Location attestation and access control for mobile devices using GeoXACML
Abstract
Access control has been applied in various scenarios in the past for negotiating the best policy. Solutions with XACML for access control has been very well explored by research and have resulted in significant contributions to various sectors including healthcare. In controlling access to the sensitive data such as medical records, it is important to guarantee that the data is accessed by the right person for the right reason. Location of access requestor can be a good indication for his/her eligibility and reasons for accessing the data. To reason with geospatial information for access control, Geospatial XACML (eXtensible Access Control Markup Language) is proposed as a standard. However, there is no available implementation and architecture for reasoning with Geospatial XACML policies. This paper proposes to extend XACML with geohashing to implement geospatial policies. It also proposes an architecture for checking reliability of the geospatial information provided by clients. With a case study, we demonstrate how our framework can be used to control the privacy and data access of health service data in handheld devices.