Acceptable Use Policy

CloudLab is a testbed designed to allow researchers to experiment with cloud architectures and the new applications that they enable. All uses of CloudLab should be consistent with this high-level goal.

Overall Rules

CloudLab should not be used for any illegal or commercial activities. Use for research and educational purposes is allowed. A simple litmus test for whether a particular use counts as "research" is whether the user intends to disseminate findings through scholarly venues such as journals or academic conferences. "Educational" use includes class projects and the development of courseware.

Appropriate Research

The litmus test to apply when considering whether an experiment is appropriate for CloudLab is to ask the following question:

  • Is this an experiment that will lead to new capabilities in future clouds, or to a deeper understanding of the fundamentals of cloud computing?

If so, then it should also pass one of the following tests:

  • Is this an experiment that cannot be run on a traditional cloud because it requires low-layer access to the infrastructure (such as virtualization, storage, or network) that would not be available in a commercial cloud?
  • Is this experiment that cannot be run on a traditional cloud because it requires a level of performance isolation or transparency that would not be available in a traditional cloud?
  • Is this an experiment that cannot be run on a traditional cloud because it requires specialized hardware or software capabilities that CloudLab has that are not found in other clouds?

Appropriate Applications

An application is software that runs "in" the cloud, rather than "running" the cloud itself. The litmus test to apply when considering whether an application is appropriate for CloudLab is to ask the following question:

  • Is this an application that leverages or is made possible by CloudLab capabilities (or capabilities of a specific cloud implemented on CloudLab) not generally available elsewhere?

Long-running Experiments and End Users

CloudLab is designed for two classes of experiments: those that run for a short time (hours or days) to test specific hypotheses, and those that run continuously (months) and themselves provide service to a set of end users. Researchers wishing to run continuous experiments must coordinate with the CloudLab staff, and those experiments must themselves have research value in addition to the value they offer to end users.

As a consequence, CloudLab could indirectly support users that have not officially registered with CloudLab. It is your responsibility (as a service provider) to ensure that your users do not cause your service to violate the terms of this AUP. In particular, service providers should ensure that their users are not able to hijack the service and use it to attack or spam other CloudLab users or the Internet at large, and must ensure that their users are not using CloudLab for commercial purposes or other non-allowed uses. Service providers who wish to offer services to other users must coordinate their plans for controlling access with the CloudLab staff.

Node Usage Rules

  • Do not hold CloudLab resources when they are not actively involved in a running experiment. This prohibition includes holding on to a large set of resources when only a small set are actively part of an experiment.
  • Use existing security mechanisms to prevent unauthorized access to resources allocated to you. For example, all shell access to CloudLab nodes must be via SSH.
  • Do not circumvent accounting and auditing mechanisms. This means you must associate your identity with the CloudLab slice (account) in which your experiments run, and you must not do anything to obfuscate the audit trail.
  • CloudLab includes mechanisms for tracking "idle" resources: do not disable or attempt to subvert these mechanisms without the approval of the CloudLab staff.
  • No hacking attempts of the CloudLab infrastructure. This includes "red team" (hacker test) experiments.

Network Usage Rules

The following rules apply to the CloudLab "control network", which is connected to the Internet:

  • Do not use your CloudLab slice (account) to gain access to any hosting site resources that you did not already have.
  • Don't interfere with the normal operation of other systems.
  • Don't operate any application that a third party could interpret as being a security intrusion or privacy violation.


CloudLab provides isolation between experiments for the purpose of performance predictability, but it makes no guarantees with respect to the privacy of data stored within it or transmitted on its networks. Users should not use CloudLab to transmit or store data that is protected by privacy regulations.

Data Storage

CloudLab does not provide guarantees with respect to the reliability of the storage it provides; it is users' responsibility to makes copies of data that is important to them.


While the CloudLab staff are usually the first point-of-contact for complaints about misbehaving experiments, it is our policy in some cases to put the complainant in direct contact with the researcher that is responsible for the experiment.

Other Circumstances

The CloudLab staff reserves the right to exercise judgment with respect to the use of CloudLab and its resources and to restrict or terminate access as they see fit.


Violation of this AUP may result in any of the following:

  • termination of the slice;
  • disabling of accounts for users or organizations (projects);
  • informing the organization's administration.

To report a suspected violation of this policy, contact CloudLab Support (