TY - JOUR
T1 - Optimal Employee Recruitment in Organizations under Attribute-Based Access Control
AU - Roy, Arindam
AU - Sural, Shamik
AU - Majumdar, Arun Kumar
AU - Vaidya, Jaideep
AU - Atluri, Vijayalakshmi
N1 - Funding Information:
Research reported in this publication was supported by the National Science Foundation under awards CNS-1624503 and CNS-1747728 and the National Institutes of Health under awards R01GM118574 and R35GM134927. The content is solely the responsibility of the authors and does not necessarily represent the official views of the agencies funding the research. Authors’ addresses: A. Roy, Big Data Analytics, Goa Institute of Management, Sanquelim, Goa, 403505, India; email: roy.arindam469@gmail.com; S. Sural and A. K. Majumdar, Department of Computer Science and Engineering, IIT Kharag-pur, West Bengal, 721302, India; emails: {shamik, akmj}@cse.iitkgp.ernet.in; J. Vaidya and V. Atluri, Management Science and Information Systems Department, Rutgers University, Newark, New Jersey, 07102, USA; emails: jsvaidya@ rbs.rutgers.edu, atluri@rutgers.edu. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org. © 2021 Association for Computing Machinery. 2158-656X/2021/01-ART6 $15.00 https://doi.org/10.1145/3403950
Publisher Copyright:
© 2021 ACM.
PY - 2021/3
Y1 - 2021/3
N2 - For any successful business endeavor, recruitment of a required number of appropriately qualified employees in proper positions is a key requirement. For effective utilization of human resources, reorganization of such workforce assignment is also a task of utmost importance. This includes situations when the under-performing employees have to be substituted with fresh applicants. Generally, the number of candidates applying for a position is large, and hence, the task of identifying an optimal subset becomes critical. Moreover, a human resource manager would also like to make use of the opportunity of retirement of employees to improve manpower utilization. However, the constraints enforced by the security policies prohibit any arbitrary assignment of tasks to employees. Further, the new employees should have the capabilities required to handle the assigned tasks. In this article, we formalize this problem as the Optimal Recruitment Problem (ORP), wherein the goal is to select the minimum number of fresh employees from a set of candidates to fill the vacant positions created by the outgoing employees, while ensuring satisfiability of the specified security conditions. The model used for specification of authorization policies and constraints is Attribute-Based Access Control (ABAC), since it is considered to be the de facto next-generation framework for handling organizational security policies. We show that the ORP problem is NP-hard and propose a greedy heuristic for solving it. Extensive experimental evaluation shows both the effectiveness and efficiency of the proposed solution.
AB - For any successful business endeavor, recruitment of a required number of appropriately qualified employees in proper positions is a key requirement. For effective utilization of human resources, reorganization of such workforce assignment is also a task of utmost importance. This includes situations when the under-performing employees have to be substituted with fresh applicants. Generally, the number of candidates applying for a position is large, and hence, the task of identifying an optimal subset becomes critical. Moreover, a human resource manager would also like to make use of the opportunity of retirement of employees to improve manpower utilization. However, the constraints enforced by the security policies prohibit any arbitrary assignment of tasks to employees. Further, the new employees should have the capabilities required to handle the assigned tasks. In this article, we formalize this problem as the Optimal Recruitment Problem (ORP), wherein the goal is to select the minimum number of fresh employees from a set of candidates to fill the vacant positions created by the outgoing employees, while ensuring satisfiability of the specified security conditions. The model used for specification of authorization policies and constraints is Attribute-Based Access Control (ABAC), since it is considered to be the de facto next-generation framework for handling organizational security policies. We show that the ORP problem is NP-hard and propose a greedy heuristic for solving it. Extensive experimental evaluation shows both the effectiveness and efficiency of the proposed solution.
KW - Role-based access control (RBAC)
KW - graph coloring
KW - greedy algorithm
KW - statically mutually exclusive roles (SMER) constraint
UR - http://www.scopus.com/inward/record.url?scp=85102979969&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85102979969&partnerID=8YFLogxK
U2 - 10.1145/3403950
DO - 10.1145/3403950
M3 - Article
AN - SCOPUS:85102979969
SN - 2158-656X
VL - 12
JO - ACM Transactions on Management Information Systems
JF - ACM Transactions on Management Information Systems
IS - 1
M1 - 3403950
ER -