Revision 6161
Added by Aaron Marcuse-Kubitza about 12 years ago
inputs/SALVIAS/_src/salvias_data_access_controls.txt | ||
---|---|---|
1 |
SALVIAS intellectual property rights policies and data access controls |
|
2 |
|
|
3 |
This document explain the general SALVIAS intellectual property rights policy, data |
|
4 |
ownership and access metadata within the SALVIAS plots database, and their implementation |
|
5 |
within the SALVIAS web interface (UI). |
|
6 |
|
|
7 |
CONTENTS |
|
8 |
1. PROJECT-LEVEL ACCESS CONTROLS |
|
9 |
2. PLOT-LEVEL ACCESS CONTROLS |
|
10 |
3. USER-LEVEL ACCESS CONTROLS |
|
11 |
4. GENERAL SALVIAS DATA ACCESS POLICY |
|
12 |
5. DATA DOWNLOAD LOGS |
|
13 |
________________________________________________ |
|
14 |
|
|
15 |
1. PROJECT-LEVEL ACCESS CONTROLS |
|
16 |
|
|
17 |
These reside in table 'projects' and apply to sets of plot representing a particular |
|
18 |
research project and owned and administered by a particular data provider/owner. All |
|
19 |
these settings can be over-ridden by plot-level and user-level controls. |
|
20 |
|
|
21 |
`project_pi` |
|
22 |
VARCHAR(30) |
|
23 |
The username of the main (designated) owner of all plots in the project. This person |
|
24 |
always has full, grant level access for all plots within the project (i.e., access |
|
25 |
level=4; see below). `project_pi` is a foreign key to tbl_salvias.`username` in the |
|
26 |
separate database salvias_users. |
|
27 |
|
|
28 |
`allow_download_all` |
|
29 |
TINYINT(1), DEFAULT(1), Values (0,1) |
|
30 |
The setting only affects whether or not the download_all icon appears when all plots |
|
31 |
within a particular project are displayed. `allow_download_all`=0 has the effect of |
|
32 |
preventing the download_all icon from displaying. `allow_download_all`=1 allows the |
|
33 |
download_all icon to display. Note that this setting is over-ridden by plot-level and |
|
34 |
user-level access controls. Even if `allow_download_all`=0, individual plot data download |
|
35 |
icons may display according to the individual access setting for each plot. For this |
|
36 |
reason, `allow_download_all` really does not control access in any meaningful way, but |
|
37 |
only governs whether users are allowed the convenience of downloading all plots in a |
|
38 |
single file as opposed to downloading plots one by one. |
|
39 |
|
|
40 |
`ipr_specific` |
|
41 |
LONGTEXT, Values: unconstrained, DEFAULT: "There are no specific use conditions attached |
|
42 |
to this dataset. For general use conditions, see SALVIAS General Participant Agreement at |
|
43 |
http://www.salvias.net/eula/eula1.html" |
|
44 |
Text IPR statement transmitted with all downloads for this dataset. In theory, the |
|
45 |
default message should be used only if `allow_download_all`=1 and AccessLevel=1 (see below) |
|
46 |
However, we have been inconsistent in the use of this field. The contents of this |
|
47 |
field do not affect behavior of the UI. |
|
48 |
|
|
49 |
The following query shows these settings for the current salvias_plots database: |
|
50 |
|
|
51 |
mysql> SELECT project_id, LEFT(project_name, 30), project_pi, allow_download_all, |
|
52 |
-> LEFT(ipr_specific, 36) |
|
53 |
-> FROM projects; |
|
54 |
+------------+--------------------------------+-----------------+--------------------+--------------------------------------+ |
|
55 |
| project_id | LEFT(project_name, 30) | project_pi | allow_download_all | LEFT(ipr_specific, 36) | |
|
56 |
+------------+--------------------------------+-----------------+--------------------+--------------------------------------+ |
|
57 |
| 1 | Gentry Transect Dataset | jsmiller | 1 | There are no specific use conditions | |
|
58 |
| 2 | Boyle Transects | bboyle | 1 | There are no specific use conditions | |
|
59 |
| 3 | OTS Transects | bboyle | 1 | | |
|
60 |
| 5 | RAINFOR - 0.1 ha Madre de Dios | oliverp | 1 | There are no specific use conditions | |
|
61 |
| 6 | Noel Kempff Forest Plots | tkilleen | 1 | There are no specific use conditions | |
|
62 |
| 7 | Noel Kempff Savanna Plots | tkilleen | 1 | There are no specific use conditions | |
|
63 |
| 8 | Inventarios de Bosques en Ecua | neill | 0 | There are no specific use conditions | |
|
64 |
| 9 | Inventarios de Bosques de la C | neill | 0 | There are no specific use conditions | |
|
65 |
| 10 | Enquist Lab Transect Dataset | benquist | 1 | There are no specific use conditions | |
|
66 |
| 11 | INW Vegetation Plots | jennings | 1 | There are no specific use conditions | |
|
67 |
| 12 | Cam Webb Borneo Plots | cam_webb | 1 | There are no specific use conditions | |
|
68 |
| 13 | Pilon Lajas Treeplots Bolivia | tkilleen | 1 | There are no specific use conditions | |
|
69 |
| 14 | Madidi Transects | peter jorgensen | 1 | There are no specific use conditions | |
|
70 |
| 16 | nsf_example | nsf_salvias | 1 | There are no specific use conditions | |
|
71 |
| 17 | Madidi Permanent Plots | peter jorgensen | 1 | There are no specific use conditions | |
|
72 |
| 18 | SERBO Selva Seca Oaxaca | boyle_admin | 0 | There are no specific use conditions | |
|
73 |
| 19 | DeWalt Bolivia forest plots | sdewalt | 1 | There are no specific use conditions | |
|
74 |
| 21 | La Selva Secondary Forest Plot | letcher | 1 | There are no specific use conditions | |
|
75 |
| 22 | ACA Amazon Forest Inventories | ncpitman | 1 | There are no specific use conditions | |
|
76 |
| 23 | Madidi Savana Line Transects | peter jorgensen | 1 | | |
|
77 |
| 24 | Bonifacino Forest Transects | mbonifacino | 1 | There are no specific use conditions | |
|
78 |
| 25 | RAINFOR - 1 ha Peru | oliverp | 1 | There are no specific use conditions | |
|
79 |
+------------+--------------------------------+-----------------+--------------------+--------------------------------------+ |
|
80 |
22 rows in set (0.00 sec) |
|
81 |
|
|
82 |
2. PLOT-LEVEL ACCESS CONTROLS |
|
83 |
|
|
84 |
SALVIAS maintains one plot-level access control. It's definition is stored in the |
|
85 |
table `lookup_plot_security_levels`, and takes on the following values: |
|
86 |
|
|
87 |
mysql> select * from lookup_plot_security_levels; |
|
88 |
+-------+---------------------------+ |
|
89 |
| level | description | |
|
90 |
+-------+---------------------------+ |
|
91 |
| 1 | No Access | |
|
92 |
| 2 | Can view plot metadata | |
|
93 |
| 3 | Can download plot details | |
|
94 |
| 4 | Can assign access to plot | |
|
95 |
+-------+---------------------------+ |
|
96 |
4 rows in set (0.00 sec) |
|
97 |
|
|
98 |
These values from 1-4 are assigned to column `AccessCode` in table PlotMetadata, and are |
|
99 |
used by the UI to enforce access as follows: |
|
100 |
|
|
101 |
1: Plot metadata is not displayed and data cannot be downloaded. Effectively, such plots |
|
102 |
are invisible to all users. The only exceptions are (i) database administrators and |
|
103 |
(ii) users who have been granted plot x user access which over-rides the plot-level |
|
104 |
setting (see 3. USER-LEVEL ACCESS CONTROLS, below). |
|
105 |
2: Plot metadata are displayed and can be downloaded (in a small file describing locality, |
|
106 |
lat, long, elevation, etc.), but not the full data. Instead of a data download icon, |
|
107 |
the user sees a question mark icon. The plan was that this would generate an email |
|
108 |
message which would be sent to the plot owner, requesting access, but we never got |
|
109 |
around to implementing this feature. In any case, this setting means the user must |
|
110 |
contact the data owner (or database administrator, who forward the request) to request |
|
111 |
access. |
|
112 |
3: Plot metadata are displayed, and both the metadata file and full raw data file are |
|
113 |
downloadable (i.e., the download icons appear for both metadata and full data). |
|
114 |
4. Same as 3, plus the user may change default access level for a plot and grant user- |
|
115 |
level access to particular users for this plot (see 3. USER-LEVEL ACCESS CONTROLS, |
|
116 |
below). |
|
117 |
|
|
118 |
For database administrators and data owners, the UI allows setting of a default, project- |
|
119 |
level access. In practice, this is simply done by update query that assigns one of the |
|
120 |
four access codes to all plots within a project. |
|
121 |
|
|
122 |
3. USER-LEVEL ACCESS CONTROLS |
|
123 |
|
|
124 |
User-level access controls use the same four codes defined above (see 2. PLOT-LEVEL ACCESS |
|
125 |
CONTROLS). These are set on a user x plot basis, and override plot-level access control |
|
126 |
for specific users. Only database administrators or users with access level=4 for a |
|
127 |
specific plot may assign or change the access levels for other users for that plot. |
|
128 |
User x plot access levels are stored in the table `permissions_plot_user`, which has the |
|
129 |
following definition: |
|
130 |
|
|
131 |
mysql> describe permissions_plot_user; |
|
132 |
+--------------+--------------+------+-----+---------+-------+ |
|
133 |
| Field | Type | Null | Key | Default | Extra | |
|
134 |
+--------------+--------------+------+-----+---------+-------+ |
|
135 |
| plot_id | int(11) | | PRI | 0 | | |
|
136 |
| username | varchar(50) | | PRI | | | |
|
137 |
| access_level | mediumint(9) | | MUL | 0 | | |
|
138 |
+--------------+--------------+------+-----+---------+-------+ |
|
139 |
3 rows in set (0.00 sec) |
|
140 |
|
|
141 |
`plot_id` links to PlotMetadata.`PlotID` and `username` links to tbl_users.`username` in |
|
142 |
the separate database salvias_users: |
|
143 |
|
|
144 |
mysql> describe tbl_users; |
|
145 |
+------------------+--------------+------+-----+---------+----------------+ |
|
146 |
| Field | Type | Null | Key | Default | Extra | |
|
147 |
+------------------+--------------+------+-----+---------+----------------+ |
|
148 |
| id | mediumint(9) | | PRI | NULL | auto_increment | |
|
149 |
| username | varchar(30) | | UNI | | | |
|
150 |
| password | varchar(250) | YES | | NULL | | |
|
151 |
| lname | varchar(25) | YES | | NULL | | |
|
152 |
| fname | varchar(25) | YES | | NULL | | |
|
153 |
| email | varchar(100) | YES | | NULL | | |
|
154 |
| alt_email | varchar(60) | YES | | NULL | | |
|
155 |
| html_link_id | mediumint(9) | YES | | NULL | | |
|
156 |
| address | varchar(200) | YES | | NULL | | |
|
157 |
| city | varchar(100) | YES | | NULL | | |
|
158 |
| state | varchar(11) | YES | | NULL | | |
|
159 |
| zip | varchar(15) | YES | | NULL | | |
|
160 |
| phone | varchar(25) | YES | | NULL | | |
|
161 |
| country_id | int(11) | YES | | NULL | | |
|
162 |
| room_number | varchar(10) | YES | | NULL | | |
|
163 |
| institution_id | int(11) | YES | | NULL | | |
|
164 |
| Department | varchar(50) | YES | | NULL | | |
|
165 |
| spec_dq_priority | tinyint(4) | | | 0 | | |
|
166 |
+------------------+--------------+------+-----+---------+----------------+ |
|
167 |
18 rows in set (0.00 sec) |
|
168 |
|
|
169 |
If there is an entry for a particular user x plot combination in table |
|
170 |
permissions_plot_user, it overrides the settings of PlotMetadata.AccessCode. User-level |
|
171 |
permissions are therefore optional. If there are no entries for a given plot x user in |
|
172 |
table permissions_plot_user, then the default setting for that plot in |
|
173 |
PlotMetadata.AccessCode applies. |
|
174 |
|
|
175 |
4. GENERAL SALVIAS DATA ACCESS POLICY |
|
176 |
|
|
177 |
SALVIAS general data access policy requires that users contact data owners and offer them |
|
178 |
co-authorship, unless they specifically indicate that data are publicly available and do |
|
179 |
not require co-authorship. In other words, even if the data can be freely downloaded, you |
|
180 |
must still contact the data owner and offer them co-authorship, unless the access |
|
181 |
conditions transmitted with the dataset (as stored in salvias_plots.projects.ipr_specific; |
|
182 |
see 1. PROJECT-LEVEL ACCESS CONTROLS, above) specifically state that no conditions are |
|
183 |
attached to the data. Users agree to this policy as a condition of access to SALVIAS. |
|
184 |
Furthermore, they are notified that all their data downloads are logged and reported to |
|
185 |
the original data provider. |
|
186 |
|
|
187 |
A statement of this policy is stored in licence_lookup.ipr_brief_text in the salvias_users |
|
188 |
database, and is currently as follows: |
|
189 |
|
|
190 |
--------------------------- |
|
191 |
|
|
192 |
As a participant of the SALVIAS network, I recognize that transfer of any data between project participants does not imply the transfer of rights to publication of the data. Therefore, I agree first to obtain the consent of the original data providers before submitting any work for publication. Furthermore, I understand that when I publish an analysis based wholly or in part on the data of another SALVIAS participant, the original data provider shall be co-author on that publication, unless he or she specifically relinquishes co-authorship. I agree to involve data-contributors in the analysis and writing of any research based on their data, whenever this is appropriate. I agree to abide by all conditions of data access set by individual data providers for data managed by SALVIAS and its participants, and understand that I may not redistribute any data obtained through SALVIAS, unless specifically permitted to do so by the original data provider. As a specific condition of use of the SALVIAS plots database, I agree to have my download activity recorded by SALVIAS; all downloads of plot data by me will be reported to the respective plot owners, along with my identity and contact information. I further agree to acknowledge SALVIAS as a source of any data or information obtained through the SALVIAS website. The SALVIAS website should be cited as: |
|
193 |
|
|
194 |
"The SALVIAS Project (2002 and onward). Retrieved [date_retrieved], from http://www.salvias.net" |
|
195 |
|
|
196 |
Rights and obligations of SALVIAS participants |
|
197 |
|
|
198 |
As a SALVIAS participant, you may request access to data managed by SALVIAS, subject to any restrictions set by individual data providers for individual data sets. As a participant, you must abide by the SALVIAS General Participant Agreement, in addition to any specific data access conditions set by individual data providers for data which you obtain from SALVIAS. |
|
199 |
|
|
200 |
As a contributor of data to SALVIAS ("data provider"), you are entitled to set the level of access for any data that you provide, as specified by the data access categories outlined below. SALVIAS agrees to limit access to your data, and to transfer your data to requesting parties, only as permitted by the data access restrictions set by you. As a contributor of plot data, you are entitled to view download activity of your plots by other SALVIAS members, and contact information for those members. As a contributor of data to SALVIAS, you automatically become a participant in the SALVIAS network. |
|
201 |
|
|
202 |
------------------------- |
|
203 |
|
|
204 |
This policy is displayed to all new users when they sign up to SALVIAS. They are asked to |
|
205 |
agree to this policy and their response is stored in the table licence_user_lookup: |
|
206 |
|
|
207 |
mysql> SELECT * FROM licence_user_lookup LIMIT 12; |
|
208 |
+-------------+------------+----------+------------+ |
|
209 |
| username | licence_id | accepted | date | |
|
210 |
+-------------+------------+----------+------------+ |
|
211 |
| bboyle | 1 | Y | 2004-05-07 | |
|
212 |
| benquist | 1 | Y | 2004-05-07 | |
|
213 |
