Extending Corteza Data Sources
Apart from the default/built-in data sources, Corteza will develop the ability to define new data sources:
- New data sources will belong to one of two major types:
Corteza Record Federation (CRF) or External Data Source (EDS). - All data sources will hold private data ownership and location tags (PT).
- PT information will be applied to the module when a new data model is defined (Corteza Module). The Module records will inherit assigned PT information but also support explicit PT information when a record is federated from an external source (CRF).
List of data sources in the Corteza Admin application
An option to check the data source may contain sensitive data. No fields in the module stored in the data source can be marked as sensitive until the option is selected.
Adding Data Source Attributes.
Each defined data source will have a defined set of capabilities that will limit or expand the abilities of administrators, authors and other users, e.g. immutable, encrypted, access-control, undelete, revisioned, automation, pagination, filtering, search, ownership, privacy, timestamps, audit-log.
Every capability can be supported or not. If it’s not supported, it’s disabled.
Every supported capability can be enforced or not.
- If it’s enforced, it’s enabled.
- If it’s not enforced, it’s optional and can be enabled on a level of a data source OR module.
List of capabilities per single data source.
Capabilities and attributes on the edit/view module. Options are presented depending on the selected data source
Create module: selecting data source, location and ownership information, and capabilities and attributes selection in a single view
Defining Privacy Policies.
With information from data sources set on a specific data module, each record will be able to hold detailed information about ownership and location(s) of specific data. System Administrators will be obliged to provide a data storage location upon setting a Corteza data module. Corteza will enable the selection of predefined data policies or new policies to describe the processing purpose and rules at a record field level.
Option to highlight the field might contain sensitive data. Prerequisite is enabled sensitive data check on the selected data source.
If a data source can contain sensitive data and a module belongs to the data source, the admin can select a field that contains sensitive data. Until the check on the data source is done, highlighting a field that contains sensitive data isn’t possible. If an admin marks a field that contains sensitive data, he can add a short explanation of why.
Data Privacy Console.
All users can browse locations and contents of their private data in an intuitive, user-friendly manner and make requests concerning the treatment of this data (e.g. Delete, Update) which are escalated to the DPO Console.
Welcome screen in the Data Privacy Console. The user can overview all the locations of his data and is invite to perform privacy related requests.
The second user step to select the type of data she wants to manage
Application data overview with an invitation to request data deletion
The list of all privacy requests
The new data export request
Pending data export request with an option to cancel the request
Data Privacy Officer Console.
The DPO is a user with sufficient permissions to access the list of all received data privacy requests and sort and filter them. A DPO can accept or reject requests with comments and schedule requests for execution.
The list of all received data privacy requests
Filtering option on the list of privacy requests
A list of all the modules with at least one field marked as sensitive
A single data privacy request with an option to accept or reject requests.
Prototype: overviewing, filtering and managing privacy requests
Corteza Privacy pages
– Corteza Privacy: UI Prototype
– Corteza Privacy: Architecture and Work Plan
– Corteza Privacy: Proof of Concept Development