Technologies for repository interoperation and access control

Over the past several years, network-accessible repositor ies have been developed by various academic, government, and industrial organizations to provide access to software and re- lated resources. Allowing distributed maintenance of thes e repositories while enabling users to access resources from multiple repositories via a single interface has brought ab out the need for interoperation. Concerns about intellectual p rop- erty rights and export regulations have brought about the ne ed for access control. This paper describes technologies for i n- teroperation and access control that have been developed as part of the National High-performance Software Exchange (NHSE) project, as well as their deployment in a freely avail- able repository maintainer's toolkit called Repository in a Box. The approach to interoperation has been to participate in the development of and to implement an IEEE standard data model for software catalog records. The approach to access control has been to extend the data model in the area of intellectual property rights and to implement access con - trol mechanisms of varying strengths, ranging from email address verification to X.509 certificates, that enforce sof t- ware distribution policies specified via the data model. Al- though they have been developed within the context of soft- ware repositories, these technologies should be applicabl e to distributed digital libraries in general.