D4Science Deployment and Operation: Policies

From D4Science Wiki
Jump to: navigation, search

This section describes the D4Science Infrastructure Policies.

A policy is typically described as a principle or rule to guide decisions and achieve rational outcomes. In the case of the infrastructure, three main families of policies have been defined:

  • Global Policies: policies meant to be valid for the infrastructure as a whole and as such they have Global scope. Examples of such policies include Acceptable Use Policies.
  • Service Level Agreement Policies: policies meant to regulate the level of service which the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure has to guarantee to its users. Examples of such policies include Software Hosting SLA Policy.

Global Policies

The Policies which are described in this section are global policies applied to Users accessing the infrastructure as consumers or providers of:

  • Services
  • Data
  • Software
  • Sites (Computation and storage)

The following policies have been defined :

Infrastructure Acceptable Use Policy

By registering in the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure any User shall be deemed to accept these conditions of use:

  • The User shall not use the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure for any unlawful purpose and not (attempt to) breach or circumvent any administrative or security controls.
  • The User shall respect intellectual property and confidentiality agreements.
  • The User shall protect its access credentials (e.g. private keys or passwords).
  • The User shall immediately report any known or suspected security breach or misuse of the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure or access credentials to the incident reporting locations specified by the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure.
  • Use of the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure is at User's risk. There is no guarantee that the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure will be available at any time or that it will suit any purpose.
  • Logged information is used for administrative, operational, accounting, monitoring and security purposes only.
  • Resource Providers are entitled to regulate, suspend or terminate the User access, within their domain of authority, and the User shall immediately comply with their instructions.
  • The User is liable for the consequences of violating any of these conditions of use

gCubeApps Acceptable Use Policy

By accessing gCubeApps deployed into the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure any User shall be deemed to accept these conditions of use:

  • Users may only use the gCube Apps to store, retrieve, query, serve, and execute its content that is owned, licensed or lawfully obtained by them. As used as part of the gCubeApps, any User may be allowed to use certain software (including related documentation) provided by the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure or third party licensors. This software is neither sold nor distributed to Users and they may use it solely as part of the gCubeApps. Users may not transfer it outside the Services without specific authorization to do so.
  • If Users create technology that works with a gCubeApp, they must comply with the current technical documentation applicable to that gCubeApp available in the gCube Development WIKI.
  • Users will reasonably cooperate with the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure to identify the source of any problem with the gCubeApps that may be attributable to Users Content or any end user materials that the User control.
  • If the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure reasonably believe any of the User Content violates the law, infringes or misappropriates the rights of any third party ,the User of the Prohibited Content will be notified and may request that such content be removed from the gCubeApps or access to it be disabled. If a User does not remove or disable access to the Prohibited Content within 2 business days of our notice, the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure may remove or disable access to the Prohibited Content or suspend its access to the gCubeApps.

Citation Policy

By exploiting resources and services offered via the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. infrastructure any User shall be deemed to accept these conditions:

  • Any authorized user should acknowledge who have provided every product that is accessed via the infrastructure services. In particular, the user is requested to include a bibliographic citation to all the products resulting from the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. infrastructure and exploited while producing any artifact.
  • Citation information is provided in the documentation that accompanies any product. The user will use such an information to annotate the artifacts he/she is producing by relying on D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. products.
  • Citation should include the following sentence "Published by <portal/infrastructure name> and accessed by <portal> (<access time>)."

Service Level Agreement

When describing the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure Service Level Agreements (SLAs) we refers to the levels of availability, serviceability, performance, operation, or other attributes of the Infrastructure. The level of service is specified as "target" and "minimum," which allows the user of the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure to be informed what to expect (the minimum), while providing a measurable (average) target value that shows the level of organization performance.

Since no Resource pricing is defined no penalties have been agreed in the case of non-compliance of the SLA .

The following D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure SLAs have been defined :

Data Access SLA

By accessing data trough the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure any authorized user shall be deemed to accept these conditions of use:

  • Any authorized user can use the data in any circumstance and for all usage, reproduce the data, modify the data, and make derivative data based upon the original data, communicate to the public, including the right to reproduce or display the data or copies thereof to the public and perform publicly, as the case may be, the data.
  • Any authorized user cannot in any circumstance and for any usage redistribute the data or copies thereof, lend and rent the data or copies thereof, sub-license rights in the data or copies thereof.

