Rule-based policy enforcement point for map services
Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Dynamic security rules for geo data
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Hi-index | 0.00 |
A powerful and flexible authorization model should be able to cope with various security requirements. In the first part of this presentation, we define a security model to express security policies for spatial applications. Using this model we show how to express dynamic security rules that depend on various spatial contexts. A security policy specifies which objects are authorized and which objects are forbidden. However, in the framework of a geographic application displaying maps, there are several solutions for protecting a sensitive object. Sensitive objects can be hidden, masked, blurred or even replaced by fake objects. Therefore, in the second part of this presentation, we suggest a framework to specify protection mechanisms to enforce whenever a prohibition is derived from the security policy.