Research Article
Mobile Security with Location-Aware Role-Based Access Control
411 downloads
@INPROCEEDINGS{10.1007/978-3-642-30244-2_15, author={Nils Ulltveit-Moe and Vladimir Oleshchuk}, title={Mobile Security with Location-Aware Role-Based Access Control}, proceedings={Security and Privacy in Mobile Information and Communication Systems. Third International ICST Conference, MobiSec 2011, Aalborg, Denmark, May 17-19, 2011, Revised Selected Papers}, proceedings_a={MOBISEC}, year={2012}, month={10}, keywords={location-aware RBAC GeoXACML mobile security}, doi={10.1007/978-3-642-30244-2_15} }
- Nils Ulltveit-Moe
Vladimir Oleshchuk
Year: 2012
Mobile Security with Location-Aware Role-Based Access Control
MOBISEC
Springer
DOI: 10.1007/978-3-642-30244-2_15
Abstract
This paper describes how location-aware Role-Based Access Control (RBAC) can be implemented on top of the Geographically eXtensible Access Control Markup Language (GeoXACML). It furthermore sketches how spatial separation of duty constraints (both static and dynamic) can be implemented using GeoXACML on top of the XACML RBAC profile. The solution uses physical addressing of geographical locations which facilitates easy deployment of authorisation profiles to the mobile device. Location-aware RBAC can be used to implement location dependent access control and also other security enhancing solutions on mobile devices, like location dependent device locking, firewall, intrusion prevention or payment anti-fraud systems.
Copyright © 2011–2024 ICST