Geospatial Database Security

  • Soon Ae Chun
  • Vijayalakshmi Atluri


Geospatial data refers to the resources associated with location information represented by longitude and latitude. Its increasing availability and the tools to integrate and visualize the various types of data facilitate conducting sophisticated analysis and discovering hidden patterns. Therefore, uncontrolled dissemination of geospatial data may have grave consequences for national security and personal privacy. Access control for this data is based on its geospatial location, content and context, the credentials and characteristics of the users requesting access as well as the time at which the data is captured and requested. In this chapter, we review the different access control models proposed by researchers for controlled dissemination of geospatial data. Since geospatial data is increasingly obtained from third party Web services, we also review the security models presented in the area of geospatial Web services.


Access Control Geographic Information System Advanced Very High Resolution Radiometer Advanced Very High Resolution Radiometer Geospatial Data 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ashraful Alam, Ganesh Subbiah, Bhavani Thuraisingam, and Latifur Khan. Reasoning with semantics-aware access control policies for geospatial web services. In SWS ’06: Proceedings of the 3rd ACM workshop on Secure web services, pages 69–76, New York, NY, USA, 2006. ACM Press.Google Scholar
  2. 2.
    Claudio A. Ardagna, Marco Cremonini, Ernesto Damiani, Sabrina De Capitani di Vimercati, and Pierangela Samarati. Supporting location-based conditions in access control policies. In ASIACCS ’06: Proceedings of the 2006 ACM Symposium on Information, computer and communications security, pages 212–222, New York, NY, USA, 2006. ACM Press.Google Scholar
  3. 3.
    Vijayalakshmi Atluri and Soon Ae Chun. An Authorization Model for Geospatial Data. IEEE Transactions on Dependable and Secure Computing, 1(4):238–254, 2004.CrossRefGoogle Scholar
  4. 4.
    Vijayalakshmi Atluri and Soon Ae Chun. A Geotemporal Role-based Authorization System. International Journal of Information and Computer Security, 1(1/2):143–168, 2007.CrossRefGoogle Scholar
  5. 5.
    John C. Baker, Beth E. Lachman, David R. Frelinger, Kevin M. O’Connell, Alexander C. Hou, Michael S. Tseng, David Orletsky, and Charles Yost. Mapping the Risks: Assessing the Homeland Security Implications of Publicly Available Geospatial Information. Technical report, RAND National Defense Research Institute, RAND Corporation, 2004.Google Scholar
  6. 6.
    Tom Barclay, Jim Gray, and Don Slutz. Microsoft TerraServer: a spatial data warehouse. In SIGMOD ’00: Proceedings of the 2000 ACM SIGMOD international conference on Management of data, pages 307–318, New York, NY, USA, 2000. ACM Press.Google Scholar
  7. 7.
    Elisa Bertino, Barbara Catania, Maria Luisa Damiani, and Paolo Perlasca. GEO-RBAC: a spatially aware RBAC. In Proceeding of the 10th ACM Symposium on Access Control Models and Technologies (SACMAT 2005), pages 29–37, 2005.Google Scholar
  8. 8.
    Soon Ae Chun and Vijayalakshmi Atluri. Protecting Privacy from Continuous High-resolution Satellite Surveillance. In Data and Application Security, Development and Directions, IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security, pages 233–244, 2000.Google Scholar
  9. 9.
    Michael J. Covington, Prahlad Fogla, Zhiyuan Zhan, and Mustaque Ahamad. A Context-Aware Security Architecture for Emerging Applications. In Proccedings of 18th Annual Computer Security Applications Conference (ACSAC’2002), pages 249–260, 2002.Google Scholar
  10. 10.
    Michael J. Covington, Wende Long, Srividhya Srinivasan, Anind K. Dey, Mustaque Ahamad, and Gregory D. Abowd. Securing context-aware applications using environment roles. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), pages 10–20, 2001.Google Scholar
  11. 11.
    Maria Luisa Damiani, Elisa Bertino, Barbara Catania, and Paolo Perlasca. GEO-RBAC: A spatially aware RBAC. ACM Transactions of Information Systems Security, 10(1), 2007.Google Scholar
  12. 12.
    Deborah L. McGuinness and Frank van Harmelen. Owl web ontology language overview: W3c recommendation 10. Technical report, W3C, 2004. Scholar
  13. 13.
    Federal Geographic Data Committee. Geospatial Metadata Standards.Google Scholar
  14. 14.
    Google . Google Earth, 2007. Scholar
  15. 15.
    Google . Google Maps API, 2007. Scholar
  16. 16.
    Andreas Matheaus. Declaration and enforcement of finegrained access restrictions for a service-based geospatial data infrastructure. In Proceedings of tenth ACM symposium on Access control models and technologies, 2005.Google Scholar
  17. 17.
    Andreas Matheus. Geospatial extensible access control markup language (geoxacml). Technical report, Open Geospatial Consortium, Inc., 2007. Specification.pdf.Google Scholar
  18. 18.
    Microsoft Corporation. Microsoft Virtual Earth, 2007. Scholar
  19. 19.
    Tim Moses. eXtensible Acess Control Markup Language (XACML) Version 2.0. Technical report.Google Scholar
  20. 20.
    National Oceanic and Atmospheric Administration (NOAA). NOAA KLM User’s Guide, 2000. Scholar
  21. 21.
    Douglas Nebert, Arliss Whiteside, and Panagiotis Vretanos. OpenGIS Catalogue Service Implementation Specification Version 2.0.2. Technical report, Open Geospatial Consortium, Inc., 2007. Scholar
  22. 22.
    Open Geospatial Consortium, Inc. OpenGIS Web Map Service Implementation Specification, 2006. Scholar
  23. 23.
    UNEP: United Nations Environmental Programme. Geo Data Portal, 2006. Scholar
  24. 24.
    Satellite Imaging Corporation. Satellite Imaging Sensors, 2001. Accessed in 2007.Google Scholar
  25. 25.
    Alessandra Toninelli, Rebecca Montanari, Lalana Kagal, and Ora Lassila. A Semantic Context-Aware Access Control Framework for Secure Collaborations in Pervasive Computing Environments. In The Semantic Web - Proceedings of the 5th International Semantic Web Conference (ISWC 2006), pages 473–486, 2006.Google Scholar
  26. 26.
    USDA. USDA Geospatial Data Gateway, 2006. Scholar
  27. 27.
    Graham Vowles. Geospatial Digital Rights Management Reference Model (GeoDRM RM) Version 1.0.0. Technical report.Google Scholar
  28. 28.
    Guangsen Zhang and Manish Parashar. Dynamic Context-aware Access Control for Grid Applications. In Proceedings of the 4th International Workshop on Grid Computing (GRID 2003), pages 101–108, 2003.Google Scholar

Copyright information

© Springer Science+Business Media, LLC. 2008

Authors and Affiliations

  • Soon Ae Chun
    • 1
  • Vijayalakshmi Atluri
    • 2
  1. 1.College of Staten IslandCity University of New YorkStaten Island
  2. 2.Rutgers UniversityNewark

Personalised recommendations