[gin-auth] GIN VO Usage Rules.

Stephen M Pickles Stephen.Pickles at manchester.ac.uk
Thu Aug 17 13:21:41 CDT 2006 

Oscar, David, Dave, and friends,

One good thing about GIN is that it tests our assumptions
about what VOs and Grids actually are.

Skip forward to ****, unless you want to read my views on this.

I have some strong views on these matters, and they might well
differ from yours. When Foster et al. gave us the term Virtual
Organisation in their seminal paper, they did not give us a
concrete definition. (BTW, did you know that the term had been
introduced by social scientists some months beforehand,
unbeknownst to Foster and Kesselman?) When I look at real-world
examples of VOs (in the Grid sense), I see things like the
LHC experiments, other EGEE VOs, various e-Science projects
(RealityGrid is an example of a VO that tries to leverage existing
grids rather than build its own, and NEESGrid is an example of
one that builds much of its own infrastructure). These VOs
* build on established social networks
* have long term goals and strategy
* have significant funding, governance & policy of their own
* need to share data, applications, instruments,...
* sometimes collectively control or operate resources and services
  of their own
* often have access rights to resources they do not control
  e.g. national HPC services, public data sets
* may or may not have the capacity to construct their own grids
(So the ones that we know about tend not to be lightweight entities
- and I think that's a problem.)

When I look at real world examples of production Grids (EGEE, TeraGrid,
APAC Grid, DEISA, NAREGI, ...), I see:
* long term goals and strategy, aimed at providing production
  quality services
* significant funding, governance & policy (policy is strongly
  constrained by the interests of the funding bodies)
* missions aimed at enabling users and user communities to share
  data, applications, etc, and to enjoy the common infrastructure
  that the grid provides.
* Grid-wide policy and practice being used to patch over gaps
  in middleware and standards.

It seems to me that in practice there is usually a consumer-provider
relationship between VOs and (production) Grids. I believe that
it is necessary to make these relationships explicit.
Tools like VOMS are tremendously important to production grids
because they facilitate establishment of consumer-provider
relationships between user communities and grids - they are essential
for scalability. VOMS enables the community to assert its membership
to the grids that support it.

I don't believe it is useful to think of the Grid as being
a member of all the VOs it supports. In fact, I think this is
extremely dangerous, as it can lead to the illusion that a VO
can prescribe policy for all the resources that it uses.
Some might find this controversial. 

I think it can occasionally be useful to think of a Grid as
itself being a VO, especially when doing things like establishing
bipartite consumer-provider relationships between two grids
(for example, GridPP and NGS might each have a VOMS server
asserting membership of the GridPP and NGS VOs, in order to allow
the other grid's users access to this grid's resources).

I think it can occasionally be useful to think of a VO as being
a Grid, in the sense that it is desirable for the members (users)
in a VO to have a unified view of the set of resources that they
use, and we might be tempted to call that set of resources a Grid.
I think it is OK to do so, as long as we don't pretend that that
Grid has all the properties we expect of a production Grid
(governance, policy, helpdesk, trust and co-ordination
between the resource providers, ...).

Finally, I think that as grid computing evolves, it will be
essential for for VOs to become first class entities. There are few
tools (VOMS is one) and less standards that explicitly deal
with VOs, their formation, management and destruction. I also
think that VOs must have (more or less) global scope. In GIN,
we've already seen name collisions between VOs arise,
and have been convinced that a global DNS-like name space
is needed. Already, we know that there are VOs which use
resources from multiple Grids, and the GIN partner Grids
have begun to grapple with ideas like "external VOs" and
what it means to recognise, trust and support them.

I've not written this up formally, but I did give a presentation
at the Cetraro HPC/Grid workshop last month. You can find it at:
  http://www.hpcc.unical.it/hpc2006/prsnts/pickles.ppt

****

Back to the matter in hand.

I think there is a GIN VO. This is the set of people, generally
from the GIN partner Grids, who are advancing the goals of GIN-CG,
which I do not need to recapitulate here. These people, the members
of the GIN VO as asserted by the GIN VOMS server (thanks Oscar),
need access to resources managed by GIN partners. The partners
in general use this membership information to streamline their
authorisation procedures.

I think that there is not a "GIN Grid", in the sense that there
is, and can be, no overall management of the collective resources.
However, there could in theory be a GIN view of the collective 
resources that a GIN user sees. 

I therefore think that it is possible to have an AUP for the GIN VO,
and indeed that we need one.

I do not believe that it is possible for there to be an AUP for the
GIN Grid, because there is (I argue) no such thing as a GIN Grid,
and there is certainly no governance body that could agree one.

