Marine Application

Requirement #3: Make different levels of data available to various user groups in their community.

The security aspect of the project had one constraint: it required different data access levels.

NRAAH developers considered two solutions:

• Oracle9i; and
• The GeoPortal security model.

NRAAH developers identified three main user groups, and came up with the following function and security solutions:

1. Aquatic Animal Health Managers

• Create point data. Security is handled at the NRAAH application with role-based access to data using Oracle database security. The database link to DFO’s GeoPortal is protected by Oracle database security. All transactions happen behind the DFO firewall.
  
  
• Create surveillance zones through a transactional web feature service. Access to the editing application is handled by Oracle database security, but anyone who can make a web feature service transaction document can change data in this database. The WFS access is restricted to people within the DFO intranet.
  
  
• Viewing point data and surveillance zones. This is done from an internal web map service only available to the DFO intranet. Further access through the OGC-compliant viewer (GeoBrowser) is restricted based on roles. The data is, however, available through the web map service.
  

• Create point data. Security is handled at the NRAAH application with role-based access to data using Oracle database security. The database link to DFO’s GeoPortal is protected by Oracle database security. All of these transactions happen behind the DFO firewall.
  
  
• Viewing point data and surveillance zones. This is done from an internal web map service only available to the DFO intranet.
  

• Viewing surveillance zones. This is done from an external web map service available to the public