English

A Multivariate Approach for Checking Resiliency in Access Control

Data Structures and Algorithms 2016-04-26 v2 Cryptography and Security

Abstract

In recent years, several combinatorial problems were introduced in the area of access control. Typically, such problems deal with an authorization policy, seen as a relation URU×RUR \subseteq U \times R, where (u,r)UR(u, r) \in UR means that user uu is authorized to access resource rr. Li, Tripunitara and Wang (2009) introduced the Resiliency Checking Problem (RCP), in which we are given an authorization policy, a subset of resources PRP \subseteq R, as well as integers s0s \ge 0, d1d \ge 1 and t1t \geq 1. It asks whether upon removal of any set of at most ss users, there still exist dd pairwise disjoint sets of at most tt users such that each set has collectively access to all resources in PP. This problem possesses several parameters which appear to take small values in practice. We thus analyze the parameterized complexity of RCP with respect to these parameters, by considering all possible combinations of P,s,d,t|P|, s, d, t. In all but one case, we are able to settle whether the problem is in FPT, XP, W[2]-hard, para-NP-hard or para-coNP-hard. We also consider the restricted case where s=0s=0 for which we determine the complexity for all possible combinations of the parameters.

Keywords

Cite

@article{arxiv.1604.01550,
  title  = {A Multivariate Approach for Checking Resiliency in Access Control},
  author = {Jason Crampton and Gregory Gutin and Rémi Watrigant},
  journal= {arXiv preprint arXiv:1604.01550},
  year   = {2016}
}
R2 v1 2026-06-22T13:26:20.010Z