Library and Archives Canada
Symbol of the Government of Canada

Institutional links

Government

Previous | Table of Contents | Next

8. Details of Individual Metadata Elements

8.1 Access Rights

Attributes

Attribute

Value

Identifying Attributes

Name

accessRights

Label

Access Rights

Defined by

Government of Canada Records Management Metadata Standard - accessRights

Element URI

[To be actioned by Treasury Board of Canada, Secretariat before publication]

Definitional Attributes

Definition

Permissions assigned to a record or file that govern or restrict access to or actions taken on a record or file.

Purpose

To facilitate or restrict access to records or files based on operational requirements and/or a need to know basis.

To facilitate the management of access to records or files: includes alerting individuals to restrictions on access.

To facilitate compliance with legal, security and other requirements.

Rationale

"The integrity of a record refers to its being complete and unaltered. It is necessary that a record be protected against unauthorized alteration." ISO International Standard 15489-1, s. 7.2.4

"The regulatory environment, in which the organization operates, establishes broad principles on access rights, conditions or restrictions that should be incorporated into the operation of records systems…Records may contain personal, commercial or operationally sensitive information. In some cases, access to the records, or information about them, should not be permitted….Ensuring appropriate access controls are done by assigning access status to both records and individuals." ISO International Standard 15489-1, s. 9.7

"Managing the access process involves ensuring that:
a) records are categorized according to their access status at a particular time,
b) records are only released to those who are authorized to see them,
c) encrypted records can be read as and when required and authorized,
d) records processes and transactions are only undertaken by those authorized to perform them, and
e) parts of the organization with responsibility for particular business functions specify access permissions to records relating to their area of responsibility." ISO International Standard 15489-1, s. 9.7

"Control measures such as access monitoring, user verification, authorized destruction and security should be implemented to prevent unauthorized access, destruction, alteration or removal of records." ISO International Standard 15489-1, s. 8.2.3

"Key elements of security metadata, such as basic access rights or restrictions, should be identified and applied at the point of record creation and capture in order to facilitate a record's ongoing preservation and management." ISO Technical Specification 23081-1, s. 9.2.4.1

"Access to records should only be restricted when there is a business need or when the law requires it. Security metadata should be monitored and updated to ensure the ongoing applicability of all identified restrictions…Security metadata need to be maintained and kept current throughout a record's existence." ISO Technical Specification 23081-1, s. 9.2.4.2

Value Domain

Enumerated strings of text representing permissions.

Datatype Name

String

Constraint

Applicable at record level and file level.

Obligation

Mandatory at record level; mandatory at file level.

Relational Attributes

Encoding Scheme

Institution-specific scheme

References

-

Linkages

Agent Individual Identifier; Agent Individual Name; Event Type; Security Clearance; Sensitivity; Supplemental Markings

Conditions of Application - Record

Format

Text, based on encoding scheme.

Modifiable

Pre Record Declared Locked

Post Record Declared Locked

Yes, by Creator/Trustee.

Yes, by authorized official only.

Occurrence

Not repeatable

Conditions of Application - File

Format

Text, based on encoding scheme.

Modifiable

Yes, by authorized official only.

Occurrence

Not repeatable

Comments and Guidance

a) Explanation of Definition/Usage

This element controls, at both the record level and file level, the access privileges granted to a record or file. Each institution requires business rules to determine who can apply these rights. At the record level, it is often the Creator or Trustee.

This element should not be used as a security control element, since access privileges to a record or file are given to individuals without concern for that person's security clearance level. The EDRMS will manage security control by matching the individual's security clearance level with the record's sensitivity level.

b) Best Practices

Recommended best practice is to select a value from an institution-specific scheme.

The value of this element may be modified after the record is locked in order to grant access rights to new individuals; similarly, with access rights to a file. In both cases, only an authorized official may modify the values.

c) Obligation

This element is mandatory in order to properly secure the record or file against unauthorized access.

d) Default Values/Auto-populate

This element will be defaulted to the lowest level of restriction. The Creator or Trustee will have the right to apply restrictions as required.

e) Linkages

This element is linked to elements Agent Individual Identifier and Agent Individual Name in order to ensure proper authorization to perform an action on a record or file. It is also linked to the element Security Clearance which oversees the security of all individuals, the element Sensitivity which establishes the security of the record or file and the element Supplemental Markings which specifies special handling instructions for the record or file. It is the relationship among these elements that controls the overall level of access to a record or file and establishes who may perform an action on a record or file.

Access Rights is also linked to the element Event Type in cases where a change to the access permissions of the record or file must be noted in the management and event history log.

f) Examples

  1. "View profile"

  2. "Read-only"

  3. "Normal access"

  4. "Full access"

Previous | Table of Contents | Next