Enabling Workforce Optimization in Constrained Attribute-Based Access Control Systems

Autor: Arindam Roy, Vijay Atluri, Shamik Sural, Jaideep Vaidya, Arun Majumdar
Rok vydání: 2021
Předmět:
Zdroj: IEEE Trans Emerg Top Comput
ISSN: 2376-4562
DOI: 10.1109/tetc.2019.2944787
Popis: Effective utilization of human capital is one of the key requirements for any successful business endeavor, with reorganization necessary if there are nonproductive employees or employees that are retiring. However, while reorganizing tasks for newer employees, it should be ensured that the employees have the requisite capabilities of handling the assigned tasks. Furthermore, security constraints forbid any arbitrary assignment of tasks to employees and also enforce major dependencies on other employees who have access to the same tasks. Since Attribute Based Access Control (ABAC) is poised to emerge as the de facto model for specifying access control policies in commercial information systems, we consider organizational policies and constraints to be modeled with ABAC. Given the increasing size and scale of organizations, both in terms of employees and resources that need to be managed, it is crucial that computational solutions are developed to automate the process of employee to task assignment. In this work, we define the Employee Replacement Problem (ERP) which answers the question of whether a given set of employees can be replaced by a smaller set of employees, while ensuring that the desired security constraints are not violated. We prove that the problem is NP-hard and use CNF-SAT to obtain a solution. An extensive experimental evaluation is carried out on diverse data sets to validate the efficiency of the proposed solution.
Databáze: OpenAIRE