Download presentation
Presentation is loading. Please wait.
1
Antje Hünerkoch (con terra)
Management of Users and Access Constraints in Spatial Data Infrastructures Antje Hünerkoch (con terra)
2
con terra Founded in 1993 Spin-off of the University of Muenster, Institute of Geoinformatics Company of the ESRI group since 2006 85 employees Main expertise: Design and implementation of GIS-based solutions Enterprise GIS, spatial data infrastructures, metadata, Web2.0, Spatial ETL
3
Open Source Initiative 52°North
Principal Cooperation Partners Institute of Geoinformatics (University of Münster, Germany) con terra GmbH (Münster, Germany) ITC (Enschede, Netherlands) ESRI Inc. (Redlands, USA) 52°North Communities Security & GeoRM Sensor Web Geoprocessing Integrated Land and Water Information System (ILWIS) Semantics Metadata Management ILWIS - Remote Sensing and GIS software Integrated Land and Water Information System (ILWIS) Text
4
Why control access in SDIs?
Not every resource should be used by anyone Sensitive or private content may need to be restricted to certain users Protection of Intellectual Property Rights, GeoDRM Establishment of a legal frame for usage (e.g. agreement to terms-of-use) Payment for service usage Gather knowledge about who is using your resources For some content access control is necessary in order to get published SDI‘s are all about sharing – why control and constrain access?
5
How to control access in SDIs?
Access control should not interfere with interoperability „Embedding without touching“ Use a proxy pattern to tunnel service usage sdi.suite securityManager with Open Source based core (52°north security modules: Web Authentication Service und Web Security Service) Authentication through: HTTP Basic Authentication for use in standard clients SAML for integration scenarios
6
How does this work? Proxy acts as a “Gatekeeper”
Policy Enforcement Point (Web Security Service) Proxy handles Enforcement of policies to requests/responses Different types of conditions to check Different types of obligations to perform (filtering, draw copyright,…) Service Client GetMap (boundaries, roads, soil pollution) Proxy (“Gatekeeper”) Service Client GetMap (boundaries, roads, soil pollution) Filter out layer „soil pollution“ roads)
7
Example: add Copyright-Text to WMS
Project: (internal Geoportal of the European Commission) In search results users will have options to view service only if they have sufficient rights to view the service
8
Thank you for your attention!
Gesellschaft für Angewandte Informationstechnologie mbH Martin-Luther-King-Weg 24 48155 Münster, Germany Tel: Fax: a.. h conterra.de Antje Hünerkoch Project Manager
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.