Abstract. Break the Glass (BTG) is an important feature for authorization infrastructures, as it provides flexible access control in unforeseen cases and emergencies. But current realizations have two drawbacks: (1) they neglect the need to manage authorization steps and (2) they do not take immediate process context into account. Our approach in turn embedds BTG functionality into business processes (BPs): the steps to decide for Breaking the Glass and the obligations compensating a BTG access for data are parts of the BPs. To support process designers in embedding BTG steps and obligations, we introduce an expressive annotation language for specifying BTG tasks for BP models. In particular, our language allows process designers to (1) take BP context into account, and (2) specify security constraints for responsible role holders performing BTG tasks. Using our approach, one can efficiently specify and use context-aware BTG functionality for BPs.
Auch dieses Jahr treffen sich die Entscheidungsträger der Gesundheitswirtschaft vom 14. bis 16. Juni in Berlin: Der Gesundheitsmanagement Kongress - GMK, der im Rahmen des Hauptstadtkongresses Medizin und Gesundheit stattfindet, bietet den Entscheidern eine Plattform für Diskussionen, Lösungen und Networking.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.