Authentication and authorization management to OGC services with GeoShield: Introducing the GeoServer Resource Access Manager plug-in and SOS protection

Enterprises are increasingly feeling the need of more sophisticated data access control to OGC services. Nowadays there aren't many solution to manage data access control. Using actual techniques, administrators can mostly define read or write permission to specific services.

GeoShield meets this need by offering a centralized way to define security access-control to OGC services through a nice user friendly web interface. Basically it acts like a proxy, intercepting all the communications between clients and OGC compliant services (WMS, WFS, SOS). GeoShield is able to manage users and groups, it handles authentication and privileges settings among groups and registered services. It is capable to analyze requests applying the configured permission filters and/or manipulating the response accordingly.

This year GeoShield extends his capabilities introducing two major improvements: the Sensor Observation Services protection and the GeoServer Resource Access Manager plug-in.

The SOS protection introduces the definition of permissions for core and transactional profiles. Data managers can now set read permissions for each Observation Offering, and authorize writing permissions to transactional profile requests only to authorized users.

Thanks to the latest GeoServer release (2.1), GeoShield can be directly integrated with the new Resource Access Manager plug-in. This extension give some benefits in term of speed and reliability, GeoShield's proxy capabilities is bypassed, minimizing response time.

The presentation will introduce the attenders with GeoShield and the newly developed features throughout a practical demo.