Service-based Access Control in Spatial Data Infrastructures
|
|
- Arthur Jackson
- 6 years ago
- Views:
Transcription
1 Service-based Access Control in Spatial Data Infrastructures Jan Drewnak con terra GmbH, Münster
2 Roadmap»Security in SOA Architecture and Standards»Existing Solution and Implementations»Open Geospatial Consortium Activities &Trends»EuroGeoNames Scenario Application of Concepts
3 What s it all about Apply Authentication & Authorization to OGC Services needed for (almost) any business case required for paid content required for non-public content provide user-specific views onto a service Do not touch existing software Support of standard OGC interfaces Easy application of Authentication & Authorization to existing scenarios But first how do they deal with these issues in the rest of the web services universe?!
4 Security handling in SOA (WMS) Client Proof of identity (ticket) Authent. information Authentication Service request Request + Ticket SAML SAML Response Policy Enforce- ment Point (PEP) Decision Resource Subject Action XACML Web Web Services-SecurityServices Security Service request Authorization Request Response (Web Mapping) Service Authentication Provider Policy Decision Point (PDP) ID Resource Subject Action 1 Layer buying power drewnak GetMap 2 Layer topo * GetMap
5 SAML: Security Assertions Markup Language Generic expression language to describe and communicate approved user information Specified by the OASIS industrial consortium First version Nov Central SAML document contains assertions about users E.g. assertion: Jan Drewnak was authenticated by password by GeoClearingHouse, Inc. at , 11 am. His address is
6 XACML: extensible Access Control Markup Language Generic expression language to describe policies (permissions/denials) Specified by the OASIS industrial consortium (Organization for the Advancement of Structured Information Standards) Complex (but powerful) GeoXACML extends XACML by adding functions and data types defining a resource model Well-defined XACML syntax allows to implement generic PDPs (-> SunXACML) As long as your policies are expressed in (core) XACML, a policy decision can be made by any PDP
7 WS-S General info Specifies, how to add security relevant information to SOAP messages Application of XML Encryption(W3C) and XMLSignature(W3C) plus security tokens Specified by the OASIS industrial consortium Profiles for recent version 1.1 Username Token X.509 Token SAML Token Kerberos Token REL (Rights Expression Language) Token WS-S advantage: Security information is included in the SOAP header, the real payload in the body remains unmodified SOAP based service specifications need not to be modified to enable WS-S
8 Adoptable to SDI? From the technical perspective Problem: Common approaches are focused on real web services (use of SOAP protocols etc.) OGC services are plain and crude (mostly limited to the HTTP protocol) Web service security is not fully applicable OGC clients are plain, too!
9 A possible approach Understand security as an extension of existing spatial data infrastructures Use security standards that are established within the IT sector as far as possible Be open for changes! GeoDRM is evolving OGC service interfaces will get mapped to SOAP (sometimes) Support different standards/technologies for policies and identities Interfaces may change But: provide support for existing standards (and thus solutions)
10 GDI NRW Solution 2001: First concepts published in GDI NRW 2002: GDI NRW Testbed II Specification of Web Authentication Service (WAS) Web Security Service (WSS)
11 General Architecture view map GetMap WMS Client Map local persistent web persistent web transient User provide credentials WMS Facade WSC - Web Security Client GetMap& Ticket Map WSS - Web Security Service WMS Client GetMap Map WMS
12 Implementations 52 North Open Source Software Initiative Basic implementations of WSC WAS WSS current release allows protection of WMS layers con terra sdi.suite securitymanager based on open source implementations protection of WMS WFS(-T) ArcIMS ArcGIS Server spatial authorization for WMS WFS ArcIMS administration tools Interceptor concept Authorization module that encapsulates knowledge about servicespecifics, e.g. WFS vs. WMS requests Tasks for example: Filter out layers, feature types, attributes, Interceptors are deployed in the WSS, which is just a runtime environment
13 OGC Trends in Access Control GeoDRM Working Group since 2004 Goal: evaluate and develop security solutions for OGC Web Services Activities: meetings, telecons, participate in OWS testbeds Identity Provider Authentication Service Result OWS-4 testbed Customer Service Provider Applies to SOAP services OWS OWSGeoDRM Client Client Client Gatekeeper (Enforcement) OWS Service Applies WS-S Authorization Service (Decision) License Broker License Broker License Manager (Administration) License Manager
