DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TSC.2013.31
Xing Xie , Colorado State University, Fort Collins
Ping Yang , State University of New York at Binghamton, Binghamton
Shiyong Lu , Wayne State University, Detroit
Indrakshi Ray , Colorado State University, Fort Collins
Workflow security has become increasingly important and challenging in today's open service world. While much research has been conducted on various security issues of workflow systems, the workflow satisfiability problem, which asks whether a set of users together can complete a workflow, is recently identified as an important research problem that needs more investigation. In this paper, we study the computational complexity of the problem along two directions: one is by considering either one path or all paths of a workflow, and the other is by considering the possible patterns in a workflow. We further investigate the problem for access control policies with various constraints and workflows with different task constraints. We have shown that the general workflow satisfiability analysis problem is intractable. This complexity result motivates us to consider restrictions on workflow control-flow patterns and access control policies, and to identify tractable cases of practical interest.
Security Analysis, Workflow
Xing Xie, Ping Yang, Shiyong Lu, Indrakshi Ray, "Satisfiability Analysis of Workflows with Control-Flow Patterns and Authorization Constraints", IEEE Transactions on Services Computing, vol. , no. , pp. 0, 5555, doi:10.1109/TSC.2013.31