I know that many Grids have put a lot of work into what are essentially
Grid AUPs. We've done it for the NGS (see http://www.ngs.ac.uk/NGS-tacu.shtml).
APAC have done it (see David Bannon's posting). EGEE have done it
(see Dave Kelsey's posting). Undoubtedly many others have done it
too. Of these, EGEE's is the one that has had to deal with the
widest range of stakeholder requirements, spanning as it does
many nations, languages, legal systems etc. As Dave Kelsey made
clear (point 2 of his posting), there is no hope of assembling
a complete and consistent superset of the clauses that every
constituent resource provider thinks they require their users
to observe, so sights have to be lowered. That EGEE has achieved
some kind of consensus on a Grid AUP is remarkable. That OSG
might be prepared to adopt it is equally remarkable.

I just don't think that a Grid AUP will work for GIN.
(If there was one, it might make life easier. But striving for
one is way beyond the scope of the GIN charter as I understand it.)

Hence I propose to have only a VO AUP for GIN.
Such a thing will serve to remind GIN users of a few basics
of social behaviour. It will not, cannot, and must not be
construed to, give GIN members a license to ignore any
specific terms and conditions of the underlying Grids.
A GIN member that uses APAC is a user of APAC.
A GIN member that uses NGS is a user of NGS.
A GIN member that uses EGEE is a user of EGEE.

Have I explained myself?

Do we have consensus that my proposal is a sensible
way to proceed?

We can always quibble about the actual wording later.

