GRANT AGREEMENT: 601138 | SCHEME FP7 ICT 2011.4.3 Promoting and Enhancing Reuse of Information throughout the Content Lifecycle taking account of Evolving Semantics [Digital Preservation]

Policies, change management and quality assuranceFabio Corubolo - University of LiverpoolIDCC, Amsterdam, 25 February 2016

●Preservation can be integrated into existing organization ecosystem instead of standing separate

●Policies are important both for preservation, and other objectives

●Use existing infrastructure - save on costs

PERICLES on preservation, policies

●Managing and enforcing policy in the overall infrastructure, is qualified, hard work

●Good management requires Quality Assurance

●Change an obsolescence is constant

●Practice can deviate from policy

Why are we doing this ?

●Notice when practice starts to deviate from policies

http://arstechnica.com/tech-policy/2015/08/cops-decide-to-collect-less-license-plate-data-after-80gb-drive-got-full/

Real life example

Policies: What drives an organisation:

● access should be free● confidential data should

not leave the organisation

“high and intermediate level natural language descriptions of an institution’s aims/goals, with what constraints.”

What do we mean with Policy

POLICY ID 2:"Project data must be preserved in at least 3 internal copies and in 1 external (in a trusted external organisation) copy ”

POLICY ID 1: "Project data must be preserved for 10 years” type: bit preservation

Quality Assurance:Validates that policies are respected and ecosystem is in a consistent state

“Program for the systematic monitoring and ]evaluation of the various aspects of a project, service, [...] to ensure [...] quality” (Webster)

Change management: ● Manages changes in the ecosystem ● Rule: if a file changes,

re run any policy that applies to it (e.g. replication, data calibration)

… QA and change management

QA method:TEST the existence of X copies of the data in the tape libraries

Change management : Rule: process data with latest auxiliary data

1.The manual approach

2.The structured, automated approach

Two ways to implement policies

●Use arbitrary language, infrastructure, and approach

●Manually ensure that the policy is respected

●When change happens, hope for the best; or re-validate policy implementation

The Manual approach

+ simple to implement + straightforward+ does not require language/system choices+ can mix into existing policy implementation

- fragile- manual - limited guarantee of correctness

The Manual approach- pros and cons

●Strictly define what policy is: a precise policy model

●Specific language and methods to implement policies

●Precise mapping allows automated processing

The Automated approach

+ automated+ precise

- limits the expressivity of policies- does not mix in existing systems and architectures- can require full “buy in”, reimplementation

The Automated: pros and cons

●Use the existing system architecture, model it with the ecosystem model, and add automated methods

●When possible: use an automated approach based on the ecosystem/LRM and rules

●Where more convenient: use semi-automated approach, and enrich it with QA and with the ecosystem model

Policies in PERICLES

Automated:●Define policies using the Ecosystem model,

and map to rules (Automated)

●Rule driven change management

●Ecosystem analysis allows to take into account dependencies and change of differnet type

Depending on the use case:

Semi-automated:●Implement the policy as you wish, in

existing system

●Map to the ecosystem model

●Define QA methods for policy

●Allows automated validation via QA methods, and change management based on the ecosystem model

Depending on the use case:

Science scenario model

Discussion on existing scenarios for

●Policy implementation

●Quality assurance

●Change management

Breakout group

1. Does the scenario relate to problems in your institution?

2. Is there anything missing?3. How are you currently implementing policies in

your institution?4. Are you using frameworks supporting policy

implementation? Are they being helpful? 5. Are policies implemented using formal languages

(rule languages)?6. Could you describe what QA procedures are in

place?

Questions (1/2)

7. Do you think the approach we described for policy QA would be useful in your case?

8. Do you see this could help in validating that practice does not deviate from the guidelines?

9. Do you see any advantage in implementing QA procedures that validate policy application ?

10.Are you aware of other approaches for policy validation we should consider?

Questions (2/2)

Thank you!