The Scientific World Journal

Research Article

A Secure Operational Model for Mobile Payments

Algorithm 3

An example of location policy.
− <Policy PolicyId=“QRCodeServiceAccessPolicy”
RuleCombiningAlgId= “urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable”>
<Description>AccessPolicy of QRCodeService</Description>
− <Target>
+ <Subjects>
+ <Resources>
+ <Actions>
</Target>
− <Rule RuleId=“ProjectPlanAccessRule” Effect=“Permit”>
+ <Target>
− <Condition FunctionId=“urn:oasis:names:tc:xacml:1.0:function:and”>
− <Apply FunctionId=“urn:oasis:names:tc:xacml:1.0:function:double-greater-than”>
− <Apply FunctionId=“urn:oasis:names:tc:xacml:1.0:function:double-one-and-only”>
  <EnvironmentAttributeDesignator AttributeId=“latitude” DataType=“http://www.w3.org/2001/XMLSchema#double” />
</Apply>
<AttributeValue DataType=“http://www.w3.org/2001/XMLSchema#double”>23.88988</AttributeValue>
</AppIy>
− <Apply FunctionId=“urn:oasis:names:tc:xacml:1.0:function:double-less-than”>
− <Apply FunctionId=“urn:oasis:names:tc:xacml:1.0:function:double-one-and-only ”>
  <EnvironmentAttributeDesignator AttributeId=“latitude” DataType=“http://www.w3.org/2001/XMLSchema#double” />
</Apply>
<AttributeValue DataType=“http://www.w3.org/2001/XMLSchema#double”>23.91479</AttributeValue>
</Apply>
− <Apply FunctionId=“urn:oasis:names:tc:xacml:1.0:function:double-greater-than”>
− <Apply FunctionId=“urn:oasis:names:tc:xacml:1.0:function:double-one-and-only”>
  <EnvironmentAttributeDesignator AttributeId = “longitude”
  DataType=“http://www.w3.org/2001/XMLSchema#double” />
</Apply>
<AttributeValue DataType=“http://www.w3.org/2001/XMLSchema#double”>121.52535</AttributeValue>
</Apply>
− <Apply FunctionId=“urn:oasis:names:tc:xacml:1.0:function:double-less-than”>
− <Apply FunctionId=“urn:oasis:names:tc:xacml:1.0:function:double-one-and-only'’>
  <EnvironmentAttributeDesignator AttributeId=“longitude” DataType=“http://www.w3.org/2001/XMLSchema#double” />
</Apply>
<AttributeValue DataType=“http://www.w3.org/2001/XMLSchema#double”>121.56578</AttributeValue>
</Apply>
</Condition>
</Rule>
<Rule RuleId=“defaultRule” Effect=“Deny” />
</Policy>