Spatially-Aware Access Control Model: A Step towards Secure and Energy-Efficient Mobile Applications

Role Based Access Control (RBAC) Model has been found to be quite useful and has drawn a lot of research interest over the last fifteen years. It was recently defined as NIST/ANSI Standard. Traditional RBAC considers user to role as well as role to permission assignments to be static in nature with respect to space and time. However it was observed that in the context of mobile applications, spatial context plays an increasingly important role both in defining and enforcing more elaborated security policies since in many applications locations of participants should directly influence access control decisions. Recent years many extensions of RBAC to deal with spatial context have being proposed. However another benefit of location awareness (not considered yet in existing extensions of RBAC) is an ability to provide more energy-efficient (more “green”) solutions. In this paper we consider extensions of RBAC and propose to use location both as a security and an energy-related parameter. We discuss some applications and directions of future research.