Challenge

How do we handle access control, when referencing from the core DOMS to external resources, either intra- or internet based?

Cases

  1. Ripped CDs placed on a server positioned at Statsbiblioteket
  2. Papers placed on a restricted website, which Statsbiblioteket has access to

Solutions

A general solution is to route all resources through a core DOMS maschine. This is impractical for large files or streaming media.

Servers at Statsbiblioteket

A solution for Case 1, suggested by the technical department (the basement guys):

  1. Assume that access validation is already handled by the core DOMS.
  2. Let the CD server allow unrestricted access from DOMS maschines.
  3. Let the DOMS request a one-time URL from the CD server. The one-time URL is accessible from anywhere.
  4. Present the one-time URL to the end-user.

External resources

Make a proxy-server, which uses the same one-time validation schema as above.

Access control (last edited 2010-03-17 13:12:29 by localhost)