Location-based access control systems for mobile users: concepts and research directions

Many organizations require that sensitive information only be accessed on the organization premises or in secure locations. Access to certain information is thus allowed to authorized users, provided that these users are in specific locations when accessing the information. The GEO-RBAC model addresses such requirement. It is based on the notion of a spatial role, that is, a geographically bounded organizational function. The boundary of a role is defined as a geographical feature, such as a hospital or a classified facility; it specifies the spatial extent in which the user must be located in order to use the role. Besides a physical position obtained from a mobile terminal, users are assigned a logical and device independent position, representing the feature where the user is located. Logical positions are computed from real positions by specific mapping functions. If the user is present within the spatial boundary of a role, the role is said to be enabled. The user is allowed to select (activate) a role and exercise the associated permissions only once the role is enabled. The deployment of an access control system based on GEO-RBAC entails addressing several challenges: (1) access policies may require that access be conditioned not only by the user location but also on the presence or absence of other users; (2) enforcing location-based access control requires making the access control server aware of user locations, which may lead to privacy breaches; (3) trustworthy information about user locations must be obtained. This paper elaborates on these challenges and outlines related research directions.

[1]  Elisa Bertino,et al.  Enforcing spatial constraints for mobile RBAC systems , 2010, SACMAT '10.

[2]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[3]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[4]  Elisa Bertino,et al.  GEO-RBAC: a spatially aware RBAC , 2005, SACMAT '05.

[5]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[6]  Indrakshi Ray,et al.  LRBAC: A Location-Aware Role-Based Access Control Model , 2006, ICISS.

[7]  James B. D. Joshi,et al.  LoT-RBAC: A Location and Time-Based RBAC Model , 2005, WISE.

[8]  Shamik Sural,et al.  STARBAC: Spatio temporal Role Based Access C ontrol , 2007, OTM Conferences.

[9]  Lujo Bauer,et al.  Lessons learned from the deployment of a smartphone-based access-control system , 2007, SOUPS '07.

[10]  F. Hansen,et al.  Spatial role-based access control model for wireless networks , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[11]  Elisa Bertino,et al.  Prox-RBAC: a proximity-based spatially aware RBAC , 2011, GIS.

[12]  Ernesto Damiani,et al.  Supporting location-based conditions in access control policies , 2006, ASIACCS '06.

[13]  Josef Langer,et al.  NFC Devices: Security and Privacy , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[14]  Elisa Bertino,et al.  Privacy-Preserving Enforcement of Spatially Aware RBAC , 2012, IEEE Transactions on Dependable and Secure Computing.

[15]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[16]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.