Interoperable Access Control for Geo Web Services in Disaster Management

  • Jan Herrmann
Part of the Environmental Science and Engineering book series (ESE)

Abstract

In case of a disaster, the fast interoperable and secure exchange of spatial data is one of the key tasks. Access control plays an important role for disaster management in order to enforce restricted access to protected spatial data or to declare views on the relevant data for certain users/roles. Therefore, a powerful and interoperable language is needed to declare policies for operations on Web Services used, for example in disaster management. These polices have to contain rules that define which data can be accessed by a person/role through a certain operation (e.g. read, write) under given conditions (e.g. national or regional state of emergency). Different standards exist to establish access control for various requirements (e.g. OASIS’s eXtensible Access Control Markup Language - XACML). However, no standard exists so far that allows the declaration and enforcement of spatial access restrictions needed for the geospatial problem domain. Based on the OASIS Standard XACML, a newly developed spatial extension to XACML called GeoXACML (OGC candidate specification) provides a possible recommendation on how to declare and enforce flexible access rights for spatial data in an interoperable way.

Keywords

Access Control Spatial Data Disaster Management Spatial Data Infrastructure Policy Decision Point 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Herrmann J (2005) Spatial Access Control for Geo Web Services. Diploma thesis, Technical University Munich. http://www.geobranchen.de/images/produkte/ GEOdownloads/herrmann_entwicklung.pdfGoogle Scholar
  2. Matheus A (2005a) Declaration and Enforcement of Access Restrictions for Distributed Geospatial Information Objects. Ph.D. thesis, Technical University Munich. http://tumb1.biblio.tu-muenchen.de/publ/diss/in/2005/matheus.pdfGoogle Scholar
  3. Matheus A (2005b) GeoXACML – a spatial extension to XACML. OGC Discussion Paper. https://portal.opengeospatial.org/files/index.php?artifact_id=10471Google Scholar
  4. Matheus A, Herrmann J (2007) OGC Candidate standard specification: Geospatial eXtensible Access Control Markup Language. http://portal.opengeospatial.org/ files/?arti-fact_id=25218&version=1Google Scholar
  5. OASIS (ed) (2005) eXtensible Access Control Markup Language (XACML) Version 2.0. Committee Specification. hhttp://docs.oasis-open.org/xacml/2.0/ access_control-xacml-2.0-core-spec-os.pdfGoogle Scholar
  6. OGC (ed) (1999) OpenGIS Simple Features Specification for SQL Revision 1.1. http://www.opengis.org/techno/specs/99-049.pdfGoogle Scholar
  7. van Oosterom P et al (eds) (2005) Geo-information for Disaster Management. Berlin, HeidelbergGoogle Scholar
  8. Orchestra (ed) (2008) The Orchestra Project. http://www.eu-orchestra.org/Google Scholar
  9. Proctor S (2004) Sun’s XACML Implementation Programmer’s Guide for Version 1.2. http://sunxacml.sourceforge.net/guide.htmlGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Jan Herrmann

There are no affiliations available

Personalised recommendations