6533b82afe1ef96bd128b8a4

RESEARCH PRODUCT

Mobile Security with Location-Aware Role-Based Access Control

Vladimir A. OleshchukNils Ulltveit-moe

subject

Software_OPERATINGSYSTEMSMarkup languagebusiness.industryComputer scienceSeparation of dutiesXACMLComputerApplications_COMPUTERSINOTHERSYSTEMSAccess controlComputer securitycomputer.software_genreFirewall (construction)Software deploymentVDP::Technology: 500::Information and communication technology: 550::Telecommunication: 552Role-based access controlbusinesscomputerMobile deviceComputer networkcomputer.programming_language

description

Published version of an article from the book: Security and privacy in mobile information and communication systems. Also available on SpringerLink: http://dx.doi.org/10.1007/978-3-642-30244-2_15 This paper describes how location-aware Role-Based Access Control (RBAC) can be implemented on top of the Geographically eXtensible Access Control Markup Language (GeoXACML). It furthermore sketches how spatial separation of duty constraints (both static and dynamic) can be implemented using GeoXACML on top of the XACML RBAC profile. The solution uses physical addressing of geographical locations which facilitates easy deployment of authorisation profiles to the mobile device. Location-aware RBAC can be used to implement location dependent access control and also other security enhancing solutions on mobile devices, like location dependent device locking, firewall, intrusion prevention or payment anti-fraud systems.

yearjournalcountryeditionlanguage
2012-01-01
https://doi.org/10.1007/978-3-642-30244-2_15