Abstract
In the framework of a geographic application displaying maps, there are several solutions for protecting a sensitive object. Sensitive objects can be hidden, masked, blurred or even replaced by fake objects. In this paper we suggest a framework to specify protection mechanisms to enforce whenever a prohibition is derived from the security policy. This framework includes (i) logical rules allowing us to derive protection mechanisms from prohibitions, and (ii) an algorithm which builds the map to display, according to the derived protection mechanisms.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
WikiPedia. Satellite map images with missing or unclear data (2011), http://en.wikipedia.org/wiki/Satellite_map_images_with_missing_or_unclear_data
Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: GEO-RBAC : A spatially Aware RBAC. In: ACM Symposium on Access Control Models and Technologies (SACMAT 2005), Stockholm, Sweeden, pp. 29–37 (2005)
Atluri, V., Chun, S.A.: A geotemporal role-based authorization system. International Journal of Information and Computer Security 1, 143–168 (2007)
Gabillon, A., Capolsini, P.: Dynamic Security Rules for Geo Data. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., Roudier, Y. (eds.) DPM 2009. LNCS, vol. 5939, pp. 136–152. Springer, Heidelberg (2010)
Capolsini, P., Gabillon, A.: Security policies for the Visualization of Geo Data. In: ACM SIGSPATIAL GIS 2009 International Workshop on Security and Privacy in GIS and LBS (SPRINGL 2009), pp. 2–11. ACM, Seattle (2009)
Gabillon, A., Capolsini, P.: Rule-based Policy Enforcement Point for Map Services. In: ACM SIGSPATIAL GIS 2010 International Workshop on Security and Privacy in GIS and LBS (SPRINGL 2010), pp. 12–17. ACM, San Jose (2010)
Lupp, M.: Styled Layer Descriptor profile of the Web Map Service Implementation Specification. Open Geospatial Consortium Inc. OGC(R) 05-078r4 (2007)
Beaujardiere, J.d.l.: OpenGIS(R) Web Map Server Implementation Specification. Open Geospatial Consortium Inc. OGC(R) 06-042 (2006)
El-Kalam, A., El-Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miège, A., Saurel, C., Trouessin, G.: Organization Based Access Control. In: 4th IEEE International Workshop on Policies for Distributed Systems and Networks (Policy 2003). IEEE, Como (2003)
Yuan, E., Tong, J.: Attributed Based Access Control (ABAC) for Web Services. In: Proceedings of the IEEE International Conference on Web Services (ICWS 2005), Orlando, Florida - USA (2005)
Janée, G., Frew, J., Hill, L.L.: Issues in Geo-referenced Digital Libraries. D-Lib Magazine 10 (2004)
Rigaux, P., Scholl, M., Voisard, A.: Spatial Databases with application to GIS. Elsevier (2002)
Herring, J.R.: OpenGIS(R) Implementation Specification for Geographic information - Simple feature access - Part 1 : Common architecture. Open Geospatial Consortium Inc. OGC(R) 06-103r3 (2006)
[OGC2008] OGC. Open Geospatial Consortium Inc. - About Us (2008), http://www.opengeospatial.org/about
Chun, S.A., Atluri, V.: Protecting privacy from continuous high-resolution satellite surveillance. In: Proceedings of the 14th IFIP 11.3 Annual Working Conference on Database Security, Schoorl, The Netherlands, pp. 233–244 (2000)
Atluri, V., Mazzoleni, P.: A uniform indexing scheme for geo-spatial data and authorizations. In: Proceedings of the 16th IFIP WG 11.3 Conference on Data and Application Security (2002)
Atluri, V., Chun, S.A.: An authorization Model for Geospatial Data. IEEE Transactions on Dependable and Secure Computing 1, 238–254 (2004)
Damiani, M.L., Bertino, E., Catania, B., Perlasca, P.: GEO-RBAC: A spatially Aware RBAC. ACM Transactions on Information Systems and Security, 1–34 (2006)
Volwes, G.: Geospatial Digital Rights Management Reference Model (GeoDRM RM). Open Geospatial Consortium Inc. OGC(R) 06-004r3 (2006)
Matheus, A., Herrmann, J.: Geospatial eXtensible Access Control Markup Language (GeoXACML). Open Geospatial Consortium Inc. OGC(R) 07-026r2 (2008)
[XACML22005] OASIS. eXtensible Access Control Markup Language (XACML) Version 2.0 (2005), http://www.oasis-open.org
Chun, S.A., Atluri, V.: Geospatial Database Security. In: Gertz, M., Jajodia, S. (eds.) Handbook of Database Security Applications and Trends, pp. 247–266. Springer US (2008)
Purevjii, B.-O., Amagasa, T., Imai, S., Kanamori, Y.: An access control model for geographic data in an XML-based framework. In: 2nd International Workshop on Security in Information Systems (WOSIS 2004), Porto, Portugal, pp. 251–260 (2004)
[SVG2010] W3C. Scalable Vector Graphics (SVG) 1.1, 2nd edn. (2010), http://www.w3.org/Graphics/SVG/
Sasaoka, L.K., Medeiros, C.B.: Access Control in Geographic Databases. In: Roddick, J., Benjamins, V.R., Si-said Cherfi, S., Chiang, R., Claramunt, C., Elmasri, R.A., Grandi, F., Han, H., Hepp, M., Lytras, M.D., Mišić, V.B., Poels, G., Song, I.-Y., Trujillo, J., Vangenot, C. (eds.) ER Workshops 2006. LNCS, vol. 4231, pp. 110–119. Springer, Heidelberg (2006)
Matheus, A.: Declaration and enforcement of fine-grained access restrictions for a service-based geospatial data infrastructure. In: 10th ACM Symposium on Access Control Models and Technologies (SACMAT 2005), Stockholm, Sweden, pp. 21–28 (2005)
Portele, C.: OpenGIS(R) Geography Markup Language (GML) Encoding Standard. Open Geospatial Consortium Inc. OGC(R) 07-036 (2007)
al Bouna, B., Chbeir, R., Gabillon, A.: The Image Protector - A Flexible Security Rule Specification Toolkit. In: SECRYPT 2011: Proceedings of the International Conference on Security and Cryptography, Seville, Spain, July 18-21, pp. 345–350 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gabillon, A., Capolsini, P. (2012). Enforcing Protection Mechanisms for Geographic Data. In: Di Martino, S., Peron, A., Tezuka, T. (eds) Web and Wireless Geographical Information Systems. W2GIS 2012. Lecture Notes in Computer Science, vol 7236. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29247-7_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-29247-7_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29246-0
Online ISBN: 978-3-642-29247-7
eBook Packages: Computer ScienceComputer Science (R0)