OATAO - Open Archive Toulouse Archive Ouverte Open Access Week

Managing Break-The-Glass using Situation-oriented authorizations

Kabbani, Bashar and Laborde, Romain and Barrère, François and Benzekri, Abdelmalek Managing Break-The-Glass using Situation-oriented authorizations. (2014) In: 9ème Conférence sur la Sécurité des Architectures Réseaux et Systèmes d'Information - SAR-SSI 2014, 13 May 2014 - 16 May 2014 (Saint-Germain-Au-Mont-d'Or (Lyon), France). (Unpublished)

(Document in English)

PDF (Author's version) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader


The patient's life is a redline in Healthcare environments. Whenever it comes to danger, such environments reject static authorizations . A common problem "Break The Glass" is known as the act of breaking the static authorization in order to reach the required permission. Healthcare environment is full of different contexts and situations that require the authorizations to be dynamic. Dynamic Authorization is a concept of giving the choice to E-Health authorization system to choose the most suitable permission by considering one's situation. This paper aims at preventing the matter of modifying the policy to make authorizations dynamic. It introduces a simple solution to provide Dynamic Authorization by orienting the authorization system decision using situations. Situations, which are calculated using Complex Event Processing, are integrated to XACML architecture. A Healthcare example proves the efficiency of our approach.

Item Type:Conference or Workshop Item (Paper)
HAL Id:hal-01120112
Audience (conference):National conference proceedings
Uncontrolled Keywords:
Institution:Université de Toulouse > Institut National Polytechnique de Toulouse - Toulouse INP (FRANCE)
French research institutions > Centre National de la Recherche Scientifique - CNRS (FRANCE)
Université de Toulouse > Université Toulouse III - Paul Sabatier - UT3 (FRANCE)
Université de Toulouse > Université Toulouse - Jean Jaurès - UT2J (FRANCE)
Université de Toulouse > Université Toulouse 1 Capitole - UT1 (FRANCE)
Laboratory name:
Deposited On:24 Feb 2015 17:20

Repository Staff Only: item control page