Interoperable Access Control for Geo Web Services in Disaster Management

In case of a disaster, the fast interoperable and secure exchange of spatial data is one of the key tasks. Access control plays an important role for disaster management in order to enforce restricted access to protected spatial data or to declare views on the relevant data for certain users/roles. Therefore, a powerful and interoperable language is needed to declare policies for operations on Web Services used, for example in disaster management. These polices have to contain rules that define which data can be accessed by a person/role through a certain operation (e.g. read, write) under given conditions (e.g. national or regional state of emergency). Different standards exist to establish access control for various requirements (e.g. OASIS’s eXtensible Access Control Markup Language - XACML). However, no standard exists so far that allows the declaration and enforcement of spatial access restrictions needed for the geospatial problem domain. Based on the OASIS Standard XACML, a newly developed spatial extension to XACML called GeoXACML (OGC candidate specification) provides a possible recommendation on how to declare and enforce flexible access rights for spatial data in an interoperable way.