Research Information System
Tehnicki Vjesnik, vol.32, no.4, pp.1336-1346, 2025 (SCI-Expanded, Scopus)
Near Field Communication (NFC) is widely used in mobile applications, yet relay attacks remain a significant security risk, especially in access control systems. Existing countermeasures, such as distance bounding, ambient sensing, and RF fingerprinting, either lack adaptability or fail to provide comprehensive protection at the application layer. In this study, we propose M-CARBAC, a context-aware access control model designed to prevent relay attacks in NFC-enabled mobile devices. Unlike prior solutions, M-CARBAC integrates dynamic contextual verification, formal security definitions, and adaptive access control policies, ensuring that captured credentials remain invalid if relayed. A formal coverage analysis confirms that the model correctly evaluates all possible access requests. Performance tests conducted on an NFC-based access control testbed demonstrate that M-CARBAC effectively mitigates relay attacks while maintaining a reasonable computational overhead. Compared to existing solutions, our model offers a more robust and scalable approach for securing NFC transactions. These findings highlight M-CARBAC's potential for enhancing the security of mobile-based access control systems against evolving threats.