Consideration for Information Security Issues in Geospatial Information Services of Local Governments Makoto Hanashima Institute for Areal Studies, Foundation.

Slides:



Advertisements
Similar presentations
Web Security for Network and System Administrators1 Chapter 1 Introduction to Information Security.
Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
Lecture 1: Overview modified from slides of Lawrie Brown.
Security Controls – What Works
Information Security Policies and Standards
Advanced Metering Infrastructure AMI Security Roadmap April 13, 2007.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Applied Cryptography for Network Security
Computer Security: Principles and Practice
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Stephen S. Yau CSE , Fall Security Strategies.
Measuring the effectiveness of government IT systems Current ANAO initiatives to enhance IT Audit integration and support in delivering Audit outcomes.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Web services security I
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.
SEC835 Database and Web application security Information Security Architecture.
Storage Security and Management: Security Framework
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Confidentiality Integrity Accountability Communications Data Hardware Software Next.
Cryptography and Network Security
Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.
X-Road – Estonian Interoperability Platform
INFORMATION SECURITY & RISK MANAGEMENT SZABIST – Spring 2012.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
University of Kaiserslautern Department of Computer Science Integrated Communication Systems ICSY License4Grid: Adopting DRM for Licensed.
Chapter VII Security Management for an E-Enterprise -Ramyah Rammohan.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
IT Strategy for Business © Oxford University Press 2008 All rights reserved Chapter 12 IT Security Strategies.
Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No ) Business Convergence WS#2 Smart Grid Technologies.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Patient Confidentiality and Electronic Medical Records Ann J. Olsen, MBA, MA Information Security Officer and Director, Information Management Planning.
Information Security What is Information Security?
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Security Engineering Assurance & Control Objectives Priyanka Vanjani ASU Id #
S. A. Shonola & M. S. Joy Security Framework for Mobile Learning Environments.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
Introduction to Information Security
CSCE 548 Secure Software Development Security Operations.
Information Security: Model, Process and Outputs Presentation to PRIA WG November 10, 2006.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
Chapter 9 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Chapter 19: Building Systems with Assurance Dr. Wayne Summers Department of Computer Science Columbus State University
Control and Security Frameworks Chapter Three Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc
National Geospatial Enterprise Architecture N S D I National Spatial Data Infrastructure An Architectural Process Overview Presented by Eliot Christian.
Chapter 1: Security Governance Through Principles and Policies
IS3220 Information Technology Infrastructure Security
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
The NIST Special Publications for Security Management By: Waylon Coulter.
Database Security. Introduction to Database Security Issues (1) Threats to databases Loss of integrity Loss of availability Loss of confidentiality To.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.
Introduction for the Implementation of Software Configuration Management I thought I knew it all !
Information Security Policy
Information Security, Theory and Practice.
Design for Security Pepper.
Security Engineering.
Chapter 19: Building Systems with Assurance
IS4680 Security Auditing for Compliance
IS4680 Security Auditing for Compliance
How to Mitigate the Consequences What are the Countermeasures?
HIPAA Compliance Services CTG HealthCare Solutions, Inc.
HIPAA Compliance Services CTG HealthCare Solutions, Inc.
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
ONAP Risk Assessment – Preparation Material - Overview of the Process - Terminology - Assumptions
Presentation transcript:

Consideration for Information Security Issues in Geospatial Information Services of Local Governments Makoto Hanashima Institute for Areal Studies, Foundation (IAS), Tokyo Institute of Information Security (IISEC), Yokohama May 26, 2006

Makoto Hanashima, IISEC 2 Outline of Presentation Background of Research Governmental Guideline for Distribution of Geospatial Data The Framework of Baseline Security for GIS in Local Government Threat Analysis for Geospatial Information Service Outline of Baseline Safeguard for Geospatial Information Service Conclusion

May 26, 2006 Makoto Hanashima, IISEC 3 Introduction GIS is changing its concept and is expanding its capability. Geospatial Information Service “GIS” has been changing to the terminology meaning “Geospatial Information Service”. Geographic Information System + Web Service Technology + Interoperability Interoperability and Web service technology are becoming key technology for GIS. While a user's convenience and the quality of service improve greatly, a possibility that many issues of an information security will occur is also increasing.

