Obstruction-free Authorization Enforcement: Aligning Security and Business Objectives (Revised Version 05/26/2011)

Access control is fundamental in protecting information systems but it also poses an obstacle to achieving business objectives. We analyze this tradeoff and its avoidance in the context of systems modeled as workflows restricted by authorization constraints including those specifying Separation of Duty (SoD) and Binding of Duty (BoD). To begin with, we present a novel approach to scoping authorization constraints within workflows with loops and conditional execution. Afterwards, we consider enforcement’s effects on business objectives. We identify the notion of obstruction, which generalizes deadlock within a system where access control is enforced, and we formulate the existence of an obstruction-free enforcement mechanism as a decision problem. We present lower and upper bounds for the complexity of this problem and also give an approximation algorithm that performs well when authorizations are equally distributed among the users.

An extended and revised version of this paper is available under RZ3816.

By: D. Basin, S.J. Burri, G. Karjoth

Published in: Proc. 24th IEEE Computer Security Foundations Symp. "CSF 2011," Cernay-La-Ville, France, Piscataway, IEEE, p.99-113 in 2011

Please obtain a copy of this paper from your local library. IBM cannot distribute this paper externally.

Questions about this service can be mailed to reports@us.ibm.com .