The DSpaceDirect KnowledgeBase is a living document - your feedback is welcome. Please send your suggestions for improvements to dspacedirect@lyrasis.org.

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

This page consists of common security related questions pertaining to the DSpaceDirect hosted service. If you have additional questions not answered below, please contact support@dspacedirect.org

What data center do you use for DSpaceDirect? What security documentation do they provide?

We use Amazon Web Services (AWS) as our data center. AWS provides very detailed documentation on their security compliance:

Is your data center SOC certified?

Yes. The data center we use for DSpaceDirect is AWS (Amazon Web Services).  It is SOC certified. See: https://aws.amazon.com/compliance/soc-faqs/

Does your company have any ISO certifications (e.g. ISO 27001)?

DuraSpace / DSpaceDirect does not have any independent ISO certifications.  However, AWS (Amazon Web Services), which provides our data center, is ISO 27001 certified. See: https://aws.amazon.com/compliance/iso-27001-faqs/

What forms of authorization / authentication do you support in DSpaceDirect?

We support all authorization/authentication plugins that are available in out-of-the-box DSpace. Currently (as of DSpace 6), those include:

  • LDAP authentication/authorization (including Active Directory)
  • Shibboleth authentication/authorization
  • IP address / range authorization (e.g. for restricting access to specific collections to "on campus")
  • Default DSpace authentication (where DSpace manages all accounts, passwords and permissions)

Please be aware that configuring/managing authorization plugins often requires extra support / coordination with local staff at your institution. Therefore, they are considered add-on packages: http://dspacedirect.org/add-on-packages

Is data encrypted at rest in DSpaceDirect?

No. DSpaceDirect is intentional about not putting any barriers in place for access, preservation or reuse of data. You are welcome to encrypt data yourselves before putting it into storage, however DSpaceDirect will then only share the encrypted data with users.  Simply put, whatever you upload into DSpaceDirect is what is then shared (there is no built in facility to encrypt or decrypt data dynamically).

Is data encrypted in transit (upload/download) in DSpaceDirect?

Yes, all calls to DSpaceDirect are encrypted using Transport Layer Security protocols (HTTPS).  We require HTTPS for all sites, and do not allow any data to be sent via plain HTTP.

  • No labels

All content on the LYRASIS Wiki is licensed under the CC BY (Attribution) license, unless otherwise noted.