Extending Access Control Models with Break-glass

Achim D. Brucker und Helmut Petritsch

Access control models are usually static, i.e., permissions are granted based on a policy that only changes seldom. Especially for scenarios in health care and disaster management, a more flexible support of access control, i.e., the underlying policy, is needed.

Break-glass is one approach for such a flexible support of policies which helps to prevent system stagnation that could harm lives or otherwise result in losses. Today, break-glass techniques are usually added on top of standard access control solutions in an ad-hoc manner and, therefore, lack an integration into the underlying access control paradigm and the systems' access control enforcement architecture.

We present an approach for integrating, in a fine-grained manner, break-glass strategies into standard access control models and their accompanying enforcement architecture. This integration provides means for specifying break-glass policies precisely and supporting model-driven development techniques based on such policies.

Schlüsselwörter:
Kategorien:
Dokumente:

QR Code for talk:brucker.ea:extending:2009.Bitte zitieren sie diesen Artikel wie folgt:
Achim D. Brucker und Helmut Petritsch. Extending Access Control Models with Break-glass. ACM symposium on access control models and technologies (SACMAT), Strea, Italy, 05. jun. 2009.
(Folien) (Handout) (BibTeX) (Share article on LinkedIn. Share article on CiteULike.)

BibTeX
@Talk{ talk:brucker.ea:extending:2009,
abstract = {Access control models are usually static, i.e., permissions are granted based on a policy that only changes seldom. Especially for scenarios in health care and disaster management, a more flexible support of access control, i.e., the underlying policy, is needed.\\\\Break-glass is one approach for such a flexible support of policies which helps to prevent system stagnation that could harm lives or otherwise result in losses. Today, break-glass techniques are usually added on top of standard access control solutions in an ad-hoc manner and, therefore, lack an integration into the underlying access control paradigm and the systems' access control enforcement architecture.\\\\We present an approach for integrating, in a fine-grained manner, break-glass strategies into standard access control models and their accompanying enforcement architecture. This integration provides means for specifying break-glass policies precisely and supporting model-driven development techniques based on such policies.},
address = {Strea, Italy},
author = {Achim D. Brucker and Helmut Petritsch},
day = {05},
event = {ACM symposium on access control models and technologies (SACMAT)},
handout = {https://www.brucker.ch/bibliography/download/2009/talk-brucker.ea-extending-2009-2x2.pdf},
isodate = {2009-06-05},
language = {USenglish},
lecturer = {Achim D. Brucker},
month = {jun},
slides = {https://www.brucker.ch/bibliography/download/2009/talk-brucker.ea-extending-2009.pdf},
slideshare = {26226973},
slideshare_height = {356},
slideshare_width = {427},
title = {Extending Access Control Models with Break-glass},
url = {https://www.brucker.ch/bibliography/abstract/talk-brucker.ea-extending-2009},
year = {2009},
}