Authors: E. Tomur, R. Deregozu, T. Genc

Abstract:

In this study, we propose a network architecture for providing secure access to information resources of enterprise network from remote locations in a wireless fashion. Our proposed architecture offers a very promising solution for organizations which are in need of a secure, flexible and cost-effective remote access methodology. Security of the proposed architecture is based on Virtual Private Network technology and a special role based access control mechanism with location and time constraints. The flexibility mainly comes from the use of Internet as the communication medium and cost-effectiveness is due to the possibility of in-house implementation of the proposed architecture.

Keywords: Remote access, wireless networks, security, virtualprivate networks, RBAC.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1328930

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1651

References:

[1] W. Clark, "Enterprises Must Assess Impact of Mobile Applications", Gartner Inc. Report, 2003.
[2] Always Available Computing: Best Practices for Empowering Today-s Mobile Work Force. Available: http://www.adessosystems.com
[3] E. Tomur and Y.M. Erten, "Application of temporal and spatial role based access control in 802.11 wireless networks", Computers & Security, vol. 25, no.4, pp 452-458, September 2006.
[4] M. Weiser, "Hot Topics: Ubiquitous Computing", IEEE Computer, October 1993.
[5] S. Harris, CISSP All-In-One Guide. McGraw-Hill Publications, 2004, ch.7.
[6] N. Borisov, I. Goldberg, and D. Wagner, "Intercepting mobile communications: The insecurity of 802.11", in Proc. of the Seventh Annual International Conference on Mobile Computing and Networking, 2001.
[7] S. Fluhrer, I. Martin, and A. Shamir, "Weaknesses in the key scheduling algorithm of RC4", presented at Eighth Annual Workshop on Selected Areas in Cryptography, August 2001.
[8] E. Tomur and Y.M. Erten, "A layered security architecture for corporate 802.11 wireless networks", presented at 2nd Wireless Telecommunications Symposium, Pomona, CA, 2004.
[9] IEEE Standards for local and metropolitan area networks: Standard for port based network access control, IEEE draft P802.1X/D11, March 2001.
[10] R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman, "Role-based access control models", IEEE Computer, vol. 29, no. 2, February 1996.
[11] S. Osborn, R. Sandhu, and Q. Munawer, "Configuring role-based access control to enforce mandatory and discretionary access control policies", ACM Transactions on Information and System Security, vol. 13, no. 2, February 2000.
[12] J. Barkley, K. Beznosov, and J. Uppal, "Supporting relationships in access control using role based access control", in Proc. of 3rd ACM Workshop Role Based Access Control, Fairfax, VA, October 1998.
[13] D. Ferraiolo, J. Barkley, and D. Kuhn, "Role-based access control and reference implementation within a corporate intranet", ACM Transactions on Information and System Security, vol. 2, no. 1, 1999.
[14] M.J. Moyer, and M. Abamad, "Generalized role-based access control", in Proc. of 21st International Conference on Distributed Computing Systems, April 2001.
[15] M. Koch, L.V. Mancini, and F. Parisi-Presicce, "A Graph-Based Formalism for RBAC", ACM Transactions on Information and System Security (TISSEC), vol. 5, no. 3, 2002.
[16] E. Bertino, P.A: Bonatti, and E. Ferrari, "TRBAC: A temporal rolebased access control model", ACM Transactions on Information and System Security, vol. 4, no. 3, 2001.
[17] J.B.D Joshi, E. Bertino, U. Latif, and A. Ghafoor, "A Generalized Temporal Role-Based Access Control Model", IEEE Transactions on Knowledge and Data Engineering, vol. 17, no. 1, pp 4 - 23, January 2005.
[18] F. Hansen, and V. Oleshchuk, "Spatial role-based access control model for wireless networks", presented at Vehicular Technology Conference, 2003.
[19] M. Wilikens, S. Feriti, A. Sanna, and M. Masera, "A context-related authorization and access control method based on RBAC: A case study from the health care domain", presented at Seventh ACM Symposium on Access Control Models and Technologies, 2002.