Declaration and enforcement of fine-grained access restrictions for a service-based geospatial data infrastructure

Authors:
Andreas Matheus
Affiliations:
Fakultät für Informatik Technische Universität München
Venue:
Proceedings of the tenth ACM symposium on Access control models and technologies
Year:
2005

Citing 5
Cited 8

Controlled access and dissemination of XML documents

Proceedings of the 2nd international workshop on Web information and data management
Fine grained access control for SOAP E-services

Proceedings of the 10th international conference on World Wide Web
A fine-grained access control system for XML documents

ACM Transactions on Information and System Security (TISSEC)
Designing a distributed access control processor for network services on the Web

Proceedings of the 2002 ACM workshop on XML security
First experiences using XACML for access control in distributed systems

Proceedings of the 2003 ACM workshop on XML security

Reasoning with semantics-aware access control policies for geospatial web services

Proceedings of the 3rd ACM workshop on Secure web services
GEO-RBAC: A spatially aware RBAC

ACM Transactions on Information and System Security (TISSEC)
Security and privacy for geospatial data: concepts and research directions

SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
A unified index structure for efficient enforcement of spatiotemporal authorisations

International Journal of Information and Computer Security
Rule-based policy enforcement point for map services

Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Security mechanisms for geographic data

Proceedings of the International Conference on Management of Emergent Digital EcoSystems
A map-layer-based access control model

WISA'11 Proceedings of the 12th international conference on Information Security Applications
Enforcing protection mechanisms for geographic data

W2GIS'12 Proceedings of the 11th international conference on Web and Wireless Geographical Information Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

This work describes the declaration and enforcement of geospatial access restrictions for the infrastructure of heterogenous and distributed geospatial information objects, as they are accessible via the service-oriented geospatial data infrastructure (GDI). Assuming a valid XML markup of the objects and their geometry using the Geographic Markup Language (GML), which is an international standard of the Open GIS Consortium, Inc. (OGC), a solution is introduced that allows the declaration and enforcement of access restrictions, encoded in GeoXACML. GeoXACML is a geospatial extension to the OASIS standard eXtensible Access Control Markup Language (XACML). Due to the nature of the introduced restrictions, the declaration of access restrictions can result in different kinds of inconsistencies. This work describes a mechanism for the detection and classification of contrary permissions. This work also describes a prototype implementation and an illustrating demonstration.