The requirement for Integrity and Confidentiality is two-fold:
- Protection of geodata while it is stored on a Web Service towards unauthorized
modification or unveilance, e.g. caused by manipulated execution of the Web Service.
A typical implementation can be based on Access Control.
- Protection of geodata against unauthorized modification of unveilance while
the information is in trasit via an insecure communication link, e.g. the Internet.
A standards based Implementation is possible leveraging WS-Security standards from OASIS.
This approach supports to associate the protection towards integrity and confidentiality
to the geodata itself; this specific to the use case and the overall architecture. Any
network based protection mechanisms can be added. However
the approach is independent from the underlying network security features and can therefore
be used without administrative privileges for the network.