Sharing Data and Accessing Web Services - Going...

Sharing Data and Accessing Web Services - Going Practical!

Organisers: Arnulf Christl, Rüdiger Gartmann, Clare Hadley, Roger Longhorn, Suzanne McLaughlin, Athina Trakas

What’s in store…

Introduction and summary of the earlier Workshop

Going Practical – the technicalities

Perspectives and examples from around Europe

Survey Results

Discussion Time

24/06/2013 Sharing Data and Accessing Web Services - Going Practical! 2

Before Tea …

EEA data policy - open and free sharing of data and services approach

Data and service sharing - summary from INSPIRE country reports

INSPIRE modular licensing approach

German experience






Survey Results

Discussion Time


It’s not too late to take part!

http://inspire-forum.jrc.ec.europa.eu/pg/news/admin/read/135625/sharing-data-and-accessing-web-services-going-practical

Or, search #inspireconf2013 on Twitter and find it there

Or follow @INSPIRE_EU who retweeted it


...Going Practical!

Prepared by Arnulf Christl

metaspatial Director

OSGeo Emeritus President

http://www.metaspatial.net/

mailto:[email protected]

Twitter: @sevenspatial

DRM: What is it and why we haven't been doing it

Purpose of DRM

Technology to control the use of digital content

– Copying

– Viewing

– Printing

– Modifying

– Distributing

– ...


Lessons Learned from History

Digital files cannot be made uncopyable, any more than water can be made not wet. Bruce Schneier, cryptographer, 2001

Trusted systems presume that the consumer is dishonest. Mark J. Stefik, Xerox PARC, 1996

Conclusion: DRM is too hard to realise and probably aiming at a problem we don‘t have!


Different Kinds of Licencing

DRM style

Access control style

– Access policies to content are enforced

– Usage restrictions may be declared, but are not enforced

Open licence style

– No technical enforcement

– Restrictions may be declared

Trust makes a Difference!


Source: OGC Document 06-004r4 Geospatial Digital Rights Management Reference Model

(GeoDRM RM)

What is authentication?

What is Authentication?

Authentication is the act of confirming the identity of a

person, software or "agent“

(In IT) the process typically requires a client (agent) to

send an identity and password

The server checks whether the provided identity (user

name) is known and verifies the password

If the provided credentials are correct the agent is

authenticated and can proceed (for example access

authorized content)

If the provided credentials are not correct authentication

fails and the agent is rejected or challenged again.

Authentication Methods

Provide something you

know (password, etc.)

Show something you have (an ID,

passport, PIN generator, etc.)

Be something (fingerprint,

role, gender, etc.)

Authentication Provider

Authentication Provider

Government issued ID card, Passport Bank account identity IT Service provider accounts

– Google, Bing, Yahoo, Facebook, Twitter,

OpenID...

Family: Grand- mother, father, siblings, etc. Corporate Security

– Issues a pass card

– Key generator

– VPN, etc.

Authentication ≠ Authorization

Authentication verifies that "You are who you say you are"

Authorization is the process of verifying that "You are permitted to do what you are trying to do"

Authorization thus presupposes authentication.

What is authorisation?

Authorisation Process


Give me XYZ!

User A

May User A access XYZ?

Content

Policies

Check

Generic Policy Model

Resource | Subject | Action

Obligations and conditions

Decisions

>permit / deny

>+ obligations

ID Resource Subject Action

1 View Service * *

2 DL Service INSPIREuser Read

ID Resource Subject Action Obligation

1 DL Service Florence_Gov Write Area of Florence

Decision Obligation

Permit Area of Florence

Authorisation Options


GetCapabilities, GetMap,

GetFeatureInfo, DescribeFeatureType,

GetFeature, GetGmlObject,see WFS +

GetFeatureWithLock, LockFeature,

Transaction,GET_CLIENTSERVICES,

GET_SERVICE_INFO, GET_IMAGE,

GET_FEATURES, GET_EXTRACT,

GET_PROJECT,

GET_RASTER_INFO,DisplayMap*,

IdentifyFeatures*, QueryFeatures*,

HTTP GET, HTTP POST, View,

Access,...

