- Industry solutions
The program, designed to ensure remote access to cartographic data for users of the programs GIS Map 2011, Panorama Editor, GIS Navigator 2011, GIS Panorama Mini 2011 and other programs developed in an environment GIS ToolKit version 11 or newer.
The server provides remote access to the vector maps, rasters and matrixes. Connection with a server is installed under TCP\IP protocol with use of the mechanism of sockets.
Between the client and a server the binary data are transferred - coordinates of objects, attributes, blocks of data of rasters and matrixes. Therefore for normal work the high-speed connection of a client and a server is required, for example, by network Ethernet 100 Mbit\sec.
Placement of data on a server provides protection of data against illegal copying and change. The user chooses for work the data by their conditional names (alias). Vector maps can be opened for viewing or for viewing and editing. Rasters and matrixes are accessible only to viewing and an execution of calculations. Besides, all data can be closed or opened for copying from a server - into exchange formats, into the clipboard or onto other maps.
GIS Server program can be installed on any computer in a local network with OS Windows XP, Windows 2008 (2003), Windows 7 and higher. Program GIS Server for Linux is applied to OS of Linux type.
For each client it is allocated within the limits of 1,5 Mb of RAM . The number of the open vector maps, rasters and matrixes essentially does not influence the size of allocated memory. To connect 100 clients it is necessary for the application of the order of 1, 5 GB of RAM on a computer where the GIS Server is installed. The number of connected clients is not limited in program.
The program intended for customizing the work parameters of the GIS Server. The program allows you to specify a list of users, a list of data and their properties, which allows you to customize GIS Server for the specific application. The list of accessible data is formed for each group of users the own one. Access of the user to data is made by the user name and password.
In the program the GIS Administrator the project is presented in the form of a tree, which includes:
The list of users, the list of data and their properties are stored on a server in a file of parameters GISSERVER.XML. Creating and editing a file of parameters is carried out by the administrator of a server. Lists of passwords are stored in a file of parameters in the ciphered form by algorithm MD5.
For customizing the project it is recommended at first to select the cartographical information. The user can create hierarchically arranged tree of maps, rasters and matrixes, to unite data into sections. For maps, rasters and matrixes the user assigns conventional names (aliases) for work.
All users of the system should be included in the list of users with the appointment of login and the password. In order to limit access to data the administrator must maintain a list of user groups. For each group the rights for editing, viewing and copying of data are assigned. User rights are determined by group to which he belongs.
Tool set of the GIS Administrator software is used for defining the list of users, the list of data and their properties. Result of the program's work is the project containing the description of settings which is used by the GIS Server program.
The ready file of the project is a file with extension .XML. GIS Administrator program allows to correct the project file. This module is contained in GISAdministrator/admin.php file. To start the remote administrator in the browser in URL address of a string it is necessary to type http://localhost/GISAdministrator/admin.php. Administration is carried out in the protected mode under control of https protocol.
At program's start it is necessary to enter the user name and the password for access to the GIS Server configuration file. At successful entering a name of the administrator and the password the user gets access to the main window of the program.
The data hosted on a GIS server are protected from unauthorized reading, editing, copying, printing and substitution. At performance of the user's authentication with entering a name and password the algorithm of data digest-authentication is applied to prevention of interception of the user's password at connection to the GIS Server. Thus, onto the Server a random string is transmitted that was encoded by key generated on the basis of the user's password. If the result of coding a string on the client and the server is identical, the authentication is successfully.
All data stored on the client computer into a cache to speed up the work, are always encrypted by 256-bit key formed from the server's key and the client's key. If at connecting to the data on the server the keys are changed, the cache is automatically cleared and filled anew in process of adressing to the data.
Possibility of offline work with the data from the cache is supported at loss of connection with the GIS Server. At absence (short-term loss) of connection with the GIS Server the data access automatically switches to the mode "Read-only, Not print, Not copying". At restoration of connection the access is automatically changed to the one that is set for the user on the GIS Server, and the automatic replication of data in a cache regarding the changed data is carried out.
The administrator of the GIS Server can forbid offline work with data. If the Administrator of GIS Server cancels the data access for a specified group of users, then maps on corresponding clients will be automatically closed with deleting the data from the cache. If GIS Server Administrator establishes a ban of offline work with data, then the client software of versions lower than 11.10.3, not supporting the data encryption, cannot open the data on the GIS Server.
Possibility of encrypting the transferred data is supported. It prevents interception of data and their substitution at the moment of transmission by open communication channels. Data are encrypted by 256-bit key, installed for a particular session. Encryption is performed when reading and writing the data.
It supports the ability to hide the parameters of the map coordinate system that is open on the GIS Server. This allows you to work remotely with the maps in the local coordinate system, the parameters of which are closed. In all dialogs and tasks the parameters of local coordinate systems will be displayed as parameters of system EPSG:3857 (Mercator on a sphere, adopted in Google).
For this purpose the Administrator of GIS Server must set for a map the property Hide parameters of coordinate system. All recalculations of coordinates and combination with the data having other coordinate systems will be carried out without distortions. Property Hide parameters of coordinate system is recommended to set in common with property Don't copy a map from the GIS Server. If the passport parameters are hidden, and copying of data is not forbidden, then when you save the data in formats SXF and TXF the coordinates will be stored in degrees in system EPSG:3857.
There is supported the possibility to prohibit a print of maps on client workplaces from standard dialogs of the GIS.