Extending access control models with break-glass

Achim D. Brucker, Helmut Petritsch
2009 Proceedings of the 14th ACM symposium on Access control models and technologies - SACMAT '09  
Access control models are usually static, i. e., permissions are granted based on a policy that only changes seldom. Especially for scenarios in health care and disaster management, a more flexible support of access control, i. e., the underlying policy, is needed. Break-glass is one approach for such a flexible support of policies which helps to prevent system stagnation that could harm lives or otherwise result in losses. Today, breakglass techniques are usually added on top of standard
more » ... control solutions in an ad-hoc manner and, therefore, lack an integration into the underlying access control paradigm and the systems' access control enforcement architecture. We present an approach for integrating, in a fine-grained manner, break-glass strategies into standard access control models and their accompanying enforcement architecture. This integration provides means for specifying break-glass policies precisely and supporting model-driven development techniques based on such policies.
doi:10.1145/1542207.1542239 dblp:conf/sacmat/BruckerP09 fatcat:zjhl4tuxdrebbd6rfujxqp5xx4