Concept (draft) - open for participation
Situation maps are an essential tool for emergency organisations to coordinate resources. There are many specialized tools supporting emergency organisations in this regard, but currently there is no way for organisations to seamlessly exchange situation maps during large incidents with multiple different organisations and software tools involved.
OpenGeoMesh enables sharing and secure collaboration on private maps between organisations and across tools without compromising privacy, control and security.
The project is focused on facilitating the collaboration of emergency and rescue organisations, but open to uses and implementations from other contexts.
Open
The requirements of emergency organisations vary a lot, which are supported by many different specialized applications. OpenGeoMesh can be freely integrated by software vendors into their existing products.
OpenGeoMesh is shaped by a community of rescue services and software vendors to support feature requirements and enable seamless integration into existing software stacks.
Start a discussion via a Codeberg Issue in our repository or write an email via info@opengeomesh.org!
OpenGeoMesh will provide specifications, open source libraries and Docker containers to minimize the integration effort for vendors.
Standards Based
OpenGeoMesh is based on a combination of the file sharing protocol OpenCloudMesh (Summary) and OGC API Standards. By using existing standards OpenGeoMesh can build on previous experiences and leverage existing open source implementations.
OpenCloudMesh is used to notify another server when a user wants to share access to a map layer (collection) to a user or group on that server. The shared data stays on the sending server. OpenCloudMesh allows to stay in control of sensitive data by individually granting and revoking read or write access to resources, which would not be possible by using alternative approaches like presigned urls.
Sending a share only requires entering the OpenCloudMesh Address of the recipient like user-id@feuerwehr-musterstadt.de or FFW-Musterstadt@situation-map-software.com. This is simple enough to be carried out by the emergency commander himself during a rescue operation. By using the optional Invite Flow it is possible to limit sharing to trusted parties to avoid receiving unsolicited shares and user mistakes.
For accessing the shared maps the OGC API standards are used. The OGC API standards define modular API building blocks which can be used to provide different functionalities for geo data. OpenGeoMesh will focus on OGC API - Features which provides
- /collections : a list of available feature collections (map layers)
- /collections/{collection-id} : metadata of an individual collection
- /collections/{collection-id}/items : access to the content of a collections in the form of GeoJson
- optional support for editing features within collections via POST, PUT and DELETE.
While the individual building blocks are straightforward to implement, there are also several existing open source implementations which can be used.
Seamless Integration
During a rescue operation, users can't be burdened with unknown tools for communication and map editing. They should be able to use the specialized tools they are used to, while still enabling effortless collaboration with other organisations.
To achieve that, OpenGeoMesh needs to be seamlessly integrated into existing situation map software. OpenGeoMesh will provide a docker service implementing OpenCloudMesh, acting as a proxy to provide access to shared map layers from other organisations as OGC API collections.
To integrate received shares, the OpenGeoMesh Proxy can be used by the map frontend as any OGC API compliant server (e.g. by using existing open source implementations). Users need to be authenticated by the integrating software so the OpenGeoMesh Proxy can provide access to the correct shares.
To send shares, the integrating software needs to provide map layers as OGC API - Features collections and indicate to the OpenGeoMesh Proxy which layers the user may share to other organisations with read or read-write permissions.
The APIs for authentication and authorization need to be implementable by the various software stacks in use by the software vendors, minimizing effort and preventing errors leading to security issues.
If you are part of an emergency organisation or producing software for situation maps, contact us via a Codeberg Issue or write an email via info@opengeomesh.org to provide feedback! This way your requirements can be taken into account early while shaping OpenGeoMesh, giving you a head start should you decide to integrate OpenGeoMesh.
Architecture Draft
flowchart TD
subgraph "Organisation A"
subgraph "Einsatzleitsoftware A"
db_A[(Database)]
subgraph backend_A[Backend]
api_A[Specialized API]
ogc_A[OGC API]
end
ui_A(Frontend)
subgraph "Docker Container"
ogm_A[OpenGeoMesh]
end
db_A --> backend_A
api_A -->|access local maps<br /> with specialized features| ui_A
ogc_A <-->|access local maps| ogm_A
ui_A -->|control shares| ogm_A
ui_A <-->|access shared maps| ogm_A
end
end
subgraph "Organisation B"
subgraph "Einsatzleitsoftware B"
db_B[(Database)]
subgraph backend_B[Backend]
api_B[Specialized API]
ogc_B[OGC API]
end
ui_B(Frontend)
ogm_B[OpenGeoMesh]
db_B --> backend_B
%%api_B -.-> ogc_B
api_B -->|access local maps<br /> with specialized features| ui_B
subgraph "Docker Container"
ogm_B[OpenGeoMesh]
end
ui_B -->|control shares| ogm_B
ui_B <-->|access shared maps| ogm_B
ogc_B <-->|access local maps| ogm_B
end
end
subgraph "Organisation C"
subgraph "Einsatzleitsoftware C"
db_C[(Database)]
subgraph backend_C[Backend]
ogc_C[OGC API]
end
ui_C(Frontend)
ogm_C[OpenGeoMesh]
db_C --> backend_C
subgraph "Docker Container"
ogm_C[OpenGeoMesh]
end
ogc_C <-->|access to local maps| ui_C
ui_C -->|control shares| ogm_C
ui_C <-->|access shared maps| ogm_C
ogc_C <-->|access local maps| ogm_C
end
end
ogm_B <==>|OpenCloudMesh Protocol| ogm_A
ogm_B <==>|OpenCloudMesh Protocol| ogm_C
ogm_A <==>|OpenCloudMesh Protocol| ogm_C