Fine-grained Access Control for Spatial Services...e nforcing the Need-to-Know Principle Rüdiger...
-
Upload
aubrie-mcdaniel -
Category
Documents
-
view
212 -
download
0
Transcript of Fine-grained Access Control for Spatial Services...e nforcing the Need-to-Know Principle Rüdiger...
Fine-grained Access Control for Spatial Services
...enforcing the Need-to-Know PrincipleRüdiger Gartmann
con terra GmbH, Münster, Germany
© con terra GmbH2
Actors:
Public Safety Scenario: Planning an Event
© con terra GmbH3
User Groups
X
© con terra GmbH4
Planning team
> Event preparation
> Plan roadblocks, routes, evacuation scenarios, personnel...
> Assign areas for police, firefighters, paramedics, ...
Control team
> Event monitoring
> Measuring of movements, reaction to incidents and emergencies, revision of plans, ...
> Management of emergency response teams
> Observation of surveillance cameras, location of suspects, ...
Access to All Information
© con terra GmbH5
Access to Limited Information
Technical preparation
> Create roadblocks, traffic control systems, barriers, ...
> Seal gully holes, check security measures, ...
Emergency response teams
> Situation assessments
> Taking orders
> Status reports
> Finding places of accident
> Guidance, evacuation, protection...
© con terra GmbH6
Access to Public Information
Tourists
> Plan their trips
> See what‘s going on
> Find friends
> Post information, photos, ...
> Get event notifications
Threats
> Only access to public information
© con terra GmbH7
Regardless of the security classification, access is only permitted if there is an actual need
Planning team is allowed to see evacuation routes...
Control team is allowed to use surveillance cameras...
Poliecemen are allowed to report incidents...
Paramedics are allowed to request ambulances...
> ...but only for the very event they are actually dealing with!
Security Levels vs. Need-To-Know
© con terra GmbH8
Class 1 Class 2 Class 3 Class 4
Event A
Event B
Event C
Event D
Authorisation Decision
Information is classified
Information is assigned to certain tasks
Users are classified
Users are assigned to certain roles (responsible for certain tasks)
Access is granted, only if
> classification level matches and
> task/role assignment matches
based on security.manager
Access Control to Spatial Content
© con terra GmbH10
Policy structure
Creating Policies
Subject Resource Action ObligationSubject Resource Action Obligation
Planning Team
Evacuation Routes
* Area of Interest, Classification = green
Subject Resource Action Obligation
Planning Team
Places to inspect
* Area of Interest, Classification = green
Policemen Places to inspect
Check Area of Duty, Classification = yellow
System is deny-biased
> Everyone without explicit permissions is denied
© con terra GmbH11
Example: Places to Inspect
Required Authorisation Capabilities
© con terra GmbH13
Authorisation of Services
Full set
Authorize services in securityManager
Restricted
© con terra GmbH14
Layer Authorisation
All layers
Restricted listof layers
Define rights
© con terra GmbH15
Feature Authorization
All features Filtered to features classified as yellow
Classification = yellow
© con terra GmbH16
Authorise Functionalities
Identify result
Assign permissions for operations in securityManager
Identify not authorized
© con terra GmbH17
Spatial restrictionsin securityManager
Spatial Restrictions
Full extent
Spatial restriction for Germany