OGC 11-086r1 Copyright © 2012 Open Geospatial Consortium 77 11 Summary and Outlook

11.1 Summary

This engineering report outlines how to provide access control for WFS-T 2.0 instances used to query and manage AIXM data. We proved interoperability as the same software components are used to protect a WFS-T implementation from Comsoft and from Snowflake. The former WFS-T hosts Estonian data and requires to use a SOAP binding and the latter hosts FAA data and requires XML POST binding. We started with an introduction of the most popular conceptual rights models. Afterwards we summarized the requirements towards access control systems for these infrastructures and finally analyzed the presented conceptual rights models. We were able to conclude that a suitable access control systems for OWS based SDIs must use a hybrid rights model that combines the concepts of rule- and role-based rights models. One possible implementation of the needed rights model is defined in the latest XACML and GeoXACML specification and the XACML related profiles. Based on these specifications one can implement powerful and standardised access control systems that not only protect WFS-T 2.0 instances but also any Geo Web Services and spatial data found in SDIs. We demonstrated how to generate XACML ADRs based on intercepted WFS messages and showed how to implement the required types of rights. After the demonstration how to use XACML in the OWS use case we address the implementation of the sponsors business rules in the AviationAIXM scenario. The developed and deployed access control system and the formal definition of the rights can be tested online under http:grid01.informatik.unibw-muenchen.decomsoft.php and under http:grid01.informatik.unibw-muenchen.desnowflake.php .

11.2 Future Work items

11.2.1 Standardisation of the XACML v3.0 OWS Profile

There are many things that need to be taken into account when using GeoXACML to protect OWS based architectures. Thanks to the developed XACML OWS profile there is a set of guidelines how to use GeoXACML to protect OGC Web Services. These rules provide enhanced interoperability in GeoXACML based access control systems for OWS and support an easier applicability and implementation of XACML or GeoXACML based access control systems in OWS environments. 78 Copyright © 2012 Open Geospatial Consortium One of the next steps of the GeoXACML SWG has to be the continuation of the standardization process of the XACML v3.0 and v2.0 OWS profile and its service specific extension documents. 11.2.2 Returning Access Control Process Information to the User and Binding Security Related Information to the Request Another issue that needs to be addressed is how security related information, like a simple access denied message or the notification that the OWS response was filtered because of insufficient permissions is returned in a standardized way to the requestor. The conceptual problem is how to bind security responses form different security services e.g. the access control system to the actual OWS response. Should the information be included inside the OWS response itself? Should there be a SecurityServiceReport next to the actual OWS response? If so what would be its content and how to bind the two information entities together? Further research and standardisation effort is needed in this direction. The problem how to bind access control process results or security information in general to the actual OWS response is closely related to the problem of how to bind security information to an OWS request. A general solution for the problem of binding security process results to an OWS response should ideally also be applicable to bind security information to an OWS request.

11.2.3 Interplay of the Access Control System with the validation service