Databases Reference
In-Depth Information
This approach is intended to provide the ability to enforce the policy with
semantic reasoning. This semantics-aware security enforcement should be able
to reason and dynamically compose services even though there is no explicit
policy specification. For example, a provider network can provide two geospa-
tial services: movie theater finder Web service and a live trac Web service.
For a premium subscriber requesting for movie theaters in a particular zip
code area, the provider can choose to overlay trac information on the dis-
played map even though it was not explicitly requested or the subscriber is
not an explicit client of the trac service. In addition, the policy on accessing
the location information (or map or building plan) of a Newark City govern-
ment building, and the policy on accessing court buildings can be specified
on the concept level of government building, rather than individually listing
these policy rules separately. Also, the reasoning engine should be able to de-
tect the conflicts among different policies using the concept hierarchies and
relationships.
4 Conclusion and Future Directions
This chapter presents different access control models and approaches for
geospatial data resources, such as GSAM (Geospatio-temporal Authorization
Model) for multi-resolution satellite images, Geo-RBAC for location aware
access to feature and map data, access control for imprecise location-based
services for context aware access and GeoXACML access control approaches
for geospatial Web Services, and Semantics-aware access control for geospa-
tial Semantic Web Services. In addition, it discusses the issues and the current
development in Geospatial Resource Digital Rights Management.
Both GeoXACML and secure Semantic Web Services access control pre-
sented above do not consider the specification of the subject role that is also
spatially referenced, but focus on the specifications of the geospatial resources
and geospatial conditions. An extension of GeoXACML and semantic RDF
version can be made to specify the geospatial roles as presented in the GSAM
and GEO-RBAC models presented in sections 3.1 and 3.2, and the authoriza-
tion engine is needed to verify the spatial roles.
The future approaches should focus on privacy issues that arise due to the
combination of ubiquitous computing devices and location tracking devices,
such as GPS, GPRS, etc. The data generated from these devices, combined
with the geospatial data, give rise to much more serious issues on privacy
infringement, such as the visualization of the locations from different timelines.
The future security research focus should address these location tracking as
well as the activities associated with the locations in the track.
Another direction that the research community should pay attention to
is to verify the policy composability and consistency in the dynamic ad-hoc
geospatial composition that involve multiple coalition organizations. Further-
more, collections of geospatial data from multiple databases within an agency
