More Web Proxy on the site http://driver.im/

research-article

Rule-based policy enforcement point for map services

Authors:

Alban Gabillon,

Patrick CapolsiniAuthors Info & Claims

SPRINGL '10: Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS

Pages 12 - 17

https://doi.org/10.1145/1868470.1868475

Published: 02 November 2010 Publication History

Abstract

In the framework of a map service which creates and displays maps of information coming from multiple heterogeneous sources, implementing a prohibition can be done in several ways. A sensitive object can be erased from the returned map, or masked, or blurred or even replaced by another object. In this paper we suggest a framework to specify protection mechanisms to enforce whenever a prohibition is derived from the security policy. This framework includes (i) logical rules allowing us to derive protection mechanisms from prohibitions, and (ii) an algorithm which builds the map to display.

References

[1]

Bertino, E., et al. GEO-RBAC: A spatially Aware RBAC. in ACM Symposium on Access Control Models and Technologies (SACMAT'05). 2005. Stockholm, Sweeden. p. 29--37

Digital Library

[2]

Atluri, V. and S. A. Chun, A geotemporal role-based authorization system. International Journal of Information and Computer Security, 2007. 1(1/2): p. 143--168.

Digital Library

[3]

Gabillon, A. and P. Capolsini. Dynamic Security rules for Geo Data. in International workshop on Autonomous and Spontaneous Security (SETOP'09). 2009. St Malo, France: LNCS 5939 - Springer-Verlag.p. 136--152

Digital Library

[4]

Capolsini, P. and A. Gabillon. Security policies for the Visualization of Geo Data. in ACM SIGSPATIAL GIS 2009 International Workshop on Security and Privacy in GIS and LBS (SPRINGL'09). 2009. Seattle, WA, USA: Association for Computing Machinery. p. 02--11

Digital Library

[5]

Weinberger, S., Why is Google Earth Hiding Dick Cheney's House?, in http://www.wired.com. 2008.

[6]

El-Kalam, A., et al. Organization Based Access Control. in 4th IEEE International Workshop on Policies for Distributed Systems and Networks (Policy'03). 2003. Como, Italy: IEEE. p.

Digital Library

[7]

Yuan, E. and J. Tong. Attributed Based Access Control (ABAC) for Web Services. in Proceedings of the IEEE International Conference on Web Services (ICWS'05). 2005. Orlando, Florida - USA. p.

Digital Library

[8]

Janée, G., J. Frew, and L. L. Hill, Issues in Georeferenced Digital Libraries, in D-Lib Magazine. 2004.

[9]

Rigaux, P., M. Scholl, and A. Voisard, Spatial Databases with application to GIS. 2002: Elsevier. 410.

[10]

Herring, J. R., OpenGIS(R) Implementation Specification for Geographic information - Simple feature access - Part 1: Common architecture. Open Geospatial Consortium Inc., 2006. OGC(R) 06-103r3.

[11]

Chun, S. A. and V. Atluri. Protecting privacy from continuous high-resolution satellite surveillance. in In Proceedings of the 14th IFIP 11.3 Annual Working Conference on Database Security. 2000. Schoorl, The Netherlands. p. 233--244

Digital Library

[12]

Atluri, V. and P. Mazzoleni. A uniform indexing scheme for geo-spatial data and authorizations. in In Proceedings of the 16th IFIP WG 11.3 Conference on Data and Application Security. 2002.p.

[13]

Atluri, V. and S. A. Chun, An authorization Model for Geospatial Data. IEEE Transactions on Dependable and Secure Computing, 2004. 1(4): p. 238--254.

Digital Library

[14]

Damiani, M. L., et al., GEO-RBAC: A spatially Aware RBAC. ACM Transactions on Information Systems and Security, 2006. 00(00): p. 1--34.

Digital Library

[15]

OGC. Open Geospatial Consortium Inc. - About Us. 2008 {cited; Available from: http://www.opengeospatial.org/about.

[16]

Volwes, G., Geospatial Digital Rights Management Reference Model (GeoDRM RM). Open Geospatial Consortium Inc., 2006. OGC(R) 06-004r3.

[17]

Matheus, A. and J. Herrmann, Geospatial eXtensible Access Control Markup Language (GeoXACML). Open Geospatial Consortium Inc., 2008. OGC(R)07-026r2.

[18]

OASIS. eXtensible Access Control Markup Language (XACML) Version 2.0. 2005 {cited; Available from: http://www.oasis-open.org.

[19]

Chun, S. A. and V. Atluri, Geospatial Database Security, in Handbook of Database Security Applications and Trends, M. Gertz and S. Jajodia, Editors. 2008, Springer US. p. 247--266.