14 Just a (EGN) Scenario Client App Browser EGN NMCA A EGN NMCA B EGN NMCA C? Secure Secure Secure?? public Sec. API WSC Gates WSS EGN Central Service EGN Web Site special Sec. API
15 Projects Using Introduced System (con terra / 52 North) Forestal GIS (InFoGIS), State Forestal Agency, Baden- Wuerttemberg Geodatenatlas Steinfurt & Borken, Districts of Steinfurt/Borken, Germany Metainformation System Hesse, Hessische Zentrale für Datenverarbeitung LoG-IN (Interreg III Project), Consortium Leiedal (BE), Norfolk (UK), Rotenburg/Wümme (DE) INSPIRE@EC European Commission (Eurostat) Joint Project 2005, Dortmund, Münster, Steinfurt, Borken, Coesfeld, Bottrop Hydrological GIS (GGInA), Federal Agency for Hydrology of Germany Management of Environmental Data (OSIRIS), Rheinland-Pfalz Geoportal Croatia, State Geodetic Agency (Kroatien) Geocommunicator.gov, Bureo Of Landmanagement (USA) City of Bottrop KABAS, State Environmental Agency, North Rhine- Westfalia sdi.suite securitymanager, con terra GmbH 52 North Open Source Initiative
16 Dipl.-Geoinf. Jan Drewnak Thanks for your attention! Questions? con terra GmbH Muenster
zentrale Sicherheitsplattform für WS Web Services Manager in Action: Leitender Systemberater Kersten Mebus
Web Services Manager in Action: zentrale Sicherheitsplattform für WS Kersten Mebus Leitender Systemberater Agenda Web Services Security Oracle Web Service Manager Samples OWSM vs
More informationSecuring your Standards Based Services. Rüdiger Gartmann (con terra GmbH) Satish Sankaran (Esri)
Securing your Standards Based Services Rüdiger Gartmann (con terra GmbH) Satish Sankaran (Esri) Agenda What are your security goals? Access control Standards and interoperability User management and authentication
More informationSecurity Assertions Markup Language (SAML)
Security Assertions Markup Language (SAML) The standard XML framework for secure information exchange Netegrity White Paper PUBLISHED: MAY 20, 2001 Copyright 2001 Netegrity, Inc. All Rights Reserved. Netegrity
More informationOpen Geospatial Consortium, Inc.
OpenGIS Public Engineering Report OGC 09-063 Open Geospatial Consortium, Inc. Date: 2009-09-11 Reference number of this document: OGC 09-063 Version: 0.3.0 Category: Public Engineering Report Editor: Lewis
More informationOpen Geospatial Consortium Inc.
OpenGIS Interoperability Program Report OGC 06-107r1 Open Geospatial Consortium Inc. Date: 2007-05-07 Reference number of this document: OGC 06-107r1 Version: 0.9 Category: OpenGIS Interoperability Program
More informationEnterprise SOA Experience Workshop. Module 8: Operating an enterprise SOA Landscape
Enterprise SOA Experience Workshop Module 8: Operating an enterprise SOA Landscape Agenda 1. Authentication and Authorization 2. Web Services and Security 3. Web Services and Change Management 4. Summary
More informationAuthentication. Katarina
Authentication Katarina Valalikova @KValalikova k.valalikova@evolveum.com 1 Agenda History Multi-factor, adaptive authentication SSO, SAML, OAuth, OpenID Connect Federation 2 Who am I? Ing. Katarina Valaliková
More informationINSPIRE: The ESRI Vision. Tina Hahn, GIS Consultant, ESRI(UK) Miguel Paredes, GIS Consultant, ESRI(UK)
INSPIRE: The ESRI Vision Tina Hahn, GIS Consultant, ESRI(UK) Miguel Paredes, GIS Consultant, ESRI(UK) Overview Who are we? Introduction to ESRI Inc. and ESRI(UK) Presenters ArcGIS The ESRI Solution to
More informationWhat s New in ArcGIS 10.4 for Server
What s New in ArcGIS 10.4 for Server Derek Law, Esri Jan 19, 2016 Esri Southwest User Conference Agenda Product story GIS Server Sharing content from ArcGIS Pro Portal for ArcGIS Client Apps Summary Strongly
More informationHeterogeneous Mission Accessibility Testbed HMAT. Toolbox Software Security Layer. Acceptance Test Plan
Document Id: HMAT-ATP-1400-INT Issue: 0-12/02/2009 Revision: 1-12/02/2009 Heterogeneous Mission Accessibility Testbed HMAT Toolbox Software Security Layer Acceptance Test Plan Authors: M. Barone 12/02/09
More informationArcGIS Server and Portal for ArcGIS An Introduction to Security
ArcGIS Server and Portal for ArcGIS An Introduction to Security Jeff Smith & Derek Law July 21, 2015 Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context
More informationWarm Up to Identity Protocol Soup
Warm Up to Identity Protocol Soup David Waite Principal Technical Architect 1 Topics What is Digital Identity? What are the different technologies? How are they useful? Where is this space going? 2 Digital
More informationNational Identity Exchange Federation. Terminology Reference. Version 1.0
National Identity Exchange Federation Terminology Reference Version 1.0 August 18, 2014 Table of Contents 1. INTRODUCTION AND PURPOSE... 2 2. REFERENCES... 2 3. BASIC NIEF TERMS AND DEFINITIONS... 5 4.
More informationIdentity-Enabled Web Services
Identity-Enabled s Standards-based identity for 2.0 today Overview s are emerging as the preeminent method for program-toprogram communication across corporate networks as well as the Internet. Securing
More informationSet-up of the Testbed for Authentication, Authorization, Accounting
Set-up of the Testbed for Authentication, Authorization, Accounting AAA Workshop, 17 March 2014 Andreas Matheus www.jrc.ec.europa.eu Serving society Stimulating innovation Supporting legislation Short
More informationISA Action 1.17: A Reusable INSPIRE Reference Platform (ARE3NA)
ISA Action 1.17: A Reusable INSPIRE Reference Platform (ARE3NA) Authentication, Authorization & Accounting for Data and Services in EU Public Administrations D4.1.5 Final technical report Danny Vandenbroucke
More informationINSPIRE and Service Level Management Why it matters and how to implement it
Service Level Agreements for D-Grid INSPIRE and Service Level Management Why it matters and how to implement it Bastian Baranski con terra GmbH Münster, Germany http://www.sla4d-grid.de Motivation Evolution
More informationLesson 13 Securing Web Services (WS-Security, SAML)
Lesson 13 Securing Web Services (WS-Security, SAML) Service Oriented Architectures Module 2 - WS Security Unit 1 Auxiliary Protocols Ernesto Damiani Università di Milano element This element
More informationCA SiteMinder Web Services Security
CA SiteMinder Web Services Security Policy Configuration Guide 12.52 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationFrom Geoportal to Spatial Data Service Platform. Jani Kylmäaho National Land Survey of Finland Development Centre
From Geoportal to Spatial Data Service Platform Jani Kylmäaho National Land Survey of Finland Development Centre Introduction National Land Survey of Finland - 1900 employees Development Centre - 120 employees
More informationAchieving Interoperability Using Open Standards
FedGIS Conference February 24 25, 2016 Washington, DC Achieving Interoperability Using Open Standards Satish Sankaran Marten Hogeweg Agenda Understanding Interoperability What, Why and How? ArcGIS Platform
More informationElectronic ID at work: issues and perspective
Electronic ID at work: issues and perspective Antonio Lioy < lioy @ polito.it > Politecnico di Torino Dip. Automatica e Informatica Why should I have/use an (e-) ID? to prove my identity to an "authority":
More informationOpen Geospatial Consortium
Open Geospatial Consortium Approved Date: 2013-01-18 Posted Date: 2013-02-06 Reference number of this document: OGC 12-118 External Identifier for this document: http://www.opengis.net/def/doc-type/per/ows9-security
More informationLeveraging OGC Services in ArcGIS Server. Satish Sankaran, Esri Yingqi Tang, Esri
Leveraging OGC Services in ArcGIS Server Satish Sankaran, Esri Yingqi Tang, Esri GIS Creating and Managing Geo Information Products - Proprietary - Open Specifications - Standards Dissemination of Geo
More informationKerberos for the Web Current State and Leverage Points
Kerberos for the Web Current State and Leverage Points Executive Advisory Board Meeting and Financial Services Security Summit New York, 3-4 November 2008. Towards Kerberizing Web Identity and Services
More informationWEB-202: Building End-to-end Security for XML Web Services Applied Techniques, Patterns and Best Practices
WEB-202: Building End-to-end Security for XML Web Services Applied Techniques, Patterns and Best Practices Chris Steel, Ramesh Nagappan, Ray Lai www.coresecuritypatterns.com February 16, 2005 15:25 16:35
More informationSLCS and VASH Service Interoperability of Shibboleth and glite
SLCS and VASH Service Interoperability of Shibboleth and glite Christoph Witzig, SWITCH (witzig@switch.ch) www.eu-egee.org NREN Grid Workshop Nov 30th, 2007 - Malaga EGEE and glite are registered trademarks
More informationHETEROGENEOUS MISSION ACCESSIBILITY TESTBED HMAT TOOLBOX SOFTWARE REQUIREMENT DOCUMENT (SECURITY LAYER) ESA-ESRIN D O C U M E N T
f D O C U M E N T document title/ titre du document HETEROGENEOUS MISSION ACCESSIBILITY TESTBED HMAT TOOLBOX SOFTWARE REQUIREMENT DOCUMENT (SECURITY LAYER) prepared by/préparé par S. Puri reference/réference
More informationGlobal Reference Architecture: Overview of National Standards. Michael Jacobson, SEARCH Diane Graski, NCSC Oct. 3, 2013 Arizona ewarrants
Global Reference Architecture: Overview of National Standards Michael Jacobson, SEARCH Diane Graski, NCSC Oct. 3, 2013 Arizona ewarrants Goals for this Presentation Define the Global Reference Architecture
More informationEntrust Identification Server 7.0. Entrust Entitlements Server 7.0. Administration Guide. Document issue: 1.0. Date: June 2003
Identification Server 7.0 Entitlements Server 7.0 Administration Guide Document issue: 1.0 Date: June 2003 2003. All rights reserved. is a trademark or a registered trademark of, Inc. in certain countries.
More information1 Introduction. 2 National Data Exchange Layer
Spatial Services in the egovernment: Delivering WFS and WMS Queries through the Data Exchange Layer of the Finnish National Architecture for Digital Services Pekka Latvala, Lassi Lehto Finnish Geospatial
More informationMajor SAML 2.0 Changes. Nate Klingenstein Internet2 EuroCAMP 2007 Helsinki April 17, 2007
Major SAML 2.0 Changes Nate Klingenstein Internet2 EuroCAMP 2007 Helsinki April 17, 2007 Tokens, Protocols, Bindings, and Profiles Tokens are requests and assertions Protocols bindings are communication
More informationDatapower is both a security appliance & can provide a firewall mechanism to get into Systems of Record
1 2 3 Datapower is both a security appliance & can provide a firewall mechanism to get into Systems of Record 5 White boxes show the access points for different kinds of security. That s what we will
More informationNetwork Security Essentials
Network Security Essentials Fifth Edition by William Stallings Chapter 4 Key Distribution and User Authentication No Singhalese, whether man or woman, would venture out of the house without a bunch of
More informationIdentität und Autorisierung als Grundlage für sichere Web-Services. Dr. Hannes P. Lubich IT Security Strategist
Identität und Autorisierung als Grundlage für sichere Web-Services Dr. Hannes P. Lubich IT Security Strategist The Web Services Temptation For every $1 spent on software $3 to $5 is spent on integration
More informationOpen Geospatial Consortium
Open Geospatial Consortium Publication Date: 2016-01-25 Approval Date: 2015-09-17 Posted Date: 2015-07-21 Reference number of this document: OGC 15-051r3 Reference URL for this document: http://www.opengis.net/doc/per/tb11-geo4niem-arch
More informationIntroduction to INSPIRE. Network Services
Introduction to INSPIRE. Network Services European Commission Joint Research Centre Institute for Environment and Sustainability Digital Earth and Reference Data Unit www.jrc.ec.europa.eu Serving society
More informationSentinet for BizTalk Server SENTINET
Sentinet for BizTalk Server SENTINET Sentinet for BizTalk Server 1 Contents Introduction... 2 Sentinet Benefits... 3 SOA and API Repository... 4 Security... 4 Mediation and Virtualization... 5 Authentication
More informationValidating services and data in an SDI
Validating services and data in an SDI Presentation to: By: Date: INSPIRE Conference Clemens Portele, Jon Herrmann, Roy Mellum 30 September 2016 4 October, 2016 ELF is the response from the European Mapping
More informationSDI SOLUTIONS FOR INSPIRE: TECHNOLOGIES SUPPORTING A FRAMEWORK OF COOPERATION
SDI SOLUTIONS FOR INSPIRE: TECHNOLOGIES SUPPORTING A FRAMEWORK OF COOPERATION Roberto Lucchi 1, Marten Hogeweg 1, Guenther Pichler 2 1 Esri, Redlands, CA, USA 2 Esri Kranzberg, Germany 1 Vision INSPIRE
More informationAn SDI based on editable nodes
Click to edit Master subtitle style An SDI based on editable nodes Agenda The Problem The Challenge: concrete use case The Solution gegis 2.0 The start What is gegis 2.0? Open, Open, Open: Standards, Architecture,
More informationHow to become an INSPIRE node and fully exploit the investments made?
