Retrieval Journey
The retrieval journey manages secure access to datasets, ensuring users can only access data they are authorized to view. This is managed by the Data Serving Service, which acts as a gatekeeper.
If a dataset is not public, the user must go through an access granting workflow:
- Contact: The user contacts the Data Controller via the provided template.
- Negotiation: Terms are negotiated and a contract is signed.
- Registration: The Data Controller updates the Roles & Rights DB via the management dashboard.
- Expiry: Access is time-limited; the system automatically removes access and notifies both parties once the duration expires.
sequenceDiagram
participant U as Front-end/CLI
participant G as API Gateway
participant A as Data Serving Service
participant R as Roles & Rights DB
participant S as Storage
U->>G: GET /dataset/{id}
G->>A: Forward request
A->>R: Check access rights (user + dataset ID)
R-->>A: Confirm/Reject access
alt User has access (public dataset OR pre-granted rights)
A->>S: Fetch dataset
S->>S: Prepare data
S-->>A: Return data
A-->>G: Deliver dataset
G-->>U: Return dataset
else User lacks access
A-->>U: Access denied (403) + Data Controller contact info
endKey features:
- Data Serving Service: Acts as the central gatekeeper, validating user identities and access rights before fetching data.
- Role-Based Access Control: Manages permissions through a Roles & Rights database to distinguish between public datasets and those requiring specific grants.
- Audit Logging: Maintains a complete record of all access attempts for security and compliance monitoring.
Access Control Flow
For non-public data, the system facilitates a structured workflow between the Data User and the Data Controller.
Key features of access management:
- Time-Limited Access: Automatically removes user access and notifies all parties once a predefined duration expires.
- Management Dashboard: Provides Data Controllers with an interface to select datasets, assign users, and set expiration dates.
- Negotiation Workflow: Supports a formal process including term negotiation and contract signing before access is registered.
Key features of data delivery & packaging
- Metadata & Provenance Inclusion: Packages datasets with their full metadata, origin, and processing history.
- Secure Encrypted Transfer: Protects data integrity and privacy during transmission from storage to the user.
- Format Preservation: Delivers data in its original format while including necessary reference datasets and usage guidelines.
Access Granting Process
sequenceDiagram
actor U as Data User
actor C as Data Controller
participant R as Repository System
U->>C: Contact via provided template (email/form)
C->>U: Negotiate terms
U->>C: Sign contract
C->>R: Register access rights (user + dataset + duration)
R-->>U: Confirm access granted
Note over U,R: Time passes
R->>R: Removes user access from access database
R-->>C: Sends access expired notification
R-->>U: Sends access expired notificationAccess Management Interface
sequenceDiagram
actor C as Data Controller
participant F as Front-end
participant G as API Gateway
participant A as Access Management Service
participant R as Roles & Rights DB
C->>F: Log in (authenticate)
F->>C: Show dataset management dashboard
C->>F: Select dataset
Note over F: Add user (email/ID)<br>Set expiration date
C->>F: Press OK
F->>G: POST /access-registry/<dataset_id>
G->>A: Forward request
A->>R: Update access rights (upsert record)
alt Success
R-->>A: Confirm update
A-->>G: 200 OK
G-->>F: 200 OK
F->>C: Show success + summary of granted access
else Failure (e.g., invalid user/dataset)
R-->>A: Error (e.g., 404 dataset not found)
A-->>G: 400/404 Error
G-->>F: Propagate error
F->>C: Show error message
end