Output details
11 - Computer Science and Informatics
University of Kent
How to Securely Break into RBAC: The BTG-RBAC Model
<19> Break-the-Glass (BTG) allows users to override “deny” decisions in emergencies, providing they can justify this later. BTG was implemented in Hospital S. João, Porto (where Ferreira, a co-author, worked) on patients’ genetic information. Prior to its implementation, 100% of clinicians were granted access to their patients’ genetic information (in violation of Data Protection Legislation). After implementation, only 46% of clinicians decided to BTG when denied access, thereby significantly increasing patient privacy. Subsequently we have shown how BTG could be added to the XACML standard. The open source implementation is available as part of PERMIS [Output 1].