Set Covering Problems in Role-Based Access Control

  • Liang Chen
  • Jason Crampton
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5789)


Interest in role-based access control has generated considerable research activity in recent years. A number of interesting problems related to the well known set cover problem have come to light as a result of this activity. However, the computational complexity of some of these problems is still not known. In this paper, we explore some variations on the set cover problem and use these variations to establish the computational complexity of these problems. Most significantly, we introduce the minimal cover problem – a generalization of the set cover problem – which we use to determine the complexity of the inter-domain role mapping problem.


Polynomial Time Access Control Decision Problem Cover Problem Minimal Cover 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Sandhu, R., Coyne, E.J., Feinstein, H., Youman, C.E.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)CrossRefGoogle Scholar
  2. 2.
    American National Standards Institute: ANSI INCITS 359-2004 for Role Based Access Control (2004)Google Scholar
  3. 3.
    Du, S., Joshi, J.B.D.: Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, pp. 228–236 (2006)Google Scholar
  4. 4.
    Chen, L., Crampton, J.: Inter-domain role mapping and least privilege. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, pp. 157–162 (2007)Google Scholar
  5. 5.
    Zhang, Y., Joshi, J.B.D.: UAQ: A framework for user authorization query processing in RBAC extended with hybrid hierarchy and constraints. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, pp. 83–92 (2008)Google Scholar
  6. 6.
    Wickramaarachchi, G.T., Qardaji, W.H., Li, N.: An efficient framework for user authorization queries in RBAC systems. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, pp. 23–32 (2009)Google Scholar
  7. 7.
    Li, N., Tripunitara, M.V., Bizri, Z.: On mutually exclusive roles and separation-of-duty. ACM Transactions on Information and System Security 10(2) (2007)Google Scholar
  8. 8.
    Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W. H. Freeman and Company, New York (1979)zbMATHGoogle Scholar
  9. 9.
    Chen, H., Li, N.: Constraint generation for separation of duty. In: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, pp. 130–138 (2006)Google Scholar
  10. 10.
    Johnson, D.S.: Approximation algorithms for combinatorial problems. Journal of Computer and System Sciences 9(3), 256–278 (1974)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Chvatal, V.: A greedy heuristic for the set-covering problem. Mathematics of operations research 4(3), 233–235 (1979)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Feige, U.: A threshold of ln n for approximating set cover. Journal of the ACM 45(4), 634–652 (1998)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Liang Chen
    • 1
  • Jason Crampton
    • 1
  1. 1.Information Security Group and Department of Mathematics Royal HollowayUniversity of LondonUK

Personalised recommendations