[20]

Purevjii, B.-O., et al. An access control model for geographic data in an XML-based framework. in 2nd International workshop on Security in Information Systems (WOSIS'04). 2004. Porto, Portugal. p. 251--260

[21]

W3C. Scalable Vector Graphics (SVG) 1.1 (Second Edition). 2010 {cited; W3C:{Available from: http://www.w3.org/Graphics/SVG/.

[22]

Sasaoka, L. K. and C. B. Medeiros, Access Control in Geographic Databases Advances in Conceptual Modeling - Theory and Practice (Lecture Notes in Computer Science), 2006. 4231/2006: p. 110--119.

Digital Library

[23]

Matheus, A. Declaration and enforcement of fine-grained access restrictions for a service-based geospatial data infrastructure. in 10th ACM Symposium on Access Control Models and Technologies (SACMAT'05). 2005. Stockholm, Sweden. p. 21--28

Digital Library

[24]

Portele, C., OpenGIS(R) Geography Markup Language (GML) Encoding Standard. Open Geospatial Consortium Inc., 2007. OGC(R) 07-036.

Cited By

Bouna BChbeir RGabillon ACapolsini P(2012)A Fine-Grained Image Access Control ModelProceedings of the 2012 Eighth International Conference on Signal Image Technology and Internet Based Systems10.1109/SITIS.2012.92(603-612)Online publication date: 25-Nov-2012
https://dl.acm.org/doi/10.1109/SITIS.2012.92
Gabillon ACapolsini P(2012)Enforcing protection mechanisms for geographic dataProceedings of the 11th international conference on Web and Wireless Geographical Information Systems10.1007/978-3-642-29247-7_14(185-202)Online publication date: 12-Apr-2012
https://dl.acm.org/doi/10.1007/978-3-642-29247-7_14
Gabillon ACapolsini PChbeir RAl Bouna B(2011)Protection of geographic dataProceedings of the First International Workshop on Security and Privacy Preserving in e-Societies10.1145/2107581.2107588(40-41)Online publication date: 9-Jun-2011
https://dl.acm.org/doi/10.1145/2107581.2107588

Index Terms

Rule-based policy enforcement point for map services
1. Social and professional topics
  1. Professional topics
    1. Management of computing and information systems

Recommendations

Security mechanisms for geographic data
MEDES '10: Proceedings of the International Conference on Management of Emergent Digital EcoSystems

In the framework of a map service which creates and displays maps of information coming from multiple heterogeneous sources, implementing a prohibition can be done in several ways. A sensitive object can be erased from the returned map, or masked, or ...
An Adaptive XACMLv3 Policy Enforcement Point
COMPSACW '14: Proceedings of the 2014 IEEE 38th International Computer Software and Applications Conference Workshops

Policies are rules that govern the choices in behavior of a system. Policy based management aims at supporting dynamic adaptability of behavior by changing policy without recoding or stopping the system. The common accepted architecture of such systems ...
Enforcing protection mechanisms for geographic data
W2GIS'12: Proceedings of the 11th international conference on Web and Wireless Geographical Information Systems

In the framework of a geographic application displaying maps, there are several solutions for protecting a sensitive object. Sensitive objects can be hidden, masked, blurred or even replaced by fake objects. In this paper we suggest a framework to ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SPRINGL '10: Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS

November 2010

76 pages

ISBN:9781450304351

DOI:10.1145/1868470

General Chair:
Elisa Bertino
Purdue University
,
Program Chairs:
Maria Luisa Damiani
University of Milan, Italy
,
Yücel Saygin
Sabanci University, Turkey

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSPATIAL: ACM Special Interest Group on Spatial Information

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 November 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Agence Nationale de la Recherche

Conference

GIS '10

Sponsor:

SIGSPATIAL

GIS '10: 18th SIGSPATIAL International Conference on Advances in Geographic Information Systems

November 2, 2010

California, San Jose

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
106
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Bouna BChbeir RGabillon ACapolsini P(2012)A Fine-Grained Image Access Control ModelProceedings of the 2012 Eighth International Conference on Signal Image Technology and Internet Based Systems10.1109/SITIS.2012.92(603-612)Online publication date: 25-Nov-2012
https://dl.acm.org/doi/10.1109/SITIS.2012.92
Gabillon ACapolsini P(2012)Enforcing protection mechanisms for geographic dataProceedings of the 11th international conference on Web and Wireless Geographical Information Systems10.1007/978-3-642-29247-7_14(185-202)Online publication date: 12-Apr-2012
https://dl.acm.org/doi/10.1007/978-3-642-29247-7_14
Gabillon ACapolsini PChbeir RAl Bouna B(2011)Protection of geographic dataProceedings of the First International Workshop on Security and Privacy Preserving in e-Societies10.1145/2107581.2107588(40-41)Online publication date: 9-Jun-2011
https://dl.acm.org/doi/10.1145/2107581.2107588

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents