Download: doc | pdf

DHS PREDICT Memorandum of Agreement between PREDICT Coordinating

Center and Data Host Form

Cover Sheet

1. Department Name: Department of Homeland Security

2. Component/Agency Name: Science and Technology Directorate

3. OMB Control Number: 1640-0012

4. Expiration Date: 08/31/2010

5. Agency Form Number: DHS Form 10037 (12/07)

6. Name of Form: Memorandum of Agreement (MoA) between PREDICT

Coordinating Center (PCC) and Data Host

7. Purpose of Form: The MoA is required for all applications to be a data host.

The MoA defines the roles of the Data Host and the PCC

8. How to submit: Sign and fax to the PREDICT Coordinating Center, RTI

International, Attn: Renee Karlsen, 866.835.0255 (toll free).

Cover Letter

Memorandum of Agreement

Thank you for your interest in joining the PREDICT community. In order for your application to be considered you must execute the attached Memorandum of Agreement. The memo must be received before your application can be considered.

Directions:

1. Print out the MOA.

2. Fill in appropriate names.

3. Complete all Attachments as they pertain to your application

4. Complete the Contact Information form below with the requested information for the person who is signing this document.

5. Sign and fax to the PREDICT Coordinating Center, RTI International, Attn: Renee Karlsen, at 866.835.0255 (toll free.). You may also create a PDF of the signed document and email to the PCC ([email protected]). An executed copy will be returned to you for your files.
   
   

Questions regarding your application may be directed to the PCC via email: [email protected]

Contact Information

Name
Title
Organization
Address
City		State		Zip
Email
Phone
Fax

Memorandum of Agreement

PCC and Data Host

This Memorandum of Agreement (Agreement or MOA) is between __________________________ (Data Host) and the RTI International PREDICT Coordinating Center (PCC), (together the Parties). PCC supports the Protected Repository for the Defense of Infrastructure against Cyber Threats (PREDICT) project sponsored by the United States Department of Homeland Security (DHS). The PCC facilitates the data flow between PREDICT participants, processes applications from Researchers/Users for access to Data and publication of research results, develops metadata catalogs, and develops protocols (which are subject to DHS approval) to protect the confidentiality and integrity of data and direct its proper usage.

It is anticipated that the following eight types of organizations will participate (Participants) in project PREDICT:

Department of Homeland Security (DHS)	Data Providers	Researchers/Users	Application Review Board (ARB)
PCC	Data Hosts	Sponsoring Institutions	Publication Review Board (PRB)

The definitions of terms used herein and Participants’ roles are as follows:

Data is the information described in Attachment A that is owned or controlled by the Data Provider and made available to the PREDICT project via a Data Host.

Metadata, as described in Attachment A, is information about the Data (but not the Data itself) which Data Provider and/or Data Host agree to disclose to the PCC and to permit the PCC to compile in a catalog with other Metadata which is accessible by Data Providers and Data Hosts via the PREDICT portal, and which PCC may further disclose to approved Researchers/Users in a manner consistent with the terms of this Agreement. The PCC agrees to receive the Metadata, enter the Metadata in the PREDICT data catalog, and facilitate the release of the Metadata to Researchers/Users in accordance with the terms of this Agreement.

DHS will provide funding to the PCC and the Data Hosts for the PREDICT project via separate agreements entered into individually between DHS and the PCC, and DHS and Data Hosts.

PCC will receive and catalog Metadata about the Data and make the Metadata catalog available to approved Researchers/Users, subject to the terms and conditions in Attachment B. PCC does not store, maintain, or have access to any of the Data.

Data Provider shall mean an entity that provides Data that it owns or has a right to control and disclose to the PREDICT project via a Data Host, subject to the terms and conditions of this Agreement. A Data Provider may select a Data Host to receive and host the Data or it may host its own Data, in which case it shall also be deemed a Data Host and enter into a “Memorandum of Agreement” between PCC and Data Host. If Data Provider selects a third party Data Host to store its Data, Data Provider will provide Data to a Data Host who will host the Data for the benefit of the PREDICT project, subject to terms and conditions in Attachment B. A Data Provider must enter into a Data Provider “Memorandum of Agreement” with PCC.

Data Host shall mean an entity that provides computing infrastructure to store Data received from one or more Data Providers, and provides Researchers/Users access to Data when the Researcher/User’s application requesting Data has been approved by the Application Review Board. Data Host may also host its own Data. If Data Host hosts its own Data, it shall also enter into a Data Provider “Memorandum of Agreement” with PCC.

