Consideration for Information Security Issues in Geospatial Information Services of Local Governments

The last article is from the 2006 conference session “The Big Picture: GIS Data Challenges and Solutions.” The paper titled “Consideration for Information Security Issues in Geospatial Information Services of Local Governments” was presented by Makoto Hanashima from the Institute for Areal Studies in Tokyo and the Institute of Information Security in Yokohama. The author leads off with how GIS has changed from being “Geographic Information System” to being “Geospatial Information Service.” The GIS has serious aspects of IT security – mostly because the GIS is part of the infrastructure for local government. Security is mostly about securing the geospatial information service and protecting the geospatial information as public property, and that the service must not threaten the safety of the public. Based on a threat analysis, a set of safeguards for the baseline security of the geospatial information service is selected. The paper relates closely to “ISO/IEC TR 13335 Guidelines for the Management of IT Security (GMITS)” and provides an overview of the many points herein. The workflow of the research carried out has the following main points: A) discussion of IT security policy regarding the geospatial information service, B) outline risk analysis, C) making of a safeguard catalog, D) making of a baseline security model for geospatial information service, and E) proposal of a baseline security guideline prototype. In this process the paper also contains a list of “specific threats” such as tampering with and forgery of data, illegal copying and distribution of data, and attack by an unauthorized service. The safeguards for “specific threats” of GIS will be included in further research.