Break-Glass pp 107-124 | Cite as

Analysis: Post-Access

Chapter

Abstract

An integral part of Break-Glass is the need to separate legitimate from illegitimate accesses, i. e., analyze Break-Glass accesses in the post-access phase. Only if users know that misuse of Break-Glass will be punished, they will use Break-Glass the way it is intended: as exception mechanism for exceptional situations. However, making a post-access decision is a non-trivial task, as a lot of information is required to make a well-founded decision. Furthermore, it requires a human person – or an auditor as we will refer to them – to make the decision. As manual work is expensive, auditors should be supported in their work by the system, thus increasing the efficiency and reducing the need for investigations and therefore reducing the costs of the Break-Glass system.

Keywords

Policy Language Abstract Evaluation Corporate Policy Policy Decision Point Policy Enforcement Point 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer Fachmedien Wiesbaden 2014

Authors and Affiliations

  1. 1.Strategic Customer EngagementSAP AGWalldorfGermany

Personalised recommendations