6533b85bfe1ef96bd12bbd48

RESEARCH PRODUCT

Enforcing mobile security with location-aware role-based access control

Vladimir A. OleshchukNils Ulltveit-moe

subject

Markup languageGeospatial analysisComputer Networks and CommunicationsComputer scienceSeparation of dutiesbusiness.industryXACML020206 networking & telecommunicationsAccess control02 engineering and technologyComputer securitycomputer.software_genreFirewall (construction)020204 information systems0202 electrical engineering electronic engineering information engineeringRole-based access controlbusinessMobile devicecomputerInformation Systemscomputer.programming_languageComputer network

description

This paper describes how location-aware role-based access control RBAC can be implemented on top of the Geospatial eXtensible Access Control Markup Language GeoXACML. It furthermore sketches how spatial separation of duty constraints both static and dynamic can be implemented using GeoXACML on top of the XACML RBAC profile. The solution uses physical addressing of geographical locations, which facilitates easy deployment of authorisation profiles to the mobile device. Location-aware RBAC can be used to implement location-dependent access control and also other security enhancing solutions on mobile devices, such as location-dependent device locking, firewall, intrusion prevention or payment anti-fraud systems. The system has been implemented and tested, both to verify the server capacity and also the client capacity running on a mobile device. Copyright © 2013 John Wiley & Sons, Ltd.

https://doi.org/10.1002/sec.879