Security policies often need to resolve the conflict between protecting assets (or complying with laws and regulations) and the risk of hindering businesses or people. For example, health records are sensitive and need to be protected carefully. At the same time, hindering doctors to access, in an emergency, them might endanger lives.

Generic Break Glass

To resolve this conflict, we introduced a dynamic access control model, called Generic Break Glass (GBG) that can be used to introduce break-the-glass (also called access-control override) into a wide variety of traditional access control models. This access control model independence (i.e., it is not specific to RBAC, DAC, etc.) is a unique feature of GBG. For example, we implemented GBG on top of:

  • XACML, i.e., a fine-grained attribute-based access control model;
  • SecureUML, i.e., a role-based access control model (with access control constraints) that allows to model access control policies in the context of UML class models and state charts;
  • SecureBPMN, i.e., a role-based access control model (with access control constraints) that allows to model access control policies in the context of business processes (i.e., models expressed in BPMN).

The latter two approaches integrate break-the-glass concepts into model-driven security.

Implementation

Our Generic Break Glass implementation is available, as free software, in our GBG git repository.. The implementation of GBG in the context of SecureBPMN is, as free software, available in the SecureBPMN git repository.

Important Publications

1. Brucker, A. D. and Petritsch, H. “A Framework for Managing and Analyzing Changes of Security PoliciesIEEE international symposium on policies for distributed systems and networks (policy) (2011): 105–112. doi:10.1109/POLICY.2011.47, URL: http://www.brucker.ch/bibliography/abstract/brucker.ea-framework-2011

2. Brucker, A. D. and Petritsch, H. “Idea: Efficient Evaluation of Access Control ConstraintsInternational symposium on engineering secure software and systems (essos) (2010): 157–165. doi:10.1007/978-3-642-11747-3_12, URL: http://www.brucker.ch/bibliography/abstract/brucker.ea-efficient-2010

3. Brucker, A. D., Petritsch, H., and Weber, S. G. “Attribute-Based Encryption with Break-GlassWorkshop in information security theory and practice (wistp) (2010): 237–244. doi:10.1007/978-3-642-12368-9_18, URL: http://www.brucker.ch/bibliography/abstract/brucker.ea-attribute-based-2010

4. Brucker, A. D. and Petritsch, H. “Extending Access Control Models with Break-GlassACM symposium on access control models and technologies (sacmat) (2009): 197–206. doi:10.1145/1542207.1542239, URL: http://www.brucker.ch/bibliography/abstract/brucker.ea-extending-2009

5. Brucker, A. D., Petritsch, H., and Schaad, A. “Delegation AssistanceIEEE international symposium on policies for distributed systems and networks (policy) (2009): 84–91. doi:10.1109/POLICY.2009.35, URL: http://www.brucker.ch/bibliography/abstract/brucker.ea-delegation-2009