|
»
« Return to Thread: DRAFT GENI Recommended Use Policy
DRAFT GENI Recommended Use Policy
by Heidi Picher Dempsey
::
Rate this Message:
As some of you will remember, the OMIS meeting at GEC3 included a
discussion of security issues for GENI operations. One of the
suggestions made there was to draft a GENI security policy. (You can
listen to the discussion, or read summary notes by following the links
at http://groups.geni.net/geni/wiki/GeniOmis.) I've posted a
discussion draft of a GENI Recommended Use Policy at http://groups.geni.net/geni/wiki/RUP
as a first step. I've tried to follow the main spirit of the
discussion at GEC3, and include only those restrictions that seem
absolutely necessary for GENI operations. I'm sure opinions will
differ on this, so please reply to the mailing list with comments.
The OMIS group will also be discussing this document at our GEC4
meeting. The final policy will be used for Spiral 1.
For those of you who'd rather avoid the wiki, I've included the core
text from the Recommended Use policy. (Thanks to the PlanetLab
Acceptable Use Policy authors, from whom I've borrowed much, as
recommended by many at the OMIS meeting.
-Heidi
--------
2 GENI Use Overview
The suite of GENI facilities coordinated by the GENI Project Office
(GPO) is meant to support network science and engineering experiments,
and to provide a collaborative environment in which participants can
evaluate prototypes and gain a better understanding of the behavior
and utility of various design alternatives. In addition to sponsored
development projects, the GENI facilities suite may include resources
contributed by research and commercial organizations and individuals.
These resources are governed by their local policies, as well as by
GENI guidelines. GENI facilities should be used only for research and
education purposes. GENI does not allow illegal activities
3 Guidelines
All GENI use should be consistent with the goals expressed in the use
overview.
All individuals contributing to the suite of GENI infrastructures
should follow these guidelines. Individual sites that contribute GENI
infrastructure may also have separate guidelines and Acceptable Use
Policies (AUPs). GENI participants should not knowingly violate local
AUPs.
Many GENI resources are hosted and donated by organizations interested
in the GENI project, and GENI work should not adversely affect those
organizations. GENI participants should adhere to widely-accepted
standards of network etiquette. Software and hardware should be
debugged in a controlled environment prior to moving to GENI
infrastructures, so that system behaviors are well understood before
they become part of shared infrastructures. Participants should
ensure their work does not disrupt other infrastructure, (for example
by using more than their share of bandwidth or performing systematic
port scans on local machines). If such an event is reported, the
participant will be expected to investigate and address the issue if
it appears to be related to their work. The GPO will provide guidance
if requested for participants who are unsure whether their work might
adversely affect local infrastructures.
GENI participants are responsible for ensuring that their
experiments, prototypes, or contributed infrastructure cannot be
hijacked and used to attack or spam other infrastructure or users. If
such an event occurs despite the participants’ best efforts, they are
expected to investigate and remediate resultant problems. Although
the GPO-sponsored GENI operations mailing list may receive initial
complaints about misbehaving services or systems, staff from the
operations list will put complainants in direct contact with the
researcher or development project lead responsible for reported
problems, and follow the response emails.
GENI resources are accessible to various opt-in users, who may not be
officially registered with GENI clearinghouses. Researchers who
sponsor services that include these users are responsible for ensuring
that their users do not violate the GENI infrastructure recommended
use policy.
GENI offers no privacy guarantees on data sent to and from the GPO-
coordinated GENI suite of infrastructure. GENI participants should
assume data will be monitored and logged, for example to investigate
abuse. GENI also offers no reliability guarantees. Systems and
services may be rebooted, briefly taken off-line, and reinstalled
without prior warning
4 Consequences
This is a collaborative infrastructure, and the nature of some
violations may require immediate action to protect the rest of the
community (for example responding to a denial-of-service attack).
Staff on the GPO-sponsored GENI operations mailing list will strive to
contact all parties involved in a suspected or reported violation, and
to discuss options with those parties before taking action to address
the violation. Staff will take action before reaching all parties if
necessary. Local providers or project participants may act
independently if they perceive an immediate threat, although GENI
encourages coordination with the GENI operations mailing list.
Violation of this Recommended Use Policy may result in any of the
following:
* disabling experiments, systems, or users access to GPO-
coordinated GENI infrastructure
* removing sites or resources from the GPO-coordinated GENI
infrastructure
* Informing the participant’s administrative organization of the
violation
* Informing the GENI community, including the National Science
Foundation, of the violation
To report a suspected violation of this policy, contact the GENI
operations mailing list (geni-ops@...).
_______________________________________________
omis-wg mailing list
omis-wg@...
http://lists.geni.net/mailman/listinfo/omis-wg
discussion of security issues for GENI operations. One of the
suggestions made there was to draft a GENI security policy. (You can
listen to the discussion, or read summary notes by following the links
at http://groups.geni.net/geni/wiki/GeniOmis.) I've posted a
discussion draft of a GENI Recommended Use Policy at http://groups.geni.net/geni/wiki/RUP
as a first step. I've tried to follow the main spirit of the
discussion at GEC3, and include only those restrictions that seem
absolutely necessary for GENI operations. I'm sure opinions will
differ on this, so please reply to the mailing list with comments.
The OMIS group will also be discussing this document at our GEC4
meeting. The final policy will be used for Spiral 1.
For those of you who'd rather avoid the wiki, I've included the core
text from the Recommended Use policy. (Thanks to the PlanetLab
Acceptable Use Policy authors, from whom I've borrowed much, as
recommended by many at the OMIS meeting.
-Heidi
--------
2 GENI Use Overview
The suite of GENI facilities coordinated by the GENI Project Office
(GPO) is meant to support network science and engineering experiments,
and to provide a collaborative environment in which participants can
evaluate prototypes and gain a better understanding of the behavior
and utility of various design alternatives. In addition to sponsored
development projects, the GENI facilities suite may include resources
contributed by research and commercial organizations and individuals.
These resources are governed by their local policies, as well as by
GENI guidelines. GENI facilities should be used only for research and
education purposes. GENI does not allow illegal activities
3 Guidelines
All GENI use should be consistent with the goals expressed in the use
overview.
All individuals contributing to the suite of GENI infrastructures
should follow these guidelines. Individual sites that contribute GENI
infrastructure may also have separate guidelines and Acceptable Use
Policies (AUPs). GENI participants should not knowingly violate local
AUPs.
Many GENI resources are hosted and donated by organizations interested
in the GENI project, and GENI work should not adversely affect those
organizations. GENI participants should adhere to widely-accepted
standards of network etiquette. Software and hardware should be
debugged in a controlled environment prior to moving to GENI
infrastructures, so that system behaviors are well understood before
they become part of shared infrastructures. Participants should
ensure their work does not disrupt other infrastructure, (for example
by using more than their share of bandwidth or performing systematic
port scans on local machines). If such an event is reported, the
participant will be expected to investigate and address the issue if
it appears to be related to their work. The GPO will provide guidance
if requested for participants who are unsure whether their work might
adversely affect local infrastructures.
GENI participants are responsible for ensuring that their
experiments, prototypes, or contributed infrastructure cannot be
hijacked and used to attack or spam other infrastructure or users. If
such an event occurs despite the participants’ best efforts, they are
expected to investigate and remediate resultant problems. Although
the GPO-sponsored GENI operations mailing list may receive initial
complaints about misbehaving services or systems, staff from the
operations list will put complainants in direct contact with the
researcher or development project lead responsible for reported
problems, and follow the response emails.
GENI resources are accessible to various opt-in users, who may not be
officially registered with GENI clearinghouses. Researchers who
sponsor services that include these users are responsible for ensuring
that their users do not violate the GENI infrastructure recommended
use policy.
GENI offers no privacy guarantees on data sent to and from the GPO-
coordinated GENI suite of infrastructure. GENI participants should
assume data will be monitored and logged, for example to investigate
abuse. GENI also offers no reliability guarantees. Systems and
services may be rebooted, briefly taken off-line, and reinstalled
without prior warning
4 Consequences
This is a collaborative infrastructure, and the nature of some
violations may require immediate action to protect the rest of the
community (for example responding to a denial-of-service attack).
Staff on the GPO-sponsored GENI operations mailing list will strive to
contact all parties involved in a suspected or reported violation, and
to discuss options with those parties before taking action to address
the violation. Staff will take action before reaching all parties if
necessary. Local providers or project participants may act
independently if they perceive an immediate threat, although GENI
encourages coordination with the GENI operations mailing list.
Violation of this Recommended Use Policy may result in any of the
following:
* disabling experiments, systems, or users access to GPO-
coordinated GENI infrastructure
* removing sites or resources from the GPO-coordinated GENI
infrastructure
* Informing the participant’s administrative organization of the
violation
* Informing the GENI community, including the National Science
Foundation, of the violation
To report a suspected violation of this policy, contact the GENI
operations mailing list (geni-ops@...).
_______________________________________________
omis-wg mailing list
omis-wg@...
http://lists.geni.net/mailman/listinfo/omis-wg
« Return to Thread: DRAFT GENI Recommended Use Policy
| Free embeddable forum powered by Nabble | Forum Help |
