by Achim D. Brucker and Helmut Petritsch
Access control models are usually static, i.e., permissions are granted based on a policy that only changes seldom. Especially for scenarios in health care and disaster management, a more flexible support of access control, i.e., the underlying policy, is needed.
Break-glass is one approach for such a flexible support of policies which helps to prevent system stagnation that could harm lives or otherwise result in losses. Today, break-glass techniques are usually added on top of standard access control solutions in an ad-hoc manner and, therefore, lack an integration into the underlying access control paradigm and the systems' access control enforcement architecture.
We present an approach for integrating, in a fine-grained manner, break-glass strategies into standard access control models and their accompanying enforcement architecture. This integration provides means for specifying break-glass policies precisely and supporting model-driven development techniques based on such policies.
Keywords:
Categories:
Documents:
Please cite this article as follows:
Achim D. Brucker and Helmut Petritsch.
Extending Access Control Models with Break-glass. ACM symposium on access control models and technologies (SACMAT), Strea, Italy, 05. jun. 2009.
(slides) (handout) (BibTeX) (
abstract | = | {Access control models are usually static, i.e., permissions are granted based on a policy that only changes seldom. Especially for scenarios in health care and disaster management, a more flexible support of access control, i.e., the underlying policy, is needed.\\\\Break-glass is one approach for such a flexible support of policies which helps to prevent system stagnation that could harm lives or otherwise result in losses. Today, break-glass techniques are usually added on top of standard access control solutions in an ad-hoc manner and, therefore, lack an integration into the underlying access control paradigm and the systems' access control enforcement architecture.\\\\We present an approach for integrating, in a fine-grained manner, break-glass strategies into standard access control models and their accompanying enforcement architecture. This integration provides means for specifying break-glass policies precisely and supporting model-driven development techniques based on such policies.}, | |
address | = | {Strea, Italy}, | |
author | = | {Achim D. Brucker and Helmut Petritsch}, | |
day | = | {05}, | |
event | = | {ACM symposium on access control models and technologies (SACMAT)}, | |
handout | = | {https://www.brucker.ch/bibliography/download/2009/talk-brucker.ea-extending-2009-2x2.pdf}, | |
isodate | = | {2009-06-05}, | |
language | = | {USenglish}, | |
lecturer | = | {Achim D. Brucker}, | |
month | = | {jun}, | |
slides | = | {https://www.brucker.ch/bibliography/download/2009/talk-brucker.ea-extending-2009.pdf}, | |
slideshare | = | {26226973}, | |
slideshare_height | = | {356}, | |
slideshare_width | = | {427}, | |
title | = | {Extending Access Control Models with Break-glass}, | |
url | = | {https://www.brucker.ch/bibliography/abstract/talk-brucker.ea-extending-2009}, | |
year | = | {2009}, |