SyntheseDroitsAccesFevrier2001_en

CRDO —> SldrWiki —> SLDR_FR —> Projet CINES/IN2P3/TGE-Adonis

(Même page en Français)

Summary of discussions and proposals for the management of access rights to documents eligible for sharing and long-term preservation due to their scientific interest and/or cultural heritage

Updated after discussions, 22 March 2011

Purpose of these proposals:

1. Designing a unique mechanism for managing access rights to digital documents shared and preserved by a system built on the OAIS model.
2. Setting this management to a legal framework compliant with recent provisions of the French Code du patrimoine.

Sources

• Discussions within the work group on pilot project for the storage, preservation and persistent access to shared oral corpora (CRDO/CINES/CC-IN2P3) coordinated by TGE-Adonis.
• Memo on the legal status of documents produced by research scientists in a public laboratory (of CNRS type) collected for this discussion.

Legal constraints

Extracts of Code du patrimoine (the Heritage Code), Act of July 15, 2008, consolidated version 13 January 2011, http://www.legifrance.gouv.fr

• L211-1: Archives cover all documents, regardless of their date, place of storage, shape and physical support, produced or received by any person or entity and any department or public or private agency during the exercise of their business.
• L211-2: The preservation of archives is organized in the public interest, both for the sake of dealing with and assessing the rights of individuals or legal entities, public or private, and for documenting research with historical material.
• L211-4: Public archives are: (a) Documents produced by the activity of State, local governments, public institutions and other legal persons under public or private law who are in charge of a public service, as part of their public service remit. (...)
• L213-1: Public archives are in open access if not subject to restrictions as per Article L. 213-2.
• L213-2: Notwithstanding the provisions of Article L. 213-1 (...) public archives are automatically granted open access after a delay of (...), see table or text version with codes.
  Among exceptions (AR048 code): 50 years (...) for documents whose disclosure violates (...) the protection of privacy (...) (or) documents bearing an assessment or a decision of value on an individual, named or readily identifiable, or which reveal the behavior of a person under circumstances likely to cause damage.
• L213-3: Access to public archives prior to the deadlines set in I of Article L. 213-2 can be granted to those who request it to the extent that their interest in consulting these documents does not lead to unduly affect the interests that the law ids trying to protect. (...) If approved by the authority producing documents, the archive administration may decide on the anticipated opening of public archives of parts therof.
• L213-5: Any Administration holding public or private archives is required to give reasons for objecting to a request for access to archival documents.

Impact of this legislation

• All documents produced by researchers as part of their work are public records.
• Public records are, by default, immediately releasable (a period of 30 years was in effect before July 15, 2008).
• From an archival perspective, it is said that a public document becomes 'public record' after his period of 'normal use'. We can therefore consider that the permanent storage of a document produced by research scientists is mandatory only after they have finished to use the document in question. Consideration is to be undertaken to define when this period ends. Further, research scientists may show a willingness to preserve a document before the completion of its normal usage period. While being considered 'public archive', the document could be subject to restrictions on public access provided the motivation is consistent with the provisions of Article L213-2.
• Where an exemption to the principle of communicability is assigned to a document based on the protection of privacy (code AR048), individuals can sign a permission which allows the earlier opening of this portion of funds archive (Article L213-3).
• This authorization may cover a fixed period (20 years?). It will provide the due date of its effect and optionaly for renewal.
• For oral corpora and more generally all primary data relating to privacy, we must distinguish between the dissemination of content (listening to a recording, viewing a video image display) and distributing its digital source file in 'high resolution' that could be reused to produce artifacts with potential damage to speakers (imitating voice etc.). Permissions to anticipate the end of this exemption must be clearly displayed in the metadata of files eligible for broadcast and distribution.
• It follows that a generic system for managing access rights must allow separate control of access of each file regardless of the status of the object that contains it.
• The reason for the derogation to the principle of communicability should appear on the descriptions of documents in compliance with article L213-5.

Technical Considerations

• This document does not address the conditions for access to archived Packages (AIP) preserved by the CINES. Archivists have their own procedures for the restitution of archives. It covers only access to documents available on the distribution platform (Fedora Commons CC-IN2P3) in both test and production modes), when these documents have been submitted to validation and archiving CINES (DEPOT directory) or they have been forwarded by CINES to CC-IN2P3 without any control (DIFFUSION directory).
• The modification of access rights must be performed on any version of an object placed in permanent archive. Indeed, all options are preserved on the broadcast platform, and the URL pointing to a datastream (file) an old version retains its status (free or protected access) until a specific modification being applied to him.
• Therefore, modification of access rights must be possible during the update metadata, it does not result in the creation of a new version of the object.
• During an update of metadata files can be sent to CC-IN2P3 via directories DEPOT/DESC. (Unfortunately, DIFFUSION cannot be modified in the current implementation, but we hope that this restriction will be lifted.)
• It is desirable that all information relating to conditions of access to the contents of a compilation into a single file 'accessRights.xml'. This file will exist in DEPOT/DESC.
• Any file submitted to a restriction of access by application of a derogation from the principle of communicability must remain accessible to administrators and appropriate groups of people identified.
• It appears (to be verified) that the Fedora Commons access after authentication (login/password and assign a group) can not be set at the level of single datastreams.

Proposals

• Access rights calculated

  • Files in free access: no category of exception to the principle of communicability is listed in 'accessRights.xml'.
  • Files subject to derogation: the category is listed (for possible communication to the applicant) and the start date of the waiver, which may be earlier than the filing archive if the document is outdated. The end date for exemption is determined by knowing its duration, knowing that to allow this calculation we take as fixed term 75 years for categories AR044, AR045, AR046 and AR047.
  • Files subject to waiver but receiving an access authorization: a calculation will be made to determine the authorization is in force. Otherwise the fees will be calculated as above. The system should display a link or an ID to know the contents of the authorization.

• Access rights after authentication

  • If no group is specified on the object or file, access is controlled by the calculation (see above). If a group is specified, access calculated only for users who have not been authenticated or do not belong to an authorized group. For others, group membership is enough to give right of access.
  • To check these rights individually on each file of the same object, it suffices to restrict access to the object to a group that represents the service side (or "business application, for example 'CRDO-Aix'). The server is used here as a relay for downloading files that may authorize or reject individually for each file. This solution is already operational on CRDO-Aix, see for example http://crdo.fr/crdo000026/map files for free access. This device would continue to manage authentication upstream until the day she will be delegated to a service center offering the same functionality (OpenSSO or other).

• Insert to 'accessRights.xml':

  • Group(s) of user(s) authorized to access the item, if any;

  • For every file or directory :

    • Its relative path; a directory may comprise the entire item;
    • Class of derogation to the principle of free communicability; 'AR038' for open access;
    • The start date of this derogation;
    • The duration of this derogation, if necessary - it might be better that this value is looked up in a separate table;

    • For each access permission:

      • The relative path to the scanned permission;
      • The start date of the permission; by default it will be the start date of the derogation;
      • The end date of the permission; if empty, unlimited permission. Note that different dates might be found on different permissions; in that case, consider the most restrictive one.

• Automatic calculations of dates:

  • When processing a new version of 'accessRights.xml', the system will determine the access rights of each document according to its properties;
  • During processing, the system identifies the earliest date on which an access must be changed, and this date will be stored in a variable attached to the object;
  • Everyday the system will scan the dates of upcoming changes and retired accessRights.xml 'to any object whose rights need to be revised.

_