Full text: Proceedings; XXI International Congress for Photogrammetry and Remote Sensing (Part B4-3) 

The International Archives of the Photogrammetry, Remote Sensing and Spatial Information Sciences. Vol. XXXVII. Part B4. Beijing 2008 
• auditing; 
• Virtual Private Database Column Masking, allowing only 
authorized users to see the content of certain table fields; 
• Label Security Authorizations. 
Publication/Analysis environment: front end applications, 
mainly dedicated to analysis, processing of project specific 
geodata and exploratory aspects; simple editing capabilities 
should be also included. This environment is developed on a 
completely open source platform, for high availability and 
interoperability of derived applications and services. This 
environment, in future perspective, may substitute in all 
functionalities the production/editing commercial based 
environment, once the development of certain functionalities 
for data management and security will be considered mature ( 
Table 2). 
Component 
Description 
Version 
Type 
Operating 
System 
Ubuntu 
(linux) 
7.10 
Open Source 
DBMS 
PostgreSQL / 
PostGIS 
8.2 
Open Source 
Web Map Engine 
Mapserver 
5.0 
Open Source 
GIS WMS Client 
Any OGC 
Compliant 
9.2 
Open Source / 
Commercial 
Tools 
Ora2Pg 
4.7 
Open Source 
Ogr20gr 
1.7 
Open Source 
Table 2 - Publication/Analysis environment architecture 
Summarizing, the actually implemented architecture includes a 
production geodatabase based on Oracle 10 G and a 
PostgreSQL/PostGIS database for the publication environment, 
acting as source for web mapping services. Several scripts have 
been implemented for exporting data from Oracle to 
PostgreSQL, by using ora2pg and ogr2ogr tools. 
2.3 Architecture schema 
System architecture definition (Figure 3) has been obtained 
keeping in consideration three different tasks that the system 
must perform efficiently: 
• Geodatabase network: the architecture of the geodatabase 
servers, including: 
• the master Geodatabase (Oracle 10g), that contains all 
the database schema and the data; 
• the replica Geodatabase (Oracle 10g), containing a two- 
way replica of the master Geodatabase, for maintenance 
purpose and data consistency; 
• publication Geodatabase (PostgreSQL/PostGIS), a 
geodatabase replica to be accessed and used by web 
based services and applications. 
• Internal backup and restore network: internal support 
network used to backup sensitive data on a tape driver, to 
reduce the cost of the storage system and to assure the 
maximum flexibility of the service. Policies and scheduling 
of backup operation are under definition, considering 
several different factors such as data volumes, update rates, 
data sensitivity and level of services that must be granted. • 
• Web Server: server(s) that provide the publication service 
of the geodatabase using GIS application. The architecture 
of the system is composed by two servers with the same 
hardware configuration. Three different hypotheses about 
the web-server publication service can be made: 
• one server provides the effective service of publication 
while the second server supports the computing 
capacity to the first server; 
• a cluster of two servers in active-active mode. They 
support each other to reduce the load and to grant the 
service in case of failure of one of the servers. 
• a mixed approach: open-source GIS applications and 
enterprise applications like ArcGIS Server. 
2.4 Privileges and data distribution methods 
Four different roles have been defined and implemented, in 
order to administer and control how users may interact with the 
geodatabase: 
• Database administrator, in charge of: 
• adding and removing users to/from the database 
server; 
• managing geodatabase and user security; 
• creating and deleting geodatabases; 
• attaching and detaching geodatabases; 
• doing backup and restoring geodatabases; 
• upgrading geodatabases; 
• compressing geodatabases; 
• starting, stopping, and pausing the database 
server. 
• Data creators, read/write users with privileges 
allowing them to edit existing data and to create 
database objects (altering schema); 
• Data editors, read/write users with privileges 
allowing them to edit existing data; 
• Data viewers, with read only privileges. 
Moreover, based on the results of the needs assessment, four 
levels of users and relative privileges have been identified. 
Table 4 shows an example of users/privileges cases definition 
related to the UN JLC section. Such analysis constitutes the 
starting point for privileges definition over the whole 
geodatabase. 
1099
Waiting...

Note to user

Dear user,

In response to current developments in the web technology used by the Goobi viewer, the software no longer supports your browser.

Please use one of the following browsers to display this page correctly.

Thank you.