A Logical Area Based Access Control Approach for Wireless Networks

Location information of devices and applications plays a more and more important role in information security of wireless networks. Because there are many different representations of spatial information, a more intelligent access control approach is needed to deal with this heterogeneity. This paper combines the Semantic Web technology and the Policy Based Access Control (PBAC) approach. First, logical area is used to substitute physical location for the authorization decision. Second, it is necessary to establish the knowledge base of spatial information which mainly contains the logical spatial objects and relationships among these objects before the authorization decision. Third, for the different representations of spatial objects of different security domains, Semantic bridging information is used to bridge semantic differences between security domains. And then we proposal the spatially aware semantic access control policy description method SA-GeoXACML which uses aforementioned knowledge base and adds semantic annotation to the physical locations of GeoXACML language. Finally, we achieves the prototype system of Logical Area based Access Control(LAAC). Experimental results shows that the frequency and time cost of access control decisions can be greatly reduced when the subject’s moving cross atomic logical areas.