Security and Licensing for Geospatial Web Services

Abstract

This paper presents an approach for enabling the commercial use of Geospatial Web Services in an on demand and ad-hoc fashion. The main goal is to go beyond classical Role-Based Access Control models in order to support ad-hoc license agreements directly in-process, without any prior offline negotiated agreements being necessary between georesource provider and geoprocessing user for on-demand access. Therefore, a general security and licensing architecture is defined as a transparent layer for Geospatial Web Services. In particular, this chapter focuses on state-of-the-art interface specifications from OGC and defines generic security extensions being applicable to all OGC standards based on OWS Common. The static model with trust relationships between the different components of the architecture in heterogeneous security domains as well the dynamic structure is studied. The presented ideas are verified by a proof-of-concept implementation following a real world scenario.