Stephen

> -----Original Message-----
> From: owner-gin-auth at ggf.org [mailto:owner-gin-auth at ggf.org] 
> On Behalf Of Oscar Koeroo
> Sent: 17 August 2006 08:31
> To: Stephen.Pickles at manchester.ac.uk
> Cc: D.Bannon at vpac.org; Kelsey, DP (David); gin-auth at ggf.org
> Subject: Re: [gin-auth] GIN VO Usage Rules.
> 
> Hi,
> 
> Disclaimer: I don't know if I'll be expressing myself perfectly here,
> Dave can correct me on this.
> 
> Dave Kelsey's Grid AUP is intended to be used by everybody in the LCG
> and OSG collaboration. Well, actually it started of being for LCG only
> ofcourse. Over time on developing The AUP (capitalize 'The' intended)
> for general use seemed to be not realistic. Meaning there is the
> infrastructure with its rules and there are the users that are in a VO
> using the infrastructure with the VO's view on the 
> infrastructure doing
> the VO-work.
> 
> With the seperation between the infastructure and the VO, the VO as
> embodyment of a collaborative project can agree on the Grid rules. The
> understanding of Sites is they too have a say in it and in such a way
> that the infrastructure is ofcourse based on the indivual 
> usage rules of
> sites.
> 
> I believe it's both simpel and (very) complex. The related 
> parties User,
> VO, Site, Infrastructure all wish to have a say in the story, but
> realisticly that doesn't scale.
> 
> I believe Dave's work is focussing in a AUP to be able to be accepted
> for all Grid environments. Which ofcourse means that VO specific AUP
> details need to be put in. If your in a HEP VO you'll not be generally
> concerned about privacy of all your files. If your in a 
> Bio-medical VO,
> that's a whole different ballgame with respect to the privacy
> regulations around this planet.
> 
> The GIN VO is something special that I have never came across 
> of before
> it started. Although with Dave Snelling on a busdrive in 
> Greece sometime
> ago I had a filosofical debate about 'what is a VO'. The GIN 
> VO doesn't
> have a dedicated management, no centralize place or person that's
> pointable as the { Boss | management | descision maker }. It seems (to
> me) totally distrobuted in trying to reach its common goal to
> interoperate beyond a VO's boundry.
> 
> To the point:
> I believe if we can agree on a common Grid AUP across the globe that
> this would benifit us all. For the moment it would be nice enough if
> each Grid environment would atleast setup one general purpose AUP.
> Although I don't think it would differ that much from the DaveK's
> results. Maybe each Grid can take a look at the evolutionary 
> path of the
> Grid AUP with Dave. I believe it would benifit all parties.
> 
> I would think an AUP for the GIN VO will basicly be a specialized
> overlay AUP (I would call it a VO AUP) that generally states 
> what a user
> can expect from the resources and vice-versa.
> 
> 
> 
>     Oscar
> 
> 
> 
> 
> David Bannon wrote:
> 
> >Stephen, as a discussion point, the APACGrid, representing 
> eight or nine
> >partners and more sites has developed what we call an End User
> >Agreement. It was developed buy combining all partner EUAs, 
> removing the
> >obvious non grid material and "distilling" as much as 
> possible to reduce
> >wordage.
> >
> >Please see 
> http://www.vpac.org/twiki/bin/view/APACgrid/EndUserAgreements
> >
> >Interestingly, a number of partners have indicated that they plan to
> >rewrite their existing agreement and base it on this one !
> >
> >David
> >
> >
> >On Wed, 2006-08-16 at 18:04 +0100, Stephen M Pickles wrote:
> >
> >
> >>I hope some of you remember this thread. It's become
> >>something of a loose end, and needs tying off.
> >>
> >>I think that the text provided by Dave Kelsey is a good
> >>starting point, and I'm willing to draft an adaptation of
> >>this for an AUP for the GIN VO.
> >>
> >>What I'm not sure about is whether there's any point
> >>in trying to preserve EGEE's separation between a "Grid AUP"
> >>and a "VO AUP". For example, I can't see that an existing
> >>grid (like NGS) is likely to throw away its own AUP and adopt
> >>a GIN AUP instead. I also think it awkward to have two AUPs
> >>that reference each other.
> >>
> >>So, will not a single document (i.e. an AUP for the GIN VO)
> >>do for GIN?
> >>
> >>I propose to:
> >>
> >>1) draft a single-document AUP for GIN, merging text from
> >>   Dave Kelsey's Grid AUP (more or less verbatim)
> >>   and VO AUP (adapted for GIN and its goals)
> >>2) add some words that amount to a "when in Rome clause"
> >>   (to remind users that many of the grids involved in GIN
> >>   have their own AUPs, which should be respected)
> >>3) add some words that amount to a reminder that a user's access
> >>   rights under the GIN VO are for testing, monitoring,
> >>   proof-of-concept, not large scale production work
> >>   (users planning large scale production work should
> >>   make independent applications to the grid(s) they
> >>   intend to use).
> >>4) I think there's a problem with clause (1) of the
> >>   Grid AUP for people who are members of multiple VOs.
> >>   I'll try to fix that in the process.
> >>
> >>Any comments or objections?
> >>
> >>Stephen
> >>
> >>
> >>
> >>
> >>
> >>>-----Original Message-----
> >>>From: owner-gin-auth at ggf.org [mailto:owner-gin-auth at ggf.org]
> >>>On Behalf Of Kelsey, DP (David)
> >>>Sent: 04 May 2006 20:12
> >>>To: gin-auth at ggf.org
> >>>Subject: RE: [gin-auth] GIN VO Usage Rules.
> >>>
> >>>Dear all,
> >>>
> >>>I have only just joined the gin-auth list. I have been
> >>>meaning to do so
> >>>for some time, but only got around to it when Oscar Koeroo
> >>>told me about
> >>>this recent thread on AUPs etc.
> >>>
> >>>I would like to tell you what we have been doing on this
> >>>topic in EGEE,
> >>>Open Science Grid and various other related EU Grid 
> projects, in the
> >>>hope that it may be useful to GIN. If it does not work for
> >>>GIN it would
> >>>also be good to understand why, in case we can improve things.
> >>>
> >>>As Stephen Pickles already said, EGEE does have VO-specific
> >>>AUP's and we
> >>>do have a general Grid AUP which uses the term "Grid". But 
> different