Spatial Filter

Layer or

Featuretypes Temporal

Service functionality

Features

Typical Requirements for a Technical Implementation

Licensing Aspects

Information about terms

Enforcement of terms

Charging

Access control


Survey Results:

65%

42%

46%

65%

Known User vs. Anonymous Users

Most data and services to be shared with anybody

Some might be restricted

Different user groups may have different permissions then

Survey result: 73% need access restrictions


Different Licence Models

Often more than 1 licence models are in place

Survey results: 84% Open Data, 73% restricted

Assigment of licence models

– per user (group)

– per service

– both (matrix)


Charging

Different ways of charging:

– Flat rate

– Volume based

– Area based

– ...

Complexity of price formulas varies

– From price per item

– to highly parameterised formulas


Requirements for Implementation

Even within INSPIRE there is a broad range of licence models

Harmonisation of licensing process is underway

Harmonisation of licence models, terms, prices, ... is not (yet) visible

Challenge for software providers: Cover as much of the licensing universe as possible!


Practical Example

Geoportal Rhineland Palatinate: http://www.geoportal.rlp.de

...this is an Online presentation, the following slides are only a fall back option.

http://www.geoportal.rlp.de

Accept Terms of Use!

Geoportal Rhineland Palatinate

Authenticate...

...to be authorized to access.

Geoportal Rhineland Palatinate

License! Add to viewer!

! Click to see metadata

Metadata

Metadata

! INSPIRE Service Metadata

Metadata

Restricted License!

Web Map Context – Collections of

map services for specific purposes.

Here: Land slide risk





Survey Results

Discussion Time


Going practical in Northern

Ireland....

49 24/06/2013 Sharing Data and Accessing Web Services - Going Practical!

Policy decisions

to go with a centralised portal solution for Northern Ireland (NI)

– www.spatialni.gov.uk


Policy decisions

to open our access to NI mapping data

– via creation of an INSPIRE non-commercial licence


Policy decisions

– creating access to a restricted area for national

mapping agency commercial data

– time bound access


Access

to services to use within Spatial NI view client

to take services out of Spatial NI into GI software

time bound access

to consume services directly into applications - securing

these services

Licences

NIMA

Anonymous Non-commercial INSPIRE

Registered Non-commercial INSPIRE

Individual bespoke

54 54

NIMA (user can also

choose Registered Non-commercial

INSPIRE)

User Type

Licence Type

No spatial restrictions;

2-year licence

Restrictions

Individual, one-off conclusion of

licence for each map service

Acceptance

YES

Monitoring

Registered Non-commercial

INSPIRE

Anonymous Non-commercial

INSPIRE

Spatial restrictions;

single-use licence



NIMA (manually added to group upon request)

Registered (default)

Anon (unregistered

user)

Spatial restrictions;

2-year licence

Individual conclusion of


YES

NO

Spatial NI conclude licences

No spatial restrictions;

licence duration set as required

YES Emergency Emergency (Spatial NI generate)

YES



Spatial restrictions and licence

duration as per Client

Bespoke (e.g. NI Water, Virgin Media,

Royal Mail)

Commercial

55 24/06/2013 Sharing Data and Accessing Web Services - Going

Practical!

Difficulties encountered


User reluctance to change

accept click

licence

gain access

to services

email organisation

requesting access

to data

receive paper

licence in post-

sign hardcopy

& post back

accept click

licence

gain access

to services


Yet to be resolved…

Preview on data.gov environment


Cross cutting policies

Active

directory

Spatial

NI

LDAP

Northern Ireland Civil Service

Internal Firewall

De-militarised Zone

Web Facing

Manual

population

Automated

population

Establishing Data Access and Sharing Policies

Or…

It’s not as simple as you might think!

Prepared by Roger Longhorn

Communications Director, GSDI Association

Information Policy Advisor, Coastal & Marine Union (EUCC)

www.gsdi.org / [email protected]

It’s Not as Easy as You Think!

Fact 1: ‘Open data’ policies mean different things to different people – and governments – and in legal jurisdictions (definitions are key), even within a single state, let alone across national boundaries.

Fact 2: A single agency operating under a single ‘open data’ regime nearly always has some exceptions or restrictions relating to some part of their data holdings.

Fact 3: Many important datasets are the result of co-production, using data from more than one source/owner.

So … how do these facts complicate the definition, implementation and enforcement of a comprehensive data access and sharing policy that benefits owners and users?


How can different types of datasets or services affect implementation of data policies?

Type 1: Single identifiable dataset from a single identifiable owner.

Type 2: Dataset from a single owner, but which contains data from other rights owners.

Type 3: Data (typically digital) versus maps.

Type 4: Derivative datasets created by 3rd parties based on any of the above types.

