Design And Research Of Location-based Access Control Model Forthe Mobile Terminal

Mobile terminals gradually become an indispensablepart of people’s daily life andwork. As more and more mobile terminals get access to the Internet, network resourcesharing crosses the limits of space and time, and more and more information securityproblems get exposed. With the change of people’s consumption concept, locationinformation has gradually become the target of information sharing. The disclosure oflocation information can help hackers not only steal user’s location and forge the location toget corresponding service, but also temper with the location information to attack thecomputer system. All these problems can lead to the disclosure of security information, thus,people have a strong need on the technology which can control the access based on theuser’s location.This thesis firstly describes the Location-Based Access Control(LBAC) model. In orderto solve the existing location security problems of LBAC model in mobile terminals, trustedcomputing technology is introduced to propose Trusted Location-Based Access Control(TLBAC) model. This model can obtain trusted location through the communicationbetween Trusted Computing Module (TPM) and trusted location. Therefore, it solves theinformation security problems and spoofing attack of location from the source. Andaccording to the dynamic of the location security level in the real environment, the thesisintroduces the notion of time constraints and proposes a new model called time restrictedLocation-Based Access Control(tLBAC) model. This can solve the constraint of the“must-be-lifetime”location security level and achieve dynamic changeof position securitylevel at different times. Because of the constraint of access control based on the dynamicchange of location security level, not only thesecurityofthesystembut also the utilization oflocation is improved.Last but not the least, based on SOPC platform, the thesis adds three access controlmodel for μC/OS-IIoperating system and realizes μC/OS-II access control ofmulti-levelsecurity. Then verificationandtesting is carried out for the three models. Themodels can be widely used in the mobile terminals of LBS, military and agriculture and soforth.