 this provider's forum. Rob, can I be given presenter rights, please? Yes, certainly. You are now a co-host. I'm putting all the other speakers and co-hosts as well. Excellent. Thank you. We'll wait a few more minutes. I see people are still trickling in. Just a preliminary check. Can people see my slides? Yep. Now, are they moving? No, not really. It's not in presentation mode either. Okay, the blocking thing seems to be gone now, but it's not yet in presentation mode. I guess we can live with this. This is fine. Great. A few housekeeping, which you're probably familiar with at the moment, so this event is being recorded. We will share links to the recordings afterwards. Please ensure that your microphone is switched off. Video two, unless the host gives you permission, and please, after speaking, ensure it's switched off once again. For interaction, please, if you'd like to say something, raise your hand lower afterwards. The Zoom chat is available to write any questions that you have. Also, with many thanks to the people organising this event, we do have Slido as well, and we will be using a poll for this shortly. So to enter Slido, use the code EOSC Hub Week, and then select 20th May, Service Providers Forum. First of all, I'm wondering if we can actually launch the first poll, Rob, which is to check the profile of people at this event. Okay, it's live now. So this is a question, what's your role? Are you a service provider within academic infrastructure, service provider, other service provider outside academic context and end user or other? So if you could vote, that would be good. And we see at the moment, predominantly service providers within academic infrastructures, which is interesting, a few outside as well. So that gives us a quite a good understanding of the background of the people here. Great. Okay, so to say a few words about the outline of this session, we will have, which is what I hope, a number of topics relevant for service providers. After a bit of background for me about what the Service Provider Forum is all about, we will have Giuseppe telling us about the training which is available for service providers. Gerd Ghe, speaking some more about a very interesting handbook that he's been working on, which is integration handbook and the benefits of service providers for integrating with the core services. This has been mentioned before, but I'm hoping that this will be a chance for Gerd Ghe to give us a bit more information about that. Afterwards, Dave Kelsey will be talking about security activities and policies of EOSC relevant to service providers. And finally, I'll be saying something about initiative that we've recently launched, which is a start of a series of surveys for service providers to understand their issues, their pains, the things that they like about EOSC, which will help us drive the remainder of the project and afterwards as well in the project starting after EOSC hub comes to an end. So to start with an overview of operations related activities within EOSC hub, so operations coordination is very important activity here, which is really overseeing the integration and production delivery of services from both partners within EOSC hub and service providers outside EOSC hub as well. Operations coordination also covers the dealing of orders that come in and also these are orders of services ensuring that these orders are understood and then fulfilled by allocating them to service providers. Also the management of the help desk, the first line support, the first line triage and also the second line expert support. The development of the service management system is another key component behind operations. So this includes the development from scratch of this SMS, which includes service coordination and planning processes. This is service portfolio management, continuous service improvements and customer relations management to name a few of these and also the operational processes, the capacity management, instance and service request management and change management. As I say, these have been set up from scratch and part of the project is actually understanding how we're doing in meeting the requirements of FITSM, which is the standard we use to guide us to create these processes and we've had earlier on in the project we had an internal audit to understand how we are meeting these standard requirements and there will be another audit as well towards the end of the project. We do not expect it to be completely advanced and mature since in many cases this is a work that has only been going for a year, a year and a half, sometimes two years, but we really do want to know how we're doing at the end of the project to be able to pass it on to the follow on project and further mature the service management system. It's worth saying that the service management system is for all services, although it's predominantly for the EOSC core services, many of these aspects like change management, etc., are for the EOSC core and would not be for external services that are on boarded, but there are aspects of the service management system that are as well for the external services, so service portfolio management, clearly the information about the services that we're onboarding is very critical and also aspects of information security management as well. It'll come as no surprise that the onboarding is a very important part of our operations activities as well and also the active rules of participation is incredibly important from a practical point of view. We need to know what the rules are for onboarding, therefore this cannot be abstract. It needs to be very practical, so the onboarding teams can gauge the suitability of services that do request onboarding. On the next slide, you see how the services fit in. Essentially, the role of them is to bring these service producers with the service consumers. It underpins the entire research lifecycle from data collections, data processing, storage, preservation, publication, and reuse of data. It's very, very core to what EOSC is all about. You see the EOSC core services and the EOSC exchange services and externally onboarded services which are added to EOSC exchange and can make use of the core services as well. In the next slide, a bit more information about the service providers themselves and EOSC. They are very core. They've been identified as key stakeholders by the commission in the implementation roadmap for the EOSC along with data producers and the end users as well. Some factors that are needed for the success is clear requirements need to be communicated for onboarding. Another added link at the bottom where those requirements are. The availability of these EOSC core services for integration by the EOSC exchange services is also a very important factor here. The general harmonisation of user experience, this is key to what EOSC is all about. One place to discover services, one