A testbed collects and processes a subset of information required to define and operate on your experiments. Some of it may be personal data (any information related to an identified or identifiable data subject — a.k.a., natural person) or potentially identifiable data.
The following (and/or this page, requiring your experimenter’s certificate) explains which data is collected, how (and what for) it is processed, whether it is shared and with whom, how it is secured and how you can exert your rights, e.g. to access, modify or delete it.
OpenFlow wired testbed
Collection and processing
Which kind of data are acquired, and why are these needed? How are these processed?
Potentially identifiable data
The PI (Principal Investigator) provides this information to the OFAM when requesting an OpenFlow sliver. The experimenter decides whether to provide a personal or anonymous identifier, as long as the identifier i) allows contact the experimenter in case of of troubleshooting of the flows, ii) lives until the expiration of the sliver.
- Aim: act as metadata, to link the OpenFlow slice and its flows to a particular individual.
- Lifetime: used during the OpenFlow slice lifetime, and therefore removed upon deletion or expiration.
User ID and URN
The user’s identifier is obtained a) from the user’s URN that is generated by the Fed4FIRE+ authority, upon registration; or b) directly provided by the experimenter.
- Aim: (i) record the URN of the experimenter to persist its consent on further data processing for the slice creation and to expose this to the specific user; and (ii) grant user(s) with access to the VM(s) in a slice through SSH.
- Lifetime: for the purpose of (i) the URN is kept forever, yet invalidated after 6 months to request update on the during the VM lifetime; whereas for the purpose of (ii) the ID is removed upon explicit termination or upon expiration of the slice.
Public SSH key
The user’s public SSH key is obtained a) from the certificate that is generated by the Fed4FIRE+ authority, upon registration; or b) directly provided by the experimenter, when updating the SSH keys in a VM.
- Aim: give access to the user (defined with the user ID above) to the VM(s) requested by the experimenter.
- Lifetime: used during the VM lifetime, and therefore removed upon explicit termination or upon its expiration.
Access and sharing
With whom is the data shared with?
No data from experimenters or content from experiments is shared with a third party.
The experimenter’s data and the one used and/or generated by their experimenters is solely available to the experimenter bearing a certificate (e-mail) or to the experimenters in the same slice (user ID and public SSH key).
Which means are used to keep your data private?
The data described above is contained in specific databases, hosted within the systems managing the experiments. All databases are secured with appropriate credentials, whereas the systems are compartmentalised to separate specific functionality and to steer whitelisted network connections only where appropriate.
With respect to the access to such data, only the designated operator is granted credentials to access the systems and databases.
Exerting your rights
How to learn about your saved data, and how to operate on it?
You are entitled to exert full rights on your data; i.e., through actions like the ones below:
- Access: knowing which data is stored, its source and usage
- Deletion: partial or total opposition to use your data
- Limitation: requesting usage of the data for the bare minimum (already the case)
- Modification: updating it or changing in other way
- Portability: being able to retrieve your data in electronic format
To do so, send an e-mail to
rgpd [at] i2cat [dot] net requesting the specific action and on which data that should be applied. Please proceed with one of the following options:
- Use the same e-mail address you used in the i2CAT OFELIA testbed (for the OpenFlow slice)
- Provide proof that you own a specific user ID or public key in the Fed4FIRE+ authority