Achim D. Brucker 605628de45 | ||
---|---|---|
src | ||
CITATION | ||
LICENSE | ||
README.md |
README.md
GenericBreakGlass: XACML Reference Implementation
Today’s IT systems implement fine-grained access control mechanisms to protect a companies assets and to fulfill regulations such as Basel III, SoX or HIPAA . In general, access control cannot fully capture all requirementsIn particular, for exceptional situations it is hard to formulate access control policies taking all possible legitimate accesses into account. Exceptional Access Control is an approach for allowing users to override access control decisions in, e.g., emergency situations. Different approaches and techniques have been presented how to allow the user to override access control restrictions in a controlled way, e. g., Break (the) Glass, Overriding Access Control, or related approaches such as Optimistic Security.
This project contains an XAML PDP/PEP infrastructure supporting Break Glass Access control.
Team
Main developers:
License
This project is licensed under the Apache License Version 2.0.
Publications
The most important publications are:
- Achim D. Brucker and Helmut Petritsch. Extending access control models with break-glass. In Proceedings of the 14th ACM symposium on Access control models and technologies (SACMAT '09). ACM, New York, NY, USA, 197-206. 2009. doi: 10.1145/1542207.1542239
- Helmut Petritsch: Break-Glass - Handling Exceptional Situations in Access Control. Springer 2014, ISBN 978-3-658-07364-0, pp. 1-220 doi: 10.1007/978-3-658-07365-7