Type 5: Datasets, products or services that may be subject to several different types of legislation – simultaneously.


Basic Questions Regarding Your Data… Pertinent to Access & Sharing Policies

Q1: Do you own the rights to all the data, datasets, products or services that you are offering?

Q2: Do any of your datasets include data from other sources/owners?

Q3: If so, do you know what their data policies are – and do they match yours?

Q4. If not, how does this impact on your data access and sharing ‘business model’?


A (Real) Scenario

Agency A provides a core national dataset that contains data from Agency B. Agency A sets a liberal open data policy, unrestricted use of all its datasets for any purpose by anyone, resulting in a relatively simple data distribution regime. Agency B has a more restrictive data policy – their data is freely available only to private citizens or for research purposes. All others must enter into a contract, with restrictions, and perhaps pay a fee. Agency B tells Agency A to remove B’s data from A’s dataset if they continue to release it under A’s less restrictive terms. What are Agency A’s options?


What Are Agency A’s Options?

1. Remove Agency B’s data and continue to offer A’s reduced dataset under A’s current policy – if that is even possible.

2. Remove Agency B’s data and then A collects the now missing data to rebuild the original dataset.

3. Leave Agency B’s data in place, but implement a licencing and (complex) data management system that would satisfy B’s user restrictions.

4. Get Agency B to change their data policy!


And finally…!

1. Managing licenses that span periods in which data policies change.

2. Tracking on-use, if restrictions apply for re-use by 3rd parties.

3. Different data policies for access to data delivery services rather than for the data itself.

4. Different policies based on age of data (historical versus current) or effort required to deliver it.

5. Monitoring and maintaining data policies and their implementation provisions over time as regulations change.


Thanks for your attention!

You see? I said it wasn’t simple!

Prepared by Roger Longhorn Communications Director, GSDI Association

Information Policy Advisor, Coastal & Marine Union (EUCC)

www.gsdi.org / [email protected]

Going practical in Great

Britain…

Ordnance Survey of Great Britain

OS OpenSpace®

UK Open Government License

Using the API

Using the Data

Combining the data with other Open Data (OpenStreetMap)

SplashMaps – a tangible result

OS OpenSpace®

http://www.nationalarchives.gov.uk/doc/open-government-licence/

OS OpenSpace® API

Using the Data...

Extract

Using the Data...

Transform

Using the Data...

Load

Using the Data... Present

Create Product

& Sell

Thank you for your attention!

You see? I said it was simple!

Prepared by Arnulf Christl

metaspatial Director

OSGeo Emeritus President

http://www.metaspatial.net/

mailto:[email protected]

Twitter: @sevenspatial


OGC and Open Data http://www.opengeospatial.org/ogc/faq#11

The OGC embraces open data as well as other models for data

distribution and access. The OGC standards framework must support a

broad range of policy positions on the access to and distribution of

geospatial data, and we are supportive of all models for open access,

licensed data, secure distribution, etc. Policies on access and

distribution of geospatial and other forms of data are constantly in flux.

Data sets restricted for distribution by security and/or pricing / licensing,

may be opened up for free access at another time. Changing market

forces and organizational policies determine the rules for data access and

distribution. Open standards, including those of the OGC, support the full

range of business models, and a common open standards framework

is vital to the overall geospatial data marketplace.


→ The EC has been assigned the responsibility to draft a

Delegated Act on Copernicus Data & Information Policy

→ Wide consultations have taken place with experts and

the user community

→ Realisation of the predicted benefits is dependent on an

appropriate data policy

Fka GMES (Global Monitoring for Environment and Security

Nicolaus Copernicus (1473-1543, Poland) was a Renaissance mathematician and astronomer who formulated a heliocentric model of the universe which placed the Sun, rather than the Earth, at the center.

Source: Dr. Reinhard Schulte-Braucks at Geospatial World Forum 2013, http://www.geospatialworldforum.org/2013/presentation/Dr%20Reinhard%20Schulte-Braucks.pps


→ Data from Sentinel satellites and Copernicus services will

be available on a free, full and open basis

→ The only access restrictions will be those associated with

sensitive security scenarios

→ Extensive data from contributing missions will be made

available under the licensing conditions of the owner

Source: Dr. Reinhard Schulte-Braucks at Geospatial World Forum 2013, http://www.geospatialworldforum.org/2013/presentation/Dr%20Reinhard%20Schulte-Braucks.pps


→ Current state: Adoption phase of the Data Policy.

