® Hosted and Sponsored by Access Management Federation for Spatial Data and Services in Germany 80th OGC Technical Committee Austin, Texas (USA) Jan Grohmann.

Slides:



Advertisements
Similar presentations
Access control for geospatial information objects using/extending the eXtensible Access Control Markup Language Andreas Matheus, Technische Universität.
Advertisements

Shibboleth Access Management Federations as an Organisational Model for SDI C.I.Higgins, M.Koutroumpas, A.Seales, EDINA National Datacentre, Scotland A.Matheus,
GDI.DE Test Federation Demo Slides Andreas Matheus.
Spatial Data Infrastructure: Concepts and Components Geog 458: Map Sources and Errors March 6, 2006.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Secure access to spatial data for academia – the UK experience Workshop, Authentication, Authorization and Accounting for Data and Services in EU Public.
TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
® Practical Approaches to Web Services Authentication 72nd OGC Technical Committee Frascati, Italy Fiona Culloch March 9, 2010 Sponsored and hosted by.
XACML 2.0 and Earlier Hal Lockhart, Oracle. What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Will Darby April  What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative.
Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.
1 Applying ISO/TC 211 standards to the development of standards through Geospatial One-Stop Presented at ISO TC 211 Standards in Action workshop by Julie.
Applied Cryptography Week 13 SAML Applied Cryptography SAML and XACML Mike McCarthy Week 13.
© Julia Wilk (FHÖV NRW) 1 Digital Signatures. © Julia Wilk (FHÖV NRW)2 Structure 1. Introduction 2. Basics 3. Elements of digital signatures 4. Realisation.
XACML Gyanasekaran Radhakrishnan. Raviteja Kadiyam.
1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo
1 Introduction to web mapping Dissemination of results, maps and figures ESTP course on Geographic Information Systems (GIS): Use of GIS for making statistics.
GDI NRW and GEOBASIS.NRW: Common Manifesto for Interoperability Northrhine-Westfalia is building together with its communities, the GIS industry and the.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
NASA NEX & OpenID -- Observations -- Andreas Matheus Secure Dimensions.
Ewa Wysocka Institute of Geodesy and Cartography Poland, Warszawa, ul. Jasna 2/4 NSDI - Poland.
COBWEB, AIP-6 and Access Management Federations Chris Higgins, Project Coordinator, University of Edinburgh. Andreas Matheus, Technical.
Interoperability ERRA System.
Identity Management Report By Jean Carreon and Marlon Gonzales.
Review on development of SDI as a basis of E-government in Croatia Ivan Landek, assistant director State Geodetic Administration of RoC International Workshop.
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Vendors Webinar 2006 IHE IT Infrastructure Education Robert Horn, Agfa Healthcare.
SAML, XACML & the Terrorism Information Sharing Environment “Interoperable Trust Networks” XML Community of Practice February 16, 2005 Martin Smith Program.
DICOM Security Lawrence Tarbox, Ph.D. Chair, WG 14 Mallinckrodt Institute of Radiology Washington University in St. Louis School of Medicine.
U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.
DINI „Electronic Publishing Group“ DINI – Certificate Document and Publication Repositories “Electronic Publishing Group“
An Introduction To Building An Open Standard Web Map Application Joe Daigneau Pennsylvania State University.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
Jürgen Walther Office of the Interministerial Committee for Geo Information (IMAGI) Coordination Office GDI-DE Federal Agency for Cartography and Geodesy.
Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.
1 Infrastructure Solutions Division The Convergence of Architectural and Engineering Design and GIS: Implications for Emergency Response and Urban Planning.
...From Collaboration to Integration... Page: 1 November 2, 2006 Welcome and Introduction James Dyche Systems Manager 5 Technology Park Harrisburg, PA.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
19/10/20151 Semantic WEB Scientific Data Integration Vladimir Serebryakov Computing Centre of the Russian Academy of Science Proposal: SkTech.RC/IT/Madnick.
Serving society Stimulating innovation Supporting legislation Danny Vandenbroucke & Ann Crabbé KU Leuven (SADL) AAA-architecture for.
11 Usage policies for end point access control  XACML is Oasis standard to express enterprise security policies with a common XML based policy language.
Shibboleth: An Introduction
Access Control and Markup Languages Pages 183 – 187 in the CISSP 1.
Technical Break-out group What are the biggest issues form past projects – need for education about standards and technologies to get everyone on the same.
PKI and the U.S. Federal E- Authentication Architecture Peter Alterman, Ph.D. Assistant CIO for e-Authentication National Institutes of Health Internet2.
BEV The NMCA of Austria. 8 June 2006, ViennaBEV - NMCA of Austria EG/PCC G. Schennach Austria 8 Mio sqkm.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #22 Secure Web Information.
Extensible Access Control Framework for Cloud Applications KTH-SEECS Applied Information Security Lab SEECS NUST Implementation Perspective.
Overview of the Geomatics Standardization in China LI LI Head of China Delegation, ISO/TC 211 Secretary-general of National Standardization Technical Committee.
Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.
National Information Communication Technologies Strategy Vasif Khalafov “National strategy” working group - Web -
National Geospatial Enterprise Architecture N S D I National Spatial Data Infrastructure An Architectural Process Overview Presented by Eliot Christian.
Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.
Prof. Jörg Blankenbach Dipl.-Ing. Christian Hickel International Conference “SDI & SIM 2013” FIG-COM3, FIG-TH-PH & Geo-SEE, Skopje, 11/2013 With INSPIRE.
1 ______________________________________ © 2005 punkt. netServices Information Clearing House WS, Conceptual Design Actor’s Catalogue August 23, 2005,
Bavarian Agency for Surveying and Geoinformation AAA - The contribution of the AdV in an increasing European Spatial Data Infrastructure - the German Way.
® Hosted and Sponsored by W3C Provenance Working Group Update 80th OGC Technical Committee Austin, Texas (USA) Carl Reed March 20, 2012 Copyright © 2012.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Prof. Dr. Klaus Kummer Germany President of AdV. 2 Official German Surveying and Mapping Safeguarding ownership and real estate market Services of general.
Unification of Cadastre and Registry
Access Policy - Federation March 23, 2016
Extending Authentication to Members of Social Networks
HMA Identity Management Status
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
ESA Single Sign On (SSO) and Federated Identity Management
Application of Dublin Core and XML/RDF standards in the KIKERES
Presentation transcript:

® Hosted and Sponsored by Access Management Federation for Spatial Data and Services in Germany 80th OGC Technical Committee Austin, Texas (USA) Jan Grohmann (BKG) March 20, 2012

OGC ®  About GDI-DE and BKG  Motivation  Requirements  Realisation  Authorization  Authentication  Acess Management Federation  Use Cases  Outcome Agenda

OGC ® BKG Federal Agency for Cathography and Geodesy Provide geodetic reference data and basic spatial data for the needs of the Federal Government Coordination Office GDI-DE is situated in the BKG as a department of the division Geoinformation About GDI-DE and BKG Coordination Office GDI-DE network consists of experts from Government, Private Sector and Universities Decisions, Orders Proposals, Reports Steering Committee GDI-DE GDI-DE

OGC ® Motivation  …to establish a common infrastructure  Government  Government & Business & Public) 3 governmental levels in Germany: municipalities, 16 federal states and the federal government

OGC ®  Project „Betriebsmodell GDI-DE“ focused on the establishment, development and operation of a spatial data infrastructure in Germany  Work package for using protected data and services Motivation

OGC ® Requirements  Technical / Operational Requirements  Authentication – Who are you?  Authorisation – What are you permitted to do?  consider existing infrastructures  security as an add-on  no central storage of user accounts  combine distributed data and services for use  Standards and Architectures for E-Government-Applications (SAGA 4.0)

OGC ® Requirements (2)  Standards and Architectures for E-Government-Applications  eGovernment applications are using mostly a web browser as a frontend [Ch. 1.5, p. 13]  possible roles for access control defined in table 4-1 [Ch , p.54]  core attributes for identities [Ch , p.66]  Services are stateless [Ch , p.70]  Composition of services [Ch , p.71]  SAML 2.0 is recommended  …

OGC ® Requirements (3)  Organisational Requirements  Who accepts users?  Who grants access rights for data and services?  Who coordinates access rights also between different domains?  Who supervises the working process? ... => Results provided by project „Betriebsmodell GDI-DE“

OGC ® Authorization  Role based access control  Use of open standards  OASIS: eXtensible Access Control Markup Language 2.0  OGC Geospatial XACML (GeoXACML) 1.0  Access rights are  enforced by a service provider,  based on an user‘s attributes

OGC ® Authentication  User accounts are provided by organisations, to which a user belongs  Deliver user attributes to service providers for the purpose of access control  role, organisation  Login always on your home organisation  Use of open standards  OASIS: Security Assertion Markup Language 2.0  IETF: RFC 2818 (HTTPS), RFC 4346 (TLS 1.1), RFC 2617 (HTTP Authentication), RFC 2965 (HTTP State Management Mechanism)  W3C: CORS, XML Digital Signatures, XML Encryption

OGC ® Solution “Access Management Federation” [Source:

OGC ® AMF in the project Betriebsmodell

OGC ® Data and Services of the Federation  Three different providers for data and services

OGC ® Use Case „Extending Infrastructure“  Three Engineering Offices  Munich, Nuremberg, Bavaria  Users have roles  finished, current and planned construction works  Engineering Offices have got fields of activity  50 km around Munich / Nuremberg  within Bavaria

OGC ® Use Case „Qualification of German Ensembles“  Match the geographic extend of an identified site to its actual ground shape  Users of the Bavarian State Office for the Preservation of Historical Monuments  Qualify ensembles via WFS-T  Users of Bavarian SDI  Reading access  Engineering Offices  No access

OGC ® Use Case „Information next to your home“  Citizen can view their required building documentation via electronic Identity Card  Thomas Mustermann: for Munich  Helga Mustermann: for Nuremberg  3D LoD1/LoD2 city models in Google Earth  2D maps with Google Maps and OGC WMS  a required building documentation with OpenLayers, OGC WFS and WMS

OGC ® Outcome  An AMF for spatial data and services can be established like existing AMFs of the academic sector, e.g. DFN-AAI (  Test federation GDI-DE:  Clarify the duties and responsibilities  Operations and Maintenance  Support  OGC White Paper #  Authors: Andreas Matheus (Secure Dimensions), Christian Kiehle, Jan Grohmann (BKG)  on Pending Documents – uploaded before 3 week rule for this meeting

OGC ® Question & Answers Jan Grohmann Coordination Office GDI-DE Federal Agency for Cartography and Geodesy Richard-Strauß-Allee Frankfurt am Main Germany Tel.: +49 (0) Fax: +49 (0) Internet:

OGC ® Use Case „Extending infrastructure“

OGC ® Use Case „Information next to your home“

OGC ® Use Case „Qualification of German Ensembles“

OGC ® Use Case „Qualification of German Ensembles“

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.