How to become an INSPIRE node and fully exploit the investments made? Solution patterns for consumers: end users & developers (2/2) Roberto Lucchi 22 June 2010, Krakow 1 Geoportal extension Enabling discovery
More informationAPI Security Management SENTINET
API Security Management SENTINET Overview 1 Contents Introduction... 2 Security Models... 2 Authentication... 2 Authorization... 3 Security Mediation and Translation... 5 Bidirectional Security Management...
More informationFederated Web Services with Mobile Devices
Federated Web Services with Mobile Devices Rajeev Angal Architect Sun Microsystems Pat Patterson Architect Sun Microsystems Session TS-6673 Copyright 2006, Sun Microsystems, Inc., All rights reserved.
More informationTECHNICAL GUIDE SSO SAML Azure AD
1 TECHNICAL GUIDE SSO SAML Azure AD At 360Learning, we don t make promises about technical solutions, we make commitments. This technical guide is part of our Technical Documentation. Version 1.0 2 360Learning
More informationGENeric European Sustainable Information Space for Environment.
GENeric European Sustainable Information Space for Environment http://www.genesis-fp7.eu/ Outline Introduction The GENESIS FP7 project The GENESIS solution s architecture GENESIS experience with INSPIRE
More informationAccess Control Service Oriented Architecture
http://www.cse.wustl.edu/~jain/cse571-09/ftp/soa/index.html 1 of 13 Access Control Service Oriented Architecture Security Yoon Jae Kim, yj1dreamer AT gmail.com (A project report written under the guidance
More informationVersion 4.2. service.monitor. System requirements
Version 4.2 service.monitor System requirements Version 4.2 Copyright The lawful acquisition of the sdi.suite software products and its associated handbooks entitles the license holder to use the products
More informationAPI Security Management with Sentinet SENTINET
API Security Management with Sentinet SENTINET Overview 1 Contents Introduction... 2 Security Mediation and Translation... 3 Security Models... 3 Authentication... 4 Authorization... 5 Bidirectional Security
More informationThe Business of Identity: Business Drivers and Use Cases of Identity Web Services
The Business of Identity: Business Drivers and Use Cases of Identity Web Services Roger Sullivan, Vice President, Liberty Alliance Vice President, Oracle Corporation Liberty s Architecture Liberty Identity
More informationSAFER the GIGAS Effect
SAFER the GIGAS Effect How INSPIRE, GMES and GEOSS are influencing EC projects Arnaud Cauchy 23/06/2010 Agenda GIGAS Project Summary SAFER Project Summary SAFER Original Approach GIGAS Influences SAFER
More informationESRI & Interoperability. David Danko ISO TC 211 Metadata Project Leader OGC Metadata WG Chair ESRI Senior Consultant GIS Standards
ESRI & Interoperability David Danko ISO TC 211 Metadata Project Leader OGC Metadata WG Chair ESRI Senior Consultant GIS Standards ddanko@esri.com GIS has always required Interoperability Social Factors
More informationThe CEDA Web Processing Service for rapid deployment of earth system data services
The CEDA Web Processing Service for rapid deployment of earth system data services Stephen Pascoe Ag Stephens Phil Kershaw Centre of Environmental Data Archival 1 1 Overview of CEDA-WPS History first implementation
More informationTAS 3 Architecture. Sampo Kellomäki Symlabs , ServiceWave, Stockholm
TAS 3 Architecture Sampo Kellomäki (sampo@symlabs.com), Symlabs 23.11.2009, ServiceWave, Stockholm The research leading to these results has received funding from the European Community s Seventh Framework
More informationArcGIS Enterprise Security: An Introduction. Gregory Ponto & Jeff Smith
ArcGIS Enterprise Security: An Introduction Gregory Ponto & Jeff Smith Agenda ArcGIS Enterprise Security Model Portal for ArcGIS Authentication Authorization Building the Enterprise Encryption Collaboration
More information[GSoC Proposal] Securing Airavata API
[GSoC Proposal] Securing Airavata API TITLE: Securing AIRAVATA API ABSTRACT: The goal of this project is to design and implement the solution for securing AIRAVATA API. Particularly, this includes authenticating
More informationDiscovery and Access of Geospatial Resources Using GIS Portal Toolkit Marten Hogeweg Product Manager GIS Portal Toolkit
Discovery and Access of Geospatial Resources Using GIS Portal Toolkit Marten Hogeweg Product Manager GIS Portal Toolkit Outline Elements of Spatial Data Infrastructures Current trends Position of GIS portals
More informationMashing Up, Wiring Up, Gearing Up: Solving Multi-Protocol Problems in Identity
www.oasis-open.org Mashing Up, Wiring Up, Gearing Up: Solving Multi-Protocol Problems in Identity Eve Maler eve.maler@sun.com 1 A few notes about me and this talk Some relevant affiliations/perspectives:
More informationOpen Geospatial Consortium, Inc.
Open Geospatial Consortium, Inc. Date: 2010-08-18 Reference number of this document: OGC 10-155 Category: Engineering Report Editor: Andreas Matheus OGC OWS-7 Towards secure interconnection of OGC Web
More informationWelcome. to Pre-bid meeting. Karnataka State Spatial Data Infrastructure (KSSDI) Project, KSCST, Bangalore.
Welcome to Pre-bid meeting Karnataka State Spatial Data Infrastructure (KSSDI) Project, KSCST, Bangalore. DEVELOPMENT OF KARNATAKA STATE SPATIAL DATA INFRASTRUCTURE (KSSDI) PROJECT Objective: To develop
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationDATA SHARING AND DISCOVERY WITH ARCGIS SERVER GEOPORTAL EXTENSION. Clive Reece, Ph.D. ESRI Geoportal/SDI Solutions Team
DATA SHARING AND DISCOVERY WITH ARCGIS SERVER GEOPORTAL EXTENSION Clive Reece, Ph.D. ESRI Geoportal/SDI Solutions Team Geoportal Extension for ArcGIS Server Context within an Enterprise Spatial Data Infrastructure
More informationNew trends in Identity Management
New trends in Identity Management Peter Gietz, DAASI International GmbH peter.gietz@daasi.de Track on Research and Education Networking in South East Europe, Yu Info 2007, Kopaionik, Serbia 14 March 2007
More informationSpatial Data on the Web
Spatial Data on the Web Tools and guidance for data providers The European Commission s science and knowledge service W3C Data on the Web Best Practices 35 W3C/OGC Spatial Data on the Web Best Practices
More informationDCCKI Interface Design Specification. and. DCCKI Repository Interface Design Specification
DCCKI Interface Design Specification and DCCKI Repository Interface Design Specification 1 INTRODUCTION Document Purpose 1.1 Pursuant to Section L13.13 of the Code (DCCKI Interface Design Specification),
More informationSELF SERVICE INTERFACE CODE OF CONNECTION
SELF SERVICE INTERFACE CODE OF CONNECTION Definitions SSI Administration User Identity Management System Identity Provider Service Policy Enforcement Point (or PEP) SAML Security Patch Smart Card Token
More informationSII Law Organization Coordination activities Examples of good practices Education Technical matters Success stories Challenges
SII Law Organization Coordination activities Examples of good practices Education Technical matters Success stories Challenges INSPIRE transposed by the legal act on Spatial Information Infrastructure
More informationISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University
Identity Management and Federated ID (Liberty Alliance) ISA 767, Secure Electronic Commerce Xinwen Zhang, xzhang6@gmu.edu George Mason University Identity Identity is the fundamental concept of uniquely
More informationInteroperability with ArcGIS
Interoperability with ArcGIS Satish Sankaran Marten Hogeweg Agenda Understanding Interoperability What, Why and How? ArcGIS Platform An Open Platform Supporting Interoperability Examples from the real
More informationIdentity Provider for SAP Single Sign-On and SAP Identity Management
Implementation Guide Document Version: 1.0 2017-05-15 PUBLIC Identity Provider for SAP Single Sign-On and SAP Identity Management Content 1....4 1.1 What is SAML 2.0.... 5 SSO with SAML 2.0.... 6 SLO with
More informationTesting - an essential aspect of establishing an SDI
Testing - an essential aspect of establishing an SDI Clemens Portele, Anders Östman, Michael Koutroumpas, Xin He, Janne Kovanen, Markus Schneider, Andriani Skopeliti INSPIRE Conference 2011 30 June 2011
More informationextensible Access Control Language (XACML)
extensible Access Control Language (XACML) Fatih Turkmen fturkmen(at)disi.unitn.it fturkmen(at)mit.edu Visiting PhD Student, CSAIL, MIT DISI, University of Trento Outline extensible Access Control Markup
More informationMonitoring the Environment with Sensor Web Services
EnviroInfo 2009 (Berlin) Environmental Informatics and Industrial Environmental Protection: Concepts, Methods and Tools Monitoring the Environment with Sensor Web Services Simon Jirka 1, Dr. Albert Remke
More informationAll about SAML End-to-end Tableau and OKTA integration
Welcome # T C 1 8 All about SAML End-to-end Tableau and OKTA integration Abhishek Singh Senior Manager, Regional Delivery Tableau Abhishek Singh Senior Manager Regional Delivery asingh@tableau.com Agenda
More informationDESIGN OF WEB SERVICE SINGLE SIGN-ON BASED ON TICKET AND ASSERTION
DESIGN OF WEB SERVICE SINGLE SIGN-ON BASED ON TICKET AND ASSERTION Abstract: 1 K.Maithili, 2 R.Ruhin Kouser, 3 K.Suganya, 1,2,3 Assistant Professor, Department of Computer Science Engineering Kingston
More informationAccessing OGC Services To access OGC WMS and WFS open the service in the directory that you want to consume, and click on either WMS or WFS.
Using Web Services Web Services Overview This user guide contains instructions on how to consume a range of services through a range of both web based and desktop GIS applications. Web services are a live
More informationEsri Support for Geospatial Standards
APRIL 2017 ArcGIS Is Open and Interoperable Esri Support for Geospatial Standards Copyright 2017 Esri All rights reserved. Printed in the United States of America. The information contained in this document
More informationInCLUDE Data Exchange. Julia Harrell, GISP GIS Coordinator, NC DENR
InCLUDE Data Exchange Julia Harrell, GISP GIS Coordinator, NC DENR Julia.harrell@ncdenr.gov InCLUDE Project Partners NC Department of Environment & Natural Resources: The State of NC s lead environmental
More informationEllipse Web Services Overview
Ellipse Web Services Overview Ellipse Web Services Overview Contents Ellipse Web Services Overview 2 Commercial In Confidence 3 Introduction 4 Purpose 4 Scope 4 References 4 Definitions 4 Background 5
More informationInternational Journal of Computer & Organization Trends Volume 3 Issue 2 March to April 2013
Identity Security using Authentication and Authorization in Cloud Computing D.Ranjith #1, J.Srinivasan *2 # Department of Computer Science and Applications, Adhiparasakthi College of Arts and Science,Kalavai,Vellore-632506
More informationImplementing a Ground Service- Oriented Architecture (SOA) March 28, 2006
Implementing a Ground Service- Oriented Architecture (SOA) March 28, 2006 John Hohwald Slide 1 Definitions and Terminology What is SOA? SOA is an architectural style whose goal is to achieve loose coupling
More informationIdentity Management in ESA Grid on-demand Infrastructure
Identity Management in ESA Grid on-demand Infrastructure OGC TC - Europe Forum 4 December 2008, Valencia Pedro Pereira Gonçalves http://www.terradue.com Slide 1 ESA G-POD Infrastructure! Computing and
More informationAuthentication in Cloud Application: Claims-Based Identity Model
Authentication in Cloud Application: Claims-Based Identity Model Upen H Nathwani 1*, Irvin Dua 1, Ved Vyas Diwedi 2 Abstracts: Basically cloud service provider (CSP) give facility to access Software as
More informationThe cadastral data and standards based on XML in Poland
The cadastral data and standards based on XML in Poland Jarosław Bydłosz, Piotr Parzych AGH University of Science and Technology Cracow, Poland 1 XML XML Extensible Markup Language Extensible Markup Language
More informationKerberos on the Web Thomas Hardjono
Kerberos on the Web Thomas Hardjono MIT Kerberos Consortium MIT Kerberos Conference 2007-2009 The MIT Kerberos Consortium. All Rights Reserved. Kerberos Today Enterprise, B2B, B2C Kerberos & Identity Infrastructure
More informationKEY DISTRIBUTION AND USER AUTHENTICATION
KEY DISTRIBUTION AND USER AUTHENTICATION Key Management and Distribution No Singhalese, whether man or woman, would venture out of the house without a bunch of keys in his hand, for without such a talisman
More informationInteroperability and Standards Supports in ArcGIS
Esri International User Conference San Diego, California Technical Workshops July 26, 2012 Interoperability and Standards Supports in ArcGIS Satish Sankaran, Esri Yingqi Tang, Esri Agenda Esri s participation
