Skip to content

Retrieval Journey

The retrieval journey manages secure access to datasets, ensuring users can only access data they are authorized to view. This is managed by the Data Serving Service, which acts as a gatekeeper.

If a dataset is not public, the user must go through an access granting workflow:

  1. Contact: The user contacts the Data Controller via the provided template.
  2. Negotiation: Terms are negotiated and a contract is signed.
  3. Registration: The Data Controller updates the Roles & Rights DB via the management dashboard.
  4. Expiry: Access is time-limited; the system automatically removes access and notifies both parties once the duration expires.
sequenceDiagram
    participant U as Front-end/CLI
    participant G as API Gateway
    participant A as Data Serving Service
    participant R as Roles & Rights DB
    participant S as Storage

    U->>G: GET /dataset/{id}
    G->>A: Forward request
    A->>R: Check access rights (user + dataset ID)
    R-->>A: Confirm/Reject access

    alt User has access (public dataset OR pre-granted rights)
        A->>S: Fetch dataset
        S->>S: Prepare data
        S-->>A: Return data
        A-->>G: Deliver dataset
        G-->>U: Return dataset
    else User lacks access
        A-->>U: Access denied (403) + Data Controller contact info
    end

Key features:

  • Data Serving Service: Acts as the central gatekeeper, validating user identities and access rights before fetching data.
  • Role-Based Access Control: Manages permissions through a Roles & Rights database to distinguish between public datasets and those requiring specific grants.
  • Audit Logging: Maintains a complete record of all access attempts for security and compliance monitoring.

Access Control Flow

For non-public data, the system facilitates a structured workflow between the Data User and the Data Controller.

Key features of access management:

  • Time-Limited Access: Automatically removes user access and notifies all parties once a predefined duration expires.
  • Management Dashboard: Provides Data Controllers with an interface to select datasets, assign users, and set expiration dates.
  • Negotiation Workflow: Supports a formal process including term negotiation and contract signing before access is registered.

Key features of data delivery & packaging

  • Metadata & Provenance Inclusion: Packages datasets with their full metadata, origin, and processing history.
  • Secure Encrypted Transfer: Protects data integrity and privacy during transmission from storage to the user.
  • Format Preservation: Delivers data in its original format while including necessary reference datasets and usage guidelines.

Access Granting Process

sequenceDiagram
    actor U as Data User
    actor C as Data Controller
    participant R as Repository System

    U->>C: Contact via provided template (email/form)
    C->>U: Negotiate terms
    U->>C: Sign contract
    C->>R: Register access rights (user + dataset + duration)
    R-->>U: Confirm access granted
    Note over U,R: Time passes
    R->>R: Removes user access from access database
    R-->>C: Sends access expired notification
    R-->>U: Sends access expired notification

Access Management Interface

sequenceDiagram
    actor C as Data Controller
    participant F as Front-end
    participant G as API Gateway
    participant A as Access Management Service
    participant R as Roles & Rights DB

    C->>F: Log in (authenticate)
    F->>C: Show dataset management dashboard

    C->>F: Select dataset
    Note over F: Add user (email/ID)<br>Set expiration date
    C->>F: Press OK

    F->>G: POST /access-registry/<dataset_id>
    G->>A: Forward request
    A->>R: Update access rights (upsert record)

    alt Success
        R-->>A: Confirm update
        A-->>G: 200 OK
        G-->>F: 200 OK
        F->>C: Show success + summary of granted access
    else Failure (e.g., invalid user/dataset)
        R-->>A: Error (e.g., 404 dataset not found)
        A-->>G: 400/404 Error
        G-->>F: Propagate error
        F->>C: Show error message
    end