-
Notifications
You must be signed in to change notification settings - Fork 25
Authentication and Authorization Policies
This draft is a proposal to define Authentication and Authorization (AA) policies for CONP datasets. It is proposed to define the authorization and authentication mechanisms used by each particular dataset in the DATS document describing the metadata of the dataset. Harmonization of these policies across storage platforms and datasets will be sought but not enforced.
One of the following three types of authorization policies must be specified in the DATS model of the dataset:
- Public dataset: no authorization is required
- Registered access dataset: authorization from CONP is required. The authorization policy should be defined by the CONP steering committee. It is proposed to authorize any member of a Canadian academic institution.
- Private dataset: custom authorization from the data provider is required. The procedure to request such authorization should be mentioned.
It is recommended that datasets adopt authorization policies 1. or 2.
If the dataset requires registered access or is private, then an authentication system must be specified in the DATS model. The recommended authentication mechanism is through ORCIDid, consistently to what has been implemented in the portal. It should be noted that getting an ORCID account doesn't imply that the user will be authorized to access the datasets (see authorization policy). The DATS model of the dataset will specify if the authentication mechanism is ORCIDid, or if it is custom to the platform. If the authentication mechanism is custom to the platform, then the documentation on how to get an account, and which authentication protocol is used will be specified in the DATS model.
- Get the developers' and TSC's feedback and approval on this document
- Get the steering committee's feedback and approval on this document
- Extend the DATS model to describe the final policies, update the DATS validator accordingly
- Specify the AA policies in each dataset