Earth Sciences and Resources Institute, University of South Carolina
 

 

 

 

    Home
    Staff
    Capabilities
    Projects
    Resources
    About
 

Sponsored by: Internal Funds  
                 

Project Home

Project Overview

Access Control Model

Project Staff

 

As GIS software is becoming widely used in a variety of applications, the need to provide confidentiality of data used by GIS arises. The faculty of the Earth Sciences and Resources Institute and the Department of Computer Science and Engineering at the University of South Carolina collaborated to study information confidentiality issues in GIS context and to define an access control model for a multi-user geodatabase within an enterprise-level GIS environment. This project discusses our findings and difficulties during the implementation of the model to enforce access control in spatial databases created with ArcGISTM 8.1, ArcSDETM 8.1 and MS SQL ServerTM 2000.

Geographic Information Systems (GIS) are becoming more and more widely used in a variety of application domains, creating the need for multi-user support, sophisticated data management, global connectivity, and information security.  Until recently, most of the research work on GIS focused on providing powerful tools for manipulating (i.e., capturing, storing, retrieving, transforming, analyzing, and displaying) spatial data [1,2,3,4].  The most widely used GIS software are the products of Environmental Systems Research Institute (ESRI) [ArcView®, ArcInfoTM, ArcGISTM], Intergraph [GeoMedia® and Modular GIS Environment (MGE®)] Autometric [SoftPlotter®, KDMS®, and SQS®], MapInfo [Professional® and MapBasic®], and GRASS GIS [5,6,7,8]. However, most GIS provide little or no support for multilevel information confidentiality. Clearly, this is unacceptable in a large, multi-user environment where some of the data manipulated by the GIS software are confidential.

Since 1999 the Earth Sciences and Resources Institute at the University of South Carolina (ESRI-USC) has generated large amounts of spatial data, some of which are confidential and/or proprietary. These data need sufficient access control measures to adequately serve users of the application domain. The institute currently has undertaken an internal project to establish an enterprise level GIS environment within the institute and to create a seamless spatial data repository for the entire state of South Carolina. But until now (October 2001) no security measures have been adopted.

 

 

Page maintained by: Mark Evans, Last update: April 10, 2008
Copy right @ 2001 University of South Carolina Board of Trustees