Multi-granularity spatial-temporal access control model for web GIS

The multi-granularity spatial-temporal-related access control (MSTAC) model was proposed to meet the spatial access control requirements for the service-oriented spatial data infrastructure (SDI). MSTAC extends the attribute constraints of role-based access control (RBAC), which includes the user's location attribute, the role's time constraint, the layer vector constraint of a map class, the scale and time constraints of a geographic layer, the topological constraints of geographic features, the semantic attribute expression constraints of geographic features, and the field constraint of feature views. Through this model, authorized users would be limited to access different granularity spatial datasets, such as the map granularity, the graphic layer granularity, the feature object granularity and the feature view granularity. Finally, the MSTAC model is achieved in a web GIS, which shows the positive and negative authorizations to different services in different data granularities and time periods.