Data Storage SLA

By uploading or otherwise submitting data to the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure any authorized user shall be deemed to accept these conditions of use:

  • the ownership of any intellectual property rights is not in anyway transferred to the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure. In short, what belongs to a user remains exclusively of that user.
  • in the case a user decide to share it with members of a Virtual Research EnvironmentA ''system'' with the following distinguishing features: ''(i)'' it is a Web-based working environment; ''(ii)'' it is tailored to serve the needs of a Community of Practice; ''(iii)'' it is expected to provide a community of practice with the whole array of commodities needed to accomplish the community’s goal(s); ''(iv)'' it is open and flexible with respect to the overall service offering and lifetime; and ''(v)'' it promotes fine-grained controlled sharing of both intermediate and final research results by guaranteeing ownership, provenance, and attribution. (VREVirtual Research Environment.), he/she remains responsible for any misusage of the data by other Infrastructure Users.
  • at any time the user can decide to unregister his/her data. All user’s requests are immediately accepted and operated by the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure.
  • the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure can reproduce, modify, and generate derivative works (such as those resulting from translations, adaptations or other changes required by the management capabilities of the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure).
  • the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure will not otherwise move or distribute user's data for any purpose, except when required to do so by law.
  • the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure is not responsible of the data uploaded and hosted by the infrastructure.
  • the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure will not be responsible of any issue regulating intellectual property rights infringement or illegal use of user's data.
  • the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure will make reasonable efforts to insure that data are persisted. In the event of hardware or software Failures caused by failures to a hard drive or power supply, the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure will make reasonable attempts to restore the user's data. No guarantee whatsoever is provided on the success of any user's data recovery.

Support Response Time SLA

The Support Team as defined in the Support Team page is responsible for the resolution of all production support tickets related to the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure. This SLA covers incident tickets resolution time in the case of issue related to infrastructure incidents ( e.g. it does not cover the resolution time of the issues coming from software bugs):

  • High priority Incident Resolution time: < 1 day;
  • Normal priority Incident Resolution time: < 5 days;
  • Low priority Incident Resolution time: < 2 weeks.

Software Hosting SLA

The Software Hosting SLA covers some element of the WAR Management Service which is offered to Users trough the Web Application Management Portlet and the WAR Management Portlet:

  • Individual service will deliver 100% uptime as monitored within the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure monitoring system . Only failures due to hardware and hypervisor layers delivering individual servers constitute Failures and so only those Failures are covered this SLA. Examples of Failures include power interruptions, hardware problems such as failures to a hard drive or power supply, and failures to the hypervisor environment supporting User WebApplications.
  • individual service will be monitored by Nagios and monthly availability rate below 99.7% will require a further extraordinary approval managed via an incident ticket trough the Support RedMine system.
  • The D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure will make reasonable efforts to insure that server storage is "persistent." In the event of hardware or software Failures as defined above, the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure will make reasonable attempts to return the Users to pre-Failure state including restoring the Application software as configured by the User and Data. Furthermore, these efforts will include supporting the User via telephone, chat or Email at the User's choosing. No guarantee whatsoever is provided on the success of any Users recovery.
  • The D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure Portal allows a User to deploy a WebApplication in the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure. This SLA defines as well the maximum period each WebApplication will need to be available and "Ready" to be exploited by the Users:
    • WebApplication Activation cycle: < 15 minutes;
In the case of a Activation cycle > 15 minutes Users must open an Incident ticket trough the Support RedMine system.

Scheduled Infrastructure Downtime SLA

Scheduled Infrastructure Downtimes occur during a D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure maintenance window, which can be scheduled for Infrastructure Upgrades or scheduled infrastructure interventions ( e.g. scheduled power cuts). This SLA applies to the user notice period via electronic communication:

  • Scheduled Infrastructure Downtime User notice > 24 hours;

Infrastructure Participation Policies

Resource provision in the context of the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure is regulated by a defined set of policies:

Site Participation Policy

By participating in the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure any Site must agree to the following conditions.

