Abstract
An increasingly important category of location-based services (LBS) responding to the demands of mobility in organizations is represented by Enterprise LBS (E-LBS). E-LBS pose challenging requirements, including the need of selective access to the services based on the position of mobile users and spatially-bounded organizational functions. To address these requirements a general architectural framework for an access control system based on location-aware roles is introduced.