ignored. In addition, little attention has been paid to the complexity analysis of the UAQ problem with the consideration of the both permission and role numbers in the literature. In this paper, we give a general definition of UAQ with the name of GUAQ by introducing the consideration for the number of both permissions and roles, and then study the computational complexity of the GUAQ problem into three subcases. Furthermore, we propose an approach for finding a safe resolution for GUAQ, which employ the preprocessing and reduction to SAT solver that greatly reduce the running time.