place to order services, one place to get help if needed, etc. But also the harmonisation of the maturity as well by having a control of a minimum maturity level of services which are onboarded. Relationship, of course, is very, very important between service providers and the EOSC. It's also critical that the expectations are understood and managed and that there is a healthy degree of engagement with projects developing and running the EOSC. So the role of the service providers forum is really what dealing with the communication needs between the project and the service providers. So communication is important during the initial onboarding. It's important, of course, at events, projects and partners and infrastructures are possible ways of interaction as well as the other ways that are provided by the service providers forum. The mailing list which is a very lightweight communication between the project and service providers, events, webinars, trainings or other possibilities for interaction also the increased awareness of what the actual core services actually are. We see the service providers absolutely critical as well as providing EOSC with an indirect access to the users themselves and also in fostering a community of practice as well the concept which has been used within the EOSC strategic research and innovation agenda. On the right hand side you can see the different types of information flow from the project to the service providers. So this awareness training integration support of the usage of the EOSC core services dissemination of information as listed there and also from the service providers back requirements collection any problems concerns regarding the project EOSC itself also feedback to the project from the service providers and users and of course this is very very key for the general continuous improvements. So that was my general introduction to the session. I would suggest that we move on to the individual talks because I have scheduled a discussion and questions and answers at the end and I hope that this will be as interactive as possible because these are very much dealing with the needs of the service providers. So with that I would like to move on to the first talk which is I think just check. This is the training relevant for the service providers and Giuseppe. Can we make Giuseppe the presenter? Yes he should be able to already. Yep okay. Thanks Rob. So Giuseppe you have the floor. Okay so I hope you can hear me. Yes. Okay thank you. So good morning everyone. Thank you Matthew for inviting me to report the status of the training material available for the service provider. So my name is Giuseppe LaRocca. I'm a cloud sorry I'm a community support team leadership foundation and in EOSCA I'm responsible in the engagement and training activities in the project. So what we should do in WP11 which is the work package related to the training activities to organize and deliver training events to target the needs of our main stakeholders. Basically our target user are here represented by individual research and the CTP communities. Of course we focus particular attention to the community that are involved in the project. I'm referring to the competent center and thematic services but we are also keeping keeping an eye also on external community outside the project. In the past for example we contributed to support training activity of the Codata RGA school. We also provide support for to run the international bioinformatics school and the gear go winter school and many others. Of course also service providers are our main important stakeholders so we would like to offer material and support in order to be federated with the EOSCA ecosystem. So integrate their system, extend for example the AI framework etc with the EOSCA in order to offer the services to a wider audience. So this is in a national basically the goal of these work packages, what we usually do. All the material including the calendar of the training event can be available through our EOSCA training registry which is available in the EOSCA website. So you can navigate the menu and you can find the link to where you can find the information about the upcoming events and also available material. In terms of material, training material that we can offer for service provider you can see a list of topics. The first topic is about the IT security forensics training. So basically we have a security group expert that usually organizes and focuses the event to inform you how to protect your data center from the security attacks. More details probably will be also introduced by Dave in his talk. We are also providing IT federated service management talk based on a Peterson standard for helping the service provider to improve the professional design planning operation and delivery of services to the end user. Basically we run two different types of IT SM service training event. We started the first year with the foundation event and starting from the second year we organized also advanced events. So the plan is also to have an expert courses before the end of the of the project. The last groups of event and material that we can provide we can offer are material about training material about common federated services which represent the basic building blocks that we can offer to be interoperable with the EOSC. Here include material for the authentication, the ABI. Today there will be a dedicated session chaired by Nicholas and Pavel Weber starting from 2.30 p.m. We have information and material to interact with the EOSC cloud infrastructure storage or like storage data and data platform for handling the PID, metadata discovery, publishing and archiving initiative data and also pass orchestrator. So all this material as I mentioned before will be available through the training registry. What is coming next is to update a little bit how this information will be presented to the user and power stakeholders. So this is a new mock-up of the portal that will come live in a couple of days. We still need to refine and do some quality check before to make this officially available. As you can see the information will be organized into different sections, one for the research communities and the one for the service provider. The plan is to increase the user experience and clicking on the service provider there will be additional all the information will be grouped on different categories. So there will be some overview, genetic information about the technical architecture of the EOSC, instruction on how to become a service provider, information about how to interact with the operation tool offered by EOSC, the IT security forensics, FITSM and also a standard documentation, additional documentation. And that's all. So this is basically the information that they would like to give you so far. Thank you for your attention. Thank you, Giuseppe. One question I would have is can