10.2.2: Disabling extracting digital data from services,

JamalNUMAN · ‎10-23-2014

As one of the best ways to share data is services (for viewing purposes only in our case), then how come users can extract digital data from these services?

For example, if a service is added tothe Geocortex web mapping application which has very generic tool to extract data, then one can obtain this data from the service.

Is there a setting in the ArcGIS Server to disable or disallow extracting digital data out of these services?

If the service if published with “feature access”, then any user can change the data from the service

We still need to share the data but:

To disable extracting data from the service
To disable editing data from the service unless particular permissions are granted

Is that possible?

Locking the service will never solve the issue as those who are granted an access to it, can again extract data out of it

Thank you

Best

Jamal

----------------------------------------
Jamal Numan
Geomolg Geoportal for Spatial Information
Ramallah, West Bank, Palestine

DavidColey · ‎10-28-2014

Yes Jamal, if you publish a geodata service with the same name as the map service then the layers in the map service can be extracted in ArcMap using the Extract Data tool. If you want to extract data using a web applicaiton, then you must use the ClipAndShip tool, published from the map service you wish to extract data from, which it looks like you already have.

If you can, what I would do is publish a map, a geodata and the clip and ship geoprocessing service(s) from a FDBG that contains all the layers you would like others to extract. In this way, all of your users can visualize and extract data from one source

JamalNUMAN · ‎10-28-2014

Many thanks David,

Sorry for the confusion.

In general, services can be accessed for the purpose of viewing, editing or downloading (extracting).

I think that there should be some settings at the level of ArcGIS Sever that disallow editing\extracting data from the published services unless particular privileges are granted.

At the moment, any public service can be viewed, edited and data can be extracted.

----------------------------------------
Jamal Numan
Geomolg Geoportal for Spatial Information
Ramallah, West Bank, Palestine

DavidColey · ‎10-29-2014

Sure, but that must be particular to the geocotex app? According to the help documentation, Data, Map and Query operations do not mean that, by default, users can edit or extract data from a Map Service. By default, in order for a user to edit data a feature service must be published with the map service where edits are performed through the feature service in one of the APIs. To download data in ArcMap, you must publish a GeoData Service with the same name as it's supporting map service. To download data in one of the APIs, you must publish the DataExtract gp tool.

The only other way (thtat I know of) to perform edits or extracts is through proprietary 3rd party applicaitons like Maximo Spatial.

JamalNUMAN · ‎10-29-2014

Many thanks David for the prompt help,

Let’s have an example to make it more specific.

I used to publish my mxd files that contain a number of layers (feature classes) stored either in file geodatabase or enterprise (SQL).

Data can be extracted in digital format from such service

If the “feature access” is checked (in case of enterprise geodatabase), then this service can be edited

Then how to control extracting\editing data from services knowing that these services are set in public mode

We do need to share our data at the level of viewing but not at the level of editing\extracting. Editing\extracting should be managed via privileges.

What do you think?

----------------------------------------
Jamal Numan
Geomolg Geoportal for Spatial Information
Ramallah, West Bank, Palestine

DavidColey · ‎10-29-2014

I apologize Jamal, but I don't think I am of much help. All I can say is that no one can extract or edit data from my public map services unless I specifically allow it as I outlined above.

David

JamalNUMAN · ‎11-12-2014

Thanks David. You have already offered much of help

Very much appreciated

Best

Jamal

----------------------------------------
Jamal Numan
Geomolg Geoportal for Spatial Information
Ramallah, West Bank, Palestine

GrantHerbert · ‎11-13-2014

Basically, if you have Query enabled you can always extract the data. The query results are returned to the requestor, so at that point there is nothing you can do to prevent them from getting access to them.

If you don't want editing, turn off the Feature Service. You could also try creating a separate editing feature service for the data, and securing that.

If you control the GeoCortex app you should be able to disable the Export To Shapefile functionality in your application.

JamalNUMAN · ‎11-13-2014

Thanks Grant,

Disabling the query means that the data in the service can’t be searched and thus no way to find particular sort of information quickly as it is request.

The extract is not limited to “feature service”. The extract can be applied to “map service” as well.

Correct. The “export to shape” can be disabled at the level of Geocortex. My point here is to control the “extract” at the level of the ArcGIS Server but not at the level of web application. We do share services but not necessarily web applications.

----------------------------------------
Jamal Numan
Geomolg Geoportal for Spatial Information
Ramallah, West Bank, Palestine