Jump to the following:

We use cookies to improve this website. Read about cookies

Web map services and web feature services

Background

This guidance applies where a party to the PSMA Member Licence or OSMA Member Licence makes Licensed Data (as defined in those Licences) available using a Web Map Service (WMS) or Web Feature Service (WFS).

It seeks to reduce the risk of unlicensed use of that data without adversely impacting on the services offered by Members.

Clause 4.1.2 of the Member Licence requires you to:

“use your best endeavours to use adequate technological and security measures, including measures we may reasonably recommend from time to time, to ensure that all Licensed Data and Login Details which we provide to you and/or which you hold or are responsible for are secure from unauthorised use or access”

Our recommendations for appropriate technological and security measures in this context are detailed below. Adherence to these recommendations will ensure compliance with clause 4.1.2.

Note: this Guidance does not apply to use of WMS or WFS in the context of INSPIRE End User Licensing;

  • PSMA members should instead refer to paragraph 8 of Appendix 1 to the PSMA Member Licence, and
  • OSMA members paragraph 7 of Appendix 1 to the OSMA Member Licence.

Definitions

WFS means a service provided by the Licensee in accordance with the standard protocol for serving over the internet georeferenced data that is generated by a map server using data from a GIS database or server.

WMS means a service provided by the Licensee in accordance with the standard protocol for serving over the internet georeferenced map images that are generated by a map server using data from a GIS database or server.

Guidance for making Licensed Data available via WMS and/or WFS

Where Licensed Data is made available via WMS or WFS, this will need to be for your Core Business, and in accordance with the provisions of clause 2.6 (Contractor Use) or Appendix 1 (Licensed Use) of the Member Licence.

Subject to such provisions, and assuming that you are entitled to publish the data via WMS and/or WFS, the provisions of the paragraphs below must be employed.

1. Licensed data made available via WMS


(i) Data with a background watermark

If you choose to include a background watermark – which must appear at least once and cover at least 10% of the map image reproduced – to identify the source of the Licensed Data you make available via WMS, any one or a combination of the security measures (a) to (d) (see below) must be employed.

The same applies where you have a statutory obligation to publish planning applications on the internet and elect not to include a background watermark on mapping extracts that form part of a planning application.

(ii) Data without a background watermark

If you choose not to include a watermark when you make Licensed Data available via WMS, you must include security measure (a) “Same Network” with any other measures you employ to protect the Licensed Data.

Security Measures

a) Same Network - where Licensed Data is made available on an internet webpage or mobile API administered by you and hosted on your own network, or made available on an internet webpage or mobile API administered by a third party Contractor on your behalf and hosted on their network.

All scripts, which could otherwise be used to access the server, will be hidden so as not to allow alternative direct access by unlicensed individuals.

This option would be most suitable for use of a WMS either:

  • with your public facing websites and services; for example showing a service provision, such as the location of public buildings or Authority run leisure facilities; or
  • where you are making Licensed Data available for viewing via a mobile app.

b) User name and password - Licensed Data is only made available to users who have been provided with a unique username and password. This must be entered by the relevant user each time he/she accesses the WMS.

This option may suit a service that is accessed by contractors who are carrying out works on your behalf or even other PSMA Members who may be engaged in a joint project or service delivery. A user name and password can be issued by you to each individual or organisation to whom you wish to grant access to your WMS.

c) Predefined IP range - Licensed Data can only be accessed from a predefined IP address, or from a range of predefined IP addresses.

This option may be suitable if you wish to grant regular access to a contractor working for you on the delivery of a service to the public. They would be able to access the service whenever necessary from more than one terminal or even location after supplying you with a single or number of IP addresses that can be granted permission to access the WMS.

d) Implement appropriate access control - using existing software solutions and/or a federated solution such as the UK Access Federation (http://www.ukfederation.org.uk/). Solutions are available as open source e.g. Shibboleth, and also proprietary software.

If this option is adopted it is recommended to use one based on accepted standards so that it can be made interoperable with others later on.

2. Licensed data made available via WFS


(i) Data with a background watermark

Where a background watermark – which must appear at least once and cover at least 10% of the map image reproduced - identifies the source of Licensed Data made available via WFS, the provisions relating to a WMS (see above) shall apply. The same is true where you have a statutory obligation to publish planning applications on the internet and elect not to include a background watermark on mapping extracts that form part of a planning application.

(ii) Data without a background watermark

Where Licensed Data that does not carry a watermark is made available via WFS, Ordnance Survey recommends that you use the following security measures to protect it.

Security Measures

a) Same Network - where Licensed Data is made available on an internet webpage administered by you and hosted on your own network, or made available on an internet webpage administered by a third party Contractor on your behalf and hosted on their network.

All scripts, which could otherwise be used to access the server, will be hidden so as not to allow alternative direct access by unlicensed individuals.

and one or both of the following safeguards:

b) User name and password - Licensed Data is only made available to users who have been provided with a unique username and password. This must be entered by the relevant user each time he/she accesses the WFS.

c) Predefined IP range - Licensed Data can only be accessed from predefined IP addresses, or from a range of predefined IP addresses.

In addition, where data is delivered by WFS solely for Public Viewing, it should be restricted to feature geometry only. All attribution intelligence held against a feature must have been removed from Licensed Data and replaced with a single attribute containing the Ordnance Survey copyright statement and the Licensee’s licence number.

Back to top
© Ordnance Survey 2016
Be sure to take a look at our Terms of Use and Privacy Policy