you say something about how you actually gauge what the needs are in order to provide the different types of training? So yes, so basically every year the WP-11 I usually collect training needs from the different partners involved in the project. So based on this requirement we usually create a calendar of training events and this is the calendar of event that we usually organize deliver every year. This calendar event is basically a live document so we are able anytime to update the list of events with additional topics if there is a request from a particular community or this case also a service provider. So we are open to any input and suggestion to make this training event more appealing for the different users. Thanks Giuseppe. Do we have any other questions for Giuseppe before we move on either in the chat or by raising one's hand or unmuting if you can? If not then I think we can move on to Gergé talking about the EOSCUB integration handbook for service providers. Can we make Gergé the presenter? Can you see the screen? Yes we can. Yeah okay good morning thank you for the invitation for giving a pitch talk about this new document that the project produced it's an integration handbook for service providers and we came up with this idea because there is a large number of projects and actually a growing number of projects on the ESC landscape which somehow has in their plan to bring in services into EOSC through the hub which was quite a recurring term or sentence in many of the calls that the Horizon 2020 program included and we have the demand from all of these projects to explain them how to bring services into EOSC through the hub and what it actually means. So we came up with the idea to describe all the information you need to know to answer that question and that document is now available. You can see the DOI link through Zenodo on the slide. The slide is available in the session agenda today so you can already access the document itself. Clearly the target audiences of this document are those projects or institutes or consortia that wants to bring in services into EOSC through the hub but also it's relevant to those who already have services in EOSC through the hub but now they want to fully understand other options and possibilities they can do with the ESC Hub services. The document itself covers a number of areas because it aims to be really a compact self-containing document. It starts with an introduction of EOSC and the EOSC Hub project exactly describing what EOSC Hub does on the EOSC landscape and why it's relevant and why someone needs to know about EOSC Hub in order to integrate into the EOSC portal. It talks about the first step of integrating into EOSC which is onboarding in the EOSC portal which is the must-to-do step for providers and then it goes into additional options that are offered as a kind of ala cart menu by EOSC Hub for service providers and these ala cart items cover things like integration with the so-called Federation Services which I will briefly talk about. Services that help providers manage research data alignment and integration with the service management system and also it closes with the future outlook section what to do and what to expect after EOSC Hub is over. So it's quite a comprehensive document and let me just show you the document itself which is available in Zanodo through the link so that's the landing page you see and I'm glad to see that since it was published two days ago we already have 65 downloads and actually today a project which is under EOSC landscape started tweeting about it and the tweet says that this is a must read for our project. So let me show you the document itself it looks like so the introduction talks about EOSC and about the project the main areas that it does delivering services that x the glue the central elements the core services in EOSC delivering additional compute storage data management science discipline specific thematic services providing a service management system and basically simplifying this landscape for users by working with providers on harmonized access policies licenses and so on and then basically the main part of the document is integration with these items so first section is about how to register in the EOSC portal talking about what are the kind of basic criteria for onboarding in the EOSC portal and then was the process itself which is going through the forms that are available on the website the next section is about federating with the or integrating with the federation services where the first one is the federated user authentication each of these federated services are described in the same style basically starting with the what it is type section explaining what a federated user authentication means in the EOS context then talking about why to use it justifying and answering the question why should i care why should i integrate with that particular service in EOSC and then talking about how to integrate with the service where possible and very available we point to more detailed technical documentation which is very often in confluence or in some similar systems and then in case of further questions you can ask assistance so the aai is the first topic the second is availability and reliability monitoring following the same style here under this section we talk about for example how to integrate with the reliability monitoring in a way that's suitable and test your service from the perspective of your users elements so for example we point to the reusable test probes that you can just choose from and quickly activate also show you the page where you can learn about how to develop customized probes in order to deal with and test your service from situations and from perspective that's currently not in a portfolio and then how to activate the monitoring of your service the user accounting is the third federated service which is covered here the focus of the current capabilities of the accounting is on high throughput compute accounting infrastructure service cloud accounting storage and data set accounting and under this section we point to documentation on what should be the parsers that you should activate on your service in order to extract usage information and the accounting information in the format expected by the accounting system how to feed those extracted information into the accounting system and again how to ask for assistance the last one is the habdesk which is relevant for providers who don't have their own habdesk yet and would like to hook into the iosk habdesk in order to to be able to respond to user questions there after its federated services section the next one is a relatively short one talking about the broad set of services that we provide for providers to deal with research data and basically this relatively short section just positions all those services that iosk hab offers along this virtuous research cycle