Security and Data Management

The TDL employs reasonable practices to ensure the security of the hardware, software, operating systems, and storage media in keeping with its own policies and those of agreements entered into with third-party providers such as Amazon Services and the Texas Advanced Computing Center. The TDL Member is responsible for the security features of its own applications and data outside of the TDL. The TDL and TDL Member together will determine effective methods to accommodate the TDL Member’s business needs while conforming to University of Texas security policies and procedures.

Monitoring and Service Availability. The TDL Resources are supported and monitored on a continuous basis. The TDL will make every effort to maintain high availability of Services with a target goal of 99.5% and a data durability target of 99.999%. However, scheduled or unscheduled maintenance operations on any of the following storage systems could impact system availability: at the Texas Advanced Computing Center; Amazon Web Service servers, network and systems; Chronopolis partner nodes’ servers, network and systems.

The TDL will provide the following Member notifications:

• Scheduled Systems Downtime The TDL will endeavor to provide advance notice to TDL members of any planned, non-critical maintenanc. The TDL will provide advanced notification via email to the primary technical and business contact. It is the Member’s responsibility to notify the TDL of any changes to the primary technical or business contact. TDL Member will communicate the scheduled maintenance with their user community as appropriate.

• Unscheduled Systems Downtime Real-time monitoring is provided by the TDL’s monitoring software. Detected downtime of applicable components will generate an immediate message to TDL administrators. Upon an alert, TDL administrators will diagnose and resolve the issue, making every reasonable effort to resolve the issue quickly. TDL staff will keep Member informed during and after issue resolution.

Technical Support Procedures. As part of its Digital Preservation Services, TDL will make every effort to resolve issues which are impeding successful content transfer and storage. The TDL Technical Support procedure is as follows:

• TDL Member should submit problem reports and support requests to TDL staff via web at http://tdl.org/support .

• The TDL technical team will follow-up by phone or email as appropriate within one business day.

Data Restoration. In case of critical data loss, TDL Members can request a copy of the content they deposited. The TDL Data Restoration procedure is as follows:

• The requesting TDL Member must be the primary technical or business contact listed in this Agreement.

• TDL Member must submit the content restoration request to http://tdl.org/support

• Restoration requests will begin processing within 3 working business days of initiation.

 Use and Distribution of Content Stored in the TDL: It is the TDL Member’s responsibility to ensure that the TDL Member has all required rights (including but not limited to copyrights and licenses) to possess copies of content to be stored at and further distributed from the University of Texas at Austin. It is illegal to distribute data or software without the approval of the owner, and such distribution is therefore considered a violation of this agreement. Violations of this agreement may result in immediate termination. TDL Member represents and warrants that no TDL Member content violates applicable law, infringes or misappropriates the rights of any third party or otherwise violates a material term of the Agreement.

Data Security: Members are responsible for the security of their data and are required to protect their password(s). Passwords must never be shared. A TDL Member who believes a password has been compromised should change that password immediately and inform TDL staff as soon as possible.

Backups of Critical Member Content: TDL Members are responsible for backing up critical content. File systems and digital preservation storage systems are very reliable; however, data can be lost or damaged due to media failures, hardware failures and user/sys admin mistakes. For these reasons, the TDL strongly encourages TDL Members to maintain at least two copies of critical data: one at the member’s site and one via DuraCloud™@TDL to at least one digital preservation storage type. 

Note that the TDL will not be held responsible for errors or problems with data before it is ingested  through DuraCloud™@TDL. The process of transferring data and validating it upon arrival to DuraCloud™@TDL is separate from any processes that take place before transmission. This includes but is not limited to instances such as bad hard drives and improper data storage and maintenance on the part of the data provider.

Preservation Actions. The TDL does NOT perform specific “preservation actions” upon files during or after transfer to the selected digital preservation storage environment(s). This includes actions such as file format migration, file normalization, file type verification, creation of descriptive metadata and rights management. If a member wishes to perform preservation actions supplementary to the ones provided by TDL Digital Preservation Services, they must be performed by the TDL Member before content is deposited through DuraCloud™@TDL.

Failure to pay. Failure to pay fees when due upon contract initiation or renewal date will result in the following actions:

• If the TDL is unable to collect payment when due, TDL Member’s account will enter unpaid status. The TDL will attempt to contact Member using the listed member and notification email addresses listed at the beginning of this agreement or otherwise updated by TDL Member.

• If the TDL has not received payment or other billing arrangements have not been made by the due date, the TDL will perform the following actions:

• After 30 Days of unpaid status: TDL Member’s account(s) will become read only. TDL Member will not be able to add any new content to TDL Member’s account(s), or any group account to which TDL Member has access. TDL Member may download TDL Member’s content for 30 days.

• After 60 Days unpaid status: TDL Member’s account(s) will be locked and TDL Member will be unable to log into the system via any mechanism. Read and write privileges are removed.

• After 90 Days unpaid status: TDL Member has released the TDL of all responsibility for TDL Member content, and TDL Member’s account(s) will be removed and all content stored in any TDL-managed storage location will be deleted.

Chronopolis

Chronopolis preservation services are provided for members and affiliates of the Texas Digital Library who have opted into TDL Digital Preservation Services. TDL Member content will be stored in a digital preservation system of geographically distributed nodes, each managed using institutionally supported software and hardware. The architecture of this system allows for the failure of an entire Chronopolis node with data still available and reliable at the other nodes.

The primary copy of TDL Member data will be stored in the data center at the Texas Advanced Computing Center and managed by TDL. A second data copy will be stored in the San Diego Supercomputer center and managed by the UC San Diego Library (UCSDL). This data will be synchronized to the collection ingested at TACC for TDL. UCSDL and TDL reserve the right to change their Chronopolis distributed data centers. A third data copy will be stored in the data center at the University of Maryland’s Institute for Advanced Computer Studies in College Park, Maryland. This data will be synchronized to the collection ingested at TDL an UCSD. TDL and UCSDL reserve the right to change their Chronopolis distributed data centers. Chronopolis may incorporate new nodes at their discretion, at which point the third data copy location may change.

Auditing Control Environment software. All data in the system will be monitored for fixity using the Auditing Control Environment software (ACE). ACE is a system that incorporates a new methodology to address the integrity of long-term archives using rigorous cryptographic techniques. ACE continuously audits the contents of the various objects according to the policy set by the archive, and provides mechanisms for an independent third­ party auditor to certify the integrity of any object. ACE software is developed at University of Maryland’s Institute for Advanced Computing Studies, a Chronopolis partner.

Notification that data has been successfully replicated to each node. Depositors may also request information regarding integrity checks of the deposited data.

Accessibility

Chronopolis is a dark preservation system. No direct access to the system will be provided to content depositors. Access is restricted to system administrators at each specified data center and no system administrator can access Chronopolis data at other data centers.