→ View from Industry (video – Marc de Vries)





Survey Results

Discussion Time


Q1 Participant Country of Origin


Q2: Who are you filling the form on behalf of?


0

2

4

6

8

10

12

SDI Coordinator/National Contact Point Government Private Company

Respondent Completing the Form on Behalf of an Organisation Number of Respondents

Organisation Type

Q3: Have you implemented any form or rights management (tracking and controlling the access to and

use of content, rights, licences and associated information) for spatial data in your

country/organisation?


60.7% 28.6%

10.7%

Yes

No

Other

Implementation of Rights Management for Spatial Data

Q4: If yes to Question 3, what was the driver for this?


0%

10%

20%

30%

40%

50%

60%

70%

PSI Directive implementation orother national government

open data initiative

INSPIRE Directiveimplementation

Business reasons - pleaseexplain in comment box below

Other - please explain incomment box below

Percentage of Respondents

Driver

Driver of Rights Management Implementation

24/06/2013 Sharing Data and Accessing Web Services - Going

Practical!

Q5: What one thing would you do to improve the situation with respect to data and service sharing in your

country/organisation?

Implement INSPIRE

Simplify licences/use common licence conditions

Implement Open Data policie

Change business model of organisation/have less complex pricing

Q6: Have you moved licensing from a paper to digital environment?


37.0%

22.2%

40.7%

Movement of Licensing from Paper to Digital Environment?

Yes

No

Partial

Q7: In relation to INSPIRE, have you...


0%

10%

20%

30%

40%

50%

60%

Developed a new licence for INSPIRE Adapted an existing licence Have no INSPIRE licence in place yet

Actions as a Result of INSPIRE Percentage of Respondents

Action

Q8: Do you have a data access and sharing policy – and implementation – which handles both open data and

data or services that require charges or other restrictions?


0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

Open Data Data which is Restricted and/or charged for

Data Access and Sharing Policy

Percentage of Respondents

Sharing Policy

Q9: Once you have made your data available to users outside your country/organisation, have you considered

any means of tracking on-use (re-use by others), especially if/where IPR restrictions apply?


36.0%

64.0%

Measures to Track Data Use Outside of the Country/Organisation

Yes

No

Q10: If you have implemented a rights management capability, does it comply with the Geospatial Digital Rights Management Reference Model (GeoDRM RM)

standard or equivalent?


7.1%

32.1%

53.6%

7.1%

Rights Management Capability Comply with GeoDRM RM Standard?

Yes

No

Don't know

Any Other Standards

Q11: With regard to access control and rights management for INSPIRE data and services, how important do you rate a consistent and coherent approach directed by the INSPIRE Regulations or

Guidance?


10.7%

14.3%

39.3%

21.4%

14.3%

Importance of Consistent and Coherent Approach directed by the INSPIRE Regulations or Guidance?

Not very important

Slightly important

Important

Very Important

Extremely Important

Q12: What do you consider to be the biggest barriers in your country/organisation to improving online data

sharing?


0%

10%

20%

30%

40%

50%

60%

Agreement onstandardised licence text

& terminology

Technicalimplementation of data

access and sharingpolicies

Persuading people tochange and modernise

standard practices

Lack of direction fromhigher (other) levels ofgovernment regarding

use/re-use of PSI

Other - please specifybelow

Biggest barriers to Improving Online Data Sharing? Percentage of Respondents

Current Barriers

Q13: What are your country/organisations specific needs for licensing?


0%

10%

20%

30%

40%

50%

60%

70%

Informing about licensingterms

Enforcing licensing terms Ability to charge forlicences

Control access toservices

Other - please specifybelow

Specific Needs for Licensing Percentage of Respondents

Needs for Licensing

Q14: Do you consider that your country/organisation has complied with all INSPIRE data and service sharing

requirements?


0%

5%

10%

15%

20%

25%

30%

35%

40%

45%

Yes No Partial Don't know

Consideration that all INSPIRE Data and Service Sharing Requirements have been met? Percentage of

Respondents

Response

It’s not too late to take part!

http://inspire-forum.jrc.ec.europa.eu/pg/news/admin/read/135625/sharing-data-and-accessing-web-services-going-practical

Or, search #inspireconf2013 on Twitter and find it there

Or follow @INSPIRE_EU who retweeted it


Discussion Time


Sharing Data and Accessing Web Services - Going...

Documents

Transcript of Sharing Data and Accessing Web Services - Going...