Geographically Secured SSL-VPN Using GPS

Abstract

We are moving towards an era where location information will be necessary for access control. The use of location information can be used for enhancing the security of an application, for critical applications, such as the military. A formal model for location-based access control is needed that increases the security of the application and ensures that the location information cannot be exploited to cause harm. In this paper, we show how the SSL VPN model can be extended to incorporate the notion of location. We show how this location information can be used to determine whether a subject has access to a given object. A novel improved VPN (Virtual Private Network) system based on geo-secured SSL (Secure Socket Layer) protocol is proposed to overwhelm the defects of traditional SSL VPN. It enhances current security applications granting access to sensible information and privileges to execute orders only to entities that are in a trusted location. This system not only authenticates authorized user but also the location of the user