OGC 11-086r1r1 Copyright © 2012 Open Geospatial Consortium 75 Next, the PIP fetches the Unit representing the controlling and using agency. Finally, the PIP fetches the BASELINE of the airspace to be scheduled. This is required as the airspace scheduling request must not include he geometry of the airspace, but for the geographic access rights, that geometry must be present. Figure 21: Information Linking for SAA Scheduling The figure above shows all AIXM features that are involved in deriving an authoritation decision for SAA Scheduling. All AIXM features – fetched in sequential requests to the WFS - are composed in an XML document that is returned to the Context Handler so that an extended ADR can be issued to the GeoPDP. The sequence of requests is illustrated in figures 18, 19 and 20.

10.1.4 PDP

The PDP involved in OWS-8 is a GeoPDP implementing GeoXACML v1.0 BASIC, including extensions A+B. It is therefore possible to use GML 2 and GML 3 geometry encodings and topological test functions, as described by the specification.

10.1.5 Obligation and Error Hander

The Obligation Handler is part of the Context Handler that is capable of modifying a WFS and WFS-T request and response based on Obligations returned by the Authorization Decision. 76 Copyright © 2012 Open Geospatial Consortium The ability to modify an intercepted WFS-T request implements the Opaque Security Option where the use is not aware of the fact that something was changed. In cases where the Authorization Decision is DENY and no obligations are present, the Error Handler returns the appropriate WFS Exception. Please note that at present, the WFS specification does not define any security specific error codes. Therefore, the used error code 403 and the text “Not Authorized” is not compliant. Perhaps a change request to the OWS Common specification is a way forward to add security specific error codes cp. 11.2.2?

10.1.6 Demo-Client

Two demo clients have been implemented that show various access restrictions for the Authoritative Data Store. The Comsoft demo page illustrates access constraints for fetching AIXM features with different interpretations: BASELINE, TEMPDELTA and PERMDELTA. Further more, it is illustrated how to distinguish between a Commissioning and a Decommissioning and implement access constraints regarding the separation of duty: One user can do a Commissioning but the same use cannot do Decommissioning and vice versa. The Snowflake demo page illustrates the use cases created by the FAA concerning the scheduling of airspaces. In particular, the duties of controlling and using agencies for PENDING and APPROVED scheduling requests are taken into account here. More information on the demo client and the evaluation of the security infrastructure can be found in section 9 or this ER. Please note that both demo pages create AIXM features in the WFS using the TransactionInsert operation and that therefore all permitted actions can take quite long. OGC 11-086r1 Copyright © 2012 Open Geospatial Consortium 77 11 Summary and Outlook