Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2009
IEEE
2009
IEEE
How to Securely Break into RBAC: The BTG-RBAC Model
—Access control models describe frameworks that dictate how subjects (e.g. users) access resources. In the Role-Based Access Control (RBAC) model access to resources is based on the role the user holds within the organization. RBAC is a rigid model where access control decisions have only two output options: Grant or Deny. Break The Glass (BTG) policies on the other hand are flexible and allow users to break or override the access controls in a controlled and justifiable manner. The main objective of this paper is to integrate BTG within the NIST/ANSI RBAC model in a transparent and secure way so that it can be adopted generically in any domain where unanticipated or emergency situations may occur. The new proposed model, called BTG-RBAC, provides a third decision option BTG, which grants authorized users permission to break the glass rather than be denied access. This can easily be implemented in any application without major changes to either the application code or the RBAC author...
Real-time Traffic| Added | 18 May 2010 |
| Updated | 18 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | ACSAC |
| Authors | Ana Ferreira, David W. Chadwick, Pedro Farinha, Ricardo João Cruz Correia, Gansen Zhao, Rui Chilro, Luis Antunes |
Comments (0)
Researcher Info
|
