The topics covered on this page include information regarding access management of data which has been ingested into the ECHO holdings. It is the responsiblity of the Data Partner to manage the availability of their datasets and properly restrict data to the user groups who should have access. All data management is performed through the ECHO API. ECHO providers an online tool, the Provider User Management Tool (PUMP), which facilitates all data management tasks which are performed by Data Partners.
For a more detailed description of data management actions, please refer to:
The information provided is broken up into the following topic areas:
To access the Provider User Management Program (PUMP) for data management activities, visit the following links:
In order to manage a Data Partner's access control, a user must be granted 'provider role' to the provider which they will be managing. The ECHO Operations staff, or another user with provider role, may grant this privilege to another user through PUMP. After the privilege has been granted, the privileged user may log into PUMP and will be presented with data management capabilities. A user may be granted 'provider role' to multiple providers, and will simply choose which provider they wish to manage after they have logged in.
ECHO Users who have been granted 'provider role' can create and manage user groups within ECHO. These user groups are used to create logical groupings of ECHO users which can then be granted access to publically restricted data. Each user group must have at least one manager and member. Each manager can add or remove members and managers from the group. A user who does not have 'provider role' can manage an ECHO group, but does not have the capability to create or remove a group. All user group management can be performed through PUMP.
Access Control List (ACL) rules are a list of conditioned rules which are used to filter the viewing and ordering of provider metadata. ACL management requires the 'provider role' privilege and can be performed through PUMP. An ACL rule has the following components:
Each rule has a specific condition which is used to determine whether the rule should be activated or not. Possible condition types are:
Each rule has a specific access type which specifies the action that will be taken if the rule is activated. Note that permitting access will override restricting access. Possible access types are:
Each rule has a specific action type which specifies the action that will be restricted or permitted the rule is activated. Note that users must be able to view a metadata record in order to order it. Possible action types are:
Each rule which grants access to metadata can be assigned to zero or more ECHO user groups. Note that if you do not choose an ECHO user group, the ACL rule will permit access to all users, overriding *all* other rules.
Each rule has a specific list of metadata records within a Data Provider's holdings to which a rule will be applied if the rule is activated. Possible metadata types are:
The restriction flag is a decimal value which is specified in a Data Partner's collection or granule metadata. Data Partners may use PUMP to configure an ACL which utilizes the restriction flag value within a record's metadata in order to determine visibility. The availability of data can then be changed during ECHO Ingest through the usage of partial updates or full metadata replacement. A granule or collection's restriction flag cannot be updated through the API.
Data Partners may use PUMP to configure collections within ECHO to have a visibility of "OPEN" or "RESTRICTED". A visibility setting of OPEN will allow the collection to be viewable by all ECHO users according to any associated Access Control List (ACL) rules. A visibility setting of RESTRICTED will override all associated ACL rules. Data in this state will only be accessible through the ECHO API if a user logs in by specifically setting their context to the collection's provider. To do so, the user must have been granted 'provider role.'
The visibility flag is most useful for hiding datasets within ECHO while ACL rules and Option Definitions are configured. ECHO strongly enourages providers to use ACL rules in order to restrict access to data in an ongoing basis. The visibility flag should only be used as a temporary method of restricting access.
The following items outline some common areas which Data Partners should be aware of while managing the access to their metadata.
A viewing permission rule must be created with the ECHO user group ECHO_Valids in order to allow a Data Partner's collections and granules to be accessible from WIST. WIST will not use this rule to allow access to data which should be restricted.
A viewing permission rule must be created with the ECHO_SYS user group in order to allow ECHO to complete autopopulation during ordering. If a Data Partner is not using the autopopulate functionality in the ECHO forms specification, then this rule does not need to be created. This is only a temporary solution to allow for autopopulation.
When a collection is inserted or replaced through ECHO ingest, the visibility is automatically reset to the value contained within the metadata. For Data Partners who are submitting metadata which requires translation to the ECHO 10.0 format, a default visibility is configured in ingest. This value is typically RESTRICTED, which means all collection inserts and replacements will restrict access. Providers should use PUMP to review and update collection visibility as needed.
All changes in visibility, user groups, and ACL rules are applied as soon as they are updated in ECHO.