> >>>from what he said, we used this term deliberately not only to mean
> >>>"EGEE" but also to mean any other Grid which decides to 
> adopt the same
> >>>policy, for example Open Science Grid in the USA. The policy was
> >>>developed jointly with them and actually built on early 
> work they had
> >>>done to prepare a short, simple AUP. The aim was to 
> produce a simple
> >>>common policy to promote interoperation.
> >>>
> >>>The background to this work was as follows:
> >>>
> >>>1. We needed to develop policies which would work for VO's using
> >>>multiple Grids. Users needed to register just once with 
> their VO which
> >>>would then grant them access to resources on multiple 
> Grids. We do NOT
> >>>require the users to register with the sites or the Grid
> >>>infrastructures.
> >>>2. We very quickly came to the conclusion that there was 
> absolutely no
> >>>way we could take the existing network and site AUPs and merge them
> >>>altogether into one long document that would be a super-set of the
> >>>others. With more than 200 sites in 40 countries this is a
> >>>non starter.
> >>>3. The legal experts we consulted seemed to agree that use 
> of the Grid
> >>>(being after all just another internet application) was
> >>>already covered
> >>>by all of the network and site AUPs whether we mentioned them
> >>>or not, so
> >>>suggested we did not mention them explicitly.
> >>>4. We wanted a policy which was deliberately as short as 
> possible to
> >>>stand some chance of acceptance by other Grids and in the
> >>>hope the users
> >>>would read and understand.
> >>>5. We concluded that it was best to have a general Grid AUP
> >>>accepted by
> >>>*ALL* Grid users during their registration with a VO and that any
> >>>VO-specific details were best expressed in a VO AUP. Sites 
> could then
> >>>decide whether or not to offer resources to a particular 
> VO based on
> >>>their policy, safe in the knowledge that the user has 
> already accepted
> >>>the general AUP.
> >>>
> >>>So... here is our "Grid AUP" (short enough to include verbatim)...
> >>>
> >>>------------------------------------------
> >>>
> >>>By registering with the Virtual Organization (the "VO") as 
> a GRID user
> >>>you shall be deemed to accept these conditions of use:
> >>>
> >>>1. You shall only use the GRID to perform work, or 
> transmit or store
> >>>data consistent with the stated goals and policies of the 
> VO of which
> >>>you are a member and in compliance with these conditions of use.
> >>>
> >>>2. You shall not use the GRID for any unlawful purpose and
> >>>not (attempt
> >>>to) breach or circumvent any GRID administrative or 
> security controls.
> >>>You shall respect copyright and confidentiality agreements 
> and protect
> >>>your GRID credentials (e.g. private keys, passwords),
> >>>sensitive data and
> >>>files.
> >>>
> >>>3. You shall immediately report any known or suspected 
> security breach
> >>>or misuse of the GRID or GRID credentials to the incident reporting
> >>>locations specified by the VO and to the relevant 
> credential issuing
> >>>authorities.
> >>>
> >>>4. Use of the GRID is at your own risk. There is no 
> guarantee that the
> >>>GRID will be available at any time or that it will suit 
> any purpose.
> >>>
> >>>5. Logged information, including information provided by you for
> >>>registration purposes, shall be used for administrative, 
> operational,
> >>>accounting, monitoring and security purposes only. This
> >>>information may
> >>>be disclosed to other organizations anywhere in the world for these
> >>>purposes. Although efforts are made to maintain confidentiality, no
> >>>guarantees are given.
> >>>
> >>>6. The Resource Providers, the VOs and the GRID operators 
> are entitled
> >>>to regulate and terminate access for administrative, 
> operational and
> >>>security purposes and you shall immediately comply with their
> >>>instructions.
> >>>
> >>>7. You are liable for the consequences of any violation by
> >>>you of these
> >>>conditions of use.
> >>>
> >>>------------------------------------------------------------
> >>>
> >>>And here is an example VO AUP ... again rather short as you can
> >>>see.......
> >>>At the very least it needs to define the goals of the VO 
> such that the
> >>>individual users are constrained by point 1 of the general 
> AUP to only
> >>>perform work consistent with these goals.
> >>>
> >>>------------------------------------------------------------
> >>>
> >>>This Acceptable Use Policy applies to all members of the
> >>>Geant4 Virtual
> >>>Organization, hereafter referred to as the VO, with reference
> >>>to use of
> >>>the LCG/EGEE Grid infrastructure, hereafter referred to as
> >>>the Grid. The
> >>>Geant4-Spokesman, <name-removed> (CERN), owns and gives 
> authority to
> >>>this policy. The goal of the VO is to validate the software
> >>>they provide
> >>>to their users (HEP experiments such as ATLAS, CMS, LHCb, Babar,
> >>>Astrophysics applications, biomedical communities, etc) 
> twice per year
> >>>within the Grid environment. This procedure should cover a
> >>>wide range of
> >>>parameters and physical models which are high CPU demanding.
> >>>At the same
> >>>time they are planning to use regularly the LCG/EGEE 
> resources to make
> >>>analysis and studies of their toolkit. Members and 
> Managers of the VO
> >>>agree to be bound by the Grid Acceptable Use Policy, VO
> >>>Security Policy
> >>>and other relevant Grid Policies, and to use the Grid only in the
> >>>furtherance of the stated of the VO.
> >>>
> >>>------------------------------------------------------------
> >>>
> >>>I hope you might find this useful.
> >>>
> >>>Regards
> >>>Dave Kelsey
> >>>
> >>>
> >>>------------------------------------------------
> >>>Dr David Kelsey
> >>>Particle Physics Department
> >>>Rutherford Appleton Laboratory
> >>>Chilton, DIDCOT, OX11 0QX, UK
> >>>
> >>>e-mail: D.P.Kelsey at rl.ac.uk
> >>>Tel: [+44](0)1235 445746 (direct)
> >>>Fax: [+44](0)1235 446733
> >>>------------------------------------------------
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> 
> 
>

More information about the gin-auth mailing list