A Context-Aware Break Glass Access Control System for IoT Environments

In Internet of Things (IoT) environments, sensors measure and quantify properties of physical locations, objects and even people. Context-aware access control systems include this data in the decision making process to improve their accuracy and precision. However, access control systems can fail when unexpected situations occur for which no access rules have been defined. One solution implemented by access control systems for critical infrastructure (e.g. a hospital, factory production line), is to break the glass in case of emergency to temporarily obtain the necessary privileges. During this process, sufficient non-repudiation evidence must be collected, which is audited at a later stage to verify whether the emergency access was justified. Shortcomings of existing Break Glass models are twofold: firstly, Break Glass is mostly considered as a static process for which the activation requirements and granted privileges are not adapted to the context of the emergency situation; secondly, a closed environment such as a hospital with authenticated caregivers is generally assumed, which is not realistic for open environments. In this paper, we present a context-aware Break Glass system architecture, which uses contextual information to detect ongoing emergencies, and allows the activation requirements and temporary privileges to be be adapted to the current situation or emergency. Furthermore, the system includes a fail-safe operation to disable the Break Glass activation if the emergency was wrongly detected. Our prototype shows the soundness of the design and its practical feasibility to be used in time-critical scenarios.