Different initiatives of Geospatial Data Infrastructures (GDI) exist to provide interoperable access to distributed and heterogeneous geodata. One possible implementation of a GDI can be based on services, e.g. Web Services that communicate over a network like the Internet. The deployed services support interoperable access by implementing open standards – among others – of the Open Geospatial Consortium (OGC). The most famous examples of these services are the OGC ’ Web Map Service (WMS) and the Web Feature Service (WFS). For commercial use of a service-based GDI, different security mechanisms must extend the basic infrastructure in order to ensure communication confidentiality and integrity as well as message authenticity and service availability. In addition to these security requirements, access control is important in order to enforce restricted access to protected geodata. The prerequisite of access control is authentication, as it allows the proof of claimed identities to which access rights are associated. The proof of identity is guaranteed by a three-factor authentication mechanism: (1) What you have (e.g. an X.509 certificate), (2) What you know (e.g. a PIN or username/password) and (3) What you are (e.g. biometrics like a fingerprint). Depending on the requirements for proving the claimed identity, one, two or all three factors must be present
To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.