A UML Extension for Modeling Break-Glass Policies

In emergency situations, certain subjects sometimes have to perform important tasks although they are usually not authorized to perform these tasks. Break-glass policies have been introduced as a sophisticated exception handling mechanism to resolve such situations. They enable selected subjects to break or override the standard access control policies of an information system in a controlled manner. However, modeling support for break-glass policies is largely missing. In this paper, we present an approach to provide modeling support for break-glass policies in the context of process-related RBAC models. In particular, we provide a UML2 extension that allows for the integrated modeling of processes and break-glass policies. Additional constraints are formally specified via OCL. We also implemented our approach as an extension to the BusinessActivity library and runtime engine. The source code of our implementation is available for download.

[1]  Roshan K. Thomas,et al.  Flexible team-based access control using contexts , 2001, SACMAT '01.

[2]  Akhil Kumar,et al.  W-RBAC - A Workflow Security Model Incorporating Controlled Overriding of Constraints , 2003, Int. J. Cooperative Inf. Syst..

[3]  Wil M. P. van der Aalst,et al.  Workflow Resource Patterns: Identification, Representation and Tool Support , 2005, CAiSE.

[4]  David W. Chadwick,et al.  How to Securely Break into RBAC: The BTG-RBAC Model , 2009, 2009 Annual Computer Security Applications Conference.

[5]  Manfred Reichert,et al.  Adeptflex—Supporting Dynamic Changes of Workflows Without Losing Control , 1998, Journal of Intelligent Information Systems.

[6]  Achim D. Brucker,et al.  Extending access control models with break-glass , 2009, SACMAT '09.

[7]  David W. Chadwick,et al.  How to Break Access Control in a Controlled Manner , 2006, 19th IEEE Symposium on Computer-Based Medical Systems (CBMS'06).

[8]  Manfred Reichert,et al.  Flexibility in Process-Aware Information Systems , 2009, Trans. Petri Nets Other Model. Concurr..

[9]  Achim D. Brucker,et al.  Attribute-Based Encryption with Break-Glass , 2010, WISTP.

[10]  Seog Park,et al.  Task-role-based access control model , 2003, Inf. Syst..

[11]  Mark Strembeck,et al.  Modeling process-related RBAC models with extended UML activity models , 2011, Inf. Softw. Technol..

[12]  Stefanie Rinderle-Ma,et al.  Change Patterns and Change Support Features in Process-Aware Information Systems , 2007, Seminal Contributions to Information Systems Engineering.

[13]  Mark Strembeck,et al.  Generic Algorithms for Consistency Checking of Mutual-Exclusion and Binding Constraints in a Business Process Context , 2010, OTM Conferences.

[14]  Nora Cuppens-Boulahia,et al.  Modeling contextual security policies , 2008, International Journal of Information Security.

[15]  Andreas Schaad,et al.  Task-based entailment constraints for basic workflow patterns , 2008, SACMAT '08.

[16]  Dean Povey Optimistic security: a new access control paradigm , 1999, NSPW '99.

[17]  Ramaswamy Chandramouli,et al.  Role-Based Access Control, Second Edition , 2007 .

[18]  Mark Strembeck,et al.  An integrated approach to engineer and enforce context constraints in RBAC environments , 2004, TSEC.

[19]  Wil M. P. van der Aalst,et al.  Workflow Exception Patterns , 2006, CAiSE.

[20]  Vijayalakshmi Atluri,et al.  Inter-instance authorization constraints for secure workflow management , 2006, SACMAT '06.

[21]  Jan Jürjens,et al.  From goal‐driven security requirements engineering to secure design , 2010, Int. J. Intell. Syst..

[22]  Sushil Jajodia,et al.  Access control for smarter healthcare using policy spaces , 2010, Comput. Secur..

[23]  Wil M. P. van der Aalst,et al.  Deadline-based escalation in process-aware information systems , 2007, Decis. Support Syst..

[24]  Jason Crampton,et al.  The consistency of task-based authorization constraints in workflow , 2004 .

[25]  Srdjan Marinovic,et al.  Rumpole: a flexible break-glass access control model , 2011, SACMAT '11.

[26]  Mark Strembeck Scenario-Driven Role Engineering , 2010, IEEE Security & Privacy.

[27]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[28]  Elisa Bertino,et al.  TRBAC , 2001, ACM Trans. Inf. Syst. Secur..

[29]  Mark Strembeck,et al.  Detecting and Resolving Conflicts of Mutual-Exclusion and Binding Constraints in a Business Process Context , 2011, OTM Conferences.

[30]  Mark Strembeck,et al.  Modeling Context-Aware RBAC Models for Business Processes in Ubiquitous Computing Environments , 2012, 2012 Third FTRA International Conference on Mobile, Ubiquitous, and Intelligent Computing.

[31]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.