research-article

Extending access control models with break-glass

Authors:

Achim D. Brucker,

Helmut PetritschAuthors Info & Claims

SACMAT '09: Proceedings of the 14th ACM symposium on Access control models and technologies

Pages 197 - 206

https://doi.org/10.1145/1542207.1542239

Published: 03 June 2009 Publication History

Abstract

Access control models are usually static, i.e, permissions are granted based on a policy that only changes seldom. Especially for scenarios in health care and disaster management, a more flexible support of access control, i.e., the underlying policy, is needed.

Break-glass is one approach for such a flexible support of policies which helps to prevent system stagnation that could harm lives or otherwise result in losses. Today, break-glass techniques are usually added on top of standard access control solutions in an ad-hoc manner and, therefore, lack an integration into the underlying access control paradigm and the systems' access control enforcement architecture.

We present an approach for integrating, in a fine-grained manner, break-glass strategies into standard access control models and their accompanying enforcement architecture. This integration provides means for specifying break-glass policies precisely and supporting model-driven development techniques based on such policies.

References

[1]

Break-glass: An approach to granting emergency access to healthcare systems. White paper, Joint NEMA/COCIR/JIRA Security and Privacy Committee (SPC), 2004.

[2]

J. Alqatawna, E. Rissanen, and B. Sadighi. Overriding of access control in XACML. In Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), pages 87--95, Los Alamitos, CA, USA, 2007. IEEE Computer Society.

Digital Library

[3]

E. Barka and R. Sandhu. Framework for role-based delegation models. In Proceedings of the 16th Annual Computer Security Applications Conference, pages 168--176, Los Alamitos, CA, USA, 2000. IEEE Computer Society.

Digital Library

[4]

Basel Committee on Banking Supervision. Basel II: International convergence of capital measurement and capital standards. Technical report, Bank for International Settlements, Basel, Switzerland, 2004.

[5]

D. Basin, M. Clavel, J. Doser, and M. Egea. Automated analysis of security-design models. Information and Software Technology, 51(5):815--831, 2009. Special Issue on Model-Driven Development for Secure Information Systems.

Digital Library

[6]

D. A. Basin, J. Doser, and T. Lodderstedt. Model driven security: From uml models to access control infrastructures. ACM Transactions on Software Engineering and Methodology, 15(1):39--91, 2006.

Digital Library

[7]

K. Beznosov. Requirements for access control: US healthcare domain. In Proceedings of the third ACM workshop on Role-based access control (RBAC), page 43, New York, NY USA, 1998. ACM Press.

Digital Library

[8]

A. D. Brucker and J. Doser. Metamodel-based UML notations for domain-specific languages. In J. M. Favre, D. Gasevic, R. Lämmel, and A. Winter, editors, 4th International Workshop on Software Language Engineering (ATEM 2007). Oct. 2007.

[9]

A. D. Brucker, J. Doser, and B. Wolff. An MDA framework supporting OCL. Electronic Communications of the EASST, 5, 2006.

[10]

A. D. Brucker, J. Doser, and B. Wolff. A model transformation semantics and analysis methodology for SecureUML. In O. Nierstrasz, J. Whittle, D. Harel, and G. Reggio, editors, MoDELS 2006: Model Driven Engineering Languages and Systems, number 4199 in Lecture Notes in Computer Science, pages 306--320. Springer-Verlag, 2006. An extended version of this paper is available as ETH Technical Report, no. 524.

Digital Library

[11]

D. W. Chadwick and A. Otenko. The PERMIS X.509 role based privilege management infrastructure. In Proceedings of the seventh ACM symposium on Access control models and technologies (SACMAT), pages 135--140, New York, NY USA, 2002. ACM Press.

Digital Library

[12]

N. Dimmock, A. Belokosztolszki, D. Eyers, J. Bacon, and K. Moody. Using trust and risk in role-based access control policies. In Proceedings of the ninth ACM symposium on Access control models and technologies (SACMAT), pages 156--162, New York, NY USA, 2004. ACM Press.

Digital Library

[13]

S. Etalle and W. H. Winsborough. A posteriori compliance control. In Proceedings of the 12th ACM symposium on Access control models and technologies (SACMAT), pages 11--20, New York, NY USA, 2007. ACM Press.

Digital Library

[14]

D. F. Ferraiolo, R. S. Sandhu, S. I. Gavrila, D. R. Kuhn, and R. Chandramouli. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security, 4(3):224--274, 2001.

Digital Library

[15]

A. Ferreira, R. Cruz-Correia, L. Antunes, P. Farinha, E. Oliveira-Palhares, D. Chadwick, and A. Costa-Pereira. How to break access control in a controlled manner. In Proceedings of the 19th IEEE International Symposium on Computer-Based Medical Systems (CBMS), pages 847--854, Los Alamitos, CA, USA, 2006. IEEE Computer Society.

