A Generic Break-Glass Model
Our contributions are presented along the life cycle of a Break-Glass access as depicted in Figure 3.1: the Chapters 4-6, where the pre-, at-, and post-access phases of Break-Glass are presented, are based on our Break-Glass model presented in this chapter. In section 3.1, we will discuss the requirements constituting the characteristics of Break-Glass. Throughout the thesis, we will show how those requirements can be implemented. We will introduce our abstract Break-Glass model in section 3.2. The abstract model will be instantiated with two implementations: the core Break-Glass model in section 3.3 is based on our publication  and defines privileges only with positive, i. e., PERMIT, permissions; and the constraints Break-Glass model in section 3.4 which also allows to define constraining, i. e., DENY, permissions.
KeywordsAbstract Model Core Model Constraint Model Exceptional Situation Policy Enforcement Point
Unable to display preview. Download preview PDF.