Concept (draft)
Situation maps are an essential tool for emergency services to coordinate their resources, which are provided by specialized software tools. Due to the lack of common interfaces, during large incidents these tools can't enable seamless exchange of situation maps between multiple different organisations and software tools involved.
The OpenGeoMesh specification solves this by enabling secure collaboration and sharing on private maps between organisations and across tools without compromising privacy, control and security.
While the project focuses on facilitating the collaboration of emergency and rescue organisations, it is also open to uses and implementations from other contexts.
OpenGeoMesh is Free and Open Source
Software vendors offer specialized applications, tailored to the needs of different types of emergency organisations. OpenGeoMesh can be freely integrated into these existing products. To minimize integration efforts, the project provides specifications, documentation, demo stacks, open source libraries and Docker containers.
OpenGeoMesh is shaped by a community of rescue services and software vendors to support feature requirements and enable seamless integration into existing software stacks.
Start a discussion via a Codeberg Issue in our repository or write an email via info@opengeomesh.org!
Based on established standards
OpenGeoMesh is based on a combination of the file sharing protocol OpenCloudMesh (Summary) and OGC API Standards. By using existing standards OpenGeoMesh can build on previous experiences and leverage existing open source implementations.
OpenCloudMesh is used to notify another server when a user wants to share access to a map layer (collection) with a user or group on that server, keeping the shared data on the sending server. Compared to alternative approaches like presigned urls, OpenCloudMesh allows to stay in control of sensitive data by granting and revoking read or write access on resources to individual recipients.
OpenCloudMesh also avoids having to exchange credentials and endpoints in advance. Sending a share only requires entering the OpenCloudMesh Address of the recipient like user-id@feuerwehr-musterstadt.de or FFW-Musterstadt@situation-map-software.com. This is simple enough to be carried out by the emergency commander himself during an ongoing rescue operation. The optional Invite Flow limits sharing to trusted parties and avoids receiving unsolicited shares and user mistakes.
OGC API standards are used for accessing the shared maps. The OGC API standards define modular API building blocks which can be used to provide different functionalities for geo data. OpenGeoMesh will focus on OGC API - Features which provides
- /collections : a list of available feature collections (map layers)
- /collections/{collection-id} : metadata of an individual collection
- /collections/{collection-id}/items : content of a collection as GeoJson FeatureCollection
- optional support for editing features within collections
- /collections/{collection-id}/items : POST to create a new feature
- /collections/{collection-id}/items/{item-id} : PUT to update a feature
- /collections/{collection-id}/items/{item-id} : DELETE to delete a feature
While the individual building blocks are straightforward to implement, there are also several existing open source implementations which can be used.
Enabling seamless integration of OpenGeoMesh
During a rescue operation, users can't be burdened with unknown tools for communication and map editing. They should be able to use the specialized tools they are used to, while still enabling effortless collaboration with other organizations.
To achieve that, OpenGeoMesh needs to be seamlessly integrated into existing situation map software. OpenGeoMesh will provide a docker service implementing OpenCloudMesh, acting as a proxy to provide access to shared map layers from other organizations as OGC API collections.
To integrate received shares, the OpenGeoMesh Proxy can be used by the map frontend as any OGC API compliant server (e.g. by using existing open source implementations). Users need to be authenticated by the integrating software so the OpenGeoMesh Proxy can provide access to the correct shares.
To send shares, the integrating software needs to provide map layers as OGC API - Features collections and indicate to the OpenGeoMesh Proxy which layers the user may share to other organisations with read or read-write permissions.
The APIs for authentication and authorization need to be implementable by the various software stacks in use by the software vendors, minimizing effort and preventing errors leading to security issues.
If you are part of an emergency organisation or developing software for situation maps, start a discussion via a Codeberg Issue or write an email via info@opengeomesh.org to provide feedback!
Architecture Draft
flowchart TD
subgraph "Organisation A"
subgraph "situation software A"
db_A[(Database)]
subgraph backend_A[Backend]
api_A[Specialized API]
ogc_A[OGC API]
end
ui_A(Frontend)
subgraph "Docker Container"
ogm_A[OpenGeoMesh]
end
db_A --> backend_A
api_A -->|access local maps<br /> with specialized features| ui_A
ogc_A <-->|access local maps| ogm_A
ui_A -->|control shares| ogm_A
ui_A <-->|access shared maps| ogm_A
end
end
subgraph "Organisation B"
subgraph "situation software B"
db_B[(Database)]
subgraph backend_B[Backend]
api_B[Specialized API]
ogc_B[OGC API]
end
ui_B(Frontend)
ogm_B[OpenGeoMesh]
db_B --> backend_B
%%api_B -.-> ogc_B
api_B -->|access local maps<br /> with specialized features| ui_B
subgraph "Docker Container"
ogm_B[OpenGeoMesh]
end
ui_B -->|control shares| ogm_B
ui_B <-->|access shared maps| ogm_B
ogc_B <-->|access local maps| ogm_B
end
end
subgraph "Organisation C"
subgraph "situation software C"
db_C[(Database)]
subgraph backend_C[Backend]
ogc_C[OGC API]
end
ui_C(Frontend)
ogm_C[OpenGeoMesh]
db_C --> backend_C
subgraph "Docker Container"
ogm_C[OpenGeoMesh]
end
ogc_C <-->|access to local maps| ui_C
ui_C -->|control shares| ogm_C
ui_C <-->|access shared maps| ogm_C
ogc_C <-->|access local maps| ogm_C
end
end
ogm_B <==>|OpenCloudMesh Protocol| ogm_A
ogm_B <==>|OpenCloudMesh Protocol| ogm_C
ogm_A <==>|OpenCloudMesh Protocol| ogm_C