AN ACCESS-CONTROL MODEL FOR MOBILE COMPUTING WITH SPATIAL CONSTRAINTS - Location-aware Role-based Access Control with a Method for Consistency Checks

Michael Decker

doi:10.5220/0001911001850190

AN ACCESS-CONTROL MODEL FOR MOBILE COMPUTING WITH SPATIAL CONSTRAINTS - Location-aware Role-based Access Control with a Method for Consistency Checks

Michael Decker

2008

Abstract

Some of the most salient challenges that come along with the employment of mobile information systems stem from security issues: portable devices like PDAs, smartphones and notebooks easily get stolen or lost and wireless data transmission could be eavesdropped, so that unauthorized individuals gain access to confidential resources. One approach to tackle these problems is location-aware access control, i.e. based on knowledge about the user’s position the information system can decide if access to a resource should be granted or not. For example a nurse using a PDA should only be allowed to access confidential patient data while staying on the premises of the hospital. In our article we present a data model for location-aware access control based on the concepts of roles. Using our model it is possible to assign location restrictions to several entities, e.g. to users, to roles or permissions. We also propose a method to analyze the consistency of spatial constraints expressed by an instance of our model.

Download

Paper Citation

in Harvard Style

Decker M. (2008). AN ACCESS-CONTROL MODEL FOR MOBILE COMPUTING WITH SPATIAL CONSTRAINTS - Location-aware Role-based Access Control with a Method for Consistency Checks . In Proceedings of the International Conference on e-Business - Volume 1: ICE-B, (ICETE 2008) ISBN 978-989-8111-58-6, pages 185-190. DOI: 10.5220/0001911001850190

in Bibtex Style

@conference{ice-b08,
author={Michael Decker},
title={AN ACCESS-CONTROL MODEL FOR MOBILE COMPUTING WITH SPATIAL CONSTRAINTS - Location-aware Role-based Access Control with a Method for Consistency Checks},
booktitle={Proceedings of the International Conference on e-Business - Volume 1: ICE-B, (ICETE 2008)},
year={2008},
pages={185-190},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001911001850190},
isbn={978-989-8111-58-6},
}

in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on e-Business - Volume 1: ICE-B, (ICETE 2008)
TI - AN ACCESS-CONTROL MODEL FOR MOBILE COMPUTING WITH SPATIAL CONSTRAINTS - Location-aware Role-based Access Control with a Method for Consistency Checks
SN - 978-989-8111-58-6
AU - Decker M.
PY - 2008
SP - 185
EP - 190
DO - 10.5220/0001911001850190