Access Control Planning **
Context
This pattern should help in making choices about the access control system in the planning phase of a collection.
Description of pattern
This pattern relates to general considerations of access control in digital collections. It is an general access control pattern.
Problem description
When publicising a collection thought must be given to the presentation of material to the public or parts thereof.
What are the rights and what are the presentational requirements? If there is a need for online presentation, and if not; is access control required in a traditional login form.
When access control is needed at a level of granularity of individual login, problems arise if there is a Single Point of Failure (SPoF). It must be noted that a more coarse granularity is not the same as a removal of the SPoF problem.
Solution
The access control of users should support at least two different methods, a SPoF should be avoided. The different methods do not need to support the same granularity of login, although it is often desirable. A system may operate with a backup procedure of local access only, it will not operate with no access. If the granularity of the different login techniques allow it make a fall-back solution to allow for unexpected breakdowns. If not have policies in place for when breakdowns occur. And communicate to the end-user that all possible is being done.
Consider next
The actual implementation of access control on the collection(s), see pattern(s):