Conflicts between Geoxacml Access Control Policies in Geographic Information Systems

In our days, geospatial data play a key role in a wide spectrum of critical fields, such as disaster and emergency management, environmental monitoring, land and city planning. The specific nature of these geospatial data presents many challenges in terms of security. Indeed, security issues for geospatial data are different and in many ways more complex than security issues for relational data. Among these challenges, we find the detection and resolution of conflicts/anomalies between access control policies which is a very common situation in this kind of systems. In this work we deal with the problem of detection and resolution of conflicts/anomalies between GEOXACML policies. That is the case where several policies provide conflicting answers to a same request. We give more attention to the mathematical formalism of the problem. We introduce the notion of the canonical representation of the query space which is a classification that provides a natural way to handle interferences between policy targets (in other words conflicts/anomalies). Then we highlight the key role that this canonical representation will play as the core of a future Framework for conflict detection and resolution in GEOXACML access control systems.