The rapid emergence of GPS enabled devices, sensors and mobile equipment in commercial as well as government organizations has led to considerable research in time- and location-based access control schemes. Location-based access policies enhance the security of an application by restricting access to an object only from specified locations. On the other hand, temporal constraints provide granularity in security features and also limit damage to an application to a specific time interval (e.g. when staff are present to respond if necessary). This paper introduces a novel approach to location- and time-based access control mechanism using Role-Based Access Control (RBAC). We believe that it is well-suited for organizations that require time- and location-based access control over static or mobile objects. KEY WORDS Location-aware Computing, Time-dependent Access, Security Policies, RBAC, Access Control Model, Visibility.
Mahendra Kumar, Richard E. Newman