Managing policies using the Policy Editor
In this blog post we introduce the Policy Editor, a web application to manage change in policies, which has been developed by PERICLES project partner Space Application Services (SpaceApps). The tool was developed within WP5, which focused on Tools for the preservation management of ecosystems and processes
We interviewed Rani Pinchuk, Division Manager at SpaceApps to find out more.
What is the Policy Editor and how it can help in the digital preservation process?
The Policy Editor is a web application allowing the user to create, modify, verify and execute a set of policies and procedures. Specifically, in a preservation context, this can be very useful when preserving digital data as it allows you to define what is being preserved, the constraints and preservation requirements, and how one can confirm that the data is indeed kept.
So how is the Policy Editor different from a Word document with collections of policies?
The Policy Editor software includes many features that are intended to facilitate the work of the policy creators. It allows individuals that are responsible for defining application- or organisation-wide policies to use templates of policies – some kind of an a priori definition of domain- or organisational unit-specific policy blueprints. These templates can be mixed and matched into concrete application-specific policies. As a trivial example: a policy template stating “All software created by <division> must be backed up every <period>” can be instantiated into a concrete “All software created by the Knowledge Management Team must be backed up every day”. Actually, the templates can be especially useful for organisations with limited or even absent experience in preservation – as they provide initial guidelines for the policies that are typically used for data preservation.
The policy templates contain named placeholders (called variables), which are linked to the Digital Ecosystem of the digital assets to be preserved. Values given to these placeholders propagate automatically to all places where these placeholders are used. This process allows to create concrete policies out of the generic templates, and in addition, it facilitates keeping a set of policies both internally consistent and consistent with the digital ecosystem that these policies apply to.
Digital Ecosystem? What do you mean by that?
We use the term Digital Ecosystem as all the entities and the relations between these entities that influence or are necessary for a successful future use of this information. Further detail on the concept of a digital ecosystem can be found in the deliverable D3.5.
So the Policy Editor facilitates the tailoring of policies according to a model that describes the data. Is that all?
No, in addition to aid in the definition of a set of policies, the policy editor also helps to ensure that the policies are adhered to. As such, the Policy Editor can also be used as an audit assistance tool. As mentioned earlier, the policies are defined in such a way that they are linked to the underlying Digital Ecosystem. The policies are defined in a hierarchical policy model, from high level policies to their practical implementation. The lowest level policies are executable processes or procedures that can run over the digital resources that are being managed.
This is all very abstract, could you give us an example?
The picture below is a screenshot of the Policy Editor. The policy ID-0 defines that SOLAR data, received from instrumentation on the International Space Station, of domain-specific type L1 must remain interpretable over time. The parts in bold are variables that can be changed. This policy has three sub-policies: ID-1, ID-3 and ID-5. Each of these sub-policies have lower level processes that defines how the sub-policies are being implemented or verified.
One of the variables, in policy ID-3, is selected from a drop-down list. Because the Policy Editor is linked to the Digital Ecosystem, it can provide such drop-down lists according to the types used in the template policies. Also, you can see that this policy is not yet fully defined (not all its variables have been given a value) and is therefore marked in a red colour. As a result, also its respective higher level parent policy ID-0 is marked red.
You mentioned that the drop-down lists are populated by values according to the types defined in the policy template. Could you show such a template?
The templates are quite technical and are intended to be created and edited by domain experts that are trained in the usage and tailoring of the Policy Editor. Below is an excerpt of the template describing the policies we have mentioned above. The areas that define the field that was discussed above in sub policy ID-3, are circled. Now you can see that the field is called “scripts_|_” and it is of type “Scripts”. In our Digital Ecosystem, there are three sub-types to this type: “Matalab calibration scripts”, “Python calibration scripts” and “Scientific processing scripts” – and the drop-down list is populated by these sub-types.
So these templates have to be written before one can start working with the editor?
Yes. However, the templates are reusable, especially in similar application domains. The example above is related to the SOLAR experiment (an experiment done on board the International Space Station, measuring the solar spectral irradiance), but these templates are relevant to other space science experiments, and many terrestrial experiments as well.
If I understand correctly, it all depends on the Digital Ecosystem.
Correct. In the example above, the Digital Ecosystem defines what types of digital resources we want to manage, what metadata we have about these digital resources and what are the possible relations among these digital resources. The templates allow the Policy Editor to be fully integrated with the Digital Ecosystem.
You say “in the example above”. Are there other kind of Digital Ecosystems?
Well, the Digital Ecosystem described above is relevant to long term data preservation. Therefore, for example digital resources was mentioned. But as the Policy Editor is controlled by the Digital Ecosystem it is integrated with, and by the templates, it can be useful also in different domains of application.
One can create, for example, a Digital Ecosystem that describes the IT infrastructure of a company and the related templates in order to manage the policies that govern the IT infrastructure management. In the same manner, many domains can be imagined that can be governed by policies such as described above.
Last question – you have mentioned before that the Policy Editor can help you the auditing of the system. How can that be done exactly?
We have mentioned that for each high level policy you have one or more sub-policies, and that for each sub-policies one may have one or more processes. The idea is that when such a process runs, it checks the validity of the sub-policy. If the process reports that something is missing, the sub-policy is marked invalid, and its parent policy is marked invalid as well.
The user can visualise this feature in the policy editor, in the portal and via email notifications. The portal allows you to view the different items in the Digital Ecosystem, and the relations between them. Therefore, it is useful to mark items that break a certain policy, or that are affected by other items that break the policy.
The Policy Editor is a proprietary and tailored software. If you are interested to find out more, please contact David De Weerdt from Space Applications Services at email@example.com or by telephoning +32-(0)2-721.54.84