[GeoNode-devel] Data Sovereignty features incorporated into GeoNode

Pankajeshwara Sharma pankajeshwara at gmail.com
Wed Jun 12 23:55:37 PDT 2024


Hello GeoNode Devs,

Based on our project on Indigenous Data Sovereignty at the Department of
Environment, University of Auckland, I am pleased to say that we have
released the following open-source tools.

We have incorporated geospatial data sovereignty functions (masking,
encryption, and notarsation) into GeoNode. We propose a complete and
trustless approach for indigenous geospatial data sovereignty on the cloud
by furnishing security functions at the core—the web browser before
datasets are uploaded onto a cloud-based GeoNode CMS. Geomasking permits
sharing an anonymized dataset with less privileged users, while the
original is protected and shared with sovereign data owners via public-key
encryption. The encrypted dataset's hash value is notarized on the
blockchain for the verification of its authenticity when on the cloud. The
application was designed for the protection of Biodiversity Management
Areas stewarded by the Māori people in Aotearoa New Zealand. It enables
diversified functions of geospatial data protection compared with previous
works focusing on the cloud by solving data-sharing problems without
relying on a third party.
The paper: “A cloud based solution for Indigenous data sovereignty:
protecting biodiversity management data in Aotearoa New Zealand" published
in the Transactions in GIS journal.
https://onlinelibrary.wiley.com/doi/10.1111/tgis.13153
A 4-minute video demonstrating the tool:
https://www.youtube.com/watch?v=9aWbBVhRNRo&ab_channel=BioHeritageChallenge
The JavaScript and Python code is released as open-source at this repo:
https://github.com/sharmapn/geonode_datasovereignty

The above approach integrates into GeoNode, the security features first
reported in our earlier work: "MapSafe: A complete tool for achieving
geospatial data sovereignty"
https://onlinelibrary.wiley.com/doi/10.1111/tgis.13094
MapSafe offers a complete approach for sovereign data owners to safeguard
sensitive geospatial data by anonymizing (masking or hexabinning),
encrypting, and notarising it. Sovereign parties can first verify the
encrypted dataset's originality, decrypt it, and then display it.
These functions run client-side in the browser, meaning geospatial data
never leaves the computer unprotected, presenting a completely trustless
mechanism for sharing data.
The tool is at https://mapsafe.xyz/safeguard.html
A 4-minute video demonstrating the tool:
https://www.youtube.com/watch?v=IfVpUDfROUQ

Finally, we want to report on our most recent geoprivacy approach where we
explored a Database File System (DBFS) as a potential repository to
consolidate and manage spatial files based on its enterprise document
management capabilities and security features inherited from the underlying
legacy DBMS. These files are further protected using the Advanced
Encryption Standard (AES) algorithm with practical encryption times of 8 MB
per second. The final part focuses on an automated encryption solution with
schemes for single- and multi-user files that is compatible with various
GIS programs and protocol services.
A paper on this tool "A Usable Encryption Solution for File-Based
Geospatial Data within a Database File System" has just been published in
the Journal of Cybersecurity and Privacy.
https://www.mdpi.com/2624-800X/4/2/15
A 2 min user interaction workflow video:
https://www.youtube.com/watch?v=zMJV5zV0-zs

Yours Sincerely,
Dr. Pankaj Sharma
Former Research Fellow - Indigenous Data Sovereignty ProjectDepartment of
Environment, The University of Auckland
https://sharmapn.github.io/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20240613/01f2356c/attachment.htm>


More information about the geonode-devel mailing list