mentioning roughly the services for each stage pointing to the marketplace where you can find entries about each of these services with a short description of what they are good for and suggesting you to ask for assistance from the iosk hab technical support team to identify exactly the that portfolio of services from this landscape that are relevant for your use case the next section is about aligning with the service management system which is basically starting with a generic introduction of what is it service management why is important talking about the standard namely FITSM that is underpinning the iosk it or iosk hab IT service management system detailing the different processes which drive the documentation and guidances and iosk service management system and then showing you some examples of how you actually can implement or should implement IT service management also illustrating how you eventually already partly implement service management when you onboard into the iosk portal and follow the guidelines and the document closes with a future outlook which is basically talking about what do we expect to happen after iosk hab is over talking about the working groups mentioning explicitly the architecture working group that is currently discussing and suggesting iosk on the federating core order minimum viable iosk that will basically decide what will be the core elements of iosk after 2020 other parts of this section talk about the currently open horizon 2020 cause that will influence the operation of this minimum viable iosk that will influence the additional services in iosk and basically we also talk about the projects that are on the iosk landscape and how we see them fitting on to this current iosk portal structure so that's the document that i wanted to point you to and i encourage you to go to the Zanodo link and start using it thank you thank you very much indeed Gergay the question i would have is at what point would you see on the life cycle interacting with iosk a service an external service would actually integrate with these with these core services so what i mean is would you view them first onboarding and then integrating or first integrating then onboarding or a mixture of both either any thoughts on that my feeling and my experience is that it really depends on the service and i tell you why because some of the services kind of do not need additional capabilities to serve new users through iosk they can just simply onboard make themselves present in the iosk portal and with the already available capacity that they have and the features they have they can already serve new communities through the iosk delivery channel in that cases just go for the simplistic onboarding and consider integration maybe later as you see the demand growing for the service and you maybe run out of capacity for example other services may not be in a stage that they can scale up immediately to serve large a number of users in that cases they need to plan ahead already for this expected demand and therefore they may for example want to integrate with a compute cloud or external storage in order to be able to cater for the extra users that will come in through the other channel in those cases they should do the integration before they actually make the service publicly available through the portal so i think it's it's really depends on the current on the actual situation of the service sure uh is there any other question um i see there's one from Doshan so it means that no integration with the services from the iosk core would be required during your onboarding process only registration with the catalogue so in that case i think yes yes if there is a service which is really functioning although it may be the case that you would want to choose to integrate and then onboard so it really depends on the service in question are there any other questions and i can note that anybody can unmute themselves we have quite a manageable number of people not in the hundred so 66 so feel free to unmute mute if you have especially if you have responses over the kind of information that would be perhaps it would be better to um maybe have them raise their hands and then we can unmute them one by one okay thanks so let's move on then to uh Dave Kelsey who will be talking about uh aspects of security and policy okay can i just check that you can hear me very well yeah so i'm experiencing internet instability this morning i just crashed out 10 minutes ago so i think actually well we'll see how we go anyway but if i disappear you know that's what's happening anyway so i'm going to talk about uh security can you see my slides all right yes we can okay um so the first thing to note is that we had a session yesterday in this EOS card virtual week so there was a full security session so i refer you to that and the recording and the slides and everything but for more details so within the EOS card project within work package four there's a task four which is charged with taking care of the information security management process within the service management system and so we're responsible for all operational security aspects of the the EOS club um collaboration so there's a couple of slides here just saying what are the sort of things we do so okay so we did develop an implement and maintain the policies and procedures within the service management system the main scope of those is that they apply to the uh the core services the EOS club services not directly to the boarding services but we'll talk about that um we're charged with providing consistent and coordinated security operations across the various services and infrastructures within the EOS hub environment um we have to base everything on an up-to-date policy framework um the aim is of course that we're not doing everything in security we're relying on the infrastructure security activities and indeed the best practice that we assume that service providers will be um following security best practices and we want to work together with them and to complement what they're doing so we uh we have an instant response task force um to make sure that including those instance that happen within services um which of course is the main place where services can happen um we have specialized expertise in forensics so we can help people if they want to understand what's going on in an instance and we also coordinate large-scale instance across the world. Dave you're breaking up a little bit perhaps it'd be safer if you uh stop sending video I take it other people can hear me is it just Dave we've lost only Dave who we lost yeah it's unfortunate I'm just trying to contact him so I'm also involved to some extent in the security work but unfortunately I haven't had the chance to review Dave's slides so I don't know if there's a backup person who's you're also involved with these slides in that case let me bring them up okay well I'm