TY - CHAP AU - Brucker, Achim D. AU - Petritsch, Helmut ED - Carminati, Barbara ED - Joshi, James PY - 2009 DA - 2009// TI - Extending Access Control Models with Break-glass BT - ACM symposium on access control models and technologies (SACMAT) SP - 197 EP - 206 PB - ACM Press CY - New York, NY, USA KW - disaster management, access-control, break-glass, model-driven security AB - Access control models are usually static, i.e., permissions are granted based on a policy that only changes seldom. Especially for scenarios in health care and disaster management, a more flexible support of access control, i.e., the underlying policy, is needed. Break-glass is one approach for such a flexible support of policies which helps to prevent system stagnation that could harm lives or otherwise result in losses. Today, break-glass techniques are usually added on top of standard access control solutions in an ad-hoc manner and, therefore, lack an integration into the underlying access control paradigm and the systems’ access control enforcement architecture. We present an approach for integrating, in a fine-grained manner, break-glass strategies into standard access control models and their accompanying enforcement architecture. This integration provides means for specifying break-glass policies precisely and supporting model-driven development techniques based on such policies. SN - 978-1-60558-537-6 L1 - https://www.brucker.ch/bibliography/download/2009/brucker.ea-extending-2009.pdf UR - https://www.brucker.ch/bibliography/abstract/brucker.ea-extending-2009 UR - https://doi.org/10.1145/1542207.1542239 DO - 10.1145/1542207.1542239 ID - brucker.ea:extending:2009 ER -