Researcher/User shall mean a person or entity that is a member of the cyber defense research and development community and who completes an official PCC application requesting Data from PREDICT for use in research and is approved by the ARB for access to Data. A Researcher/User which is an entity shall complete the application for itself, identifying an individual employed by the entity to serve as the Data Custodian. An individual Researcher/User must be affiliated with and obtain a letter of support from a Sponsoring Institution as part of his/her PCC application for Data.

Data Custodian shall mean the person with primary responsibility for the receipt, security, oversight, use, and return of Data on behalf of the Researcher/User. An approved individual Researcher/User shall be deemed the Data Custodian for his/her application.

Sponsoring Institutions shall mean an organization that is affiliated with or otherwise sponsors a Researcher/User and validates his or her research and need for Data, and which agrees to notify PCC in the event of a change in the sponsored Researcher/User’s affiliation with the Sponsoring Institution.

Application Review Board (“ARB”) shall mean an entity that reviews and approves or rejects applications for requested Data or Metadata and forwards approved applications to Data Hosts for delivery of Data, and to PCC to enable access to Metadata. The composition of the ARB is described below.

Publication Review Board (“PRB”) shall mean an entity that reviews and comments upon applications from Researchers/Users or Sponsoring Institutions to publish or otherwise release any study results or other information relating to Data or Metadata received through PCC. The PRB is empowered to reject applications to publish should the proposed publication violate the terms associated with the Data, including attribution of the source of the Data, or applicable laws and regulations governing release of Data, and the proposed author or publisher refuses to amend the publication to comply with the terms, laws, or regulations. The composition of the PRB is described below.

Data Host Obligations

1. Data Host shall accept Data from Data Provider(s) for release to approved Researchers/Users subject to the terms and conditions for access and use as set forth in Attachment B.

2. Data Host will provide terms and conditions for receipt, handling, storage, and distribution of the Data as agreed with particular Data Providers, as Data Host deems necessary to accomplish efficient and secure access to Data as required under the PREDICT project. These terms and conditions shall be set forth in Attachment B.

3. Data Host will provide the PCC with Metadata on the Data it agrees to make available. See Attachment A for a description of the information to be provided. The Metadata will be catalogued and available to persons with an approved PREDICT account with the PCC, including Data Providers, Data Hosts, and approved Researchers/Users. Data Host will NOT provide access to any Data to any Researchers/Users other than those approved by the PCC, and then only under the terms for access as set forth in Attachment B. The PCC shall have no liability to Data Host for the release of any Data to Researchers/Users or other third parties described in this provision.

4. Data Host acknowledges that the PCC may compile the Metadata it receives from Data Provider with other Metadata PCC receives from other Data Providers or Data Hosts into an evolving Metadata file, which may then be released to other approved Researchers/Users. Data access approval given to a Researcher/User in any application will permit access to the requested Data and to PREDICT Metadata by that Researcher/User, regardless of approval or denial of access to that Researcher/User in any other application.

5. Data Host acknowledges that this is a research effort and that the Data it provides will be shared and used for research purposes. Data Host is responsible for ensuring that any Data it releases complies with this Agreement and any agreements it may have with third parties, and is consistent with Data Host’s own privacy, security, or other policies and procedures applicable to the Data. The terms and conditions of this Article are for the primary benefit of PCC and Data Host; however, a violation by Data Host of these obligations may create harm to Researcher/Users of the Data to which access has been granted. Those Parties are therefore deemed, to the extent permitted by law, third party beneficiaries under this Agreement for only those purposes and Data Host hereby acknowledges the third party beneficiary rights, to the extent permitted by law, of such Researcher/Users for whom access to Data provided by Data Host is granted under the PREDICT project.

6. The Data Host will have a representative on both the Application Review Board (ARB) and the Publication Review Board (PRB). Each Board will consist of at least five representatives, with representation as follows:

ARB: One representative from each of the (1) PCC; (2) DHS; (3) Data Provider; (4) Data Host; and (5) Ad-hoc representative from the Cyber-defense research community, chosen by DHS and the PCC. The Data Provider representative shall have absolute veto power over any application for access to its Data.

PRB: One representative from each of the (1) PCC; (2) DHS; (3) Data Provider; (4) Data Host; and (5) Ad-hoc representative from the Cyber-defense research community, chosen by DHS and the PCC.

