Advertisement

© 2014

Break-Glass

Handling Exceptional Situations in Access Control

Book

Table of contents

  1. Front Matter
    Pages i-xiii
  2. Helmut Petritsch
    Pages 1-14
  3. Helmut Petritsch
    Pages 15-36
  4. Helmut Petritsch
    Pages 37-50
  5. Helmut Petritsch
    Pages 51-91
  6. Helmut Petritsch
    Pages 93-105
  7. Helmut Petritsch
    Pages 107-124
  8. Helmut Petritsch
    Pages 125-135
  9. Helmut Petritsch
    Pages 137-163
  10. Helmut Petritsch
    Pages 165-175
  11. Helmut Petritsch
    Pages 177-196
  12. Back Matter
    Pages 197-220

About this book

Introduction

Helmut Petritsch describes the first holistic approach to Break-Glass which covers the whole life-cycle: from access control modeling (pre-access), to logging the security-relevant system state during Break-Glass accesses (at-access), and the automated analysis of Break-Glass accesses (post-access).

Break-Glass allows users to override security restrictions in exceptional situations. While several Break-Glass models specific to given access control models have already been discussed in research (e.g., extending RBAC with Break-Glass), the author introduces a generic Break-Glass model. The presented model is generic both in the sense that it allows to model existing Break-Glass approaches and that it is independent of the underlying access control model.

Contents

  • Generic Break-Glass model and Break-Glass lifecycle
  • Policy definition: pre-access
  • User information, recording the system state: at-access
  • Analysis: post-access

 Target Groups

  • Researchers and students in the field of computer science and access control, as well as scholars applying the concept of emergency access, e.g., in medical care
  •  Application developers with demanding requirements regarding the access control system, e.g., using XACML; application architects for systems implementing emergency access

About the Author

Helmut Petritsch is currently working as developer of enterprise software at a German multinational company.

Keywords

Automated Post-Access Analysis Break-Glass Dynamic Access Control Recording System State Security Override

Authors and affiliations

  1. 1.Strategic Customer EngagementSAP AGWalldorfGermany

About the authors

Helmut Petritsch is currently working as developer of enterprise software at a German multinational company.

Bibliographic information