May 26, 2006 Makoto Hanashima, IISEC 4 GIS in Japanese Local Governments Recent GIS related action of Japanese government Jan. 1995: Hanshin-Awaji (Kobe) Earthquake Sep. 1995: “GIS relevant-ministries liaison conference” Feb. 2002: “GIS Action Program ” May 2003: “The Guideline for Distribution of Governmental Geographic Information” Jun. 2004: “Q&A for The Guideline” GIS introduced: Prefecture level : 100% City, Town level : 40% based on “The Annual Survey of GIS in Local Government 2004” by NSDIPA (National Spatial Data Infrastructure Promoting Association)

May 26, 2006 Makoto Hanashima, IISEC 5 Governmental Guideline “The Guideline for Distribution of Governmental Geographic Information”, 2003 This guideline is a de facto guideline of the geospatial information service by the public institution in Japan. When a local government considers distribution of geospatial information, this guideline serves as a source of a security policy. The requirements for a security policy which can be read in this guideline are as follows.

May 26, 2006 Makoto Hanashima, IISEC 6 Security Requirements for GIS in Local Government 1.Protection of geospatial information regarding privacy 2.Ensuring of confidentiality of undisclosed geospatial information 3.Ensuring integrity and authenticity of geospatial information 4.Management of the access privilege of geospatial information 5.Prevention from violation of the copyright of geospatial information 6.Maintenance of accountability of local government for geospatial information 7.Ensuring of availability of geospatial information service

May 26, 2006 Makoto Hanashima, IISEC 7 Problem How does local government implement the security policy into their own GIS? No system guideline No IT security specialist No time, a pile of work Interoperability problems will arise. In the case of the interoperability of geospacial information service, complicated processing is needed with the difference in the security level during service. Redundant investments will continue by a lot of local government.

May 26, 2006 Makoto Hanashima, IISEC 8 Framework for IT Security One of the solution : To introduce a standard framework for IT security. ISO/IEC TR Guidelines for the Management of IT Security (GMITS) GMITS provides a systematic framework for IT security management.

May 26, 2006 Makoto Hanashima, IISEC 9 Framework of IT Security for GIS Information Security Policy of Local Government Related StatuteGovernmental Guideline High Level Risk Analysis Detailed Risk AnalysisBaseline Approach Selection of Safeguard IT Security Policy for IT System IT Security Requirement Framework of ISO/IEC TR GMITS

May 26, 2006 Makoto Hanashima, IISEC 10 Two Approaches for IT Security Two approaches to specify IT security requirements An approach based on Detailed Risk Analysis An approach based on Baseline Safeguard (Baseline Approach)

May 26, 2006 Makoto Hanashima, IISEC 11 Two Approaches for IT Security An approach based on Detailed Risk Analysis A detailed risk analysis evaluates a risk based on detailed estimation of the information property, the threat evaluation to them, and vulnerability evaluation of IT system. This Approach is possible to select the safeguard optimized to the target IT system. This approach needs advanced technical knowledge and a great effort, it requires many costs.

May 26, 2006 Makoto Hanashima, IISEC 12 Two Approaches for IT Security An approach based on Baseline Safeguard (Baseline Approach) Baseline approach selects a safeguard (baseline safeguard) so that the minimum security level (baseline security) decided for each type of IT system may be satisfied. Because this approach can be implemented in the minimum time and effort for a risk analysis or for selection of safeguards, for the system which does not need a high security level, its cost benefit is far good. This approach depends on the adequacy of baseline security.

May 26, 2006 Makoto Hanashima, IISEC 13 Baseline Security for GIS If the requirements for an information security peculiar to Geospatial Information Service become clear, the guideline which included these requirements in Baseline Security can be proposed. This approach may prevent following problems: In the case of the interoperability of geospacial information service, complicated processing is needed with the difference in the security level during service. Redundant investments will continue in many local governments to the security countermeasures which may not be so effective. A risk peculiar to geospatial information service may remain not discussing.

May 26, 2006 Makoto Hanashima, IISEC 14 Framework of IT Security for GIS Information Security Policy of Local Government Related StatuteGovernmental Guideline High Level Risk Analysis Detailed Risk AnalysisBaseline Approach Selection of Safeguard IT Security Policy for IT System IT Security Requirement Geospatial Information Data ( Public Property ) Geospatial Information Service (STSYEM) IT Asset Evaluation IT Asset Evaluation Baseline Security for Geospatial Information Service Baseline Security for Geospatial Information Service Threat Analysis Threat Analysis Framework of ISO/IEC TR GMITS Domain of Research

May 26, 2006 Makoto Hanashima, IISEC 15 Process of Baseline Approach Basic Assessments Identification of the Type of IT System Identification of Physical/Environmental Conditions Assessment of Existing/Planned Safeguards Simple or More Advanced Baseline Approach Baseline Approach: Selection of Safeguards According to The Type of IT System Generally Applicable Safeguards IT System Specific Safeguards Selection of Safeguards According to Security Concerns and Threats Assessment of Security Concerns Safeguards for Confidentiality Safeguards for Integrity Safeguards for Availability Safeguards for Accountability, Authenticity and Reliability Flow Diagram for Selection of Safeguards GMITS Part4: Selection of Safeguards

