Title :
A mobile role-based access control system using identity-based encryption with zero knowledge proof
Author :
Khandavilli, Ambica Pawan ; Rahman, Musfiq ; Sampalli, Srinivas
Author_Institution :
Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
Abstract :
Controlled access to confidential information and resources is a critical element in security systems. Role-based access control (RBAC) has gained widespread usage in modern enterprise systems. Extensions have been proposed to RBAC for incorporating spatial constraints into such systems. Several solutions have been proposed for such models and many researchers are now focusing on enforcing system policies. In this paper we propose a security framework for RBAC systems with spatial constraints based on identity-based encryption. In our framework, we use identity-based encryption with zero knowledge proof (ZKP) to provide authentication and information security. We also show how Near Field Communication (NFC) can be used to establish the integrity of a user´s proof of location. Simulation results in Java validate our model. Furthermore, security analysis has been done to show how our framework protects against well-known attacks.
Keywords :
Java; authorisation; cryptography; mobile computing; Java; NFC; RBAC; authentication; confidential information; confidential resources; identity-based encryption; information security; mobile role-based access control system; modern enterprise systems; near field communication; security systems; zero knowledge proof; Access control; Authentication; Protocols; Public key; Read only memory; Identity Based Encryption; Identity-Based Cryptography; Near Field Communication; Pairing; Role-based Access Control;
Conference_Titel :
Computational Intelligence for Security and Defence Applications (CISDA), 2012 IEEE Symposium on
Conference_Location :
Ottawa, ON
Print_ISBN :
978-1-4673-1416-9
DOI :
10.1109/CISDA.2012.6291534
