eporter23
commented
1 month ago @katfish2 Since we are actively working on assessing many aspects of the above related to the Virtual Reading Room grant, I am moving this into Review for now.
Open katfish2 opened 1 year ago
eporter23
commented
1 month ago @katfish2 Since we are actively working on assessing many aspects of the above related to the Virtual Reading Room grant, I am moving this into Review for now.
Is your feature request related to new functionality not yet included in the product? Please describe. Is your feature request related to a problem or a change to existing functionality? Please describe. Potentially both. Current access controls don't allow researchers without Emory credentials to access restricted content (Rose high view, Emory low download, Emory high download) without workarounds outside of EDC; of course this is by design and meant to align with donor agreements and copyright restrictions, but the limited flexibility and nuance can be a challenge. The current options cover our most common use cases, but we frequently have situations that require granting users who are not in the reading room or who do not have an Emory account some level of access to non-public content (for example, a researcher obtains permission from a rightsholder to use a normally Rose-only collection remotely or we need to give a non-Emory researcher who cannot travel temporary, mediated access to an Emory-only collection the way we can for non-public content in Aviary). I expect these use cases will become even more central as we extend our policy framework for long-term, post-COVID remote access and as we explore "virtual reading room" arrangements that allow us to grant specific authenticated users or partner sites access to content on a limited basis.
Describe the solution you'd like A way for a non-Emory user to authenticate and view content in EDC that is not public (and, when necessary, for an Emory or non-Emory user to be granted remote access to Rose-only content), upon request and with the approval of an appropriate content admin. I don't have a specific mechanism in mind and am open to any solution or combination of solutions that would support evolving remote access needs: Setting up local/EDC-specific user accounts that we can control permissions for (if it's possible to have non-SSO authenticated users in Hyrax)? Creating additional access control tiers? Implementing temporary check-outs of specific items/collections to approved users upon request? Creating a shared account that's only for EDC so it doesn't pose security risks across Emory systems when users sign in with it to access Rose-only content (more context for this below under alternatives)?
Describe alternatives you've considered 1) Rose currently has a sponsored Emory account that reading room visitors or approved remote researchers can use to log into Emory systems to view non-public content. (This mostly used for accessing AV in the Keep, but we also use it for a few other things, like portions of Langmuir in EDC and the Emory Wheel in Luna.) This account technically does not comply with current OIT policy, and while we've been grandfathered in and have permission to keep it for now, we will eventually need to give it up and find a better way of managing and tracking access in situations where IP verification isn't possible. 2) Sometimes we download copies and share them via OneDrive for temporary access. This is cumbersome, not very secure, and means the content is viewed without context and metadata. 3) If there's no other way to share content, we will direct researchers to request copies through our reprographic workflows, which is time-consuming for staff and costly for researchers but has the advantage of not being limited based on the researcher's location or lack of Emory affiliation.
How will this impact users? We could provide a critical service and meet a known need in a more consistent, equitable way by essentially treating our virtual spaces as extensions of our physical facilities and providing access on the same terms (registration/authentication required, access is time-limited and must be requested, etc.). This would mean users facing fewer barriers to access because we would have a clear mechanism for extending permissions/visibility. Researchers who are unable to visit campus due to geography, finances, and/disability would have more options for access. Staff users would be able to more efficiently administer access requests and thus serve more users more quickly. Emory Libraries would be able to more seriously explore new use cases and partnerships for a "virtual reading room" approach, thus reaching entirely new groups of users.
Additional context I realize this suggestion has legal and policy implications that would shape implementation of the technical feature(s). I also realize this suggestion might actually be several enhancements rolled into one, so I would welcome a conversation about teasing out the different use cases and potential features embedded in a broad request like this.