Since the HERMOSA platform is dedicated to the management of predominantly spatial data you might be wondering how the safety and integrity of data is ensured. Well, besides the utilization of a tried and tested, highly customizable authentication and access-control framework there is a user-rights and -roles concept in the making to ensure that data belonging to a specific organisation remains under its’ control.
In principle there are three entities: users, organisations and projects. To start off, a user registers on the platform through the normal self-registration process located at https://hermosa.earth. The systems administrator can create organisations with users and projects connected to it. Once logged-in to the system the user can see all projects and users that have been set to public, while all other projects and users are invisible and also do not show up in a search.
The workflow is simple: An organisation, dedicated to tree planting for example, has a number of staff who want to work with HERMOSA. They all need to register so that each individual has a unique account. In the administration backend they are connected to the organisation. At the same time other users of HERMOSA, who might belong to a university, a financier, a local community or some other stakeholder in ecosystem restoration can be invited by e-mail and can ultimately be connected to a certain project belonging to this organisation.
The intriguing bit is the differentiation of users into one of the following roles: power user, editor or read-only. The dedicated power user of the tree planting organisation is allowed to upload and style geodata, start satellite image analyses in the geoprocessing engine, order Very High Resolution (VHR) satellite data, add external data to the project and generally manage all data including deleting it. The editor is allowed to create and edit projects of the organisations he belongs to. The user belonging to the category ‘read-only’, you might have guessed, is only allowed to look but can not change anything. From a management perspective individual users can be allocated to one of the above roles and then they automatically possess the rights described above. Should the rights be changed for one of the roles then these changes are automatically valid for all users belonging to this group.
A very likely scenario when it comes to the usage of HERMOSA is that stakeholders will not all belong to the same organisation, there will be different levels of trust and they will often be spread out across the globe, so that direct interaction of collaborators is not possible. Also, not all users will have the in-depth knowledge to manage project geodata so that different user-rights are on the order to protect the organisation from data loss. The ability to set a project to private enables an organisation to share data only with immediate collaborators while preventing the public from seeing the details of the project. This, of course, can be changed at any time but having the option to keep data private is considered a benefit of HERMOSA.
Contact firstname.lastname@example.org today to get started!
reposted from: https://hermosa.mundialis.de/news/feature-of-the-week-kw-18/