| vishal | 1 | Y | 2004-05-07 | |
|
214 |
| mweiser | 1 | Y | 2004-10-27 | |
|
215 |
| gracia | 1 | Y | 2004-05-07 | |
|
216 |
| madmin | 1 | Y | 2004-05-07 | |
|
217 |
| JoeUser | 1 | Y | 2004-05-07 | |
|
218 |
| tkilleen | 1 | Y | 2004-05-07 | |
|
219 |
| ipni | 1 | Y | 2004-05-10 | |
|
220 |
| boyle_admin | 1 | Y | 2004-05-10 | |
|
221 |
| gaube | 1 | Y | 2004-05-10 | |
|
222 |
| sdewalt | 1 | Y | 2004-05-10 | |
|
223 |
+-------------+------------+----------+------------+ |
|
224 |
12 rows in set (0.00 sec) |
|
225 |
|
|
226 |
Users are blocked from accessing SALVIAS unless they respond yes. |
|
227 |
|
|
228 |
Whenever the general access policy is altered, the UI forces all users to review the |
|
229 |
revised policy on next login. Again, they must agree (or not) to the policy, and are only |
|
230 |
allowed access if they agree. |
|
231 |
|
|
232 |
5. DATA DOWNLOAD LOGS |
|
233 |
|
|
234 |
As an aid to "self-enforcement" of the SALVIAS data access policy, all downloads of plot |
|
235 |
data are recorded and stored in the table log_plot_download in the salvias_plots database. |
|
236 |
|
|
237 |
The following shows the 10 most recent plot data downloads from SALVIAS: |
|
238 |
|
|
239 |
mysql> select * from log_plot_download |
|
240 |
-> order by download_timestamp desc |
|
241 |
-> limit 10; |
|
242 |
+-----------+---------------------+----------------+---------+--------------------+------------+ |
|
243 |
| EnteredBy | download_timestamp | ip | plot_id | plot_administrator | project_id | |
|
244 |
+-----------+---------------------+----------------+---------+--------------------+------------+ |
|
245 |
| bboyle | 2012-11-14 10:30:28 | 150.135.114.36 | 25928 | ncpitman | 22 | |
|
246 |
| bboyle | 2012-11-14 10:20:33 | 150.135.114.36 | 510 | neill | 9 | |
|
247 |
| ncpitman | 2012-11-08 14:36:54 | 177.114.79.135 | NULL | | 25 | |
|
248 |
| ncpitman | 2012-11-08 13:43:13 | 177.114.79.135 | NULL | | 25 | |
|
249 |
| ncpitman | 2012-11-05 16:32:50 | 177.114.39.21 | NULL | | 1 | |
|
250 |
| ncpitman | 2012-11-05 15:33:16 | 177.114.39.21 | NULL | | 1 | |
|
251 |
| vbuzzard | 2012-10-26 09:09:29 | 10.134.165.192 | 26229 | | 10 | |
|
252 |
| vbuzzard | 2012-10-26 09:08:34 | 10.134.165.192 | 26229 | | 10 | |
|
253 |
| rgarcia | 2012-10-26 04:02:22 | 193.62.154.252 | 412 | Percy Nunez V. | 5 | |
|
254 |
| rgarcia | 2012-10-26 04:02:17 | 193.62.154.252 | 411 | Percy Nunez V. | 5 | |
|
255 |
+-----------+---------------------+----------------+---------+--------------------+------------+ |
|
256 |
10 rows in set (0.05 sec) |
|
257 |
|
|
258 |
`EnteredBy` is the username of the user executing the download. The IP of the computer from |
|
259 |
which the user accessed the data is also recorded. `project_id` and `plot_id` |
|
260 |
identify the actual plot downloaded. `plot_administrator` is a FK to tbl_users.username in |
|
261 |
database salvias_users, and identifies the main data owner (should also be the same |
|
262 |
as projects.project_pi). |
|
263 |
|
|
264 |
Data owners (projects.project_pi) can view a list of all downloads of their plots whenever |
|
265 |
they log onto salvias. As well as any user with permission level=4 (see 3. |
|
266 |
USER-LEVEL ACCESS CONTROLS, above) can view the download log for all plot for which they |
|
267 |
have level 4 access. Database administrators can view download logs for all plots at all |
|
268 |
times. |
|
269 |
|
|
270 |
We had also planned to have the UI automatically notify plot owner via email any time |
|
271 |
someone downloaded their plots, but never got around to it. An ideal implementation would |
|
272 |
be to allow users to "opt in" to receiving these notifications, with the additional option |
|
273 |
of receiving a notification following each download or a weekly digest. |
|
274 |
|
Also available in: Unified diff
Added inputs/SALVIAS/_src/salvias_data_access_controls.txt