May 26, 2006 Makoto Hanashima, IISEC 16 Concept of Threat Analysis - 1 Threat Typical Threat Specific Threat Enumerated by "List of Possible Threat Types" in GMITS. Not enumerated by the list. Specific Threats in GIS

May 26, 2006 Makoto Hanashima, IISEC 17 Concept of Threat Analysis - 2 Coverage of Typical threat and Specific threat Specific Threat Typical Threat Whole Threat

May 26, 2006 Makoto Hanashima, IISEC 18 Specific Threat for GIS Ts-01:Tampering and forgery of data Ts-02:Illegal copy and distribution of data Ts-03:Attack by unauthorized service Ts-04:Attack to Web application Ts-05:Arrogation of an author or a source Ts-06:Setting error of access privilege Ts-07: Exposure of confidential information by connected referencability Ts-08:Data error Ts-09:Tampering and deletion of audit log Ts-10:Failure of interoperability of system

May 26, 2006 Makoto Hanashima, IISEC 19 Safeguards for Specific Threat of GIS-1 Possible safeguards for Ts-01 Access control to geospatial data Authentication of the geospatial data based on digital signature PKI should be applied Tamper-proof data generation Ts-01: Tampering and forgery of data Ts-02: Illegal copy and distribution of data Ts-03: Attack by unauthorized service Ts-04: Attack to Web application Ts-05: Arrogation of an author or a source Ts-06: Setting error of access privilege Ts-07: Exposure of confidential information by connected referencability Ts-08: Data error Ts-09: Tampering and deletion of audit log Ts-10: Failure of interoperability of system

May 26, 2006 Makoto Hanashima, IISEC 20 Safeguards for Specific Threat of GIS-2 Possible safeguards for Ts-02 Authentication of the geospatial data based on digital signature Authentication of the data provider by digital signature Use of digital watermarking Ts-01: Tampering and forgery of data Ts-02: Illegal copy and distribution of data Ts-03: Attack by unauthorized service Ts-04: Attack to Web application Ts-05: Arrogation of an author or a source Ts-06: Setting error of access privilege Ts-07: Exposure of confidential information by connected referencability Ts-08: Data error Ts-09: Tampering and deletion of audit log Ts-10: Failure of interoperability of system

May 26, 2006 Makoto Hanashima, IISEC 21 Safeguards for Specific Threat of GIS-3 Possible safeguards for Ts-03 Two-way authentication by security frameworks of Web Services Two-way authentication in an application level Reinforcement of detection capabilities against unauthorized services Ts-01: Tampering and forgery of data Ts-02: Illegal copy and distribution of data Ts-03: Attack by unauthorized service Ts-04: Attack to Web application Ts-05: Arrogation of an author or a source Ts-06: Setting error of access privilege Ts-07: Exposure of confidential information by connected referencability Ts-08: Data error Ts-09: Tampering and deletion of audit log Ts-10: Failure of interoperability of system

May 26, 2006 Makoto Hanashima, IISEC 22 Safeguards for Specific Threat of GIS-4 Possible safeguards for Ts-04 Reinforcement of robustness of Web application Reinforcement of attack detection method Using rich client e.g. Flex, Curl Ts-01: Tampering and forgery of data Ts-02: Illegal copy and distribution of data Ts-03: Attack by unauthorized service Ts-04: Attack to Web application Ts-05: Arrogation of an author or a source Ts-06: Setting error of access privilege Ts-07: Exposure of confidential information by connected referencability Ts-08: Data error Ts-09: Tampering and deletion of audit log Ts-10: Failure of interoperability of system

May 26, 2006 Makoto Hanashima, IISEC 23 Safeguards for Specific Threat of GIS-5 Possible safeguards for Ts-05 Authentication by digital signature of an author or a source Authentication function for Data Clearinghouse Service Some DRM protocol may be applied Reinforcement of the attack detection method Use of digital watermarking Ts-01: Tampering and forgery of data Ts-02: Illegal copy and distribution of data Ts-03: Attack by unauthorized service Ts-04: Attack to Web application Ts-05: Arrogation of an author or a source Ts-06: Setting error of access privilege Ts-07: Exposure of confidential information by connected referencability Ts-08: Data error Ts-09: Tampering and deletion of audit log Ts-10: Failure of interoperability of system

