Presentation is loading. Please wait.

Presentation is loading. Please wait.

SEcurE access to GEOspatial services OGC-OGF Collaboration workshop Open Grid Forum 21 (OGF21) October, 2007 Chris Higgins (EDINA, University of Edinburgh)

Published byFelicia Gray Modified over 8 years ago

Similar presentations

Presentation on theme: "SEcurE access to GEOspatial services OGC-OGF Collaboration workshop Open Grid Forum 21 (OGF21) October, 2007 Chris Higgins (EDINA, University of Edinburgh)"— Presentation transcript:

1 SEcurE access to GEOspatial services OGC-OGF Collaboration workshop Open Grid Forum 21 (OGF21) October, 2007 Chris Higgins (EDINA, University of Edinburgh)

2 JISC (Joint Information Systems Committee) Programme Funded by the UK HFE funding councils Supports teaching, learning, research and administration Provides strategic guidance to UK HFE on use of ICT Grid OGC Collision in context of wider UK e-infrastructure “…embraces networks, grids, data centres and collaborative environments, and can include supporting operations centres, service registries, single-sign on, certificate authorities, training and help-desk services. Most importantly, it is the integration of these that defines e-Infrastructure.” Grid OGC Collision Programme

3 Aiming to demonstrate how access to GI on Grid may be achieved: Shibboleth WS-Security GSI OGC Web Services Partners: EDINA, NeSC, NCeSS, MIMAS Main deliverables are a report and 3 demonstrators: National datacentre e-Social Science Orchestration (Newcastle) SEcurE access to GEOspatial services

4 Being implemented within the context of the OGC’s Geolinking Interoperability Experiment (Geolink IE) IEs are brief, low-overhead, formally structured and approved initiatives led and executed by OGC members to achieve specific technical objectives that further the OGC Technical Baseline. Aim: implement a number of prototype GeoLinking services based on the interface specification originally described in the Geolinked Data Access Service (GDAS) and GeoLinking Service (GLS) Discussion Papers. Purpose: confirm that OGC specifications completely support the ability to link attribute data to its geospatially representations when stored at separate locations on the Internet, and to improve the specifications if they do not support these requirements. e-Social Science Demonstrator

5 Refactored as Web Processing Service

6 Web Processing Service A generic mechanism to describe and web-enable any sort of geospatial process Possibly most grid like of the OGC specifications Synchronous or asynchronous No need for client software upgrades Each process specified in a separate document Data can be delivered across or available at the server

7 Web Processing Service – 3 operations 1.GetCapabilities – get service metadata, response includes brief metadata describing all the processes implemented 2.DescribeProcess – get detailed information about the process(es) that can be executed, including input parameters and formats, and the outputs. Can be used to automatically build user interfaces 3.Execute – allows a client to run a specified process, using the provided input parameter values. Outputs can be stored and made remotely accessible

8 GLS – an application profile of WPS 1.ListGeolinkAbilities – this process is used to obtain a list of the framework datasets to which the GLS can join geolinked data, and the output forms of the result. 2.Geolink – This process is used to join geolinked data to its spatial framework and produce the requested output. The Geo Linking Service specifies the following processes which are described and provided via the three WPS operations indicated above:

9 OGSA-DAI activities, a simple pipeline, eg, GDAS getData, GLS geoLink, WFS getFeature Additional GLS implementations simplified if activities already exist (multiple different ways to implement GLS) We can now do the following with relatively little extra work: Choose different framework datasets dynamically Merge GDAS XML directly into an RDBMS dataset Implement filters, eg, bbox, currently must use geolinkage field values (geolinkids) Transfer data using GridFTP Protect using GSI? Feature based data processing and OGSA-DAI as a toolkit for building additional WPS. OGSA-DAI WPS implementation

10 OGC Web Services (OWS) Testbeds Another mechanism within the Interoperabilty Program (IP) Purpose is to develop new specs & refine existing specs Managed by the OGC IP team Sponsors determine work programme; RFQ, kickoff, 5-6 months to completion Participation open to OGC members only

11 The OWS-4 GeoDRM activity Important as Spatial Data Infrastructure requires interoperable trading capability Focussed on engineering aspects Ended Dec 2006 Number of Interoperability Program Reports Number of use cases determined by the sponsors

12 OWS Client Authentication Service Gatekeeper (Enforcement) OWS Service License Manager (Administration) License Broker conditions Identity Provider Authorization Service (Decision) OWS Client GeoDRM Client OWS-4 GeoDRM Architecture End-User Consumer DeliverymanManager Broker Reference: GeoDRM Engineering Viewpoint Elfers, Wagner OGC meeting San Diego, GeoDRM WG 2006-12-13

13 Gatekeeper is transparent; extension for OGC W*S –Adds GeoDRM functionality and information (e.g. capabilities) –Accepts identity and/or license tokens with the W*S payload Authentication Service –Provides identity tokens for in-band authentication –Authentication Service could be used as central service in a federation Authentication and retrieval of user information Single-Sign-On and Single-Log-Out Support different authentication methodologies (harmonization) Authorization Service is responsible for all authorization and validity checks –Integrity, authenticity and origin of messages, signatures, etc. –Authorization based on local rights (classical access control) as well as on-the-fly resolved rights from licenses

14 License Broker negotiates Licenses with the Client –Different types of Offerings; those define the further negotiation- workflows –On agreement: Broker stores License in License Manager, Client receives a Reference Token License Manager manages Licenses (surprise!) –License are fetched by the AuthZ-Service using the reference –Manager could be used as central service in a federation Storage in Federation Global “License Revoke” (similar to single-log-out)

15 With assistance from NeSC Glasgow, concentrating on the security aspects; particularly Shibboleth, but also PERMIS and VOMs? Integrate OGC Web Coverage Specification (WCS) into OGSA- DAI Get a demonstrator running on the UK National Grid Service Options include installing the SEE-GEO demonstrator, perhaps linking using Ordnance Survey MasterMap data. Where next for SEE-GEO?

