Controlling Break-the-Glass through Alignment
Social Computing(2013)
摘要
Modern IT systems have to deal with unpredictable situations and exceptions more and more often. In contrast, security mechanisms are usually very rigid. Functionality like break-the-glass is thus employed to allow users to bypass security mechanisms in case of emergencies. However, break-the-glass introduces a weak point in the system. In this paper, we present a flexible framework for controlling the use of break-the-glass using the notion of alignments. The framework measures to what extent a process execution diverges from the specification (i.e., using optimal alignments) and revokes the exceptional permissions granted to cope with the emergency when the severity of deviations cannot be tolerated. For the quantification of the severity of deviations, we extend alignment-based deviation analysis techniques by supporting the detection of high-level deviations such as activity replacements and swaps, hence providing a more accurate diagnosis of deviations than classical optimal alignments.
更多查看译文
关键词
information systems,security mechanisms,modern it system,information technology,exceptional permission,activity replacement,activity swaps,it systems,high-level deviations,exceptional permissions,classical optimal alignment,security mechanism,framework measure,controlling break-the-glass,optimal alignments,authorisation,activity replacements,break-the-glass,accurate diagnosis,process execution,alignment-based deviation analysis technique,alignment-based deviation analysis techniques,optimal alignment,emergencies,flexible framework
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要