Versions Compared

Old Version 5

changes.mady.by.user Hannah Short

Saved on

compared with

New Version 6

changes.mady.by.user David Groep

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

????? PDK seems too long. Probably need a new one here.
What must I do?ExplanationExample
Define a unique nameThis name will be critical for uniquely identifying your community and its participants. Ensure there are no possible collisions.Strongly suggest using a DNS name
Define your community's purposeYou need to be able to identify activity that is in scope for your community. Other activity may be suspended"The goal of this community is to allow members of the X collaboration to perform all the computing activities relevant for the X experiment and the analysis of the data collected by it."
Ensure members and their authorisations are valid and enforcedPut a process in place to check whether members are valid, for how long, and what they should be entitled to do. If automatic provisioning is not possible, establish periodic review procedures.
AARC-I086 highlights the 'light-weight' elements that should be in membership management (editable version provided)
Require members to accept an Acceptable Use Policy that defines the community goals and does not conflict with Infrastructure AUPsA significant effort has been spent in the research and education identity community to harmonise Acceptable Use Policies, minimising the need to interrupt end users with notifications and enabling easier interoperability.Add your community's purpose to the WISE AUP
Inform members about how their personal information is processedYou will likely be subject to local laws. You should also consider international best practices, such as the REFEDS Code of Conduct.The AARC recommendation from the Policy Development Kit
Be able and willing to collaborate in security incident response

Ensure that you follow best practices for security incident response such as traceability, revocation, the ability to contact users and proactive notification of incidents to partner organisations.Support the Sirtfi Framework. Define a procedure (e.g. the IRIS procedure) to be followed when needed.
Publish your documents Make it easy for fellow participants to trust you and see that you are following best practicesA publicly available website such as https://www.iris.ac.uk/security/