[Go-essp-tech] Current status on CMIP5 security roles
martin.juckes at stfc.ac.uk
martin.juckes at stfc.ac.uk
Mon Jun 21 10:42:55 MDT 2010
If simpler is acceptable, I'll vote for that. If I understand correctly,
this would apply for a relatively short time compared to the extended
period of restrictions for CMIP3. But that raises the question, would we
impose a deadline -- e.g. data goes public 2 months after being
published in a restricted mode?
Cheers,
Martin
> -----Original Message-----
> From: Bryan Lawrence [mailto:bryan.lawrence at stfc.ac.uk]
> Sent: 21 June 2010 16:51
> To: Juckes, Martin (STFC,RAL,SSTD)
> Cc: go-essp-tech at ucar.edu; Karl Taylor
> Subject: Re: [Go-essp-tech] Current status on CMIP5 security roles
>
> On Monday 21 Jun 2010 14:53:55 Juckes, Martin (STFC,RAL,SSTD) wrote:
> > Hello Bryan,
> >
> > Is that a single role ("CMIP5_testing") giving access to all people
> > authorised by the collection of modelling centres or multiple roles
> > ("CMIP5_testing_mohc", "CMIP5_testing_ncar", etc)?
>
> I' m agnostic. Either. The first is simpler, and probably would be
> acceptable - but might look like "restricting to WG1" again.
> Cheers
> Bryan
>
>
> > Cheers,
> > Martin
> >
> > > -----Original Message-----
> > > From: go-essp-tech-bounces at ucar.edu [mailto:go-essp-tech-
> > > bounces at ucar.edu] On Behalf Of Bryan Lawrence
> > > Sent: 21 June 2010 14:28
> > > To: go-essp-tech at ucar.edu; Karl Taylor
> > > Subject: Re: [Go-essp-tech] Current status on CMIP5 security roles
> > >
> > > hi Karl
> > >
> > > Where are we on defining the scope of availability of qc level one
> > > data.
> > > When we've talked, we've been suggesting it should be "mates
only".
> > > I think the two access controls we're listing below are for qc
> > > level 2 data.
> > >
> > > We need to make a decision about this. I'm recommending that we
> > > have
> >
> > an
> >
> > > additional level of access control: CMIP5_testing, which is given
> > > only to those explicitly authorised by the originating modelling
> > > centre,
> >
> > and
> >
> > > applies to qc level one data.
> > >
> > > I'm happy for this to be vetoed, but I get the impression that a
> >
> > number
> >
> > > of centres like this idea.
> > >
> > > However, if we're going to do that, we need to make a decision
> > > asap.
> > >
> > > Cheers
> > > Bryan
> > >
> > > On Friday 18 Jun 2010 17:56:43 Karl Taylor wrote:
> > > > Hi all,
> > > >
> > > > Coming in late to this discussion, I wonder what the purpose of
> > > > the discussion is. Is it simply to define the "controlled
> > > > vocabulary" needed to distinguish between data made available
> > > > under different terms of use? If so, then I suggest:
> > > >
> > > > CMIP5_for_unrestricted_use
> > > > CMIP5_for_non-commercial_research_and_educational_use_only
> > > >
> > > > (or some abbreviated form of the above). The acronyms AR5 and
> > > > IPCC should only be used in connection with the assessment
> > > > activity of IPCC, not any research (or infrastructure support of
> > > > research) carried out that might end up being assessed by the
> > > > IPCC. The IPCC would probably not want it to appear that it
> > > > sponsors or drives the research that it will assess, and the
> > > > WCRP's WGCM "owns" CMIP5 and should get credit for this by
having
> > > > it referred to by its "brand" name (i.e., CMIP).
> > > >
> > > > The WGCM insists on a registration procedure so that they will
> > > > clearly know the terms of use, and this has the added benefit
> > > > that we can track usage better and also can contact users if
> > > > necessary. Those seeking data will have to register and sign one
> > > > of the two options for "terms of use" described above.
