A Wireless Secure Remote Access Architecture Implementing Role Based Access Control: WiSeR

In this study, we propose a network architecture for providing secure access to information resources of enterprise network from remote locations in a wireless fashion. Our proposed architecture offers a very promising solution for organizations which are in need of a secure, flexible and cost-effective remote access methodology. Security of the proposed architecture is based on Virtual Private Network technology and a special role based access control mechanism with location and time constraints. The flexibility mainly comes from the use of Internet as the communication medium and cost-effectiveness is due to the possibility of in-house implementation of the proposed architecture.




References:
[1] W. Clark, "Enterprises Must Assess Impact of Mobile Applications",
Gartner Inc. Report, 2003.
[2] Always Available Computing: Best Practices for Empowering Today-s
Mobile Work Force. Available: http://www.adessosystems.com
[3] E. Tomur and Y.M. Erten, "Application of temporal and spatial role
based access control in 802.11 wireless networks", Computers &
Security, vol. 25, no.4, pp 452-458, September 2006.
[4] M. Weiser, "Hot Topics: Ubiquitous Computing", IEEE Computer,
October 1993.
[5] S. Harris, CISSP All-In-One Guide. McGraw-Hill Publications, 2004,
ch.7.
[6] N. Borisov, I. Goldberg, and D. Wagner, "Intercepting mobile
communications: The insecurity of 802.11", in Proc. of the Seventh
Annual International Conference on Mobile Computing and Networking,
2001.
[7] S. Fluhrer, I. Martin, and A. Shamir, "Weaknesses in the key scheduling
algorithm of RC4", presented at Eighth Annual Workshop on Selected
Areas in Cryptography, August 2001.
[8] E. Tomur and Y.M. Erten, "A layered security architecture for corporate
802.11 wireless networks", presented at 2nd Wireless
Telecommunications Symposium, Pomona, CA, 2004.
[9] IEEE Standards for local and metropolitan area networks: Standard for
port based network access control, IEEE draft P802.1X/D11, March
2001.
[10] R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman, "Role-based
access control models", IEEE Computer, vol. 29, no. 2, February 1996.
[11] S. Osborn, R. Sandhu, and Q. Munawer, "Configuring role-based access
control to enforce mandatory and discretionary access control policies",
ACM Transactions on Information and System Security, vol. 13, no. 2,
February 2000.
[12] J. Barkley, K. Beznosov, and J. Uppal, "Supporting relationships in
access control using role based access control", in Proc. of 3rd ACM
Workshop Role Based Access Control, Fairfax, VA, October 1998.
[13] D. Ferraiolo, J. Barkley, and D. Kuhn, "Role-based access control and
reference implementation within a corporate intranet", ACM
Transactions on Information and System Security, vol. 2, no. 1, 1999.
[14] M.J. Moyer, and M. Abamad, "Generalized role-based access control",
in Proc. of 21st International Conference on Distributed Computing
Systems, April 2001.
[15] M. Koch, L.V. Mancini, and F. Parisi-Presicce, "A Graph-Based
Formalism for RBAC", ACM Transactions on Information and System
Security (TISSEC), vol. 5, no. 3, 2002.
[16] E. Bertino, P.A: Bonatti, and E. Ferrari, "TRBAC: A temporal rolebased
access control model", ACM Transactions on Information and
System Security, vol. 4, no. 3, 2001.
[17] J.B.D Joshi, E. Bertino, U. Latif, and A. Ghafoor, "A Generalized
Temporal Role-Based Access Control Model", IEEE Transactions on
Knowledge and Data Engineering, vol. 17, no. 1, pp 4 - 23, January
2005.
[18] F. Hansen, and V. Oleshchuk, "Spatial role-based access control model
for wireless networks", presented at Vehicular Technology Conference,
2003.
[19] M. Wilikens, S. Feriti, A. Sanna, and M. Masera, "A context-related
authorization and access control method based on RBAC: A case study
from the health care domain", presented at Seventh ACM Symposium on
Access Control Models and Technologies, 2002.