Security for Privileged Accounts Using Break-Glass Technique
Break-glass within computing is a term used to describe the act of checking out a system account password for use by a human. It is generally used for highest level system accounts such as root for unix or SYS/SA for database. These accounts are highly privileged and not in themselves individualized to a specific human, so instead break-glass limits them by the password time duration, with the aim of controlling and reducing the account’s usage to that which is necessary. Break-glass has been examined in a number of publications applied to medical systems.