Databases Reference
In-Depth Information
cess a feature type ”roads” within the area specified in the polygon specified
in the condition.
<Rule Effect="Permit" RuleId="rule-2.2">
<Description>Field-Engineer can request features of type
'tiger:tiger_roads' </Description>
<Target>
<Subjects>
<Subject>
<SubjectMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">
Field-Engineer</AttributeValue>
<SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:
subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string"
SubjectCategory="urn:oasis:names:tc:xacml:1.0:
subject-category:access-subject" /> </SubjectMatch>
</Subject>
</Subjects>
<Resources> <Resource>
<ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:
integer-less-than">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">
0</AttributeValue>
<AttributeSelector DataType="http://www.w3.org/2001/XMLSchema#integer"
RequestContextPath="count(//wfs:Query[@typeName='tiger:tiger_roads'])"/>
</ResourceMatch>
</Resource> </Resources>
<Actions>
<Action>
<ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">GetFeature
</AttributeValue>
<ActionAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:
action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string"/>
</ActionMatch>
</Action>
</Actions>
</Target>
<Condition FunctionId="urn:oasis:names:tc:xacml:1.0:function:all-of">
<Function FunctionId="http://www.geoxacml.org/1.0/function#within"/>
<AttributeValue DataType="http://www.opengis.net/gml#polygon">
<gml:Polygon xmlns:gml="http://www.opengis.net/gml" gid="P2" srsName="EPSG:4326">
<gml:exterior> <gml:LinearRing>
<gml:posList dimension=2>-74.28798767828596,40.72400955310945 -74.12552621736093,
40.722605998371435 -74.12552621736093,40.614883172228936 -74.28939123302396,
40.61558494959794 -74.28798767828596,40.72400955310945 -74.28798767828596,
40.72400955310945 -74.28798767828596,40.72400955310945</gml:posList>
</gml:LinearRing> </gml:exterior>
</gml:Polygon>
</AttributeValue>
<AttributeSelector DataType="http://www.opengis.net/gml#box"
MustBePresent="false" RequestContextPath="//ogc:BBOX/gml:Box"/>
</Condition>
</Rule>
Geospatial Semantic Web Services Access Control
In [1], secure access to geospatial resources by clients or other Web services in
the context of dynamic composition is proposed using the Geospatial Seman-
tic Web Services that facilitates reasoning on security enforcement engines. In
contrast to the XML-based standards and first-order logic-based access con-
trols, it defines the axioms in OWL DL (Web Ontology Language-Description
Previous Page
Next Page
Database Security: Applications and Trends
Search WWH ::




Custom Search
Home