Victorian Electronic Records Strategy


VERS STORY	STANDARD	ASSESSMENT	PROJECTS	DIGITAL ARCHIVE	TRAINING	TOOLKIT	PUBLICATIONS

Introduction

Standard
(Version 1)
  Specification 1
  Specification 2
  Specification 3

Standard
(Version 2)
  Specification 1
  Specification 2
  Specification 3
  Specification 4
  Specification 5
  Advice 9
  Advice 10
  Advice 11
  Advice 12
  Advice 13
  Advice 14

Home > Standard > Standard (Version 2) > Advice 11 > Rights Management

3.2 Rights Management

The Rights Management (M24) element contains information about what categories of users may access the record and under what conditions. It is equivalent to the AGLS Rights element.

Figure 5. Subelements of the Rights Management element.

The Rights Management element can contain up to seven distinct types of subelements.

Security Classification (M25). This subelement indicates any broad security requirements; for example that the record is 'in confidence'. This is the only subelement that is mandatory.
Caveat (M26). A caveat is a warning that a record requires special handling and that only certain groups of people may have access to it; for example, 'Medical-in-Confidence'.
Codeword (M27). A codeword is a form of caveat, but the codeword has no relationship with the activity. This allows people to use the codeword without revealing the nature of the record. An example of the use of codewords is the use of arbitrary names to refer to military actions rather than using placenames. Leakage of the codeword will not provide the enemy with a hint as to the action. Codewords are only relevant to the security model used in the Commonwealth and should only be used in that jurisdiction.
Releasibilty Indicator (M28). This is an abbreviation used to clearly indicate to whom the record may be released, for example 'AUSTEO'. This subelement is only relevant in the security model used in the Commonwealth and should only be used in that jurisdiction.
Access Status (M29). Information about whether the record can be released, or partially released, to the public.
Usage Conditions (M30) is intended to describe the conditions under which the record can be used; the most typical example is a copyright statement (e.g. 'Copyright State of Victoria 2002').
Encryption Details (M31). This element is intended to contain information to allow decryption of an encrypted record; including signature algorithm details and decryption key. Encryption should never be used to secure records, and so VERS deprecates the use of this subelement.

An example of the XML representation of minimal rights management follows:

<naa:RightsManagement>
<naa:SecurityClassification>Unclassified</naa:SecurityClassification>
<naa:UsageCondition>Copyright State of Victoria 2003 </naa:UsageCondition>
</naa:RightsManagement>

A longer rights management example is:

<naa:RightsManagement>
   <naa:SecurityClassification>In-Confidence</naa:SecurityClassification>
   <naa:Caveat>Cabinet-in-Confidence</naa:Caveat>
   <naa:AccessStatus>Not for Release</naa:AccessStatus>
   <naa:UsageCondition>Copyright State of Victoria 2003 </naa:UsageCondition>
</naa:RightsManagement>

printer friendly