Recent work has shown that many problems of satisfiability and resiliency in workflows may be viewed as special cases of the authorization policy existence problem (APEP), which returns an authorization policy if one exists and 'No' otherwise. However, in many practical settings it would be more useful to obtain a 'least bad' policy than just a 'No', where 'least bad' is characterized by some numerical value indicating the extent to which the policy violates the base authorization relation and constraints. Accordingly, we introduce the Valued APEP, which returns an authorization policy of minimum weight, where the (non-negative) weight is determined by the constraints violated by the returned solution. We then establish a number of results concerning the parameterized complexity of Valued APEP. We prove that the problem is fixed-parameter tractable (FPT) if the set of constraints satisfies two restrictions, but is intractable if only one of these restrictions holds. (Most constraints known to be of practical use satisfy both restrictions.) We also introduce a new type of resiliency for workflow satisfiability problem, show how it can be addressed using Valued APEP and use this to build a set of benchmark instances for Valued APEP. Following a set of computational experiments with two mixed integer programming (MIP) formulations, we demonstrate that the Valued APEP formulation based on the user profile concept has FPT-like running time and usually significantly outperforms a naive formulation.
翻译:最近的工作表明,许多工作流程的可视性和弹性问题可被视为授权政策存在问题(APEP)的特殊案例,而授权政策问题(APEP)是授权政策(APEP)的特例,如果存在授权政策,则返回授权政策(APEP)的特例。然而,在许多实际环境中,获得“最坏”政策比“不”政策更为有用,因为“最坏”的特点是一些数字价值,表明政策违反基本授权关系和限制的程度。因此,我们引入了价值的APEP, 返回的解决方案所违反的限制决定了授权政策(非负)的权重。我们随后就价值APEP的参数复杂性制定了一些结果。我们证明,如果一套限制满足了两项限制,那么问题就是一个固定的参数(FPT),但如果只有其中一项限制存在,就难以解决。 (已知最有实际用途的制约既满足了两项限制。)我们还引入一种新的工作流程弹性弹性弹性政策,表明如何用价值(非负重)来解决(我们如何使用价值的APEP的标准化模型,并用两种标准制定。