Upload
periclesfp7
View
188
Download
0
Embed Size (px)
Citation preview
GRANT AGREEMENT: 601138 | SCHEME FP7 ICT 2011.4.3 Promoting and Enhancing Reuse of Information throughout the Content Lifecycle taking account of Evolving Semantics [Digital Preservation]
Policies, change management and quality assuranceFabio Corubolo - University of LiverpoolIDCC, Amsterdam, 25 February 2016
● Preservation can be integrated into existing organization ecosystem instead of standing separate
● Policies are important both for preservation, and other objectives
● Use existing infrastructure - save on costs
PERICLES on preservation, policies
●Managing and enforcing policy in the overall infrastructure, is qualified, hard work
●Good management requires Quality Assurance
●Change an obsolescence is constant
●Practice can deviate from policy
Why are we doing this ?
●Notice when practice starts to deviate from policies
http://arstechnica.com/tech-policy/2015/08/cops-decide-to-collect-less-license-plate-data-after-80gb-drive-got-full/
Real life example
Policies: What drives an organisation:● access should be free● confidential data should
not leave the organisation
“high and intermediate level natural language descriptions of an institution’s aims/goals, with what constraints.”
What do we mean with Policy
POLICY ID 2:
"Project data must be preserved in at least 3
internal copies and in 1 external (in a trusted
external organisation) copy ”
POLICY ID 1:
"Project data must be preserved for 10 years”
type: bit preservation
Quality Assurance:Validates that policies are respected and ecosystem is in a consistent state
“Program for the systematic monitoring and ]evaluation of the various aspects of a project, service, [...] to ensure [...] quality” (Webster)
Change management: ● Manages changes in the ecosystem ● Rule: if a file changes,
re run any policy that applies to it (e.g. replication, data calibration)
… QA and change management
QA method:
TEST the existence of X
copies of the data in the
tape libraries
Change management :
Rule: process data with
latest auxiliary data
● Use arbitrary language, infrastructure, and approach
● Manually ensure that the policy is respected
● When change happens, hope for the best; or re-validate policy implementation
The Manual approach
+ simple to implement + straightforward+ does not require language/system choices+ can mix into existing policy implementation
- fragile- manual - limited guarantee of correctness
The Manual approach- pros and cons
● Strictly define what policy is: a precise policy model
● Specific language and methods to implement policies
● Precise mapping allows automated processing
The Automated approach
+ automated+ precise
- limits the expressivity of policies- does not mix in existing systems and architectures- can require full “buy in”, reimplementation
The Automated: pros and cons
● Use the existing system architecture, model it with the ecosystem model, and add automated methods
● When possible: use an automated approach based on the ecosystem/LRM and rules
● Where more convenient: use semi-automated approach, and enrich it with QA and with the ecosystem model
Policies in PERICLES
Automated:● Define policies using the Ecosystem model, and map
to rules (Automated)
● Rule driven change management
● Ecosystem analysis allows to take into account dependencies and change of differnet type
Depending on the use case:
Semi-automated:● Implement the policy as you wish, in existing system
● Map to the ecosystem model
● Define QA methods for policy
● Allows automated validation via QA methods, and change management based on the ecosystem model
Depending on the use case:
Discussion on existing scenarios for
● Policy implementation
● Quality assurance
● Change management
Breakout group
1. Does the scenario relate to problems in your institution? 2. Is there anything missing?3. How are you currently implementing policies in your
institution?4. Are you using frameworks supporting policy
implementation? Are they being helpful? 5. Are policies implemented using formal languages (rule
languages)?6. Could you describe what QA procedures are in place?
Questions (1/2)
7. Do you think the approach we described for policy QA would be useful in your case?
8. Do you see this could help in validating that practice does not deviate from the guidelines?
9. Do you see any advantage in implementing QA procedures that validate policy application ?
10. Are you aware of other approaches for policy validation we should consider?
Questions (2/2)