Specify 6 Collection Database Architecture, Organizational Model, and User Account Access to Multiple Collections

Specify Software Project Staff
10 April 2009
Version 2.0

Overview

Specify 6 supports data from multiple collections within a single database. For example, specimen records for fish and for
birds are combined within the same data tables of a single database. For institutions with multiple collections, this storage
model enables but does not grant access to data across multiple disciplines for most users. Most users will have login and
access privileges only their collection’s data. Access to data across collections, disciplines or divisions is an important capability for museums with centralized registration, accession or conservation activities. It also allows others with a legitimate interest in the institutions complete holdings, such as research directors, to analyze and report on the institutions entire holdings. These types of searches are not possible in the Specify 6.0 release, but Specify is designed and we are committed to enabling institutions to perform cross-collection searches, and we will include add that capability in a future release. In Specify 6, there are data tables and data entry forms for entering Institution and Division-level information, where a Division, usually, but not always, represents a single taxonomic discipline as a museum would treat it. Each division or discipline may have multiple collections, for example Ichthyology may have a voucher and tissue collection; Ornithology may have voucher, tissue and egg Collections. (Specify 6 also supports very broad, high-level taxa such as “Invertebrates” in a single database. Specify 6.0 will not have automatic cross-collection links for specimen vouchers documenting ecological species relationships, such as host-parasitie, or plant-pollinator, or predator-prey, but a future release will have that capability.)

Figure 1 – Specify 6’s Institution, Division, Discipline and Collection relationships

Which Specify Data are Shared across Collections, Disciplines, Divisions and Institutions?

For a Specify user, data elements have a visibility or scope relative to other data elements and with respect to the
administrative context of a Collection. There are data elements that are unique to a discipline, but which are visible to all the
collections within that discipline; for example, taxonomic names are shared across all Ichthyology collections. Other data
elements are scoped only to a single collection; for example, preparation types are typically unique to a particular kind of fish
collection, tissues might have ’tissue’ and ‘DNA’ as preparation types, whereas a voucher (or main) collection, might have
EtOH and C&S as prep types. These preparation types can be easily duplicated across collections as desired, but typically
they correspond to the type of collection (wet, dry, pollen, fruit, frozen, tissue, etc.). It is important to note that Specify
accommodates multiple Collections within a particular Discipline, like Ichthyology shown above, but the Specify schema also
allows collections to be combined into a single database for common management, for example a Specify herbarium database
might include preparation types: sheets, fruits, seeds, type photos, etc. How you choose to set up your Specify database at the
Collection level depends on your curatorial practice and historical preferences.
Figure #2 shows an overview of the “scope” of various types of data. As we move left to right in the figure the scope is
reduced. The data types shown in the Discipline box are scoped to that discipline and all collections and all Collection Objects
can view or be related to those items. This means that all the collections within a single discipline share the same Taxonomic
Tree, Agents, Localities, etc.; also note that each collection has its own set of Preparation Types.

Figure 2 – Data Scope

Given the example in Figure #1, for the Ichthyology discipline, both the Wet and Dry Collection would share the Taxon Tree,
Geography Tree, Agents (e.g. collectors, authors, annotators), etc. The Wet collection would have its own set of preparation
types and pick lists, which would be different from the Dry collection’s preparation types and pick lists. Again, some values for
the pick lists and prep types could be duplicated across collections, the point is that each collection has the capability to hold
custom values for pick list fields and for the preparation type fields, but there is no barrier to having the same values for those
things in two or more collections.
Agents, which includes people acting in whatever role, in the Specify data model are shared within the division, but not across
divisions at the institution level. That means that there will be times when a collector of two or more biological specimen types
(Vertebrate Zoology and Botany) will be duplicated at the institution level. We implemented this to accommodate the needs of divisions to annotate address or personal information about people with information that was unique or perhaps sensitive to
their Division.

Collecting Events, Collecting Trips, and Localities are scoped to a Discipline.

Security and Data Access

Each user within an Institution has a single login into Specify. When a user is added in Specify they are assigned to a “group”
within a collection. A “group” determines the types of forms and reports that the user will have access to and the permissions
that user has in terms of what data they can view, edit, add and delete. A finer level of control also exists for granting access
for specific functions, tools or various individual data tables, for individual users. Permission included in a group can not be
removed for individual users.
Specify will initially ship with the following groups: Manager, Full Access User, Limited Access User, and Guest. The Manager
role will have access to the most forms and reports and can be assigned permissions to view, add, modify and delete any and
all data for a Collection.
For example, Table 1 describes several different scenarios for various types of logins.

Specify User Scenarios


Table 1 – Sample User Type Permission Scenarios

Access To Multiple Collections

There are cases in which a Collection Manager or a Curator from one division may need to access data in a collection in
another division. It is possible that a single user could be assigned a different role for each collection within every division.
Figure 3 shows the same user “John Doe” as a Manager for the Botany Collection and a Guest in an Entomology Collection.
This means the same user could have full privileges in one collection and read-only in a different collection. In the first release
of Specify 6, the role a user plays will be determined when the user logs into Specify, in future releases a user may be able to
play multiple roles in multiple collections simultaneously.

Figure 3 – Multiple Logins With Different Roles

Who Can See My Collection Data?

When a user logs in to Specify they first select from a list of collections in which they have been assigned to a group. If they
have been assigned to a single collection then that collection is automatically selected. Each login session is in the “context” of
a collection and the discipline for that collection This means all searches are constrained to the collection or discipline. Figure
#4 shows the dialog in which a user would select from a list of various collections. (Note: This is not a typical selection dialog
for the average Collection Manager, but a Registrar may see this very screen.)

Figure 4 – Select a Collection

The Express Search and Query Builder internally filters the queries to only include the data for the user’s scope. For example,
if they search for an Agent it will search all the Agents for that discipline and if they search for a Collection Object it will only
search the “current” collection.

What About Sensitive Data?

All the data in a Collection is viewable by any user that has permission to log into that Collection. Typically all the Collection
Objects and their ancillary information are exported for Web Search or DiGIR/Tapir internet servers, with the exception of
sensitive data. In a future release of Specify will have the ability to hide endangered species records (by taxon), geo-
coordinates or all the locality information for a specimen.
Specify 6 will allow two types of data to be hidden: Collection Objects and Localities. Any record in either of these tables can
be marked so only certain users can view the data or they can be marked so only the Collection Manager can view and edit
them.

A Closer Look At Sensitive Data

Specify 6 has three levels of visibility: User, Discipline, World. Sensitive data can be marked to be visible at any of these three
levels.

Table 2 – Visibility Levels

For example, a Collection Object may be marked as visible Discipline and anyone logging a Collection in the Discipline will be
able to see that Collection Object, even guests.]

Summary

Specify 6 enables a single database to “house” all the data for an institution. It provides a secure login that enables a role and
a set of permissions to be applied to a user for each collection database, thus limiting access for most users to actions only
involving that data, i.e. a user can only view, edit or delete data from a collection in which they are logged in as one of four
user types.

Frequently Asked Questions

Q: When I search can I see Collection Objects from other collections?
A: No, only the Collection Objects in the current Collection will be returned in the search results. (The Collection that was chosen during login).

Q: Can I assign the same Agent as a Collector in two different Collections?
A: Yes, if both Collections are in the same Division.

Q: When I login do I have the same permission for every Collection within a Discipline?
A: Each user has a separate set of permissions for each Collection. You might have the same permissions for each Collection, but only if the Specify Administrator set them to all be the same.

Q: Can I share my Taxonomic Tree with the teaching Collection?
A: Yes, if both the “main” Collection and teaching Collection are in the same Discipline.

Q: Can a Guest user create a report to show all of the Collection Objects in a Collection?
A: No. Guests are not given permission to create reports.

Q: Can sensitive data be viewed through the Web Search?
A: Not if you do not want them to be. Collection Objects or Localities that have been marked as viewable to only a Group or Owner will not be exported for Web Search.