  • Every Site should appoint at least one person to the role of Site Manager. Contact information of each Site Manager should be in the Site Manager page. The Site Manager is requested to react to requests on Site management in an efficient manner (see Incident Management procedure page)
  • When notified by the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure Infrastructure Managers of software patches and updates required for security and stability, they should be applied to the Site's systems, as soon as reasonably possible in the circumstances. Other patches and updates should be applied following the upgrade plan prepared by the Infrastructure Managers applying the deployment and upgrade procedure.
  • Logged information, including information provided by Users or other Sites, should be used for administrative, operational, accounting, monitoring and security purposes only.
  • The participation in the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure as a Site shall not create any intellectual property rights in software, information and data provided to the Site or in data generated by the Site in the processing of jobs.
  • Provisioning of resources to the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure is at the Site's risk. Any software provided by the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure is provided on an as-is basis only, and subject to its own license conditions. There is no guarantee that any procedure applied by the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure is correct or sufficient for any particular purpose. The D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure and other Sites are not liable for any loss or damage in connection with the Site participation in the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure.
  • The Site shall comply with the Incident Management response procedures regarding the notification of security incidents and where appropriate, shall restore access as soon as reasonably possible.
  • The Site shall comply with the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure operational procedures including the requirement to support at least the root VOVirtual Organization;.
  • The D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure may control access to the Site for administrative, operational and security purposes and remove Site resource information from the Information Systems if the Site fails to comply with these conditions.
  • Individual server will deliver 100% uptime as monitored within the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure monitoring system. Only failures due to hardware and hypervisor layers delivering individual servers constitute Failures and so only those Failures are covered this SLA. Examples of Failures include power interruptions, hardware problems such as failures to a hard drive or power supply, and failures to the hypervisor environment supporting User WebApplications.
  • individual server will be monitored by Nagios and monthly availability rate below 99.7% will require a further extraordinary approval managed via an incident ticket trough the Support RedMine system.

Service Participation Policy

This policy regulates the participation of Community Resources into the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure as Federated Resources, in particular resources accessible as remote services. This policy applies to all remote Services and it works in junction with policies regulating each single Community.

  • Every Federated Service should have at least one Resource Manager and their contact information should be in the Support Team page.
  • As member of the Support Team each Resource Manager is subscribed to the support team mailing list and should partecipate to the Support Team Conference Call, if requested, to discuss about Issues affecting the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure.
  • In the case of access to Federated Services regulated by User Credentials or any other Authentication mechanism, the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure will make use of encryption to ensure that access information are not public.
  • The D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure will keep track of the Federated Service access statistics trough its accounting system, and this data will be accessible only by the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure Infrastructure Managers and if requested by each Federated Service Manager.

Data source Participation Policy

Any data provider can promote its data repository by registering it in the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure.

  • By registering a data repository, the data provider guarantees access to the data stored without any limitation on volume or number of access calls.
  • A data provider is empowered to limit the access to its data to either a single community or to a single group of people operating in a community. D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure uses proven cryptographic methods to authenticate users. The data will be only available to either the community or a group within a community explicitly authorized by the data provider.
  • Any authorized user can use the data in any circumstance and for all usage, reproduce the data, modify the data, and make derivative data based upon the original data, communicate to the public, including the right to reproduce or display the data or copies thereof to the public and perform publicly, as the case may be, the data.
  • Any authorized user cannot in any circumstance and for any usage redistribute the data or copies thereof, lend and rent the data or copies thereof, sub-license rights in the data or copies thereof.
  • At any time the data provider can decide either to unregister its data repository or to suspend temporarily the access to it. All data provider’s requests are immediately accepted and operated by the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure.
  • The ownership of the data remains exclusively to the data provider. D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure will not otherwise copy, move or distribute provider's data for any purpose, except when required to do so by law.
  • The data provider is solely responsible for the development, content, operation, and maintenance of the data. In particular, the data provider is solely responsible for the compliance of data with the law, with any claims relating to the data, and any violation with respect person’s rights.
  • The registration of a data repository to the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure is simple and secure. Several technologies - relational databases, columns stores, document repositories, geographical information systems - and protocols are currently supported.

To register a data provider is needed to contact d4science info . A personal assistant will be assigned to follow the entire registration process. The procedure is not expected to take more than three working days.

Software Participation Policy

This policy regulates the deployment of User's Web Applications into the D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure, performed trough the Web Application Management Portlet and the WAR Management Portlet:

  • The D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure is not responsible of the Web Application uploaded and hosted by the infrastructure.
  • Users should be aware of software licenses which regulate its WebApplication or any third party software included. The D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure will not be responsible of any issue regulating licence infringement or illegal use of proprietary software.
  • Users which upload WebApplications, in the case they decide to share it with members of a Virtual Research EnvironmentA ''system'' with the following distinguishing features: ''(i)'' it is a Web-based working environment; ''(ii)'' it is tailored to serve the needs of a Community of Practice; ''(iii)'' it is expected to provide a community of practice with the whole array of commodities needed to accomplish the community’s goal(s); ''(iv)'' it is open and flexible with respect to the overall service offering and lifetime; and ''(v)'' it promotes fine-grained controlled sharing of both intermediate and final research results by guaranteeing ownership, provenance, and attribution. (VREVirtual Research Environment.), are responsible for any misusage of the WebApplication by other Infrastructure Users.
  • The D4ScienceAn e-Infrastructure operated by the D4Science.org initiative. Infrastructure by monitoring the User's Web Applications running behavior, can decide to remove the WebApplications from the infrastructure in the extreme case where they could undermine the Infrastructure stability.