> > > >
> > > > I can't remember whether we will ask those registering to say
> > > > what they plan to do with the data. Although we did this in the
> > > > early stages (at least) of CMIP3, I'm not sure with 1000's of
> > > > users this serves much of a purpose. Anyone think otherwise?
> > > >
> > > > Best regards,
> > > > Karl
> > > >
> > > > On 6/18/10 4:56 AM, philip.kershaw at stfc.ac.uk wrote:
> > > > > Hi all,
> > > > >
> > > > > I'm forwarding this discussion we've been having at the BADC
> > > > > about the CMIP5 access roles. We currently have the roles,
> > > > >
> > > > > AR5_Research
> > > > > AR5_Commercial
> > > > >
> > > > > Ag would like to know more explicitly what these roles mean -
> > > > > see his e-mail below...
> > > > >
> > > > > On a second point, Martin would like these roles names changed
> > > > > to,
> > > > >
> > > > > cmip5_rearch
> > > > > cmip5_commercial
> > > > >
> > > > > To better reflect their purpose and the distinction from the
> > > > > AR5 activity (his e-mail also see below...)
> > > > >
> > > > > Could someone comment - esp. from PCMDI?
> > > > >
> > > > > Thanks,
> > > > > Phil
> > > > >
> > > > >> -----Original Message-----
> > > > >> From: Stephens, Ag (STFC,RAL,SSTD)
> > > > >> Sent: 18 June 2010 12:44
> > > > >> To: Juckes, Martin (STFC,RAL,SSTD); Kershaw, Philip
> > > > >> (STFC,RAL,SSTD) Cc: Lawrence, Bryan (STFC,RAL,SSTD); Pascoe,
> > > > >> Stephen (STFC,RAL,SSTD) Subject: RE: Current status on CMIP5
> > > > >> security roles
> > > > >>
> > > > >> Hi Phil et al,
> > > > >>
> > > > >> Presumably the "commercial" and "research" roles limit access
> > > > >> in some way.
> > > > >>
> > > > >> However, I would expect most common role to be "public" which
> > > > >> implies:
> > > > >>
> > > > >> * you still login with your OpenId
> > > > >>
> > > > >> * but the data is available to all
> > > > >>
> > > > >> * but because you logged in there is a log of what you have
> >
> > used
> >
> > > > >> Is that in the plan?
> > > > >>
> > > > >> Also, do you know if registration requires a description of
> > > > >> the proposed usage of the data?
> > > > >>
> > > > >> Thanks,
> > > > >>
> > > > >> Ag
> > > > >>
> > > > >>
> > > > >> -----Original Message-----
> > > > >> From: Juckes, Martin (STFC,RAL,SSTD)
> > > > >> Sent: Fri 6/18/2010 12:17
> > > > >> To: Kershaw, Philip (STFC,RAL,SSTD); Stephens, Ag
> > > > >> (STFC,RAL,SSTD) Cc: Lawrence, Bryan (STFC,RAL,SSTD); Pascoe,
> > > > >> Stephen
> > > > >> (STFC,RAL,SSTD) Subject: RE: Current status on CMIP5 security
> > > > >> roles
> > > > >>
> > > > >> Hello Phil,
> > > > >>
> > > > >> A pedantic point: access to cmip5 should be controlled by a
> > > > >> "cmip5_xxxx" role, not "AR5_xxx". We are doing our best to
> > > > >> keep the distinction between CMIP5 (an evolving research
> > > > >> archive) and AR5 (a reference archive consisting of a
snapshot
> > > > >> of CMIP5
> >
> > archive
> >
> > > > >> contents) clear.
> > > > >>
> > > > >> A further question: if data is made available at BADC through
> > > > >> our browser, on /badc/cmip5 or some equivalent, will this be
> > > > >> covered by the same access control mechanism?
