Administration of (Geo)XACML policies for spatial data infrastructures
Proceedings of the 4th ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Computers & Geosciences
| Hi-index | 0.00 |
Today sophisticated concepts, languages and frameworks exist, that allow implementing powerful fine grained access control systems for protecting Geo Web Services and spatial data in Spatial Data Infrastructures (SDIs). Especially rule based access control systems provide the capabilities to define and enforce expressive, fine grained access rights or restrictions respectively. In the first part of the presentation GeoXACML, a standardised spatial access control language, will be presented and it will be demonstrated that GeoXACML based access control systems can meet the access control specific requirements in OGC Web Service based SDIs. Having powerful, complex access control policies in place introduces a new challenge. It is essential that the policy defining the semantics of an access control system can be easily and securely administrated. In the second part of the presentation it will be highlighted how to administrate complex GeoXACML policies. A very general and powerful administrative model, the Layered Administration Model (LAM), will be introduced. The LAM intends to support an easy, distributed and hierarchical administration of complex spatial access control policies as found in SDIs.