Authorize access to dynamic spatio-temporal data

Access to a single data object in a collection can be difficult when the set and user groups are large and dynamic. This becomes more complex if the authorization policy is based on the time and space references of the data object. This article takes the real-world scenario of my company Cyclomedia technology to introduce a solution to this problem, which combines two components of the Oracle Database Enterprise Edition: Spatial options and virtual private database features.

Cyclomedia Technology

Cyclomedia specializes in the systematic and large-scale visualization of the environment based on a 360-degree panoramic image (i.e. annular panorama). To create a circular panorama, take a picture of a wide area and enter it into an online database. After registering each record, location, and position, you can implement a variety of applications, such as measuring and modeling. (See the following example.) ）

6JU83KS7U6PG ....

image Id	record location	record date Time
43C5KLF8H0CG		2005-03-12 15:22
2004-08-02 08:51
6.9008111752263,52.4115443666161	2006-06-21 12:17

Fig. 1 An example of a circular panorama using geo-spatial data

DCR7 is the newest model in a series of records system developed by Cyclomedia, which can be used to represent appearance quality, measurement precision and high speed visual record. DCR7 is able to generate an annular panorama at a speed of 5 meters and 80 km/h, Cyclomedia intentionally uses it to convert most of Europe's public space into images. As a result of these advances, the Ring Panorama collection is expected to grow rapidly.

Licensing challenges

In the Cyclomedia case, we are faced with the need to grant many users access to a collection of dynamic objects with space and time references. Authorization parameters are based on the time and space dimensions of the collection.

Traditionally, the solution to this problem is to create a static dataset or authorization table that describes each single relationship between each principal (client or user) and the objects in the collection. Building these datasets and tables typically uses professional tools to compute the spatial relationships between objects and authorized areas.

When user groups and collections are large and dynamic, it is not appropriate to build and maintain these ad hoc datasets and authorization tables to support access control. Also, ad hoc data does not support flexible protection granularity and dynamic changes in access control policies.

Several recently proposed solutions have different drawbacks. The main causes of these shortcomings are related to the architecture of the proposed solution. Authorization is enforced outside the database, or authorization is enforced after the query is executed, thereby limiting the use of the data. Even the Open geospatial Consortium the current proposed new standard GEOXACML architecture is problematic. Based on standards for spatial data (GML, WMS) and Authorization (XACML), it provides an unprotected Web map service with a solution that does not need to change the existing infrastructure for access control. To this end, it intercepts messages transmitted to WMS, performs retrieval tasks on the target WMS, sends the results to the decision point, and then creates a result set based on the resulting authorization.

This concept is largely based on this architectural prototype, which can lead to inefficient consequences: All data is selected from the original database and then converted to GML, and the external tools are used to divide and compute the features according to the authorization policy. Therefore, the spatial index in the original database cannot be used, and the space comparison function must be implemented in other components. In addition, the architecture cannot perform complex analysis tasks because the data is first selected and then filtered according to the authorization policy. Even a simple query has recently been a neighbor problem: You may end up finding that the most recent object you chose at the beginning is unreachable.