Cloud identity and access management in Cybersecurity - Time & Space Complexity

When managing cloud identities and access, it is important to understand how the time to check permissions grows as the number of users and resources increases.

We want to know how the system handles more users and permissions without slowing down too much.

Analyze the time complexity of the following access check process.

function checkAccess(user, resource) {
  for (let role of user.roles) {
    for (let permission of role.permissions) {
      if (permission.resource === resource && permission.allowed) {
        return true;
      }
    }
  }
  return false;
}
    

This code checks if a user has permission to access a resource by looking through all their roles and permissions.

• Primary operation: Nested loops over user roles and their permissions.
• How many times: For each role, it checks all permissions until it finds a match or finishes.

As the number of roles and permissions grows, the time to check access increases by checking more items.

Input Size (roles x permissions)	Approx. Operations
10 (e.g., 2 roles x 5 permissions)	About 10 checks
100 (e.g., 10 roles x 10 permissions)	About 100 checks
1000 (e.g., 20 roles x 50 permissions)	About 1000 checks

Pattern observation: The number of checks grows roughly with the total number of role-permission pairs.

Time Complexity: O(r x p)

This means the time to check access grows proportionally to the number of roles times the number of permissions per role.

[X] Wrong: "Checking one role is enough, so time is always constant."

[OK] Correct: Users often have multiple roles, and each role can have many permissions, so the system must check all relevant pairs to be sure.

Understanding how access checks scale helps you explain how cloud systems stay secure and efficient as they grow.

"What if permissions were stored in a fast lookup table instead of lists? How would the time complexity change?"