VIRTUAL ORGANISATION OPERATIONS POLICY
By participating in the Grid as a Virtual Organisation (VO), you agree to the conditions laid down in this document and other referenced documents that may be revised from time to time.
1. You shall provide and maintain, in a central repository provided by the Grid, accurate contact information as specified in the VO Registration Policy. These contacts satisfy the communication requirements for management decisions, security actions and operational issues relating to VO membership and Grid usage, as well as your software and services. The contacts shall respond to enquiries in a timely fashion as defined in the Grid operational procedures giving priority to security problems.
2. You shall comply with the Grid security policies, the VO AUP and any archival, accounting and logging requirements. You shall periodically assess, at least once per year, your compliance with these policies and inform the Grid Security Officer of any violations encountered in the assessment, and correct such violations forthwith.
3. You shall ensure that a VO membership service is provided in compliance with the VO Membership Management Policy. This shall include the appropriate interfaces and configuration details to allow the generation of authentication, authorization and other identity mapping data for the services running on the Sites. You shall take reasonable measures to ensure that the information recorded in the membership service is correct and up-to-date.
4. You are responsible for ensuring that your software does not pose security threats, that access to your databases is secure and is sufficiently monitored, that your stored data are compliant with legal requirements, and that your VO services, including pilot job frameworks, are operated according to the applicable policy documents.
5. You shall ensure that logged, archived and membership information is only used for administrative, operational, accounting, monitoring and security purposes. You shall ensure that due diligence is applied in maintaining the confidentiality of such information.
6. You recognize that the Grid and the Sites may control your access to their resources for administrative, operational and security purposes.
7. You shall ensure that any software used by you at a Site for its intended purposes, complies with applicable license conditions and you shall hold such Site free and harmless from any liability with respect thereto.
8. Any software provided by the Grid is provided on an as-is basis only, and subject to its own license conditions. There is no guarantee that any service operated by the Grid is correct or sufficient for any particular purpose. The Grid, the Sites and other VOs are not liable for any loss or damage in connection with your participation in the Grid.
9. You shall comply with the Grid incident response procedures and respond promptly to requests from Grid Security Operations. You shall inform users in cases where their access rights have changed.
10. Disputes resulting from your participation in the Grid shall be resolved according to the Grid escalation procedures.
This policy shall be signed for agreement by an Authorized Signatory of the Virtual Organisation.