Federated EO Access: Executive Overview & Introduction

Federated EO Access: Executive Overview & Introduction#

This chapter introduces the evolving landscape of digital and unified Earth Observation (EO) access, setting the foundation for understanding federated authentication and authorization in the context of EO data systems.

Seamless & Secure EO Access: An Overview#

The Modern Dilemma: Why Unified EO Access is Critical#

The Federated Solution: Authentication & Authorization#

Purpose & Audience#

Where are we now? what should the future hold?#

Earth Observation (EO) missions produce vast amounts of data, supporting a wide range of stakeholders—including scientists, developers, and decision-makers worldwide. These stakeholders come from diverse institutions such as research centers, government agencies, and commercial organizations, each requiring access to different datasets and services.

EO data usage is often not centered around a specific mission, but rather around an application that benefits from sourcing any type of EO data that supports its purpose. The most user-centric approach would allow users to access as much data as possible from their home institution. In reality, however, the diversity of EO missions results in different data collections spread across platforms and agencies, leading to complex authorization scenarios and fragmented access control. Currently, authorization is handled locally by the data’s host, often based on varying attributes. These differences can stem from political decisions—for example, European Commission (Copernicus Programme) versus ESA policies (EO Science missions), or GDPR versus U.S. data governance frameworks.

All of this contributes to a highly inconsistent user experience. Different datasets and services require different login flows, creating a landscape where scientists and stakeholders often spend as much time navigating and managing access as they do actually using the data. This time could be better invested in analysis and application if the data landscape were more streamlined. Federation offers a way forward: it facilitates collaboration and shifts the focus toward actual EO data usage by simplifying inter-organizational access. However, it also introduces challenges, particularly around legal and compliance issues.

Terms and Definitions#

DCS#

Data Centric Security

DID#

Decentralized identifier

EO#

Earth Observation

IPT#

Integrity Provenance Trust

ISO#

International Organization for Standardization

OGC #

Open Geospatial Consortium

SSI#

Self-sovereign identity

VC #

Verifiable Credential

VP #

Verifiable Presentation

W3C#

World Wide Web Consortium

Reference Documents#

[1]

OGC 24-033, OGC Testbed-20: Integrity, Provenance, and Trust (IPT) Report, 2025-04-02. https://docs.ogc.org/per/24-033.html.

[2]

W3C Decentralized Identifiers (DIDs) v1.0. https://www.w3.org/TR/did-core/.

[3]

W3C Verifiable Credentials Data Model v2.0. https://www.w3.org/TR/vc-data-model-2.0/.

[4]

EBSI DID Method for Legal Entities. https://hub.ebsi.eu/vc-framework/did/legal-entities.

[5]

W3C did:web Method Specification. https://w3c-ccg.github.io/did-method-web.

[6]

OpenID for Verifiable Credentials - Overview. https://openid.net/sg/openid4vc/.

Contents