Download ppt "SEcurE access to GEOspatial services OGC-OGF Collaboration workshop Open Grid Forum 21 (OGF21) October, 2007 Chris Higgins (EDINA, University of Edinburgh)"

Similar presentations

Tom Sugden EPCC OGSA-DAI Future Directions OGSA-DAI User's Forum GridWorld 2006, Washington DC 14 September 2006.

Tom Sugden EPCC OGSA-DAI Future Directions OGSA-DAI User's Forum GridWorld 2006, Washington DC 14 September 2006.
SEcurE access to GEOspatial services OGC-OGF Collaboration workshop Open Grid Forum 22 (OGF22) February, 2007 Chris Higgins (EDINA, University of Edinburgh)

SEcurE access to GEOspatial services OGC-OGF Collaboration workshop Open Grid Forum 22 (OGF22) February, 2007 Chris Higgins (EDINA, University of Edinburgh)
Christopher Kunz | OGF28 | March 16th, 2010 GDI-Grid: The State of Affairs.

Christopher Kunz | OGF28 | March 16th, 2010 GDI-Grid: The State of Affairs.
Current status of grids: the need for standards Mike Mineter TOE-NeSC, Edinburgh.

Current status of grids: the need for standards Mike Mineter TOE-NeSC, Edinburgh.
Spatial Data e-Infrastructure UK e-Science ALL HANDS MEETING 2008 8-11 September, Edinburgh, UK Higgins, C., Koutroumpas, M., Sinnott, R.O., Watt, J.,

Spatial Data e-Infrastructure UK e-Science ALL HANDS MEETING September, Edinburgh, UK Higgins, C., Koutroumpas, M., Sinnott, R.O., Watt, J.,
Semantically-Assisted Geospatial Workflow Design Gobe Hobona, David Fairbairn, Philip James ACM GIS – 8 th November 2007 - Seattle.

Semantically-Assisted Geospatial Workflow Design Gobe Hobona, David Fairbairn, Philip James ACM GIS – 8 th November Seattle.
Where next…. Stakeholder workshop, 29 Jan 2003. To the end of the project.

Where next…. Stakeholder workshop, 29 Jan To the end of the project.
Geographic Interoperability Office ISO 19119 and OGC Geographic Information Service Architecture George Percivall NASA Geographic.

Geographic Interoperability Office ISO and OGC Geographic Information Service Architecture George Percivall NASA Geographic.
An Overview of OGSA-DAI Kostas Tourlas

An Overview of OGSA-DAI Kostas Tourlas
Data Management: Metadata, Repositories and Curation Tony Mathys, Anne Robertson Eddie Boyle, Guy McGarva GeoForum, 4 th November, York.

Data Management: Metadata, Repositories and Curation Tony Mathys, Anne Robertson Eddie Boyle, Guy McGarva GeoForum, 4 th November, York.
Contrail and Federated Identity Management

Contrail and Federated Identity Management
Copyright Information Here Junaid Arshad 1, Wei Jie 2, Andy Turner 1 University of Leeds 1, University of Manchester 2, UK Securing.

Copyright Information Here Junaid Arshad 1, Wei Jie 2, Andy Turner 1 University of Leeds 1, University of Manchester 2, UK Securing.
Secure access to spatial data for academia – the UK experience Workshop, Authentication, Authorization and Accounting for Data and Services in EU Public.

Secure access to spatial data for academia – the UK experience Workshop, Authentication, Authorization and Accounting for Data and Services in EU Public.
Geospatial Standards – Experiences for the UK Academic Community Workshop on Grid Middleware and Geospatial Standards for Earth System Science Data, National.

Geospatial Standards – Experiences for the UK Academic Community Workshop on Grid Middleware and Geospatial Standards for Earth System Science Data, National.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
T-110.5140 Network Application Frameworks and XML Service Federation 30.04.2007 Sasu Tarkoma.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
Latest techniques and Applications in Interprocess Communication and Coordination Xiaoou Zhang.

Latest techniques and Applications in Interprocess Communication and Coordination Xiaoou Zhang.
SEE-GEO Meeting 20 th March 2008 NCeSS e-Infrastructure for the Social Sciences Project: Security and Geospatial Services Andy Turner

SEE-GEO Meeting 20 th March 2008 NCeSS e-Infrastructure for the Social Sciences Project: Security and Geospatial Services Andy Turner
NextGRID & OGSA Data Architectures: Example Scenarios Stephen Davey, NeSC, UK ISSGC06 Summer School, Ischia, Italy 12 th July 2006.

NextGRID & OGSA Data Architectures: Example Scenarios Stephen Davey, NeSC, UK ISSGC06 Summer School, Ischia, Italy 12 th July 2006.
Joint Information Systems Committee Supporting Higher and Further Education Development of an Information Environment for UK Learning and Teaching NOF-Digitise.

Joint Information Systems Committee Supporting Higher and Further Education Development of an Information Environment for UK Learning and Teaching NOF-Digitise.

Similar presentations

Ads by Google