When reserves items need an access-control list
Graham Fawcett
I've got a question for the reserves librarians and staff out
there. Are there cases when you'd need to have an electronic reserve
item password-protected, at the reserve-system level, so that only
certain users could access it (e.g. the students in a given
course-section)?
Specifically, this is the scenario I'm thinking of:
* an instructor or librarian uploads documents (PDF, Word) into the
Reserves system, under a specific course-section (e.g. "English Lit
101, Fall 2010, Section 1").
* only students registered in that section must be able to access the
documents; no other users must have access to them.
I'm not talking about:
* the right to check out physical items (Does any reserves-desk expect
more than general patron privileges to check out a physical item? Do
you have "access-control lists" for books on reserve?)
* access to e-journal articles and other resources which are already
protected by other means (e.g. having to log into a reverse proxy)
* uploaded documents that may be viewed by *any* student, but just not
by anonymous visitors (The point isn't about requiring a login, it's
about requiring class-list-level permissions.)
So, is there a need for class-list-specific protection at anyone's
institution? If not, it will simplify some of the 'enterprise
connection' code I have in Syrup, and would make Syrup easier to
configure.
Best,
Graham
Joe Westra
electronically, restrictions from the publisher/author typically would
include limiting access at the class level... So, I would say yes it would
be necessary to restrict documents at the course level and helpful at the
document level.
The system that we presently use supports password protection at the course,
folder, and document level, each independently of each other. All three
levels are currently utilized on our campus, but we could make do with just
the course level.
Joe
University of Manitoba
Hi folks,
Best,
Graham
--
You received this message because you are subscribed to the Google Groups
"syrup-reserves-discuss" group.
To post to this group, send email to
syrup-reser...@googlegroups.com.
To unsubscribe from this group, send email to
syrup-reserves-di...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/syrup-reserves-discuss?hl=en.
Graham Fawcett
On Fri, Feb 12, 2010 at 10:55 AM, Joe Westra <joe_w...@umanitoba.ca> wrote:
>
> If copyright fees are being paid to make a particular document
> available electronically, restrictions from the publisher/author
> typically would include limiting access at the class level... So, I
> would say yes it would be necessary to restrict documents at the
> course level and helpful at the document level. The system that we
> presently use supports password protection at the course, folder,
> and document level, each independently of each other. All three
> levels are currently utilized on our campus, but we could make do
> with just the course level.
Thanks, Joe, that's good to know -- I didn't know if anyone currently
needed course-level permissions. I'd like to keep Syrup flexible
enough to work well in the absence of course-level permissions, but
not make it a burden to add them where they are needed.
Karen Hunt Keiller wrote (off-list -- I hope you don't mind me copying
your response here, Karen):
>
> just my opinion. the ereserves system we had at University of
> Winnipeg did not have the ability to do this, and I can't remember a
> time when it was a problem.
> docutec eres (SIRSI) that we have at University of Manitoba has the
> ability, and I think it is occasionally used, but IMHO it is not
> necessary.
> Once again, in my opinion, if someone had that requirement, they
> would probably be putting the documents in the Course Management
> System. I think we should be careful not to build a system that
> duplicates the functionality of of the course management systems
> available, but allow the library to do the backend document
> management, and has the hooks so that course management systems can
> ingest supplemental course readings that the library manages.
Yes. I admit, I like the idea of handing off the responsibility for
fine-grained protection to the CMS, since it would keep the reserves
system simpler. It seems that it might make the reserves librarian's
job harder, though, since they'd need to put the sensitive documents
in the CMS, and everything else in the Reserves system? I wonder if
the disjointness would irritate both the librarian and the students.
I think course-level integration is going to remain an option in
Syrup; but since it will take some integration effort (unique to each
institution), some might choose not to enable it. Those institutions
could use the CMS or another facility to protect the sensitive stuff.
CMS integration is important, and I'm keen not to duplicate CMS
functionality (although by necessity there will be some minor
overlaps). Syrup already has quite good Atom feeds, and most CMS's
should be able to ingest those easily, letting the reserves-list
appear as a first-class part of a CMS course-site.
Thanks for the feedback. Would anyone else on-list care to share
whether they use course-level access control in their current reserves
system, and how important it is to them? It would be great to know if
course-level controls were the norm or the exception out there.
Best,
Graham
robin
then OLA.
It sounds like we're going to have to include some level of password
protection in Syrup because:
On Feb 17, 6:46 pm, Graham Fawcett <graham.fawc...@gmail.com> wrote:
> Hi Karen and Joe (sorry for the slow response),
>
robin
finish it (Chrome....hmmm...)
Anyway, the reasons I think we'll need to include password protection
are:
1) We can't guarantee that a given school will have a CMS
2) Managing access to reserves is, in my opinion, a job for a reserves
system and I'm not comfortable passing it off to another piece of
software ie CMS
3) The RFP was big on electronic rights management, and I believe we
should try to stay true to the RFP as it represents the most
comprehensive description of the need that we've got so far.
Those are my thoughts, for what they're worth.
thoughts?
cheers,
Robin