How Single-Sign-On Improves the Usability of Protected Services for Geospatial Data

The Internet is full of services and data providers that offer access to massive data holdings, in particular with geospatial content. But when it comes to build meaningful applications in domains such as disaster management, what is important then? Usually trusted data and services are required. So the main questions are about open standards and technologies that allow the secure and trustworthy use of protected geospatial data and services. One prominent solution was practiced during the Group on Earth Observations (GEO) Architecture Implementation Pilot (AIP) no. 6, were international organizations from the US and Europe participated in the creation of a federation of protected data and services. During the GEO-X plenary in Geneva Switzerland in January 2014, a life demonstration concluded with the feasibility of the approach taken. It was in particular the Single-Sign-On and the managed circle of trust that enabled the creation of meaningful client applications of which one combined NASA Ames and ESA protected data. This paper reports about the resulting Access Management Federation that was implemented during AIP-6, the required standards and technologies as well as the technical approach taken. The paper concludes with findings and best practices important towards operational use.