Date: 27 Sep 2017
The purpose of the B2ACCESS service https://b2access.eudat.eu is to arbitrate authenticated access of users, based on their primary identity, to services in the context of the EUDAT Collaborative Data Infrastructure. Multiple security protocols are supported by the B2ACCESS service to allow users, on the one hand side, to choose their preferred primary identity provider and to allow, on the other hand side, service providers to integrate their services by using their preferred security protocols to obtain the information about the user identity and attributes when they are necessary to make user and role-based access decisions.
The purpose of the EUDAT suite of services, including B2ACCESS, is to facilitate science and research in the public interest. This service is for researchers, science and research communities and the interested public.
B2ACCESS should be used in good faith. The service must not be used for any personal, recreational, political or commercial purposes. The B2ACCESS service must not be used for any unlawful purpose and no attempt to breach or circumvent any administrative or security controls must be executed.
Every user is accountable for the usage of resources and services made under his/her identity and therefore is obliged to protect his/her passwords.
Every user must provide personal information truthfully.
EUDAT is entitled to regulate, suspend or terminate access to the service. The user is liable for the consequences of violation of any of the conditions of use. Any violation being identified will be subject to corrective action, including possible termination of access, legal action, and criminal liability.
In case of problems, users can request assistance from the EUDAT Help Desk via https://eudat.eu/support-request to ensure the protection of their rights.
This ToU can be subject of change.
The shared services and resources made available to users for research purposes are software, (compute) servers, storage devices, media and network devices which are part of the EUDAT infrastructure.
This ToU is addressed to community data managers, (third party) service providers using resources or services of any EUDAT site (e.g. the Service Hosting Framework) as well as end users of EUDATs B2-services (e.g. the B2DROP, B2SHARE, B2FIND or B2ACCESS). This targeted audiences is called "Users".
Users must adhere to the general EUDAT policies and procedures described below including policies on the proper use of information services, information security, privacy and computing, storage and networking facilities, and legal terms.
In case of problems and to ensure the protection of their rights, users can request assistance from EUDAT Help Desk: http://eudat.eu/support-request.
Users should report issues caused by the user or about issues with a service, service component or resource provided by EUDAT partners in a reasonable timeframe, if the issue is related to a violation of these terms. Reports about violations should be directed to the EUDAT Help Desk which will document and redirect the issue report to the appropriate site and person(s) for action or will handle it directly, depending where the violation has occurred.
When necessary for providing a requested service, users must provide truthful and relevant personal information such as name, address, and project. They also must notify administrators with any changes to these records. Details concerning the personal information needed are specified for each service in a separate document.
You shall only use EUDAT services and resources to perform work, or transmit or store data consistent with the stated goals, policies and conditions of use as defined by the body or bodies granting you access.
You shall not use EUDAT services and resources for any unlawful purpose and not (attempt to) breach or circumvent any administrative or security controls.
You shall respect intellectual property and confidentiality agreements.
You shall protect your access credentials (e.g. private keys or passwords).
You shall immediately report any known or suspected security breach or misuse of EUDAT services and resources to the EUDATCSIRT firstname.lastname@example.org.
Use of the EUDAT services and resources is at your own risk. There is no guarantee that the EUDAT services and resources will be available at any time or that it will suit any purpose. EUDAT is not liable to any compensation in case of lost data or loss of service.
Logged information, including information provided by you for registration purposes, is used for administrative, operational, accounting, monitoring and security purposes only. This information may be disclosed, via secured mechanisms, only for the same purposes and only as far as necessary to other organizations cooperating with EUDAT. Although efforts are made to maintain confidentiality, no guarantees are given.
The access-granting bodies and Resource Providers are entitled to regulate, suspend or terminate your access, within their domain of authority, and you shall immediately comply with their instructions.
You are liable for the consequences of your actions if these are violating any of these conditions of use.
If necessary and where not provided by the user’s community, a userid will be assigned by EUDAT with an associated password generated by and under the control of the user. Access rights to EUDAT services and resources are granted and bound to the user’s identity wherever and whenever necessary. Access is granted for a limited period of time, at the end of which a renewal can be obtained. The range of resources and services which can be accessed and used by the user can be restricted.
These access rights to EUDAT services and resources (required in case of write access or read access to access-restricted resources), as well as the means to use it, are personal, non-transferable, and temporary. Users whose access rights will terminate for any reasons will be informed in a proper time frame. Details may depend on a service level agreement.
Each user is accountable for the resource usage made from his account. To fulfill these responsibilities, some precaution measures should be taken, among which:
User files are personal, even if they are physically accessible. Consequently, users must:
The use of EUDAT services and resources by a large numbers of users with different needs requires compliance to some rules. Thus, and in addition of the above, users should:
EUDAT computing, storage and network resources are provided for science and research purposes. There can be restrictions based on country or state laws which will be stated explicitly.
EUDAT resources and services should not be used for personal or business purposes; for example, computing and network facilities may be used neither in connection with compensated outside work nor for the benefit of organizations not related to EUDAT. It is thus inappropriate to use EUDAT resources for:
Before a commercial service is going to use EUDAT resources, EUDAT must be contacted via the Helpdesk.
EUDAT resources can potentially make personal information available to users. Access to such data is provided only for statistical and research purposes. Personal Information shall not be used for any other purposes without the prior written consent of EUDAT and where necessary the data producer(s):
On termination of the current document for whatever reason, all access to the Personal Information related to the Purpose shall cease forthwith, and electronic access be denied.
EUDAT reserves the right to monitor, record, and audit, or to request a written report from the users regarding, the use and activities relating to the use, of the Personal Information by the users during the lifetime of this agreement.
Any incidents of unauthorized access to, processing of, or disclosing of, the Personal Information must be reported immediately to EUDAT.
Users must respect the legal protection provided by copyright and licensing of software and data; for example, not to make copies of a licensed computer program to avoid paying additional license fees or to share it with other users.
In addition to the software protection, users are not allowed to use EUDAT resources to store or access any potentially unlawful or clearly inappropriate content or data. Any violation being identified on the EUDAT resources will lead to sanctions, access termination and legal actions.
Any user who abuses the privilege of their access to EUDAT resources in violation of this policy will be subject to corrective action, including possible termination of access, legal action, and criminal liability.
Access rights can be suspended and access can be immediately denied as soon as the user’s position or projects do no longer require it. Access rights can also be suspended or terminated if the user abuses the rules defined in this policy document; for example, supplying deliberately erroneous information, using another user's account, copying or distributing copyrighted or licensed software or data will be considered as a policy violation, and as such will be subject to termination of access.
EUDAT may mandate local representatives to take legal action based on laws in place in the country or state where the violation has been taken place, regardless of the administrative actions taken.