Flexible access control framework for MARC records

Abstract

Purpose - The goal of this paper is to propose a data access control framework that is used for editing MARC-based bibliographic databases. In cases where the bibliographic record editing activities carried out in libraries are complex and involve many people with different skills and expertise, a way of managing the workflow and data quality is needed. Enforcing access control can contribute to these goals. Design/methodology/approach - The proposed solution for data access control enforcement is based on the well-studied standard role-based access control (RBAC) model. The bibliographic data, for the purpose of this system, is represented using the XML language. The software architecture of the access control system is modelled using the Unified Modelling Language (UML). Findings - The access control framework presented in this paper represents a successful application of concepts of role-based access control to bibliographic databases. The use of XML language for bibliographic data representation provides the means to integrate this solution into many different library information systems, facilitates data exchange and simplifies the software implementation because of the abundance of available XML tools. The solution presented is not dependent on any particular XML schema for bibliographic records and may be used in different library environments. Its flexibility stems from the fact that access control rules can be defined at different levels of granularity and for different XML schemas. Research limitations/implications - This access control framework is designed to handle XML documents. Library systems that utilise bibliographic databases in other formats not easily convertible to XML would hardly integrate the framework into their environment. Practical implications - The use of an access control enforcement framework in a bibliographic database can significantly improve the quality of data in organisations where record editing is performed by a large number of people with different skills. The examples of access control enforcement presented in this paper are extracted from the actual workflow for editing bibliographic records in the Belgrade City Library, the largest public city library in Serbia. The software implementation of the proposed framework and its integration in the BISIS library information system prove the practical usability of the framework. BISIS is currently deployed in over 40 university, public, and specialized libraries in Serbia. Originality/value - A proposal for enforcing access control in bibliographic databases is given, and a software implementation and its integration in a library information system are presented. The proposed framework can be used in library information systems that use MARC-based cataloguing. © Emerald Group Publishing Limited.