Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fine-grained Access Control for Spatial Services...e nforcing the Need-to-Know Principle Rüdiger Gartmann con terra GmbH, Münster, Germany.

Published byAubrie McDaniel Modified over 9 years ago

Similar presentations

Presentation on theme: "Fine-grained Access Control for Spatial Services...e nforcing the Need-to-Know Principle Rüdiger Gartmann con terra GmbH, Münster, Germany."— Presentation transcript:

1 Fine-grained Access Control for Spatial Services...e nforcing the Need-to-Know Principle Rüdiger Gartmann con terra GmbH, Münster, Germany

2 © con terra GmbH 2 Actors: Public Safety Scenario: Planning an Event

3 © con terra GmbH 3 User Groups X

4 © con terra GmbH 4 Planning team >Event preparation >Plan roadblocks, routes, evacuation scenarios, personnel... >Assign areas for police, firefighters, paramedics,... Control team >Event monitoring >Measuring of movements, reaction to incidents and emergencies, revision of plans,... >Management of emergency response teams >Observation of surveillance cameras, location of suspects,... Access to All Information

5 © con terra GmbH 5 Access to Limited Information Technical preparation >Create roadblocks, traffic control systems, barriers,... >Seal gully holes, check security measures,... Emergency response teams >Situation assessments >Taking orders >Status reports >Finding places of accident >Guidance, evacuation, protection...

6 © con terra GmbH 6 Access to Public Information Tourists >Plan their trips >See what‘s going on >Find friends >Post information, photos,... >Get event notifications Threats >Only access to public information

7 © con terra GmbH 7 Regardless of the security classification, access is only permitted if there is an actual need Planning team is allowed to see evacuation routes... Control team is allowed to use surveillance cameras... Poliecemen are allowed to report incidents... Paramedics are allowed to request ambulances... >...but only for the very event they are actually dealing with! Security Levels vs. Need-To-Know

8 © con terra GmbH 8 Class 1Class 2Class 3Class 4 Event A Event B Event C Event D Authorisation Decision Information is classified Information is assigned to certain tasks Users are classified Users are assigned to certain roles (responsible for certain tasks) Access is granted, only if >classification level matches and >task/role assignment matches

9 based on security.manager Access Control to Spatial Content

10 © con terra GmbH 10 Policy structure Creating Policies SubjectResourceActionObligation SubjectResourceActionObligation Planning TeamEvacuation Routes *Area of Interest, Classification = green SubjectResourceActionObligation Planning TeamPlaces to inspect *Area of Interest, Classification = green PolicemenPlaces to inspect CheckArea of Duty, Classification = yellow System is deny-biased >Everyone without explicit permissions is denied

11 © con terra GmbH 11 Example: Places to Inspect

12 Required Authorisation Capabilities

13 © con terra GmbH 13 Authorisation of Services Full set Authorize services in securityManager Restricted

14 © con terra GmbH 14 Layer Authorisation All layers Restricted list of layers Define rights

15 © con terra GmbH 15 Feature Authorization All features Filtered to features classified as yellow Classification = yellow

16 © con terra GmbH 16 Authorise Functionalities Identify result Assign permissions for operations in securityManager Identify not authorized

17 © con terra GmbH 17 Spatial restrictions in securityManager Spatial Restrictions Full extent Spatial restriction for Germany

18 Rüdiger Gartmann r.gartmann@conterra.de Thank you for your interest......and visit us in the exhibition!

Download ppt "Fine-grained Access Control for Spatial Services...e nforcing the Need-to-Know Principle Rüdiger Gartmann con terra GmbH, Münster, Germany."

Similar presentations

Aviation Security Training Module 4 Design and Conduct Exercise II 1.

Aviation Security Training Module 4 Design and Conduct Exercise II 1.
Rüdiger Gartmann, on behalf of Andreas Wytzisk con terra GmbH, Münster, Germany Monetising SDIs... eLicensing and ePayment for Spatial Services.

Rüdiger Gartmann, on behalf of Andreas Wytzisk con terra GmbH, Münster, Germany Monetising SDIs... eLicensing and ePayment for Spatial Services.
Emergency Preparedness and Response

Emergency Preparedness and Response
29 CFR 1910.120 Hazardous Waste Operations and Emergency Response (Hazwoper) Presented By: Etech Environmental & Safety Solutions, Inc.

29 CFR Hazardous Waste Operations and Emergency Response (Hazwoper) Presented By: Etech Environmental & Safety Solutions, Inc.
1 Denver International Airport Ken Greene Deputy Manager of Aviation Airport Operations June 10, 2014.

1 Denver International Airport Ken Greene Deputy Manager of Aviation Airport Operations June 10, 2014.
Paul Hubbard Portfolio Manager, Border and Transportation Security Information Sharing: Barriers and Solutions Sept 9 Workshop Summary Presented to Armed.

Paul Hubbard Portfolio Manager, Border and Transportation Security Information Sharing: Barriers and Solutions Sept 9 Workshop Summary Presented to Armed.
Emergency Response Centre (Madhya Pradesh Pollution Control Board) Bhopal - India Ph. : +91 755 - 2469180 / 2464428 Fax : +91 755 - 2463742 / 2469180 E.mail.

Emergency Response Centre (Madhya Pradesh Pollution Control Board) Bhopal - India Ph. : / Fax : / E.mail.
Alexander Brandl ERHS 561 Emergency Response Environmental and Radiological Health Sciences.

Alexander Brandl ERHS 561 Emergency Response Environmental and Radiological Health Sciences.
Building Marshal General Duties Evacuation Assistance Accountability Scene Integrity NC STATE UNIVERSITY Environmental Health and Public Safety Fire Protection.

Building Marshal General Duties Evacuation Assistance Accountability Scene Integrity NC STATE UNIVERSITY Environmental Health and Public Safety Fire Protection.
1 Exotic Disease Response Training Introduction to Movement Control.

1 Exotic Disease Response Training Introduction to Movement Control.
Technician Module 2 Unit 4 Slide 1 MODULE 2 UNIT 4 Specialized Functions.

Technician Module 2 Unit 4 Slide 1 MODULE 2 UNIT 4 Specialized Functions.
Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.

Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.
Network security policy: best practices

Network security policy: best practices
Security System Elion Sõber Vahur Kaar Kristof Mikael Rosenberg.

Security System Elion Sõber Vahur Kaar Kristof Mikael Rosenberg.
1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo
Hazardous Waste and Emergency Response

Hazardous Waste and Emergency Response
Firefighter III Introduction Mod A. 3-1.1. Identify the Firefighter III’s role as a member of the organization. (4-2.1) The role of a firefighter III.

Firefighter III Introduction Mod A Identify the Firefighter III’s role as a member of the organization. (4-2.1) The role of a firefighter III.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –

Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Chapter 13 Security Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives State the major responsibility.

Chapter 13 Security Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives State the major responsibility.
Critical Incident Response And CIRT Board of Education Report 2006 Dale R. Rauenzahn, Executive Director, Student Support Services.

Critical Incident Response And CIRT Board of Education Report 2006 Dale R. Rauenzahn, Executive Director, Student Support Services.

Similar presentations

Ads by Google