Wiki

Role Based Access Control (RBAC)


heiARCHIVE is a specialized system designed for the long-term archiving of scientific data. As a tool designed to assist with the storage, retrieval, and management of a vast amount of scientific information, it is built with a clear role-based structure. This structure is meant to facilitate the efficient execution of tasks, ensuring that projects are properly initiated, managed, and archived. Each role has specific responsibilities and capabilities within the system. The following is a breakdown of the roles and their respective duties within the heiARCHIVE system:

Project Owner:

The Project Owner is the primary initiator for any project in the heiARCHIVE system. Their responsibilities include:

  • Initiating projects: The Project Owner has the authority to begin new projects within the system. This initiation process requires a cost center.
  • Assigning project leaders: Once a project is initiated, the Project Owner assigns a Project Leader to oversee the details of the project.

Project Leader:

The Project Leader takes control after the project has been initiated. Their key responsibilities are:

  • Opening archives within a project: After the Project Owner initiates a project, the Project Leader opens the specific archives for that project.
  • Establishing parameters for archives: The Project Leader sets up the main parameters for the archives, which include quotas, managing duplicates, and defining the duration for which the archives should be kept.
  • Appointing a data manager: The Project Leader assigns a Data Manager, who will be in charge of the details of the data within the archives.

Data Manager:

The Data Manager handles the more granular aspects of data management within the archives. Their role involves:

  • Opening packages within an archive: The Data Manager creates individual packages within the overall archive.
  • Defining metadata for packages: For each package, the Data Manager is responsible for creating and managing the metadata.
  • Uploading data into packages: The Data Manager uploads the specific data into the packages.
  • Starting the archiving process for packages: Once the packages are set up and data uploaded, the Data Manager initiates the process of archiving these packages.
  • Retrieving archived packages: The Data Manager has the authority to retrieve any archived packages when required.