Digital Library

[16]

C. Fox and P. Zonneveld. IT Control Objectives for Sarbanes-Oxley: The Role of IT in the Design and Implementation of Internal Control Over Financial Reporting. IT Governance Institute, Rolling Meadows, IL, USA, 2nd edition, Sept. 2006.

[17]

M. Hafner, M. Memon, and M. Alam. Modeling and enforcing advanced access control policies in healthcare systems with Sectet. In H. Giese, editor, MoDELS Workshops, volume 5002 of Lecture Notes in Computer Science, pages 132--144, Heidelberg, 2007. Springer-Verlag.

[18]

J. Hu and A. C. Weaver. Dynamic, context-aware access control for distributed healthcare applications. In Proceedings of the First Workshop on Pervasive Security, Privacy and Trust (PSPT), 2004.

[19]

T. Jaeger, A. Edwards, and X. Zhang. Managing access control policies using access control spaces. In Proceedings of the seventh ACM symposium on Access control models and technologies (SACMAT), pages 3--12, New York, NY USA, 2002. ACM Press.

Digital Library

[20]

J. B. Joshi, E. Bertino, U. Latif, and A. Ghafoor. A generalized temporal role-based access control model. IEEE Transaction on Knowledge and Data Engineering, 17(1):4--23, 2005.

Digital Library

[21]

J. Logstaff, M. Lockyer, and M. Thick. A model of accountability, confidentiality and override for healthcare and other applications. In Proceedings of the fifth ACM workshop on Role-based access control, pages 71--76, New York, NY USA, 2000. ACM Press.

Digital Library

[22]

eXtensible Access Control Markup Language (XACML), version 2.0, 2005.

[23]

OMG XML metadata interchange (XMI) specification (version 1.1), Nov. 2000. Available as OMG document formal/00-11-02.

[24]

UML 2.0 OCL specification, Oct. 2003. Available as OMG document ptc/03-10-14.

[25]

UML 2.0 superstructure specification, July 2005. Available as OMG document formal/05-07-04.

[26]

D. Povey. Enforcing well-formed and partially-formed transactions for Unix. In Proceedings of the 8th conference on USENIX Security Symposium, volume 8, pages 5--5. USENIX Association, 1999.

Digital Library

[27]

D. Povey. Optimistic security: A new access control paradigm. In Proceedings of the 1999 workshop on New security paradigms, pages 40--45, New York, NY USA, 1999. ACM Press.

Digital Library

[28]

E. Rissanen. Towards a mechanism for discretionary overriding of access control (transcript of discussion). In B. Christianson, B. Crispo, J. A. Malcolm, and M. Roe, editors, Proceedings of the 12th International Workshop on Security Protocols, volume 3957 of Lecture Notes in Computer Science, pages 320--323, Heidelberg, Mar. 2004. Springer-Verlag.

Digital Library

[29]

E. Rissanen, B. S. Firozabadi, and M. J. Sergot. Discretionary overriding of access control in the privilege calculus. In T. Dimitrakos and F. Martinelli, editors, Proceedings of the Workshop on Formal Aspects Security and Trust (FAST), volume 173, pages 219--232, Heidelberg, 2004. Springer-Verlag.

[30]

A. Roscoe. Theory and Practice of Concurrency. Prentice Hall, 1998.

Digital Library

[31]

R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. Computer, 29(2):38--47, 1996.

Digital Library

[32]

P. Sarbanes, G. Oxley, et al. Sarbanes-Oxley Act of 2002. 107th Congress Report, House of Representatives, 2nd Session, 107--610, 2002.

[33]

G. Stevens and V. Wulf. A new dimension in access control: studying maintenance engineering across organizational boundaries. In Proceedings of the ACM conference on Computer supported cooperative work (CSCW), pages 196--205, New York, NY USA, 2002. ACM Press.

Digital Library

[34]

M. Wilikens, S. Feriti, A. Sanna, and M. Masera. A context-related authorization and access control method based on RBAC: A case study from the health care domain. In Proceedings of the seventh ACM symposium on Access control models and technologies (SACMAT), pages 117--124, New York, NY USA, 2002. ACM Press.

Digital Library

[35]

L. Zhang, G.-J. Ahn, and B.-T. Chu. A role-based delegation framework for healthcare information systems. In Proceedings of the seventh ACM symposium on Access control models and technologies (SACMAT), pages 125--134, New York, NY USA, 2002. ACM Press.

