Chapter 13

LOCATION TECHNOLOGIES

OVERVIEW

As user and PC mobility increase, location is becoming more important. In some cases, its value is realized in applications that provide the mobile user with location-related information, such as hotels, restaurants, and driving directions. In other cases, location becomes a means for asset tracking. Location can also be used as an access-control parameter in DRM applications (as discussed in Chapter 8), controlled-access information based on location, or location-based information sharing. Other environments foster complete freedom of user movement without regard to location.

LOCATION'S PLACE IN SECURITY

In applications or user environments where location is immaterial, location technologies are not likely to be employed as part of the user security architecture. However, even in those environments, there is a need to provide the mobile user with some assurance that the remote server that he is accessing is indeed a valid server and that he has not been redirected to a carefully constructed duplicate that is using his information for other purposes. This type of server spoofing is a common element of the social-engineering attack called phishing, which has been described previously in this book. Knowledge (and validation) of the physical location of the valid server could provide protection to the mobile user, even if the user's location is immaterial to the specific information-sharing architecture that he is using.

In order for location ...