MIWP-Action #2125

Updated by Michael Lutz almost 6 years ago

*Issue:*
According to the INSPIRE Directive data providers may limit access to services for a number of reasons. However, there has been no attempt to harmonise how access control and rights management are implemented, leading to a plethora of approaches across Europe. Data providers need to manage access for a number of reasons, and in some instances need to make a charge too. In these latter cases, the Directive stipulates that they must to use e-commerce. Again, there is no attempt to harmonise how this is done. The result is that access to INSPIRE services is not interoperable, thus reducing the value of the data and services. This is also an issue for the INSPIRE geoportal, since several view and download services described in the metadata harvested by the INSPIRE geoportal from the national discovery services are not accessible and thus makes it impossible for users to access these services through the INSPIRE geoportal. Furthermore, the current usage of a free text field for conditions applying to access and use in the INSPIRE metadata does not allow for automatic analysis and filtering.

*Proposed change or action:*
Develop guidelines and best practices for addressing these issues in a more harmonized way.

*Organisational set-up:*

* The ARE3NA ISA action is launching a study on AAA (authentication, authorisation and accounting), which will
** > * review the state of the art in relevant technologies, standards and best practices for AAA/access control,
** > * organize an interim workshop to discuss potential AAA/access control solutions with stakeholders, and
** > * implement a testbed to examine potential AAA/access control solutions in practice.
* The MIG can interact with / contribute to this study by providing input and participating in the workshop and/or testbed.
* In parallel, the MIG should conduct a survey/document the currently used approaches for AAA/access control in the MS

*Outcomes:*
* Overview of the currently used approaches for AAA/access control in the MS
* Guidelines and best practices for AAA/access control in INSPIRE
* AAA testbed

*Possible funding:*
ARE3NA

Back