GenericBreakGlass
/
GenericBreakGlass-XACML
Archived
2
0
Fork 0
Code Issues Pull Requests Releases Activity
This repository has been archived on 2024-04-22. You can view files and clone it, but cannot push or open issues or pull requests.
GenericBreakGlass-XACML/README.md

49 lines
1.9 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# GenericBreakGlass: XACML Reference Implementation
Todays IT systems implement fine-grained access control mechanisms
to protect a companies assets and to fulfill regulations such as
Basel III, SoX, or HIPAA. In general, access control cannot fully
capture all requirements. In particular, for exceptional situations it
is hard to formulate access control policies taking all possible
legitimate accesses into account. Exceptional Access Control is an
approach for allowing users to override access control decisions in,
e.g., emergency situations. Different approaches and techniques
have been presented how to allow the user to override access control
restrictions in a controlled way, e.g., **Break (the) Glass**. Break
Glass Access Control allows users to override access control decision
in a controlled manner.
This project contains an XACML PDP/PEP infrastructure supporting
_Break Glass Access Control_.
## Team
Main developers:
* [Achim D. Brucker](http://www.brucker.ch/)
* [Helmut Petritsch](http://petritsch.co.at/)
## License
This project is licensed under the Apache License Version 2.0.
SPDX-License-Identifier: Apache-2.0
## Master Repository
The master git repository for this project is hosted by the [Software
Assurance & Security Research Team](https://logicalhacking.com) at
<https://git.logicalhacking.com/GenericBreakGlass/GenericBreakGlass-XACML>.
## Publications
The most important publications are:
* Achim D. Brucker and Helmut Petritsch. Extending access control
models with break-glass. In Proceedings of the 14th ACM symposium
on Access control models and technologies (SACMAT '09). ACM, New
York, NY, USA, 197-206. 2009.
doi: [10.1145/1542207.1542239](http://dx.doi.org/10.1145/1542207.1542239)
* Helmut Petritsch: Break-Glass - Handling Exceptional Situations in Access Control.
Springer 2014, ISBN 978-3-658-07364-0, pp. 1-220
doi: [10.1007/978-3-658-07365-7](http://dx.doi.org/10.1007/978-3-658-07365-7)
Reference in New Issue View Git Blame Copy Permalink