Map Service Data Security

DavidSavory4 · ‎01-20-2013

I am wondering if it is possible to publish a map on AGOL and share it publically without exposing my data for download. In other words, when a map is shared with the public, it is possible for AGOL users to open the map in ArcGIS desktop and thereby obtain a copies of the source data for the map layers. Even if a map layer is based on a map service, the data can be exported to a geodatabase.

I would like to be able to share a map, but not allow others to obtain copies of my data. Perhaps this is possible with AGOL for Organizations?

Any advice would be greatly appreciated. Thanks in advance...

MikeMinami · ‎01-23-2013

Feature services, by design, return the geometry of features to clients. So a savvy user could get the data. Even if you write your own application, the service endpoint itself supports returning geometry, so again, anyone who can access the service has access to the geometry. In fact, all of Esri client applications and APIs rely on the fact that a feature service returns geometry. This is how we support editing on various web and mobile clients. The actual features of a feature service are drawn by the client too.

I suppose it depends on how strict you are. While feature services return geometry, for example, to a browser, it's not like there is a physical downloaded copy. The features get sent to the browser and the data is cached in the browser or other client. Is it possible for someone who has access to your server to then write some app to extract the features? Yes. Would the average user do this? I would guess not.

Mike

View solution in original post

MikeMinami · ‎01-22-2013

Yes, hosted tiled map services don't return any feature geometry, nor do they support any attribute queries against the data. It's just a tiled cache of images of the data.

Having said this, for your map services on your own GIS server, you can turn off the Data capability. This will prevent access to any geometry. However, it will also prevent queries against the data. Alternatively, when authoring a map in ArcMap to publish as a map service, if you hide the shape field for the layers, this will prevent the feature geometry from being accessed. In this case, attribute queries are still enabled. I have not tried this latter case myself...

Thanks,

Mike

DavidSavory4 · ‎01-22-2013

Yes, hosted tiled map services don't return any feature geometry, nor do they support any attribute queries against the data. It's just a tiled cache of images of the data.

Having said this, for your map services on your own GIS server, you can turn off the Data capability. This will prevent access to any geometry. However, it will also prevent queries against the data. Alternatively, when authoring a map in ArcMap to publish as a map service, if you hide the shape field for the layers, this will prevent the feature geometry from being accessed. In this case, attribute queries are still enabled. I have not tried this latter case myself...

Thanks,

Mike

Hi Mike,

Thanks for you input.

I currently have an evalutation copy of ArcGIS Server Basic/Workgroup running in Amazon EC2. I tried creating a map service on that server from ArcMap, hiding the shape field as you suggested. Then I added the service to an AGOL Map (not AGOL for Organizations). Unfortunately, I was still able to open the AGOL map in ArcGIS Desktop and download the data from my map service.

I attempetd to try your other suggestion which was to turn off the Data capability. But it appears in AGS Basic/Workgroup, Feature Access (with Query capability) is all that is available and it cannot be turned off.

Perhaps I need AGS Standard/Workgroup to secure the map service data as you suggest?

Let me know what you think.

Many Thanks,
David

MikeMinami · ‎01-23-2013

You will still be able to open the web map in desktop. The data, however, is referencing your service, so it's not actually getting downloaded, assuming you are using a map service.

There are two types of services, map and feature services. Map services are drawn on the server and generate an image that are drawn by the client application. Feature services return the actual geometry of features for clients to draw. One of the primary purposes of creating a feature service. One of the main purposes of feature services is to support editing.

Your post indicates you are using a feature service, or at least looking at the capabilities of the feature service. If you enabled feature access, then hiding the shape field will have no impact. Feature services, by nature, return the data to the client.

If you don't need to support editing (actually, I'm not sure what the basic edition supports), you probably just want a standard map service with feature access disabled on the Capabilities tab of ArcGIS Server Manager. The Mapping capability is where you could disable the Data operation. However, hiding the shape field should prevent the actual data from being accessed, while still supporting attribute queries.

hope this helps,

Mike

DavidSavory4 · ‎01-23-2013

Mike,

Thanks again, your explanation of feature vs map service was very helpful. In fact, I am using a feature service because that is all that is possible with basic/workgroup AGS. And it is read-only as well, so no editing.

Ultimately, the web application I do have in mind will require editing so I will need to purchase at least standard/workgroup AGS which supports map services and read/write feature services.

In the end, I want web users to be able to edit select layer features (or replicated features), but I DO NOT want them to be able to download (obtain copies) of all or part of my feature layer since it will be the intellectual property of my e-business.

So, what I am gathering is, that with a Standard level ArcGIS server, I should develop a custom (non AGOL) web application and provide feature service access to the layers I want users to be able to edit. My million dollar questions: under these circumstances is there any way web users could obtain a copy of exposed feature layer? If so, is there anything I can do to prevent it?

Many thanks once again,
David

MikeMinami · ‎01-23-2013

Feature services, by design, return the geometry of features to clients. So a savvy user could get the data. Even if you write your own application, the service endpoint itself supports returning geometry, so again, anyone who can access the service has access to the geometry. In fact, all of Esri client applications and APIs rely on the fact that a feature service returns geometry. This is how we support editing on various web and mobile clients. The actual features of a feature service are drawn by the client too.

I suppose it depends on how strict you are. While feature services return geometry, for example, to a browser, it's not like there is a physical downloaded copy. The features get sent to the browser and the data is cached in the browser or other client. Is it possible for someone who has access to your server to then write some app to extract the features? Yes. Would the average user do this? I would guess not.

Mike

DavidSavory4 · ‎01-23-2013

Mike,

Great -- crystal, clear. I think I can take it from here and work out the necessary precautions I must take. Your advice has been priceless.

Cheers!

MikeMinami · ‎01-23-2013

You can also enable ownership-based access control on feature services. This means a particular user can only edit the features they create but can view and query other features.

You might want to look at ArcGIS Online hosted service via an ArcGIS Online subscription. This lets you create feature services and tiled map services in ArcGIS Online without having your own arcgis server.

Thanks,

Mike

DavidSavory4 · ‎01-23-2013

I did do some research on the ownership based access control of feature services and it may be useful if administered with care. I did notice that if the required owner field is not present, then anyone can edit a feature.

Thanks again,
David