Emergency role-based access control (E-RBAC) and analysis of model specifications with alloy

In role-based access control (RBAC), users gain access to predetermined roles and permissions. Thus, desired results are not achieved in emergency situations through policy in RBAC. In emergency situations, users should sometimes gain access to resources not authorized in normal situations. To increase the flexibility of access control, Break the Glass (BTG) policy was proposed. It allows users to break or override access controls, while every operation is documented to create maximum responsibility for users. Users with BTG access have maximum freedom to override the access controls and constraints of the model. In this paper, the flexibility of RBAC is enhanced by proposing an Emergency RBAC (E-RBAC), which uses BTG policy for managing the system in emergency situation. However, separation of duty (SOD) constraint is included to control and limit user access in this situation. Then, an administrative model is proposed to manage large E-RBAC systems. An administrative model reduces excessive burden for an administrator in large E-RBAC systems. At the next stage, E-RBAC is illustrated with medical and drug-dispensation scenarios and is then implemented through Alloy (the first logic language) so as to analyze the validity of model specifications. (C) 2019 Published by Elsevier Ltd.