> > > > >>
> > > > >> cheers,
> > > > >> Martin
> > > > >>
> > > > >>
> > > > >> -----Original Message-----
> > > > >> From: Kershaw, Philip (STFC,RAL,SSTD)
> > > > >> Sent: Fri 18/06/2010 11:42
> > > > >> To: Stephens, Ag (STFC,RAL,SSTD)
> > > > >> Cc: Juckes, Martin (STFC,RAL,SSTD); Lawrence, Bryan
> > > > >> (STFC,RAL,SSTD); Pascoe, Stephen (STFC,RAL,SSTD)
> > > > >> Subject: RE: Current status on CMIP5 security roles
> > > > >>
> > > > >> Hi Ag,
> > > > >>
> > > > >> My understanding is that there are two roles under the
> > > > >> authority of PCMDI which have federation wide scope:
> > > > >>
> > > > >> AR5_Research
> > > > >> AR5_Commercial
> > > > >>
> > > > >> When I say, 'under the authority of', I mean users must
> > > > >> register at PCMDI for these access roles.
> > > > >>
> > > > >> In addition, each institution can still secure datasets with
> >
> > their
> >
> > > > >> own roles specific to their institution. For example, there
> > > > >> may be cases where a policy marks a dataset as accessible via
> > > > >> 'AR5_Research' or <some-institution-access-role>.
> > > > >>
> > > > >> Cheers,
> > > > >> Phil
> > > > >>
> > > > >> Ref:
> > > > >>
http://*esg-pcmdi.llnl.gov/esgf/esgf-security-interface-contro
> > > > >>l- documents/ - 2.1.2. VO Attribute Value Agreements
> > > > >>
> > > > >>> -----Original Message-----
> > > > >>> From: Stephens, Ag (STFC,RAL,SSTD)
> > > > >>> Sent: 18 June 2010 11:31
> > > > >>> To: Kershaw, Philip (STFC,RAL,SSTD); Juckes, Martin
> > > > >>> (STFC,RAL,SSTD); Lawrence, Bryan (STFC,RAL,SSTD); Pascoe,
> >
> > Stephen
> >
> > > > >>> (STFC,RAL,SSTD) Subject: Current status on CMIP5 security
> > > > >>> roles
> > > > >>>
> > > > >>> Hi Phil,
> > > > >>>
> > > > >>> I just wanted to enquire about the various security roles
> >
> > planned
> >
> > > > >>> for the CMIP5 archive.
> > > > >>>
> > > > >>> My simplistic view is that there will be:
> > > > >>>
> > > > >>> * public - available to all
> > > > >>> * research_only
> > > > >>>
> > > > >>> However, I've heard it might be more complex that than. Do
> > > > >>> you have
> > > > >>
> > > > >> the
> > > > >>
> > > > >>> latest lowdown?
> > > > >>>
> > > > >>> Cheers,
> > > > >>>
> > > > >>> Ag
> > > >
> > > > _______________________________________________
> > > > GO-ESSP-TECH mailing list
> > > > GO-ESSP-TECH at ucar.edu
> > > > http://mailman.ucar.edu/mailman/listinfo/go-essp-tech
> > >
> > > --
> > > Bryan Lawrence
> > > Director of Environmental Archival and Associated Research
> > > (NCAS/British Atmospheric Data Centre and NCEO/NERC NEODC)
> > > STFC, Rutherford Appleton Laboratory
> > > Phone +44 1235 445012; Fax ... 5848;
> > > Web: home.badc.rl.ac.uk/lawrence
> > > _______________________________________________
> > > GO-ESSP-TECH mailing list
> > > GO-ESSP-TECH at ucar.edu
> > > http://mailman.ucar.edu/mailman/listinfo/go-essp-tech
> >
>
> --
> Bryan Lawrence
> Director of Environmental Archival and Associated Research
> (NCAS/British Atmospheric Data Centre and NCEO/NERC NEODC)
> STFC, Rutherford Appleton Laboratory
> Phone +44 1235 445012; Fax ... 5848;
> Web: home.badc.rl.ac.uk/lawrence
> --
> Scanned by iCritical.
--
Scanned by iCritical.
More information about the GO-ESSP-TECH
mailing list