Break-Glass RBAC Models
Integrates break-glass policies for emergencies into business process models.
Specurity Aspects
Specification Elements
Name
Description
In case of an emergency, certain roles should be allowed to perform an action they otherwise do not have the authorization for.
In case of an emergency, certain roles should have access to certain subjects they otherwise do not have the authorization for.
Security Aspects
Break-glass policies
Specifies emergency access control policies.- Specification Elements:
- breakable-by-role
- breakable-by-subject
- Threats:
- Elevation of Privileges
Specification Elements
breakable-by-role
In case of an emergency, certain roles should be allowed to perform an action they otherwise do not have the authorization for.- Applies to:
- Entity
breakable-by-subject
In case of an emergency, certain roles should have access to certain subjects they otherwise do not have the authorization for.- Applies to:
- Entity