hoping that he will come back but in the meantime what I would say is that we should move on to the Q&A session and we do actually have another poll in Sligo that perhaps we can pull up which is touching about the information flow and whether people feel it is adequate that is coming to the service providers from EOSCA. Rob if possible then we can move on to this poll. Sure it's showing now I can present that. That's quite a simplistic question what's your opinion of the level of communication to service providers from EOSC is it not enough about right or too much so overwhelmingly it's not enough I'll be very interested to get the opinion of people who are responding as not enough to try to understand the kind of information that you would like to see more of is it documentation is it development information status of what's happening or what so if anybody would be happy to suggest anything then please do. Any takers please raise your hands be unmuted I guess Rob that we'll be able to unmute people and see when they're raising their hands. Certainly let us know as well if you're having trouble finding the functionality. So we have just given everybody the possibility once again to unmute themselves so kind of information you'd like to see if you feel it's insufficient I mean this could be in the form of webinars additional training more information about what the actual core services are and how to use them. Okay we have Irena you have now been unmuted. Yes hi Irena speaking I'm from Cezda Eric representing one of the service providers. I would just like to know to tell you that you know what we see in the community is that not only the service providers are not aware about what EOSC is dying but researchers are really not aware and I'm just wondering through which channels I mean to have a kind of an open discussion to through which channels should we actually fit this information to researchers about what EOSC is because obviously they're not following you know the EOSC online so I'm just wondering what you're doing in relation to whether you're populating information EOSC through I don't know their kind of their communities you know through the research communities what is EOSC doing for them. Thanks it's a good point so I think this depends in many cases on the actual circumstance of the community if they're already using services that are being integrated into the wider EOSC you could say that they needn't actually know that much about using EOSC itself on the virtue that the services that they are using may be additionally integrated behind the scenes with for example AAI to make it easier to interact with other services so they could be indirectly using EOSC. Alternatively if they are not already using services within their community we absolutely should make them aware of the services that they can discover through the EOSC portal because this could be the first port of call for them. Either way I think it really depends on proper marketing of what we're doing what the benefits are of the portal to them and how they can discover services that could be of use to them. I think in the first category that's probably going to take a little bit longer before the benefits are indirectly propagated to them through their community services. I hope that is clear. Can I add another suggestion and I don't know what it's already done but as you said you know that it's really important that this is really communicated well and I was wondering if if EOSC has or is thinking of doing short videos on what EOSC is doing for different communities so we could eventually when we have events for researchers play these kind of videos so yeah instead of doing it ourselves and you know sometimes you don't explain things correctly so I'm wondering if there are any promotion videos being done by EOSC. As far as EOSC hub is concerned I'm not aware of anything maybe somebody from trust IT can say anything about this but this is most certainly something that we could be doing. I know it's something that some other projects are doing and this is something that could be incorporated into the following in EOSCO 3. If anybody from trust IT would like to add to that then please do. Sorry could you just repeat the question I was providing support to David who has just rejoined us now actually I'm making more calls but could you just repeat the question please. So the question really is one of provision of videos as a way of promoting what we're doing and the services. Yes certainly so videos would certainly be interesting it's from what we've seen you know providing communication support to a lot of these projects since the start there has been an increase in the preference for videos both from you know let's say the audience standpoint because you know it allows people to see and understand you know a whole lot of information in just a matter of a few minutes. The difficulty however is you know it depends of course from provider to provider but you know it takes it does take quite a bit of resources to produce even just a few minutes of video so it's and also another thing is that audiences have a certain expectation now on on you know what what the visual in a video should be so you know it's it's not just you know producing a video let's say like a like a set of slides and then just moving from one slide to the next people do expect a certain level of quality now from videos so on one hand yes it is a great tool to communicate but on the other hand it's it's also something that that is that takes quite a bit of resources to to produce especially if you want to do it right. So is that who's given me the point to a number of videos that have already been created thematic level videos this is something that is active is it Giuseppe creating these videos so we can provision for more? Yeah this is something that we need probably to to produce more in the in the next part of the project because this is just to promote what we are doing so far this is just an example of what this community managed to integrate thanks to the support of the OSCAP so as soon as the the other thematic services and also competent center will be much enough probably we can have more about video and make this available for our channel. Sure thanks for that and it's Pavel V but I would like to add a short comment I really like this idea about the videos and I can say that probably it's also important to produce sort of technical videos tutorials and this is currently being done for example AI group today it will be a training where the sort of demos will be shown how to how to describe in different workflows the users can take and I think I will also use this idea to promote it in their federation services so that the product teams could think about it. Thanks Pavel. I think we better move on because in the meantime Dave Kelsey has come back so we can try to see whether presenting will work for him. Are