Specify Agreement Data in detail

[stain]

The Sign-Off phase references a Agreement policy data document but does not yet specify what this should include or even if it should have a public URL.

Agreement Data

The Agreement data relevant to a Researcher will specify:

• The projects which a researcher is a participate of;
• The data instances which each project is permitted access;
• The analysis types a project is permitted to perform, on each data instance.
• The permitted address to which responses can be sent for that project.

[StuartWheater]

I expect each TRE could have different polices for the acceptability of provenance information. One TRE could accept a securely encoded assertion that a researcher is "safe", from there home TRE. But another TRE could only accept a securely encoded assertion of the researcher identity, from there home TRE, but then use locally held information (with its own provenance chain) to assess if the researcher is "safe".

[StuartWheater]

It appears that SAIL's policy is to recheck all information passed to them.

[stain]

Also consider the GA4GH Data Use Ontology (DUO)