Location-Aware Access Control for Mobile Information Systems
Published: 2008 Oktober
Herausgeber: Paul Cunningham and Miriam Cunningham
Buchtitel: Collaboration and the Knowledge Economy: Issues, Applications, Case Studies. Proceedings of eChallenges 2008
Verlag: IOS Press
Erscheinungsort: Stockholm, Sweden
Location-Aware Access Control (LAAC) means to consider a mobile device's location when making the decision if a request to perform an operation on a particular resource should be granted or not. This is an approach to tackle specific security-related challenges that come along with the employment of mobile information systems but it can also help to support the interaction between user and mobile device in a context-aware sense. For the realization of LAAC two things are essential: the capability to determine a mobile user's location and an appropriate data model to formulate statements about which operations he or she is allowed to perform on which resources at a particular place. Therefore in our paper we first discuss several locating technologies from the perspective of LAAC. Afterwards we introduce a novel location-aware access control model. One special feature of our model is that it supports dynamic location-constraints, i.e. constraints that can only be determined during the runtime of a mobile application.