Each organization that participates in TapeFIS secure-to-open file transfers has established one or more "DC review pools" that are responsible for inspecting candidate files submitted from users in that organization. A DC review pool consists of one or more DCs and follows these rules:
- Each DC in a pool must be capable of reviewing the content of files submitted by all users assigned to that pool.
- All DCs in the same pool work as peers, with equal authority. Departments or divisions may, however, add extra security by requiring dual reviews (such as both general and content-specific reviews) from different DCs for some data.
- Every FIS user is assigned to a DC review pool based on the scope of their work as determined by their organization.
- A user assigned to one DC pool can only have their submitted files reviewed by a member of that review pool (although DCs in the same pool can exchange review duties among themselves to better handle absences or workload).
- A DC is only permitted to examine and approve (or disapprove) files submitted by the users assigned to his or her review pool.
- Associated with each DC is a lifetime. Once the lifetime has expired, the DC cannot access files from their (former) pool for review. The LIST ADCS option of ADCTOOL reveals the current expiration date for every DC in the pool of the DC who runs it.
The secure-to-open review process, based on these DC pools, is simple:
- A user submits one or more files for transfer from the secure to the open network (by FTPing them to their TO directory on the secure TapeFIS server).
- The user then contacts a DC from their review pool and alerts them that files await inspection.
- The authorized DC runs ADCTOOL on the secure TapeFIS server to list the submitting user's queued files, move some (or all) of them to a special area (inaccessible to the user) for formal review, and pass (or fail) the files for transfer once reviewed.
- The user checks their README file (/users/username/README) on the secure TapeFIS server about the outcome of each file review and claims the file on the TapeFIS node if it is transferred.