Benefits of Location-Based Access Control:A Literature Study

A. van Cleeff, Wolter Pieters, Roelf J. Wieringa

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    15 Citations (Scopus)
    1420 Downloads (Pure)

    Abstract

    Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been investigated thoroughly. To this end, we perform a structured literature review, and examine the goals that LBAC can potentially fulfill, the specific LBAC systems that realize these goals and the context on which LBAC depends. Our paper has four main contributions: first we propose a theoretical framework for LBAC evaluation, based on goals, systems and context. Second, we formulate and apply criteria for evaluating the usefulness of an LBAC system. Third, we identify four usage scenarios for LBAC: open areas and systems, hospitals, enterprises, and finally data centers and military facilities. Fourth, we propose directions for future research: (i) assessing the tradeoffs between location-based, physical and logical access control, (ii) improving the transparency of LBAC decision making, and (iii) formulating design criteria for facilities and working environments for optimal LBAC usage.
    Original languageUndefined
    Title of host publicationProceedings of the 3rd IEEE/ACM International Conference on Cyber, Physical and Social Computing (CPSCom 2010)
    Place of PublicationLos Alamitos, CA
    PublisherIEEE Computer Society
    Pages739-746
    Number of pages8
    ISBN (Print)978-1-4244-9779-9
    DOIs
    Publication statusPublished - 3 Nov 2010
    Event3rd IEEE/ACM International Conference on Cyber, Physical and Social Computing, CPSCom 2010 - Hangzhou, China
    Duration: 18 Dec 201020 Dec 2010
    Conference number: 3

    Publication series

    Name
    PublisherIEEE Computer Society

    Conference

    Conference3rd IEEE/ACM International Conference on Cyber, Physical and Social Computing, CPSCom 2010
    Abbreviated titleCPSCom 2010
    CountryChina
    CityHangzhou
    Period18/12/1020/12/10

    Keywords

    • IR-74984
    • METIS-271164
    • LBAC
    • SCS-Cybersecurity
    • EWI-18957
    • contextsensitive access control
    • SCS-Services
    • Location-based access control

    Cite this