A WLAN security management framework based on formal spatio-temporal RBAC model

Bera, P. ; Ghosh, S. K. ; Dasgupta, Pallab (2010) A WLAN security management framework based on formal spatio-temporal RBAC model Security and Communication Networks, 4 (9). pp. 981-993. ISSN 1939-0114

Full text not available from this repository.

Official URL: http://onlinelibrary.wiley.com/wol1/doi/10.1002/se...

Related URL: http://dx.doi.org/10.1002/sec.232


In today's organizations, the large scale deployment of wireless networks has opened up new directions in network security management. The organizational security policies aim at protecting the network resources from unauthorized accesses in the wireless local area networks (WLAN). In WLAN security policy management, the standard IP-based access control mechanisms are not sufficient due to dynamic changes in network topology and access control states. The role-based access control (RBAC) models may be appropriate to strengthen the security perimeter over the network resources. However, formalizing the dynamic binding of the access policies to the roles, depending on various control states, is a major challenge. In this paper, we propose a WLAN security policy management framework based on a formal spatio-temporal RBAC (STRBAC) model. The present work primarily focuses on dynamic computation of security policies based on various control states, its formal representation using STRBAC model, and security property verification of the proposed STRBAC model. The proposed policy management framework logically partitions the WLAN topology into various security policy zones. The framework includes a Central Authentication & Role Server (CARS) which authenticates the users (nodes) and access points (AP) and also assigns appropriate roles to the users; a Global Policy Server (GPS) that dynamically computes the global security policy and policy configurations for different policy zones based on local user-role and control state information; a distributed policy zone control architecture. Each policy zone consists of a Policy Zone Controller (WPZCon) which dynamically computes the low-level access configurations. Finally, a SAT based verification procedure has been presented for verifying the security properties of the proposed STRBAC model.

Item Type:Article
Source:Copyright of this article belongs to John Wiley & Sons, Inc.
Keywords:Wireless LAN; Network Security Policy; Role Based Access Control (RBAC) Models
ID Code:101389
Deposited On:09 Mar 2018 10:13
Last Modified:09 Mar 2018 10:13

Repository Staff Only: item control page