Abstract
This chapter gives a brief introduction to relevant security requirements and how they can be implemented based on standards. It is not the intention to provide individual solutions, as an adequate solution typically depends on many more factors than can be taken under consideration in this chapter. Instead, we like to see this as a starting point from where the reader can follow references to applicable standards for further reading.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Abbreviations
- ECP:
-
Enhanced Client or Proxy
- GIS:
-
Geographic Information System
- GML3:
-
Geography Markup Language version 3
- GeoXACML:
-
Geospatial eXtensible Access Control Markup Language
- HTML:
-
Hypertext Markup Language
- HTTP:
-
Hypertext Transfer Protocol
- HTTPS:
-
Hypertext Transfer Protocol Secure
- IEC:
-
International Electrotechnical Commission
- IETF:
-
Internet Engineering Task Force
- IP:
-
Interoperability Program
- IPSec:
-
Internet Protocol Security
- ISO:
-
International Organization for Standardization
- IT:
-
information technology
- LDAP:
-
Lightweight Directory Access Protocol
- OASIS:
-
Organization for the Advancement of Structured Information Standards
- ODRL:
-
Open Digital Rights Language
- OGC:
-
Open Geospatial Consortium
- OMA:
-
Outlook Mobile Access
- OSI:
-
Open Systems Interconnection
- PAOS:
-
reverse SOAP
- PAP:
-
policy administration point
- PDP:
-
policy decision point
- PEP:
-
policy enforcement point
- PIP:
-
policy information point
- RBAC:
-
role-based access control
- RFC:
-
Request for Comment
- SAML:
-
Security Assertion Markup Language
- SOA:
-
Service Oriented Architecture
- SOAP:
-
Simple Object Access Protocol
- SSO:
-
Single-Sign-On
- STS:
-
secure token service
- TLS:
-
terrestrial laser scanning
- URL:
-
Uniform Resource Locator
- W3C:
-
World Wide Web Consortium
- WS:
-
web services
- WSDL:
-
Web Services Description Language
- XACML:
-
Extensible Access Control Markup Language
- XML:
-
Extensible Markup Language
References
OASIS: Reference Model for Service Oriented Architecture 1.0, OASIS Standard (2006) http://docs.oasis-open.org/soa-rm/v1.0/soa-rm.pdf
United States Government Department of the Defense: Trusted Computer System Evaluation Criteria (1985)
ISO/IEC 10181-1:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Overview http://www.iso.
ISO/IEC 10181-2:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Authentication framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=18198
ISO/IEC 10181-3:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Access control framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=18199
ISO/IEC 10181-4:1996 Information technology – Open Systems Interconnection – Security frameworks for open systems: Non-repudiation framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=23615
ISO/IEC 10181-5:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Confidentiality framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=24329
ISO/IEC 10181-6:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Integrity framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=24330
ISO/IEC 10181-7:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Security audit and alarms framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=18200
ISO 7498-2:1989, Information processing systems – Open Systems Interconnection – Basic Reference Model – Part 2: Security Architecture
D.E. Bell, L.J. LaPadula: Secure Computer Systems: Unified Exposition and Multics Interpretation, MTR-2997 Rev. 1 (MITRE Corp., Bedford 1976)
K.J. Biba: Integrity Considerations for Secure Computer Systems, MTR-3153 (MITRE Corp., Bedford 1977)
IETF RFC 1457: Security Label Framework for the Internet (1993) http://tools.ietf.org/pdf/rfc1457
IETF RFC 3552: Guidelines for Writing RFC Text on Security Considerations (2003) http://tools.ietf.org/pdf/rfc3552
ITU-T: X.200: Information technology – Open Systems Interconnection – Basic Reference Model: The basic model (1994) http://www.itu.int/rec/dologin_
IPSec: IP Security – IETF RFC 4301 (2005) (soboletes RFC 2401 from 1998) http://tools.ietf.org/html/rfc4301
HTTP: IETF RFC 2616 (1999) http://tools.ietf.org/html/rfc2616
SOAP: Simple Object Access Protocol (SOAP), W3C Recommendation, 2nd edn. (2007) http://www.w3.org/TR/soap/
XML Digital Signature: XML-Signature Syntax and Processing – W3C Recommendation (2002) http://www.w3.org/TR/xmldsig-core/
XML Encryption: XML Encryption Syntax and Processing – W3C Recommendation (2002) http://www.w3.org/TR/xmlenc-core/
Web Services Security: SOAP Message Security 1.1 (WS-Security 2004) – OASIS Standard Specification (2006) http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf
WSDL: Web Services Description Language (WSDL) 1.1, W3C Note (2001) http://www.w3.org/TR/wsdl
WS-Policy: Web Services Policy 1.5 – Framework, W3C Recommendation (2007) http://www.w3.org/TR/2007/REC-ws-policy-20070904/
WS-SecurityPolicy: WS-SecurityPolicy 1.2, OASIS Standard (2007) http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf
XACML: eXtensible Access Control Markup Language (XACML) Version 2.0, OASIS Standard (2005) http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf
XACML RBAC Profile: Core and hierarchical role based access control (RBAC) profile of XACML v2.0, OASIS Standard (2005) http://docs.oasis-open.org/
XACML SAML Profile: SAML 2.0 profile of XACML v2.0, OASIS Standard (2005) http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-saml-profile-spec-os.pdf
GeoXACML: Geospatial eXtensible Access Control Markup Language (GeoXACML) v1.0, Open Geospatial Consortium, Inc. (2008) http://portal.opengeospatial.org/files/?artifact_id=25218
GeoXACML Extension A: Geospatial eXtensible Access Control Markup Language (GeoXACML) Extension A – GML2 Encoding Version 1.0, http://portal.opengeospatial.org/files/?artifact_id=25219
GeoXACML Extension B: Geospatial eXtensible Access Control Markup Language (GeoXACML) Extension B – GML3 Encoding Version 1.0, http://portal.opengeospatial.org/files/?artifact_id=25220
REL: Information technology – Multimedia framework (MPEG-21) – Part 5: Rights Expression Language, ISO/IEC 21000-5:2004, http://www.iso.org/
ODRL: Open Digital Rights Language (ODRL) Version 1.1, W3C Note (2002) http://www.w3.org/TR/odrl/
XrML: XrML - eXtensible rights Markup Language, ContentGuard, http://www.xrml.org/
X.509/PKI: IETF, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile (2008) http://tools.ietf.org/html/rfc5280
SAML: Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard (2005) http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
SAML-Bindings: Bindings for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard (2005) http://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf
SAML-Profiles: Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard (2005) http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf
Kerberos: The Kerberos Network Authentication Service (V5) – IETF RFC 4120 (2005) obsoletes 1510 (1993) http://tools.ietf.org/html/rfc4120
LDAP: Lightweight Directory Access Protocol (LDAP): The Protocol – IETF RFC 4511 (2006) http://tools.ietf.org/html/rfc4511
IETF: The X.500 String Representation of Standard Attribute Syntaxes: IETF RFC (1993) http://tools.ietf.org/html/rfc1488
WS-Trust: WS-Trust 1.3, OASIS Standard (2007) http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.pdf
D.F. Ferraiolo, D.R. Kuhn: Role-based access control, 15th Natl. Comput. Secur. Conf. (1992) pp. 554–563, http://csrc.nist.gov/groups/SNS/rbac/documents/ferraiolo-kuhn-92.pdf
OGC: OpenGIS Implementation Specification for Geographic information – Simple feature access – Part 1: Common architecture (2006) http://portal.opengeospatial.org/files/?artifact_id=18241
OGC: OpenGIS Geography Markup Language (GML) Implementation Specification, version 2.1.2, http://portal.opengeospatial.org/files/?artifact_id=11339
OGC: OpenGIS Geography Markup Language (GML) Encoding Standard, version 3.2.1, http://portal.opengeospatial.org/files/?artifact_id=20509
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag
About this chapter
Cite this chapter
Matheus, A. (2011). Security for Open Distributed Geospatial Information Systems. In: Kresse, W., Danko, D. (eds) Springer Handbook of Geographic Information. Springer Handbooks. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72680-7_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-72680-7_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72678-4
Online ISBN: 978-3-540-72680-7
eBook Packages: Earth and Environmental ScienceEarth and Environmental Science (R0)