Skip to main content
SpringerLink
Log in

Securing Mobile Device-Based Machine Interactions with User Location Histories

  • Conference paper
Security and Privacy in Mobile Information and Communication Systems (MobiSec 2012)

Abstract

Mobile devices are more and more integrated in workflows, especially when interacting with stationary resources like machines in order to improve productivity or usability, but risk unauthorized access or unwanted unattended operation. Systems for location based access control have been developed to restrict the user to be in specific locations in order to proceed in a workflow. However, these approaches do not consider the movement pattern of a user nor do they distinguish the severity of false-positives that might arise from imperfect location measurements which is crucial in certain workflows. In this paper, focusing on mobile users interacting with stationary machines, an approach for workflow policies is presented using three types of location constraints to enforce movement patterns. The evaluation of these constraints is based on a user’s location history which is generated in a tamper-proof environment on his mobile device and describes his geographical trajectory for a given timespan.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bertino, E., Ferrari, E., Atluri, V.: The Specification and Enforcement of Authorization Constraints in Workflow Management Systems. ACM Transactions on Information and System Security (TISSEC) 2, 65–104 (1999)

    Article  Google Scholar 

  2. Atluri, V., Huang, W.: An Authorization Model for Workflows. In: Bertino, E., Kurth, H., Martella, G., Montolivo, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 44–64. Springer, Heidelberg (1996)

    Chapter  Google Scholar 

  3. Küpper, A.: Location-Based Services: Fundamentals and Operation. Wiley (2005)

    Google Scholar 

  4. Shin, H., Atluri, V.: Spatiotemporal Access Control Enforcement under Uncertain Location Estimates. In: Gudes, E., Vaidya, J. (eds.) Data and Applications Security 2009. LNCS, vol. 5645, pp. 159–174. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  5. Shi, W., Yang, J., Jiang, Y., Yang, F., Xiong, Y.: SenGuard: Passive User Identification on Smartphones Using Multiple Sensors. In: 7th IEEE Int’l Conf on Wireless and Mobile Computing, Networking and Communications, pp. 141–148 (2011)

    Google Scholar 

  6. Gilbert, P., Cox, L., Jung, J., Wetherall, D.: Toward Trustworthy Mobile Sensing. In: Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications, HotMobile 2010, pp. 31–36. ACM (2010)

    Google Scholar 

  7. Wieland, M., Nicklas, D., Leymann, F.: Managing Technical Processes Using Smart Workflows. In: Mähönen, P., Pohl, K., Priol, T. (eds.) ServiceWave 2008. LNCS, vol. 5377, pp. 287–298. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  8. van Cleeff, A., Pieters, W., Wieringa, R.: Benefits of Location-Based Access Control: A Literature Study. In: Proceedings of the 2010 IEEE/ACM Int’l Conf on Green Computing and Communications & Int’l Conf on Cyber, Physical and Social Computing, GREENCOM-CPSCOM 2010, pp. 739–746. IEEE (2010)

    Google Scholar 

  9. Kirkpatrick, M., Damiani, M., Bertino, E.: Prox-RBAC: A Proximity-based Spatially Aware RBAC. In: Proceedings of the 19th ACM SIGSPATIAL Int’l Conf on Advances in Geographic Information Systems, GIS 2011, pp. 339–348. ACM (2011)

    Google Scholar 

  10. Ardagna, C., Cremonini, M., Damiani, E., di Vimercati, S., Samarati, P.: Supporting Location-Based Conditions in Access Control Policies. In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2006, pp. 212–222. ACM (2006)

    Google Scholar 

  11. Decker, M., Stürzel, P., Klink, S., Oberweis, A.: Location Constraints for Mobile Workflows. In: Proceedings of the 2009 Conf. on Techniques and Applications for Mobile Commerce, TAMoCo 2009, pp. 93–102. IOS Press (2009)

    Google Scholar 

  12. Che, H., Decker, M.: Anomalies in Business Process Models for Mobile Scenarios with Location Constraints. In: Proceedings of the IEEE Int’l Conf on Automation and Logistics, ICAL 2010, pp. 306–313. IEEE (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Mobile and Distributed Systems Group, Ludwig Maximilian University of Munich, Oettingenstr. 67, 80538, Munich, Germany

    Philipp Marcus, Moritz Kessel & Claudia Linnhoff-Popien

Authors
  1. Philipp Marcus
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Moritz Kessel
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Claudia Linnhoff-Popien
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Novalyst IT AG, Robert-Bosch Str. 38, 61184, Karben, Germany

    Andreas U. Schmidt

  2. Department of Computer Science, University of Auckland, Private Bag 92019, 1142, Auckland, New Zealand

    Giovanni Russello

  3. Goethe University Frankfurt, Grüneburgplatz 1, 60629, Frankfurt/M., Germany

    Ioannis Krontiris

  4. Central Research Institute Huawei Technologies, Building Q22, Room 2-A15R Beiqinglu Huanbaoyuan No.156, Haidian District, 100095, Beijing, China

    Shiguo Lian

Rights and permissions

Reprints and permissions

Copyright information

© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Marcus, P., Kessel, M., Linnhoff-Popien, C. (2012). Securing Mobile Device-Based Machine Interactions with User Location Histories. In: Schmidt, A.U., Russello, G., Krontiris, I., Lian, S. (eds) Security and Privacy in Mobile Information and Communication Systems. MobiSec 2012. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 107. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33392-7_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-33392-7_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-33391-0

  • Online ISBN: 978-3-642-33392-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation