(26-Sept-2018 version after joint EUGridPMA+AARC2 meeting, Toulouse, France)

Draft implementors guide at https://docs.google.com/document/d/1tGghpHCKTu8sTO1wNrJBXXfD0N1XDAmFTn9b8t6wzPE

Guidance for on the intended use of this Acceptable Use Policy and Conditions of Use (AUP) text.

The AUP text below is intended to form part of the information presented to a member of a community (the user) at the time they register to access the services comprising an infrastructure. The AUP provides the user with information about their expected behaviour and restrictions on their use of the infrastructure. This "baseline" text can, optionally, be augmented with additional, community or infrastructure specific, clauses as required, but the numbered clauses should not be changed. The registration point where the user is presented with the AUP may be operated directly by the user's research community or by a third party on the community's behalf.

The motivation to provide this "baseline" text is to facilitate -

  • rapid community infrastructure ‘bootstrap’ - communities do not have to build their own AUP from scratch

  • ease the trust of users across an infrastructure - services within an infrastructure have a common framework describing the behaviour of users coming from multiple communities

  • provide a consistent and more understandable enrolment for users - as users move between communities and projects come and go, users have a common understanding of their responsibiities.

Other information to be presented to a user, as addition to the AUP, to properly define their rights and responsibilities when using the infrastructure and services are -

  • Privacy Notice - information about the processing of their personal data together with their rights under law regarding this processing
  • Service Level Agreements - information about what the user can expect from the service in terms of quality such as reliability and availability
  • (Optional) Terms of Service - additional requirements or information which does not naturally fit within the AUP, PN and SLA policies. (e.g. a requirement to cite a sponsoring body in publications or the assignment of Intellectual Property rights.)

When using the baseline AUP text given below, curly brackets "{ }" (coloured blue) indicate text which should be replaced as appropriate to the community, agency or infrastructure presenting the AUP to the user. Angle brackets "< >" (coloured green) indicate text which is optional and should be deleted or replaced as appropriate as above.

WISE Baseline AUP v1.1a

Acceptable Use Policy and Conditions of Use

This Acceptable Use Policy and Conditions of Use (“AUP”) defines the rules that govern your access to and use (including transmission, processing, and storage of data) of the resources and services (“Services”) as granted by {community, and/or the agency, or infrastructure name} ("Granting Authority") for the purpose of {describe the stated goals and policies governing the intended use}.

<This document may be augmented by additional agreements or terms and conditions, in which case the Granting Authority may optionally add specific clauses - or references thereto - here that are not in conflict with the clauses below and that further define and limit what constitutes acceptable use. The wording of the following clauses must not be changed.>

1. You shall only use the Services in a fashion consistent with policies of the Granting Authority and for the purposes described above.

2. You shall not use the Services for any purpose that is unlawful and you shall not breach, attempt to breach, nor circumvent any administrative or security controls.

3. You shall respect intellectual property and confidentiality agreements.

4. You shall protect your access credentials (e.g. passwords, private keys or multi-factor tokens); no intentional sharing is permitted.

5. You shall keep all your registered information correct and up to date.

6. You shall, as soon as reasonably possible, report any known or suspected security breach, credential compromise, or misuse to the security contact stated below; and report any compromised credentials to the relevant issuing authorities.

7. Reliance on the Services shall only be to the extent specified by any applicable service level agreements listed below. Use without such agreements is at your own risk.

8. The Granting Authority and/or the provider of the Services process your personal data in accordance with the privacy statements linked below.

9. The Granting Authority and/or the provider of the Services may, for administrative, operational, or security reasons, restrict or suspend your use without prior notice and without compensation, within their domain of authority, and you shall immediately comply with their instructions regarding your use of the Services.

10. If you violate these rules, you are liable for the consequences, which may include but are not limited to a report being made to your home organisation and, if the activities are thought to be illegal, to appropriate law enforcement agencies.

The administrative contact for this AUP is: {email address for the Granting Authority}

The security contact for this AUP is: {email address for the infrastructure, community, and/or Granting Authority security contact}

The privacy statements (e.g. Privacy Notices) are located at: {URL}

Applicable service level agreements are located at: <URLs>

  • No labels