May 26, 2006 Makoto Hanashima, IISEC 24 Safeguards for Specific Threat of GIS-6 Possible safeguards for Ts-06 Application of an access-control model e.g. RBAC Use of an access-control framework e.g. XACML Ts-01: Tampering and forgery of data Ts-02: Illegal copy and distribution of data Ts-03: Attack by unauthorized service Ts-04: Attack to Web application Ts-05: Arrogation of an author or a source Ts-06: Setting error of access privilege Ts-07: Exposure of confidential information by connected referencability Ts-08: Data error Ts-09: Tampering and deletion of audit log Ts-10: Failure of interoperability of system

May 26, 2006 Makoto Hanashima, IISEC 25 Safeguards for Specific Threat of GIS-7 Possible safeguards for Ts-07 Distinction of a connected referencability based on metadata Protection by limitation of the resolution of geospatial data Ts-01: Tampering and forgery of data Ts-02: Illegal copy and distribution of data Ts-03: Attack by unauthorized service Ts-04: Attack to Web application Ts-05: Arrogation of an author or a source Ts-06: Setting error of access privilege Ts-07: Exposure of confidential information by connected referencability Ts-08: Data error Ts-09: Tampering and deletion of audit log Ts-10: Failure of interoperability of system

May 26, 2006 Makoto Hanashima, IISEC 26 Safeguards for Specific Threat of GIS-8 Possible safeguards for Ts-08 Early notification of data error information Audit of the update log of data Ts-01: Tampering and forgery of data Ts-02: Illegal copy and distribution of data Ts-03: Attack by unauthorized service Ts-04: Attack to Web application Ts-05: Arrogation of an author or a source Ts-06: Setting error of access privilege Ts-07: Exposure of confidential information by connected referencability Ts-08: Data error Ts-09: Tampering and deletion of audit log Ts-10: Failure of interoperability of system

May 26, 2006 Makoto Hanashima, IISEC 27 Safeguards for Specific Threat of GIS-9 Possible safeguards for Ts-09 Reinforcement of robustness of a logging system Ts-01: Tampering and forgery of data Ts-02: Illegal copy and distribution of data Ts-03: Attack by unauthorized service Ts-04: Attack to Web application Ts-05: Arrogation of an author or a source Ts-06: Setting error of access privilege Ts-07: Exposure of confidential information by connected referencability Ts-08: Data error Ts-09: Tampering and deletion of audit log Ts-10: Failure of interoperability of system

May 26, 2006 Makoto Hanashima, IISEC 28 Safeguards for Specific Threat of GIS-10 Possible safeguards for Ts-10 Implementation of the error- tracking function of a Web Service Ts-01: Tampering and forgery of data Ts-02: Illegal copy and distribution of data Ts-03: Attack by unauthorized service Ts-04: Attack to Web application Ts-05: Arrogation of an author or a source Ts-06: Setting error of access privilege Ts-07: Exposure of confidential information by connected referencability Ts-08: Data error Ts-09: Tampering and deletion of audit log Ts-10: Failure of interoperability of system

May 26, 2006 Makoto Hanashima, IISEC 29 Summary of Safeguards Safeguards can be implemented by : Web Service Security Secure data transfer protocol Access control method Some technologies for safeguard still should be discussed: Robustness of Web application Traceability of Web service component Digital signature and authentication protocol for OGC’s open architecture

May 26, 2006 Makoto Hanashima, IISEC 30 Conclusion Baseline Security Guideline is required for Geospatial Information Service in Japanese local governments. "Specific Threats" to Geospatial Information Service of local government have been considered. The Safeguards to “Specific Threats” have been discussed. A number of safeguards have necessity of more technical discussions. Continuous research is required to make up baseline security for Geospatial Information Service of local government.

May 26, 2006 Makoto Hanashima, IISEC 31 Thank you Please send your comment: Reference [1].Downs,R & Lenhardt,C: “Privacy and Confidentiality Issues with Spatial Data”, IASSIST 2003 [2].Taylor,K & Murty,J: “Implementing Role Based Access Control for Federated Information Systems on the Web”, Australasian Information Security Workshop 2003 (AISW2003) [3].Belussi,A,et al.: “An Authorization Model for Geographical Maps”, In Proc. GIS’04, Nov.,12- 13,2004 [4].Joshi,J, et al.: “Digital Government Security Infrastructure Design Challenges”, IEEE Computer, 2001 [5].ISO/IEC TR Guideline for the management of IT Security, JIS Handbook 2005 [6].ISO/IEC Evaluation criteria for IT Security, JIS Handbook 2005 [7].OGC: “OpenGIS® web services architecture description”, Open Geospatial Consortium Inc., 2005

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.