Break-Glass

Handling Exceptional Situations in Access Control

  • HelmutĀ Petritsch

Table of contents

  1. Front Matter
    Pages i-xiii
  2. Helmut Petritsch
    Pages 1-14
  3. Helmut Petritsch
    Pages 15-36
  4. Helmut Petritsch
    Pages 37-50
  5. Helmut Petritsch
    Pages 51-91
  6. Helmut Petritsch
    Pages 93-105
  7. Helmut Petritsch
    Pages 107-124
  8. Helmut Petritsch
    Pages 125-135
  9. Helmut Petritsch
    Pages 137-163
  10. Helmut Petritsch
    Pages 165-175
  11. Helmut Petritsch
    Pages 177-196
  12. Back Matter
    Pages 197-220

About this book

Introduction

Helmut Petritsch describes the first holistic approach to Break-Glass which covers the whole life-cycle: from access control modeling (pre-access), to logging the security-relevant system state during Break-Glass accesses (at-access), and the automated analysis of Break-Glass accesses (post-access).

Break-Glass allows users to override security restrictions in exceptional situations. While several Break-Glass models specific to given access control models have already been discussed in research (e.g., extending RBAC with Break-Glass), the author introduces a generic Break-Glass model. The presented model is generic both in the sense that it allows to model existing Break-Glass approaches and that it is independent of the underlying access control model.

Contents

  • Generic Break-Glass model and Break-Glass lifecycle
  • Policy definition: pre-access
  • User information, recording the system state: at-access
  • Analysis: post-access

 Target Groups

  • Researchers and students in the field of computer science and access control, as well as scholars applying the concept of emergency access, e.g., in medical care
  •  Application developers with demanding requirements regarding the access control system, e.g., using XACML; application architects for systems implementing emergency access

About the Author

Helmut Petritsch is currently working as developer of enterprise software at a German multinational company.

Keywords

Automated Post-Access Analysis Break-Glass Dynamic Access Control Recording System State Security Override

Authors and affiliations

  • HelmutĀ Petritsch
    • 1
  1. 1.Strategic Customer EngagementSAP AGWalldorfGermany

Bibliographic information

  • DOI https://doi.org/10.1007/978-3-658-07365-7
  • Copyright Information Springer Fachmedien Wiesbaden 2014
  • Publisher Name Springer Vieweg, Wiesbaden
  • eBook Packages Computer Science
  • Print ISBN 978-3-658-07364-0
  • Online ISBN 978-3-658-07365-7
  • About this book