摘要
In recent years,geographical information systems have been employed in a wide variety of application domains,and as a result many research efforts are being devoted to those upcoming problems.Geospatial data security,especially access control,has attracted increased research interests within the academic community.The tendency towards sharing and interoperability of geospatial data and applications makes it common to acquire and integrate geospatial data from multiple organisations to accomplish a complex task.Meanwhile,many organisations have the requirement for securing access to possessed sensitive or proprietary geospatial data.In this heterogeneous and distributed environment,consistent access control functionality is crucial to promote controlled accessibility.As an extension of general access control mechanisms in the IT domain,the mechanism for geospatial data access control has its own requirements and characteristics of granularity and geospatial logic.In this paper,we address several fundamental aspects concerning the design and implementation of an access control system for geospatial data,including the classification,requirements,authorisation models,storage structures and management approaches for authorisation rules,matching and decision-making algorithms between authorisation rules and access requests,and its policy enforcement mechanisms.This paper also presents a system framework for realising access control functionality for geospatial data,and explain access control procedures in detail.
基金
This work is supported by Project 2007AA120502,sponsored by NHTRDPC
the National High Technology Research and Development Program of China.