Website of Achim D. Brucker
[Deutsch]
[English]
Achim D. Brucker and Helmut Petritsch
Access control models are usually static, i.e., permissions are granted based on a policy that only changes seldom. Especially for scenarios in health care and disaster management, a more flexible support of access control, i.e., the underlying policy, is needed.
Break-glass is one approach for such a flexible support of policies which helps to prevent system stagnation that could harm lives or otherwise result in losses. Today, break-glass techniques are usually added on top of standard access control solutions in an ad-hoc manner and, therefore, lack an integration into the underlying access control paradigm and the systems' access control enforcement architecture.
We present an approach for integrating, in a fine-grained manner, break-glass strategies into standard access control models and their accompanying enforcement architecture. This integration provides means for specifying break-glass policies precisely and supporting model-driven development techniques based on such policies.
Keywords: disaster management, access-control, break-glass, model-driven security
Categories: 
, 
Please cite this article as follows:
Achim D. Brucker and Helmut Petritsch.
Extending Access Control Models with Break-glass.
In ACM symposium on access control models and technologies (SACMAT), pages 197-206, ACM Press, 2009.
Keywords: disaster management, access-control, break-glass, model-driven security
(PDF) (BibTeX) (Endnote) (RIS) (Word 2007) (doi:10.1145/1542207.1542239) (ACM) (
| abstract | = | {Access control models are usually static, i.e., permissions are granted based on a policy that only changes seldom. Especially for scenarios in health care and disaster management, a more flexible support of access control, i.e., the underlying policy, is needed.\\\\Break-glass is one approach for such a flexible support of policies which helps to prevent system stagnation that could harm lives or otherwise result in losses. Today, break-glass techniques are usually added on top of standard access control solutions in an ad-hoc manner and, therefore, lack an integration into the underlying access control paradigm and the systems' access control enforcement architecture.\\\\We present an approach for integrating, in a fine-grained manner, break-glass strategies into standard access control models and their accompanying enforcement architecture. This integration provides means for specifying break-glass policies precisely and supporting model-driven development techniques based on such policies.}, | |
| address | = | {New York, NY, USA}, | |
| author | = | {Achim D. Brucker and Helmut Petritsch}, | |
| booktitle | = | {ACM symposium on access control models and technologies (SACMAT)}, | |
| copyright | = | {ACM}, | |
| copyrighturl | = | {http://dl.acm.org/authorize?175073}, | |
| doi | = | {10.1145/1542207.1542239}, | |
| editor | = | {Barbara Carminati and James Joshi}, | |
| isbn | = | {978-1-60558-537-6}, | |
| keywords | = | {disaster management, access-control, break-glass, model-driven security}, | |
| location | = | {Stresa, Italy}, | |
| pages | = | {197--206}, | |
| = | {http://www.brucker.ch/bibliography/download/2009/brucker.ea-extending-2009.pdf}, | ||
| publisher | = | {ACM Press}, | |
| title | = | {Extending Access Control Models with Break-glass}, | |
| url | = | {http://www.brucker.ch/bibliography/abstract/brucker.ea-extending-2009}, | |
| year | = | {2009}, |