7. To the extent permitted by law, Data Host shall indemnify, defend, and hold harmless RTI and PCC and its or their employees, officers, directors, or agents (“Indemnified Parties”) from any loss, damage, liability, claims, costs, demands, suits, or judgments, including reasonable attorney’s fees and the assumption of the defense and its costs, as a result of any damage or injury (including death) to Indemnified Parties, or injury to the property of Indemnified Parties or for any injury (including death) to third persons or their property which is directly or indirectly caused by the negligence or willful misconduct of Data Host, its employees, officers, or directors, in the course of performance under this Agreement. An Indemnified Party will promptly notify Data Host of any claim against it or a third party of which it become aware and that is covered by this provision and Data Host shall, to the extent permitted by law, authorize representatives to settle or defend any such claim or suit and to represent Indemnified Parties in such litigation; provided, an Indemnified Party may, in its sole discretion and at its expense, provide counsel to assist counsel for Data Host. Data Host will promptly notify an Indemnified Party of any claim against it or a third party of which it becomes aware pertaining to Data or this Agreement and Data Host shall, to the extent permitted by law, authorize representatives to settle or defend any such claim or suit and to represent an Indemnified Party in such litigation. An Indemnified Party may, in its sole discretion and at its expense, provide counsel to assist counsel for Data Host, or represent said Indemnified Party. No settlement shall be made on behalf of an Indemnified Party which admits the fault of the Indemnified Party, without that Party’s written consent, which shall not be unreasonably withheld.

8. Data Host will host the Data itself and not subcontract with a third party to host the Data. Data Host consents to the release of Data usage and request statistics regarding its Data or Metadata as described in Attachment B.

9. Data Host shall hold Indemnified Parties harmless from any misuse of Data or Metadata by a party other than Indemnified Parties and shall not look to the Indemnified Parties as an agent to protect Data Host from misuses of its Data or of PREDICT Metadata by Researchers/Users or Sponsoring Institutions, and the Indemnified Parties do not agree to serve in that capacity.

9. Data Host shall comply with all applicable federal, state, and local laws in the receipt of Data from Data Providers and the provision of Data and Metadata to the PCC.

PCC Obligations

1. An MOA between the PCC and Data Provider and between PCC and Data Host will be entered into before the Data Provider provides Metadata to the PCC or transfers Data to the Data Host.

2. PCC will notify Data Hosts of

   1. Applications received for access to and use of Data they are hosting.

   2. Third-party disclosure (publication) review requests from Researchers/Users pertaining to the hosted Data.

   3. FOIA or other legal requests PCC receives for access to Data or other records pertaining to the hosted Data.

3. The PCC will safeguard the Metadata catalog, taking all reasonably necessary steps to ensure that (1) the Metadata it holds is adequately protected from unauthorized access; and (2) the Metadata it releases from its catalog is protected in transmission from unauthorized access.

3. PCC will provide Data and Metadata request statistics on a monthly basis to DHS, Data Providers, and Data Hosts.

Joint Obligations – Data Host and PCC

1. All transfers of Data, under the terms of this Agreement shall at all times be subject to the export control and other applicable laws and regulations of the United States. Each party agrees that it shall not make any disposition, by way of trans‑shipment, re‑export, diversion or otherwise, except as said laws and regulation may expressly permit, of information or data furnished under this Agreement. Each Party shall comply in all respects with U.S. statutes, regulations, and administrative requirements regarding its relationships and sharing of Data with non-U.S. citizens or non-U.S. governmental and quasi-governmental entities, including but not limited to, the export control regulations of the International Traffic in Arms Regulations (“ITAR”) and the Export Administration Act (“EAA”); the anti-boycott and embargo regulations and guidelines issued under the EAA; and the regulations of the U.S. Department of the Treasury, Office of Foreign Assets Control.

2. The relationship of PCC to Data Host under this Agreement is that of independent contractors. Personnel retained or assigned by one Party to perform services or obligations covered by this Agreement will at all times be considered agents or employees of the Party with whom such personnel have a contractual relationship, and not agents or employees of the other Party.

2. Either Party may terminate this Agreement at any time, in whole or in part, by providing written notice of termination to the other. Except as otherwise mutually agreed, termination shall be effective thirty (30) days from receipt of the notice. Any such termination shall not affect the obligations of either Party with respect to Data or Metadata previously shared by one Party with the other, and such obligations shall continue through the return or destruction of all such Data or Metadata.

