Architectural issues for a location-aware role-based access control system