you connected in a way that you could present or would you like us to drive your slides Dave? I think I should be able to do it. Apologies for that I've had eight weeks of stable internet during lockdown and it goes while I'm giving a talk this is great isn't it? So now I'm connected by my mobile phone and I've no idea whether this one seems to work. Should I just carry on where I got to? Yeah if you could do that would be good. So I need to share my screen. We will have time for more questions and I know some more have come in the meantime. Yeah I'll try and rush through this as quickly as possible. So can you see my slides now? Yes. I think this is where I'd got to. So I was talking about building trust with others as being an important part of the activity so we tried to do everything under the auspices of the wise community, the wise information, security for e-infrastructures and the various identity management bodies and with J on 4-3 etc etc and security groups elsewhere as well. There are other security related activities, tools monitoring and AI are not part of the WP4 activity but are clearly important and go on elsewhere and Giuseppe said I might give you more information about the security training. I was somehow assuming he would do that. I should have talked to him but just to say that it's not just forensics training that we do we have a whole range of security training, a portfolio of offensive and defensive and role play and what have you. So I think that's something that would be good if you know particular services feel they need security training they should talk to us and we'd be happy to to see if this can be achieved. And as I said before the scope is those you know for the policies and things within the service management system, the scope is definitely the core services, the hub portfolio but we encourage others, other on-boarding services to adopt the policies and work to their requirements because they are a good specification of best practice and if they find they can't if they're if they're not able to adopt those policies it would be good to have the feedback on why they cannot because maybe we can change them to meet those needs. So where are we now? So yeah so I said that we do everything under-wise this gives us the ability of building policies which are not only acceptable within the EOSC ecosystem but also more broadly and that means that they're more likely to be applicable to the ecosystem within EOSC as well because they lots of lots of infrastructures participate in the wording of the policies they're more likely to be acceptable. So we use this security for collaborating infrastructures trust framework version two of which was published in 2017. So now I'm going to talk about what the policies are for security. There are three within the service management system there's the top level policy which I'll say no more about today that's mainly just the the attitude of the management of the infrastructures towards policy and stuff. The two that actually apply to end user participants and to services are first of all the AUP the Acceptable Use Policy and Conditions of Use and then the Service Operations Security Policy and I'll talk a bit about each of those. So a lot of this is building on the work that came out of the the Horizon 2020 ARC projects and their policy development kit this is the authentication and authorization for research collaborations and they did a very nice job of actually producing standard template policies and so we and Wiser's then taken that on board so the the baseline AUP is what we actually adopt within EOSC hub and there's a good guidance document there that guidelines version I044 is you know if you want to read all about the baseline AUP look to that but the idea of using a common baseline AUP means that it's much simpler for the end user they only see one AUP it's it's simpler for services and infrastructures they don't have to completely develop a new AUP from scratch and if to the extent that new services are offering services to new communities the fact that everybody's abiding by the same AUP makes it easier for onboarding of users into services as well as so it's easier from the service point of view as well as the user point of and gradually more and more infrastructures we see are adopting this and so for those services it's sort of mandatory for the core hub services but for those who are external and looking to adopt an AUP we encourage you to consider using this this template and you can then add your own privacy notice and other service conditions if i've got time i'll just quickly go through so here is the the wise baseline AUP and you'll see at the bottom there it says so when using this the curly brackets in blue indicate text which should be replaced as appropriate by whoever is adopting the AUP and those in coloured in green are optional and can be added or deleted as as applicable so for example here you see in the the introductory paragraph it says as granted by and there's the ability then to put in a name of whoever the service is or the whoever's offering it and describing the purpose as well and then the green bit is that you can actually add additional rules or conditions or references to additional rules or conditions that you need to do the idea is that you don't actually change the wording of the one to ten bullet points for of the baseline AUP but you add things around it so clearly what you add shouldn't conflict with what's already there so again that we're kind of short of time i guess i don't know how much of this we could come back to it if people ask questions about it but here are the the ten bullet points of the baseline AUP and they address those aspects which we thrashed out for about a year or so within the ARC project and why is as to what what needed to be in and what shouldn't be in and unless everybody would agree we didn't put it in right so so these are the things which everybody seems to agree are good to have in your AUP and at the end you're then allowed to insert additional number clauses if you've got things that you wish to add you then specify the admin contact security contacts and a link to your privacy statements and any applicable service level agreements if you have those as well so then moving on to the service operations again this is based on the the version of the template coming out of the the ARC policy development kit the same thing the scope it applies to all the core hub services but we encourage others to consider adhering to it and providing feedback on any problems they find with them in case we need to change things statements are all reasonable according to accepted best practice they meet the requirements of the why is SCI trust framework and include collaboration with the infrastructure and the security teams I mean obviously the place where we're likely to get security instances in the services right so so if you have a security instance we want to hear about it the security team wants to work with you if you're happy to handle it all that's fine but we'd like to collaborate with you and again this is based on some simple simple points there are eight points here that are in this service operation security policy but it says things like you will support security instance response and you'll collaborate with the security team you're held responsible for safe and secure operation you'll follow best practices including patching and updating etc there's a statement about GDPR privacy notice which of course all services by law must have and then about access and who can can control your access or how the infrastructure offering you a hosting point for the your service can control your access so that's that's all in place in terms of future work for the rest of the the project year we will do everything still within the why is SCI working group to build consensus with the broader range of infrastructures we are working on an updated policy template EGI has a policy template as a policy for community responsibilities and we need to try and see what is applicable in the sort of EOSC environment and the broader environment if anything I mean we might decide we just don't need those policies but we're looking into that we're going to update the top level security policy because there are some additions needed and we've got again work on the data protection for GDPR compliance and updating the existing policy templates on there and I note that if the giant code of conduct version two becomes approved and adopted then we would have to to change our policy again because we would just tie people to that so I think Matthew that's all I wanted to say I hope that's included all you wanted me to include thank you Dave that was very good very useful question is did it cover the the needs of the people the service providers and is it is it clear are there any questions regarding these this work on the policies sometimes think that these policies are quite a tricky area and until somebody actually sees examples of what they actually cover it can be a bit intractable to to understand what is actually needed especially from somebody who is interested in onboarding and unfortunately the real audience that I think who needs to know this that people are already struggling with onboarding rather than the people who are actually part of the project and probably on this call nevertheless if there are any questions for Dave and indeed if anybody wants to discuss offline afterwards we'd like to hear from you if there are things you'd like help with or if there are things you want us to do or things please do feedback okay thanks again I'll move back to me as the presenter then for the last section just share my screen once again okay I take it you can see my screen yes thank you and I'd like to finish off by saying something about the service provider survey that we distributed to onboarded service providers during May and this was a short survey where we allowed anonymous feedback to be given we didn't also ask for the onboarding date as well which in retrospect I think we we should have done one of the things that we wanted to get feedback on was the actual onboarding process itself and onboarding is something that has developed from absolutely nothing to quite a developed process there's clearly more things that we can improve on it but the experience that we found very much depended on when the service was onboarded and there were a number of questions here what's your overall experience in participating with your eOSC what do you hope to get out of participation either now or in the future as it further develops what's your experience of the onboarding process itself from one to five one very good sorry one very poor to five very good and what's your most urgent area for improvement of eOSC and any other information you'd care to provide mixture of free text and scores so we had nine responses three anonymous not a huge number nevertheless some very interesting and useful feedback that we gained from this exercise and we will want to do another one before the end of the project so as far as the scores are concerned 2.6 out of 5 for overall experience in participating with the eOSC slightly better from the onboarding process itself at 3.1 and as far as the actual analysis of the free text information is concerned for eOSC the the main problem we understood was a real mismatch between what the expectations are and what can actually be provided at present a number of the respondents alluded to the fact that when they onboarded to eOSC the expected a market increase in the number of users which they felt weren't really forthcoming at present and we really took this to mean that we should try harder inactively marketing doing marketing within the project and in eOSC in general this is something that we would like to raise within the project eOSC hub eOSC in harms and also within follow-up projects in free eOSC 03 with the working groups having with the executive board as well. Another aspect was the expectation of a way of programmatically order resources at the moment this cannot be done resources can be ordered but only via manual intervention and this is really an aspect of requirements that can be fed into the various development roadmaps for example within the portal and the marketplace. Another interesting feedback was service providers who are expecting funding through virtual access to be made available to them now this is not possible at the moment although there are discussions within the commission about the the shape of virtual access funding in the future and this may well be made possible we don't know yet essentially so apart from requirements being fed into the development roadmaps the other thing that we took away with this feedback is that there is really a need for clearer documentation during the onboarding process of what onboarding actually means what does it actually mean joining eOSC and also what it doesn't mean as well on the second aspect that of the actual onboarding process itself some points were raised that it is quite a lengthy process it's related to requirements that are not being met on the provider's side so what i mean here is that in order to onboard there are a number of things that need to be met a number of criteria that need to be met and sometimes this was not made very clearly to the onboarded service providers again that comes down to clearer documentation what are the maturity related requirements that are needed to be in place for example we could be providing a sample AUP which is drawing to what Dave was talking about earlier on because having an AUP in place is a requirement but if it's unknown what actually that AUP looks like or what it could look like it could be very minimal then that is a real barrier so by making a sample AUP available to them could really help in such instances poor communication was highlighted as another issue raised with onboarding to do with the early onboarding of services and this i think was related to earlier on in the process when we hadn't actually implemented the proper rotors for people to actually take on the requests and then the full-art requests as well that is improving but i think that there is always scope for improved communication another point was the lack of being able to update service description templates post onboarding so initially information is given to us through the onboarding process it's uploaded for people to discover information about those services at present there is no easy way of updating this information again this is really a question of missing functionality that is really needed understanding what those requirements are is very important for us and then we can take those requirements and ensure that they are fed into the various development roadmaps both within this project and the follow-on projects so i'm kind of hopeful that this can ring true with some of the people in this call and i'm very happy to open up points people feel that should be and also some other questions i have here are relating to are there other expectations that you have what eOSC can potentially deliver now clearly we all appreciate that it is a very complicated thing this new eOSC and it could potentially deliver a lot of things in the future and fewer things in the present which are nevertheless things that we can deliver what about in communication what ways can we improve that videos were mentioned earlier on this is something that we could certainly continue to do also engagement with the service providers is the service provider forum in the mailing list and in the events and webinars that have been mentioned adequate or should we be looking at other things the other question i have is the regarding the minimum viable eOSC services which have been discussed at length over the last few days i don't want to bring all of this up but from the point of view of service providers do these services that exist in the proposed minimum viable eOSC meet your needs or should there be other things that aren't there that aren't being considered at present so we're now into the open last 15 minutes of of the session and i'll be very happy indeed to open this up to anybody who would like to raise any questions or provide any thoughts about this so service providers the floor is yours now anyone is free i think to unmute their microphones so any thoughts silence does that mean everybody is happy one thing i could bring up in the meantime is a link to the onboarding requirements which i can share has been a few questions about them at present it is very active but this is the criteria that we are using at present during onboarding in the chat and there's been some discussion about what actually constitutes a service is a service in infrastructure in infrastructure as a service for example HTC and can it be onboarded at present the answer to that is no so we aren't currently onboarding through this onboarding mechanism infrastructures but discrete services and we use the definition according to fit a second at the bottom of this screen now rob if we've got any further questions through on Sligo checking at the moment so we have one from Dushan but i'm not sure if this is just i'm going to share my screen as well question from Dushan i think i um responded partially to in the chat and the question about aspects of service management and is there a minimum level of requirements to be completed in order to register a service in the OSC catalog um well the answer to that is no um we although we do expect services to have attained at least an advanced trl7 if not trl8 so they need to be essentially production quality and that kind of implies there does need to be a mature service management system in place on the side of the service provider other aspects for example aspects of information security and AUPs also imply that there need to be a mature service management system but certainly having for example knowledge of fit sm itsm will will definitely help you does that answer your question Dushan the question from Pavel can the community service be integrated at a technical level without being on boarded that's an interesting one Pavel so i guess potentially the answer to that is yes for example they could be making use of EOSCUB AI services so that could happen already without necessarily being on boarded as a service in its own right yeah i'm getting this question permanently from our colleagues and there's a use case to integrate the storage and they want first to prepare the prototype integration path but and later on go via onboarding process and that was the question thank you so if it's positive then i will also can propagate it further yeah maybe go go this is something potentially that could be touched upon in your integration handbook the actual workflow of and the fact that there doesn't necessarily need to be a coupling of onboarding plus integration sure sure but integration with a technical level without being on boarded is basically means that i want to use a service which is in EOSCUB already so you just kind of order that service to be used by you Gagli it's not about only ordering it's really about integration quite a significant integration with for example AI system so it's not that the people want to order it and use it separately but really integrate their systems with AI or monitoring but without putting the service on the marketplace for example and without publishing it and promoting but first go with the technical integration that that is the the use case and i understand that but the ordering i don't like that word ordering it's access request right you want to access that service because you want to do something with it you want to use it as a back end of your system you want to integrate with the monitoring you want to integrate with accounting exit yeah that's an access request so to deal with that you need to request access to that by sending an order that's what i'm saying it's not an access it's it's more integration so it's not that i need to to enter or join i mean yeah it's it's some sort of join but it requires some technical integration and enabling of this integration okay do we have any other questions we've got a few more minutes to go before the end of the session i'm especially interested on the communication side if people think that we should be providing information or updates and we are not so if you do have any thoughts on that then please do let me know either now or privately if there are no more questions then i think we could probably finish for lunch thank you very much indeed and apologies for the technical problems we had earlier thanks for joining thank you thank you bye thank you thank you bye bye