Title: Fine-grained Access Control for Spatial Services ...enforcing the Need-to-Know Principle
1Fine-grained Access Control for Spatial
Services...enforcing the Need-to-Know Principle
- Rüdiger Gartmann
- con terra GmbH, Münster, Germany
2Public Safety Scenario Planning an Event
3User Groups
4Access to All Information
- Planning team
- Event preparation
- Plan roadblocks, routes, evacuation scenarios,
personnel... - Assign areas for police, firefighters,
paramedics, ... - Control team
- Event monitoring
- Measuring of movements, reaction to incidents and
emergencies, revision of plans, ... - Management of emergency response teams
- Observation of surveillance cameras, location of
suspects, ...
5Access to Limited Information
- Technical preparation
- Create roadblocks, traffic control systems,
barriers, ... - Seal gully holes, check security measures, ...
- Emergency response teams
- Situation assessments
- Taking orders
- Status reports
- Finding places of accident
- Guidance, evacuation, protection...
6Access to Public Information
- Tourists
- Plan their trips
- See whats going on
- Find friends
- Post information, photos, ...
- Get event notifications
- Threats
- Only access to public information
7Security Levels vs. Need-To-Know
- Regardless of the security classification, access
is only permitted if there is an actual need - Planning team is allowed to see evacuation
routes... - Control team is allowed to use surveillance
cameras... - Poliecemen are allowed to report incidents...
- Paramedics are allowed to request ambulances...
- ...but only for the very event they are actually
dealing with!
8Authorisation Decision
Class 1 Class 2 Class 3 Class 4
Event A
Event B
Event C
Event D
- Information is classified
- Information is assigned to certain tasks
- Users are classified
- Users are assigned to certain roles (responsible
for certain tasks) - Access is granted, only if
- classification level matches and
- task/role assignment matches
9Access Control to Spatial Content
- based on security.manager
10Creating Policies
Subject Resource Action Obligation
Subject Resource Action Obligation
Planning Team Evacuation Routes Area of Interest, Classification green
Subject Resource Action Obligation
Planning Team Places to inspect Area of Interest, Classification green
Policemen Places to inspect Check Area of Duty, Classification yellow
- System is deny-biased
- Everyone without explicit permissions is denied
11Example Places to Inspect
12Required Authorisation Capabilities
13Authorisation of Services
14Layer Authorisation
All layers
15Feature Authorization
Classification yellow
All features
16Authorise Functionalities
17Spatial Restrictions
18Thank you for your interest......and visit us
in the exhibition!
- Rüdiger Gartmannr.gartmann_at_conterra.de