More informationOracle Fusion Middleware
Oracle Fusion Middleware Understanding Oracle Web Services Manager 12c (12.1.2) E28242-01 June 2013 Documentation for developers and administrators that introduces features of the Oracle Web Services Manager
More informationImplementing GeoDRM support in an OpenLayers based viewer Access to the French geoportal WMS-C services from the Spanish SDI
INSPIRE Conference 2011 Implementing GeoDRM support in an OpenLayers based viewer Access to the French geoportal WMS-C services from the Spanish SDI R. Béjar, M. Á. Latre, J. Valiño, F. Javier Zarazaga-Soria,
More informationAuthentication and Authorization of Users and Services in Federated SOA Environments Challenges and Opportunities
Federated SOA Environments Challenges and Opportunities Bartosz Jasiul, Joanna Sliwa, Rafał Piotrowski, Robert Goniacz, Marek Amanowicz Military Communication Institute ul. Warszawska 22A, 05-130 Zegrze
More informationConnect-2-Everything SAML SSO (client documentation)
Connect-2-Everything SAML SSO (client documentation) Table of Contents Summary Overview Refined tags Summary The Connect-2-Everything landing page by Refined Data allows Adobe Connect account holders to
More informationTECHNICAL GUIDE SSO SAML. At 360Learning, we don t make promises about technical solutions, we make commitments.
TECHNICAL GUIDE SSO SAML At 360Learning, we don t make promises about technical solutions, we make commitments. This technical guide is part of our Technical Documentation. 2 360Learning is a Leading European
More informationCREATING SMART TRANSPORT SERVICES BY FACILITATING THE RE-USE OF OPEN GIS DATA
OPEN TRANSPORT NET TOMAS MILDORF 16 JUNE 2014 INSPIRE CONFERENCE 2014, AALBORG, DENMARK CREATING SMART TRANSPORT SERVICES BY FACILITATING THE RE-USE OF OPEN GIS DATA 2 1 OTN AT A GLANCE Full title OpenTransportNet
More informationStandards, GML and AIXM. Dr. David Burggraf Vice President Galdos Systems Inc
Standards, and AIXM Dr. David Burggraf Vice President Galdos Systems Inc Copyright Galdos Systems Inc. May 6, 2010 Geography Markup Language: What is it? A modeling language for geographic features A set
More informationRamnish Singh IT Advisor Microsoft Corporation Session Code:
Ramnish Singh IT Advisor Microsoft Corporation Session Code: Agenda Microsoft s Identity and Access Strategy Geneva Claims Based Access User access challenges Identity Metasystem and claims solution Introducing
More informationDelegated authentication Electronic identity: delegated and federated authentication, policy-based access control
Delegated authentication Electronic identity: delegated and federated authentication, policy-based access control Antonio Lioy < lioy @ polito.it > several RPs (Replying Party) may decide to delegate authentication
More informationUNITE 2007 Technology Conference
UNITE 2007 Technology Conference Some Considerations for MCP Applications using Web Services Michael S. Recant MGS, Inc. Session MCP4027 1:30pm 2:30pm Monday, September 10, 2007 MGS, Inc. Software Engineering,
More informationThe SOAP Story. Martin Parry Developer & Platform Group Microsoft Ltd
The SOAP Story Martin Parry Developer & Platform Group Microsoft Ltd martin.parry@microsoft.com http://martinparry.com Agenda Definitions SOAP through the ages SOAP and standards Approaches to building
More informationOIO Bootstrap Token Profile
> OIO Bootstrap Token Profile Version 1.0.1 IT- & Telestyrelsen March 2010 2 Content [ Document History 4 Introduction 5 Characteristics of bootstrap tokens 5 Related profiles 6 Assumptions 6 Token Requirements
More informationIdentity Management (IdM) is a crosscutting focus area for DHS
DHS & Identity Management Anil John Telephone: (443) 778-0612 Email: anil.john@jhuapl.edu 1 Identity Management (IdM) is a crosscutting focus area for DHS Enabling Homeland Capabilities EHC #1: Cross-Agency
More information