Enforcing Protection Mechanisms for Geographic Data

  • Alban Gabillon
  • Patrick Capolsini
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7236)


In the framework of a geographic application displaying maps, there are several solutions for protecting a sensitive object. Sensitive objects can be hidden, masked, blurred or even replaced by fake objects. In this paper we suggest a framework to specify protection mechanisms to enforce whenever a prohibition is derived from the security policy. This framework includes (i) logical rules allowing us to derive protection mechanisms from prohibitions, and (ii) an algorithm which builds the map to display, according to the derived protection mechanisms.


Access Control Geo-spatial Data visualization Map service Policy Enforcement Point 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    WikiPedia. Satellite map images with missing or unclear data (2011),
  2. 2.
    Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: GEO-RBAC : A spatially Aware RBAC. In: ACM Symposium on Access Control Models and Technologies (SACMAT 2005), Stockholm, Sweeden, pp. 29–37 (2005)Google Scholar
  3. 3.
    Atluri, V., Chun, S.A.: A geotemporal role-based authorization system. International Journal of Information and Computer Security 1, 143–168 (2007)CrossRefGoogle Scholar
  4. 4.
    Gabillon, A., Capolsini, P.: Dynamic Security Rules for Geo Data. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., Roudier, Y. (eds.) DPM 2009. LNCS, vol. 5939, pp. 136–152. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  5. 5.
    Capolsini, P., Gabillon, A.: Security policies for the Visualization of Geo Data. In: ACM SIGSPATIAL GIS 2009 International Workshop on Security and Privacy in GIS and LBS (SPRINGL 2009), pp. 2–11. ACM, Seattle (2009)CrossRefGoogle Scholar
  6. 6.
    Gabillon, A., Capolsini, P.: Rule-based Policy Enforcement Point for Map Services. In: ACM SIGSPATIAL GIS 2010 International Workshop on Security and Privacy in GIS and LBS (SPRINGL 2010), pp. 12–17. ACM, San Jose (2010)CrossRefGoogle Scholar
  7. 7.
    Lupp, M.: Styled Layer Descriptor profile of the Web Map Service Implementation Specification. Open Geospatial Consortium Inc. OGC(R) 05-078r4 (2007)Google Scholar
  8. 8.
    Beaujardiere, J.d.l.: OpenGIS(R) Web Map Server Implementation Specification. Open Geospatial Consortium Inc. OGC(R) 06-042 (2006)Google Scholar
  9. 9.
    El-Kalam, A., El-Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miège, A., Saurel, C., Trouessin, G.: Organization Based Access Control. In: 4th IEEE International Workshop on Policies for Distributed Systems and Networks (Policy 2003). IEEE, Como (2003)Google Scholar
  10. 10.
    Yuan, E., Tong, J.: Attributed Based Access Control (ABAC) for Web Services. In: Proceedings of the IEEE International Conference on Web Services (ICWS 2005), Orlando, Florida - USA (2005)Google Scholar
  11. 11.
    Janée, G., Frew, J., Hill, L.L.: Issues in Geo-referenced Digital Libraries. D-Lib Magazine 10 (2004)Google Scholar
  12. 12.
    Rigaux, P., Scholl, M., Voisard, A.: Spatial Databases with application to GIS. Elsevier (2002)Google Scholar
  13. 13.
    Herring, J.R.: OpenGIS(R) Implementation Specification for Geographic information - Simple feature access - Part 1 : Common architecture. Open Geospatial Consortium Inc. OGC(R) 06-103r3 (2006)Google Scholar
  14. 14.
    [OGC2008] OGC. Open Geospatial Consortium Inc. - About Us (2008),
  15. 15.
    Chun, S.A., Atluri, V.: Protecting privacy from continuous high-resolution satellite surveillance. In: Proceedings of the 14th IFIP 11.3 Annual Working Conference on Database Security, Schoorl, The Netherlands, pp. 233–244 (2000)Google Scholar
  16. 16.
    Atluri, V., Mazzoleni, P.: A uniform indexing scheme for geo-spatial data and authorizations. In: Proceedings of the 16th IFIP WG 11.3 Conference on Data and Application Security (2002)Google Scholar
  17. 17.
    Atluri, V., Chun, S.A.: An authorization Model for Geospatial Data. IEEE Transactions on Dependable and Secure Computing 1, 238–254 (2004)CrossRefGoogle Scholar
  18. 18.
    Damiani, M.L., Bertino, E., Catania, B., Perlasca, P.: GEO-RBAC: A spatially Aware RBAC. ACM Transactions on Information Systems and Security, 1–34 (2006)Google Scholar
  19. 19.
    Volwes, G.: Geospatial Digital Rights Management Reference Model (GeoDRM RM). Open Geospatial Consortium Inc. OGC(R) 06-004r3 (2006)Google Scholar
  20. 20.
    Matheus, A., Herrmann, J.: Geospatial eXtensible Access Control Markup Language (GeoXACML). Open Geospatial Consortium Inc. OGC(R) 07-026r2 (2008)Google Scholar
  21. 21.
    [XACML22005] OASIS. eXtensible Access Control Markup Language (XACML) Version 2.0 (2005),
  22. 22.
    Chun, S.A., Atluri, V.: Geospatial Database Security. In: Gertz, M., Jajodia, S. (eds.) Handbook of Database Security Applications and Trends, pp. 247–266. Springer US (2008)Google Scholar
  23. 23.
    Purevjii, B.-O., Amagasa, T., Imai, S., Kanamori, Y.: An access control model for geographic data in an XML-based framework. In: 2nd International Workshop on Security in Information Systems (WOSIS 2004), Porto, Portugal, pp. 251–260 (2004)Google Scholar
  24. 24.
    [SVG2010] W3C. Scalable Vector Graphics (SVG) 1.1, 2nd edn. (2010),
  25. 25.
    Sasaoka, L.K., Medeiros, C.B.: Access Control in Geographic Databases. In: Roddick, J., Benjamins, V.R., Si-said Cherfi, S., Chiang, R., Claramunt, C., Elmasri, R.A., Grandi, F., Han, H., Hepp, M., Lytras, M.D., Mišić, V.B., Poels, G., Song, I.-Y., Trujillo, J., Vangenot, C. (eds.) ER Workshops 2006. LNCS, vol. 4231, pp. 110–119. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  26. 26.
    Matheus, A.: Declaration and enforcement of fine-grained access restrictions for a service-based geospatial data infrastructure. In: 10th ACM Symposium on Access Control Models and Technologies (SACMAT 2005), Stockholm, Sweden, pp. 21–28 (2005)Google Scholar
  27. 27.
    Portele, C.: OpenGIS(R) Geography Markup Language (GML) Encoding Standard. Open Geospatial Consortium Inc. OGC(R) 07-036 (2007)Google Scholar
  28. 28.
    al Bouna, B., Chbeir, R., Gabillon, A.: The Image Protector - A Flexible Security Rule Specification Toolkit. In: SECRYPT 2011: Proceedings of the International Conference on Security and Cryptography, Seville, Spain, July 18-21, pp. 345–350 (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Alban Gabillon
    • 1
  • Patrick Capolsini
    • 1
  1. 1.Université de la Polynésie FrançaiseFAA’AFrench Polynesia

Personalised recommendations