| 61 | * What is the liability of GENI and hosting organizations? |
| 62 | * What happens if an experimenter's account is hacked and misused? |
| 63 | |
| 64 | * What steps should a prudent experimenter take before using operational data? |
| 65 | * Classes of traffic not to analyze without opt-in |
| 66 | * Classes of traffic not to analyze with opt-in |
| 67 | * Does an experiment setup on multiple institutes require multiple IRB approval? |
| 68 | |
| 69 | * What safeguards should be provided to prevent disturbing network operations? |
| 70 | |
| 71 | Following solutions are proposed; |
| 72 | * Suggestions of best practices/ checklist should be prepared. |
| 73 | * Case studies should be done |
| 74 | |
| 75 | Dr Brooks presented the procedure his research group follow while doing network security experiments at Clemson University; |
| 76 | * Consider negative effects |
| 77 | * Discuss with local IT and testbed administrators |
| 78 | * Consider data storage/archival/privacy issues |
| 79 | * Prepare IRB information/application |
| 80 | * Verify need for IRB, (if necessary) get approval |
| 81 | * Run small test runs to verify lack of impact |
| 82 | * Do research |