2. In the event of action or inaction by one Party constituting a failure to comply (default) with the provisions of this Agreement, the non-defaulting Party may, by written notice to the defaulting Party, demand that the defaulting Party cure such default within ten (10) business days thereof. Should the defaulting Party fail to cure the default, the non-defaulting Party may terminate this Agreement and the Data shall be returned to the Party from whom it originated; provided that in the event of a default by Data Host, PCC may retain Metadata previously supplied by Data Host for the benefit of project PREDICT. Termination under this provision shall not effect the obligations of either Party with respect to Data previously shared by one Party with the other, and such obligations shall continue through the return or destruction of all such Data.

2. Failure of either Party to enforce any of its rights hereunder shall not constitute a waiver of such rights. If any provision herein is, becomes, or is held invalid, illegal, or unenforceable, such provision shall be deemed modified only to the extent necessary to conform to applicable laws so as to be valid and enforceable. If it cannot be so amended without materially altering the intent of the Parties as indicated herein, it shall be stricken and the remainder of this Agreement shall remain in full force and effect and be enforced and construed as if such provision had not been included.

2. Neither this Agreement nor any interest herein may be assigned, in whole or in part, by either Party without the prior written consent of the other Party; provided, however, that without securing such prior consent, either Party shall have the right to assign this Agreement to any successor of such Party by way of merger or consolidation or the acquisition of substantially all of the assets of such Party relating to the subject matter of this Agreement; provided further, that such successor shall expressly assume all of the obligations of such Party under this Agreement.

2. This Agreement shall remain in force for a period of one year commencing with the date of latest signature below. Any Amendments to this Agreement, to be effective, shall be in writing and signed by an authorized Representative of each Party.

2. Each party represents and warrants that the person signing this Agreement on its behalf has full authority to do so.

RESEARCH TRIANGLE INSTITUTE PREDICT Coordinating Center		DATA HOST
Signature		Signature
Name		Name
Title		Title
Date		Date

Attachment A

Description of Data

Name	Description
<Data File Name or Identifier>	<Description of Data, including relevant identifiers such as source, owner, identifiers including PHI, etc,>

Description of Metadata – To Be Provided by Data Provider

Name	Description
Measurement ID	Text name. Required to be unique in combination with a provider name. Researchers can use these tags for reference purposes and acknowledgment.
Short Description	Brief description of the measurement.
Long Description	Lengthy description of the measurement
Keywords	One or more selections from list. These will eventually hold tokens like TCP, Header, Netflow, Snort, etc.
Measurement Size	Size in bytes of the dataset.
Formats	Format(s) available for the dataset. One or more specifications from a list. These are tokens like text, CSV, Syslog, TCPheader, libpcap, etc.
Start Time	Date & time the data collection was begun.
End Time	Date & time the data collection ceased.
Ongoing Measurement	Boolean flag. Set (true) if the data collection is ongoing.
MD5 Hash	MD5 hash value as a checksum of the data set. Not shown in data catalog.
Anonymization Types	Indicates how the measurement is anonymized. One or more anonymization type specifications from a list.
Use Restrictions	Text describing provider use restrictions. Can be used in conjunction with Use Restriction Type selections.
Use Restriction Types	One or more use restriction types from a list, such as NO_EXPORT, PUBLIC, PUBLICATION_RESTRICTIONS, etc.
Approval Difficulty	An integer from 1 (one) to 5, where 5 represents the highest degree of difficulty.
Metadata Version Time	Date & time this version of the measurement metadata was defined by the Data Provider; not the date/time it was supplied or recorded.
Availability Start Time	Date & time the dataset is first available.
Availability End Time	Date & time the dataset is no longer available (when it’s scheduled to be purged).
Data Host	Identification of a single Data Host for the dataset; probably the host name.

Description of Metadata – To Be Provided by Data Host

Name	Description
Private Access Instructions	Sensitive instructions for access at the data host. Not shown in data catalog.
Public Access Instructions	Public instructions for access at the data host.
Access Types	One or more access type specifications from a list, such as items like HDD, Tape only, downloadable, etc.

Attachment B

Data Provider Terms and Conditions for Access to and Use of Data

Data Host Terms and Conditions for Access to and Use of Data

File Type	application/msword
Author	Dave Obringer
Last Modified By	jeffery.harris
File Modified	2010-04-23
File Created	2010-03-22