Digital Library

Cited By

Gope PLin ZYang YNing J(2024)E-TenonJournal of Computer Security10.3233/JCS-22009732:4(319-348)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.3233/JCS-220097
Bamberger AFernández M(2024)Towards Automated Policy Predictions via Structured Attribute-Based Access ControlProceedings of the Third International Conference on Innovations in Computing Research (ICR’24)10.1007/978-3-031-65522-7_2(13-22)Online publication date: 1-Aug-2024
https://doi.org/10.1007/978-3-031-65522-7_2
Psarra EApostolou D(2024)Dynamic and Personalized Access Control to Electronic Health RecordsAdvances in Artificial Intelligence-Empowered Decision Support Systems10.1007/978-3-031-62316-5_5(129-153)Online publication date: 28-Jun-2024
https://doi.org/10.1007/978-3-031-62316-5_5
Show More Cited By

Index Terms

Extending access control models with break-glass
1. Security and privacy
  1. Security services
    1. Access control
  2. Systems security
    1. Operating systems security

Recommendations

Attribute-Based encryption with break-glass
WISTP'10: Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices

Attribute-based Encryption (abe) allows for implementing fine-grained decentralized access control based on properties or attributes a user has. Thus, there is no need for writing detailed, user-based policies in advance. This makes abe in particular ...
Break-Glass: Handling Exceptional Situations in Access Control
Role-Based Access Control Models

Since the 1970s, computer systems have featured multiple applications and served multiple users, leading to heightened awareness of data security issues. System administrators and software developers focused on different kinds of access control to ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SACMAT '09: Proceedings of the 14th ACM symposium on Access control models and technologies

June 2009

258 pages

ISBN:9781605585376

DOI:10.1145/1542207

General Chair:
Barbara Carminati
University of Insubria, Italy
,
Program Chair:
James Joshi
University of Pittsburgh, USA

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 June 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SACMAT '09

Sponsor:

SACMAT '09: 14th ACM Symposium on Access Control Models and Technologies

June 3 - 5, 2009

Stresa, Italy

Acceptance Rates

SACMAT '09 Paper Acceptance Rate 24 of 75 submissions, 32%;

Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

95
Total Citations
View Citations
1,205
Total Downloads

Downloads (Last 12 months)24
Downloads (Last 6 weeks)4

Reflects downloads up to 03 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gope PLin ZYang YNing J(2024)E-TenonJournal of Computer Security10.3233/JCS-22009732:4(319-348)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.3233/JCS-220097
Bamberger AFernández M(2024)Towards Automated Policy Predictions via Structured Attribute-Based Access ControlProceedings of the Third International Conference on Innovations in Computing Research (ICR’24)10.1007/978-3-031-65522-7_2(13-22)Online publication date: 1-Aug-2024
https://doi.org/10.1007/978-3-031-65522-7_2
Psarra EApostolou D(2024)Dynamic and Personalized Access Control to Electronic Health RecordsAdvances in Artificial Intelligence-Empowered Decision Support Systems10.1007/978-3-031-62316-5_5(129-153)Online publication date: 28-Jun-2024
https://doi.org/10.1007/978-3-031-62316-5_5
Shen YSong WZhao CPeng Z(2022)Secure Access Control for eHealth Data in Emergency Rescue Case based on Traceable Attribute-Based Encryption2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom56396.2022.00037(201-208)Online publication date: Dec-2022
https://doi.org/10.1109/TrustCom56396.2022.00037
Stark BGewald HLautenbacher HHaase URuff S(2021)Misuse of ‘Break-the-Glass' Policies in HospitalsResearch Anthology on Privatizing and Securing Data10.4018/978-1-7998-8954-0.ch058(1231-1256)Online publication date: 2021
https://doi.org/10.4018/978-1-7998-8954-0.ch058
Tu YWang JYang GLiu B(2021)An efficient attribute-based access control system with break-glass capability for cloud-assisted industrial control systemMathematical Biosciences and Engineering10.3934/mbe.202117918:4(3559-3577)Online publication date: 2021
https://doi.org/10.3934/mbe.2021179
Zhang RLiu GKang HWang QTian YWang C(2021)Improved Bell–LaPadula Model With Break the Glass MechanismIEEE Transactions on Reliability10.1109/TR.2020.304676870:3(1232-1241)Online publication date: Sep-2021
https://doi.org/10.1109/TR.2020.3046768
Pedrosa MZuquete ACosta C(2021)A Pseudonymisation Protocol With Implicit and Explicit Consent Routes for Health Records in Federated LedgersIEEE Journal of Biomedical and Health Informatics10.1109/JBHI.2020.302845425:6(2172-2183)Online publication date: Jun-2021
https://doi.org/10.1109/JBHI.2020.3028454
Psarra EPatiniotakis IVerginadis YApostolou DMentzas G(2020)Securing Access to Healthcare Data with Context-aware Policies2020 11th International Conference on Information, Intelligence, Systems and Applications (IISA10.1109/IISA50023.2020.9284393(1-6)Online publication date: 15-Jul-2020
https://doi.org/10.1109/IISA50023.2020.9284393
T. de Oliveira MBakas AFrimpong EGroot AMarquering HMichalas AOlabarriaga S(2020)A break-glass protocol based on ciphertext-policy attribute-based encryption to access medical records in the cloudAnnals of Telecommunications10.1007/s12243-020-00759-275:3-4(103-119)Online publication date: 7-Mar-2020
https://doi.org/10.1007/s12243-020-00759-2
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents