Skip to main content
SpringerLink
Log in

Security for Open Distributed Geospatial Information Systems

  • Chapter
Springer Handbook of Geographic Information

Part of the book series: Springer Handbooks ((SHB))

  • 9680 Accesses

Abstract

This chapter gives a brief introduction to relevant security requirements and how they can be implemented based on standards. It is not the intention to provide individual solutions, as an adequate solution typically depends on many more factors than can be taken under consideration in this chapter. Instead, we like to see this as a starting point from where the reader can follow references to applicable standards for further reading.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 269.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 349.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Abbreviations

ECP:

Enhanced Client or Proxy

GIS:

Geographic Information System

GML3:

Geography Markup Language version 3

GeoXACML:

Geospatial eXtensible Access Control Markup Language

HTML:

Hypertext Markup Language

HTTP:

Hypertext Transfer Protocol

HTTPS:

Hypertext Transfer Protocol Secure

IEC:

International Electrotechnical Commission

IETF:

Internet Engineering Task Force

IP:

Interoperability Program

IPSec:

Internet Protocol Security

ISO:

International Organization for Standardization

IT:

information technology

LDAP:

Lightweight Directory Access Protocol

OASIS:

Organization for the Advancement of Structured Information Standards

ODRL:

Open Digital Rights Language

OGC:

Open Geospatial Consortium

OMA:

Outlook Mobile Access

OSI:

Open Systems Interconnection

PAOS:

reverse SOAP

PAP:

policy administration point

PDP:

policy decision point

PEP:

policy enforcement point

PIP:

policy information point

RBAC:

role-based access control

RFC:

Request for Comment

SAML:

Security Assertion Markup Language

SOA:

Service Oriented Architecture

SOAP:

Simple Object Access Protocol

SSO:

Single-Sign-On

STS:

secure token service

TLS:

terrestrial laser scanning

URL:

Uniform Resource Locator

W3C:

World Wide Web Consortium

WS:

web services

WSDL:

Web Services Description Language

XACML:

Extensible Access Control Markup Language

XML:

Extensible Markup Language

References

  1. OASIS: Reference Model for Service Oriented Architecture 1.0, OASIS Standard (2006) http://docs.oasis-open.org/soa-rm/v1.0/soa-rm.pdf

  2. United States Government Department of the Defense: Trusted Computer System Evaluation Criteria (1985)

    Google Scholar 

  3. ISO/IEC 10181-1:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Overview http://www.iso.

  4. ISO/IEC 10181-2:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Authentication framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=18198

  5. ISO/IEC 10181-3:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Access control framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=18199

  6. ISO/IEC 10181-4:1996 Information technology – Open Systems Interconnection – Security frameworks for open systems: Non-repudiation framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=23615

  7. ISO/IEC 10181-5:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Confidentiality framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=24329

  8. ISO/IEC 10181-6:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Integrity framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=24330

  9. ISO/IEC 10181-7:1996, Information technology – Open Systems Interconnection – Security frameworks for open systems: Security audit and alarms framework http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=18200

  10. ISO 7498-2:1989, Information processing systems – Open Systems Interconnection – Basic Reference Model – Part 2: Security Architecture

    Google Scholar 

  11. D.E. Bell, L.J. LaPadula: Secure Computer Systems: Unified Exposition and Multics Interpretation, MTR-2997 Rev. 1 (MITRE Corp., Bedford 1976)

    Google Scholar 

  12. K.J. Biba: Integrity Considerations for Secure Computer Systems, MTR-3153 (MITRE Corp., Bedford 1977)

    Google Scholar 

  13. IETF RFC 1457: Security Label Framework for the Internet (1993) http://tools.ietf.org/pdf/rfc1457

  14. IETF RFC 3552: Guidelines for Writing RFC Text on Security Considerations (2003) http://tools.ietf.org/pdf/rfc3552

  15. ITU-T: X.200: Information technology – Open Systems Interconnection – Basic Reference Model: The basic model (1994) http://www.itu.int/rec/dologin_

  16. IPSec: IP Security – IETF RFC 4301 (2005) (soboletes RFC 2401 from 1998) http://tools.ietf.org/html/rfc4301

  17. HTTP: IETF RFC 2616 (1999) http://tools.ietf.org/html/rfc2616

  18. SOAP: Simple Object Access Protocol (SOAP), W3C Recommendation, 2nd edn. (2007) http://www.w3.org/TR/soap/

  19. XML Digital Signature: XML-Signature Syntax and Processing – W3C Recommendation (2002) http://www.w3.org/TR/xmldsig-core/

  20. XML Encryption: XML Encryption Syntax and Processing – W3C Recommendation (2002) http://www.w3.org/TR/xmlenc-core/

  21. Web Services Security: SOAP Message Security 1.1 (WS-Security 2004) – OASIS Standard Specification (2006) http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf

  22. WSDL: Web Services Description Language (WSDL) 1.1, W3C Note (2001) http://www.w3.org/TR/wsdl

  23. WS-Policy: Web Services Policy 1.5 – Framework, W3C Recommendation (2007) http://www.w3.org/TR/2007/REC-ws-policy-20070904/

  24. WS-SecurityPolicy: WS-SecurityPolicy 1.2, OASIS Standard (2007) http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf

  25. XACML: eXtensible Access Control Markup Language (XACML) Version 2.0, OASIS Standard (2005) http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf

  26. XACML RBAC Profile: Core and hierarchical role based access control (RBAC) profile of XACML v2.0, OASIS Standard (2005) http://docs.oasis-open.org/

  27. XACML SAML Profile: SAML 2.0 profile of XACML v2.0, OASIS Standard (2005) http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-saml-profile-spec-os.pdf

  28. GeoXACML: Geospatial eXtensible Access Control Markup Language (GeoXACML) v1.0, Open Geospatial Consortium, Inc. (2008) http://portal.opengeospatial.org/files/?artifact_id=25218

  29. GeoXACML Extension A: Geospatial eXtensible Access Control Markup Language (GeoXACML) Extension A – GML2 Encoding Version 1.0, http://portal.opengeospatial.org/files/?artifact_id=25219

  30. GeoXACML Extension B: Geospatial eXtensible Access Control Markup Language (GeoXACML) Extension B – GML3 Encoding Version 1.0, http://portal.opengeospatial.org/files/?artifact_id=25220

  31. REL: Information technology – Multimedia framework (MPEG-21) – Part 5: Rights Expression Language, ISO/IEC 21000-5:2004, http://www.iso.org/

  32. ODRL: Open Digital Rights Language (ODRL) Version 1.1, W3C Note (2002) http://www.w3.org/TR/odrl/

  33. XrML: XrML - eXtensible rights Markup Language, ContentGuard, http://www.xrml.org/

  34. X.509/PKI: IETF, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile (2008) http://tools.ietf.org/html/rfc5280

  35. SAML: Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard (2005) http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf

  36. SAML-Bindings: Bindings for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard (2005) http://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf

  37. SAML-Profiles: Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard (2005) http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf

  38. Kerberos: The Kerberos Network Authentication Service (V5) – IETF RFC 4120 (2005) obsoletes 1510 (1993) http://tools.ietf.org/html/rfc4120

  39. LDAP: Lightweight Directory Access Protocol (LDAP): The Protocol – IETF RFC 4511 (2006) http://tools.ietf.org/html/rfc4511

  40. IETF: The X.500 String Representation of Standard Attribute Syntaxes: IETF RFC (1993) http://tools.ietf.org/html/rfc1488

  41. WS-Trust: WS-Trust 1.3, OASIS Standard (2007) http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.pdf

  42. D.F. Ferraiolo, D.R. Kuhn: Role-based access control, 15th Natl. Comput. Secur. Conf. (1992) pp. 554–563, http://csrc.nist.gov/groups/SNS/rbac/documents/ferraiolo-kuhn-92.pdf

  43. OGC: OpenGIS Implementation Specification for Geographic information – Simple feature access – Part 1: Common architecture (2006) http://portal.opengeospatial.org/files/?artifact_id=18241

  44. OGC: OpenGIS Geography Markup Language (GML) Implementation Specification, version 2.1.2, http://portal.opengeospatial.org/files/?artifact_id=11339

  45. OGC: OpenGIS Geography Markup Language (GML) Encoding Standard, version 3.2.1, http://portal.opengeospatial.org/files/?artifact_id=20509

Download references

Author information

Authors and Affiliations

  1. Institut für Technische Informatik, Universität der Bundeswehr München, Werner-Heisenberg-Weg 39, 85577, Neubiberg, Germany

    Andreas Matheus

Authors
  1. Andreas Matheus
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andreas Matheus .

Editor information

Editors and Affiliations

  1. University of Applied Sciences Neubrandenburg, Brodaer Str. 2, 17033, Neubrandenburg, Germany

    Wolfgang Kresse

  2. Environmental Systems Research Institute, Inc., 8615 Westwood Center Drive, 22182-2214, Vienna, VA, USA

    David M. Danko

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag

About this chapter

Cite this chapter

Matheus, A. (2011). Security for Open Distributed Geospatial Information Systems. In: Kresse, W., Danko, D. (eds) Springer Handbook of Geographic Information. Springer Handbooks. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72680-7_17

Download citation

Publish with us

Policies and ethics

Search

Navigation