Though most objects in the repository are meant for open access, occasionally copyrights or other constraints require that access be blocked to some or all users. In cases where the items are delivered through a custom delivery application, that application would implement the logic to omit or display in a limited manner such protected objects which is necessary for a consistent and attractive user interface, but for security, repository-level access control features must be implemented.
For copyrighted materials we assert fair use rights on delivery of very low resolution thumbnail images, but block all other access. In the current cases, determination of copyright (vs public domain) is done by comparing the date stored in the MODS metadata record with 1922, the year from which all published materials will retain copyright status indefinitely.
For images/items that should not be exposed to anyone for other reasons a policy is in place to block all access (even thumbnails) to the imgaes in question. For catalogers or other privileged individuals, a web service exists that requires cas authentication and custom authorization to proxy the data from fedora using an administrative user account.
Fedora XACML policies
For object-level access control, policies are expected to be known at ingest time (when they need to being taking effect). This is easy for some cases (where some images are known to be sensitive) but tricky for cases where the access control policy is based about metadata that may not be complete or accurate at ingest time.
At ingest time, a master map of local item ids to policies is consulted and the newly ingested object is given a POLICY datastream at that time.
Open questions and future needs
- Can/should we integrate Fedora with IU's authentication systems? CAS, LDAP? This may be better than creating new accounts in the even that we need colleciton manager access on a wider scale.
- Access control might be needed based on user identity. What is the best way/place to implement such requirements?