Geofencing as a Security Strategy Model

This thesis presents a Wireless Security Model (WSM) to the security risks caused by the leakage of electromagnetic radio waves in wireless networks. The WSM is divided into two parts.
The first part uses a robust security strategy model which enables the Information Security management of the WSM to be continuously improved. The context here is continual improvement of the WSM and takes into consideration those factors both internal and external to the WSM that affects
its behaviour.
The second part of the WSM uses the geographic limitation inherent in location based services to contain the access of an authorised wireless network user within a predefined parameter. The context here is access based on geographic limitation and takes into consideration the exact position of a mobile device using indoor positioning technology on a single radio frequency to obtain network access. The security strategy model uses the International Standard Organisations (ISO), Information Security Management Systems (ISMS) requirements (27001:2005) and Information Technology Infrastructure Library (ITIL) Version 3 as a governance framework which makes it suitable for use in
any organisation of the 162 member countries who have signed up to and adopted the ISO 27001:2005. The positioning technology uses a Wireless Location Appliance (WLA) to identify the location of a mobile device before allowing it to access the network, it then continues to monitor the location at time intervals which are preset using the WLA and then maintains the connection to the
network for the duration that the mobile device complies with the preset rules based on its location and any other of the organisations internal information security policies. The security strategy model was evaluated using a questionnaire to collect data from Small Medium Enterprises (SME) which use wireless networks to understand the kind of infrastructure they use and the kind of information security
policies they have in place to protect them.
The results were compared with surveys undertaken by PricewaterhouseCoopers (PwC) on behalf of the United Kingdom's Government office of Commerce (GOC) which produced the ISO 27001:2005 and ITIL V3 documents. The positioning technology was experimentally evaluated using
a laboratory owned by a company that provides Location Based Services to the National Health Service (NHS). The results were compared with a predetermined route marked out on the architectural plan of a room in the laboratories building which was used as a test bed. The security solution model achieved 95% confidence levels for accuracy and precision, with the security strategy model achieving
95% confidence levels for compliance and implementation.

This thesis supplied via ROAR to UEL-registered users is protected by copyright and other intellectual property rights, and duplication of any part of the material is not permitted, except for your personal use for the purposes of non-commercial research and private study in electronic or print form. You must obtain permission from the copyright-holder for any other use. Electronic or print copies may not be offered, for sale or otherwise, to anyone. No quotation from the thesis may be published without proper acknowledgement.