Terms of Use Policy

From arccwiki
Jump to: navigation, search

Applicable Policies and Acceptance

Acceptance

The process of requesting an allocation on an ARCC resource includes acceptance of any policies specific to that resource, and of this Terms of Use which applies to all ARCC resources.

UW Acceptable Use Policy

ARCC clusters and other resources (the resources) are made available to the University community, and as such are covered by the general University Acceptable Use Policy (AUP). All users of ARCC resources are required to adhere to the campus AUP in addition to the policies specific to the ARCC resources. You should read and familiarize yourself with the University AUP.

The AUP includes the following provisions which might be particularly applicable to users of the ARCC resources, but the list below is NOT complete and you are bound by all of the policies in the AUP:

  • Those using University ARCC resources are responsible for safeguarding identification codes and passwords, DO NOT SHARE YOUR PASSWORD with anyone. If you have a student, colleague, etc. who needs access to your ARCC resources (i.e. project, storage, etc.), the Principal Investigator (PI) should request they are granted the proper access.
  • Engaging in conduct that interferes with others use of shared ARCC resources is prohibited. The ARCC resources are a shared resource. The specific policies about use of ARCC resources are related to this point.
  • Using University ARCC resources for commercial or profit-making purposes is prohibited without written authorization from the University.

ARCC Policies

In addition to the University AUP, the ARCC resources have their own policies which are available at ARCC Policies. Use of any ARCC resource requires compliance with all General Policies linked from this page, and any Resource-Specific Policies that apply to that particular ARCC resource.

User Responsibilities

Responsibilities of PIs and Users

  • Principal Investigators (PIs) are responsible for ensuring that these policies, procedures, and security rules are followed for their project members and ensuring that project members working under their supervision fulfil these responsibilities.
  • ARCC users are accountable for their actions.
  • Violations of policy, procedure, and security rules may result in applicable administrative sanctions or legal actions.

Responsibilities of All Users

  • Research use: ARCC resources may only be used for research activities. The following categories of use (without limitation) are prohibited:
    • for personal or private benefit,
    • to support illegal, fraudulent, or malicious activities,
    • to facilitate any transaction that would violate U.S. export control regulations.
  • User Data Requirements: Users of ARCC resources agree to store only data that meets the following conditions:
    • is research data,
    • is NOT covered by HIPAA or FERPA,
    • does NOT contain personal information such as credit info, entertainment media, illicit material, SSNs or similar personal data,
    • does NOT contain copyrighted material that the user doesn’t have appropriate rights to.
  • Comply with requests from ARCC: You are required to promptly comply with all direct requests from ARCC staff regarding the use of the ARCC resources. This includes requests to reduce disk space consumption or refrain from particular actions. We purposefully are trying to keep the list of rigid policy rules as short as possible in order to facilitate the use of these research tools in novel and creative ways. However, when we encounter behaviour or practices which are interfering with the ability of others to use shared resources, we will step in and require your prompt compliance with such requests.
  • Monitor the email address for your account: You are required to monitor your USERNAME@uwyo.edu email address or, if you are an external collaborator, the email address provided when your account was established. You can read email on a campus mail system, or forward it to another address or email system which you do read, but that is the address at which system staff will contact you should the need arise.
  • Provide notification:
    • ARCC users must immediately notify arcc-help@uwyo.edu upon awareness that any of the accounts used to access ARCC resources have been compromised.
    • ARCC users should promptly inform UW of any changes in their contact information.
    • Upon actual or suspected loss, disclosure, or compromise of the two-factor authentication physical or virtual token and associated password, account holders must immediately notify the University Security Office (IT_Security_Office@uwyo.edu). The two-factor authentication token may not be transferred to another person.

Appropriate Use

ARCC resources may only be used for activities authorized by the University. Prohibited actions include, but are not limited to, the following:

  • Unauthorized Access: Attempting to send or receive messages or access information by unauthorized means, such as imitating another system, impersonating another user or other person, misusing legal user credentials (usernames, passwords, etc.), or causing some system component to function incorrectly
  • Altering Authorized Access: Changing or circumventing access controls to allow the user or others to perform actions outside authorized privileges
  • Reconstruction of Information or Software: Reconstructing or re-creating information or software outside authorized privileges
  • Data Modification or Destruction: Taking actions that intentionally modify or delete information or programs outside authorized privileges
  • Malicious Software: Intentionally introducing or using malicious software, including, but not limited to, computer viruses, Trojan horses, or worms
  • Denial of Service Actions: Using UW/ARCC resources to interfere with any service availability, either at UW, or at other sites
  • Pornography: Using UW/ARCC resources to access, upload, download, store, transmit, create, or otherwise use sexually explicit or pornographic material
  • Harassment: Engaging in offensive or harassing actions toward another individual or organization

Software, Data, Security and Access Control

ARCC Use by Foreign Nationals

ARCC use by foreign nationals is generally permitted regardless of whether access to ARCC resources is from the United States or abroad. However, the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) regulations prohibit use of ARCC resources by citizens of Cuba, Iran, Syria or Sudan while residing and/or working in one of those countries.

Restricted Data

The use of UW/ARCC resources to store, manipulate, or remotely access information, software, or data (materials) that require additional controls or that could negatively impact or compromise administrative and business operations of ARCC resources requires prior written approval from the University. Such materials include, but are not limited to, export-controlled software or technical data subject to Export Administration Regulations (EAR) or International Traffic in Arms Regulations (ITAR); Personally Identifiable Information (PII) or health information subject to the Health Information Portability and Accountability Act (HIPAA), and materials subject to "Official Use Only" or similar government restrictions.

Exclamation-mark-red-md.png THE USE OF UW/ARCC RESOURCES TO STORE, MANIPULATE, OR REMOTELY ACCESS CLASSIFIED INFORMATION, UNCLASSIFIED CONTROLLED NUCLEAR INFORMATION (UCNI), 
    NAVAL NUCLEAR PROPULSION INFORMATION (NNPI), SECRET RESTRICTED DATA (SRD), SPECIAL ACCESS REQUIRED DATA (SAR), THE DESIGN OR DEVELOPMENT OF NUCLEAR, 
    RADIOLOGICAL, BIOLOGICAL, OR CHEMICAL WEAPONS, OR OF ANY WEAPONS OF MASS DESTRUCTION IS EXPRESSLY PROHIBITED.

UW/ARCC resources are operated as research systems and should only be used to access and store data related to research. These research systems are categorized as low per FIPS-199 and protected to the NIST 800-53 low security control baseline.

System Security

UW/ARCC resources control data access via username and password authentication for network access and UNIX directory and file permissions for data storage. Network access and data storage systems provide no explicit encryption. ARCC users are responsible for protecting data files and acknowledge and understand that UW/ARCC security control implementation is sufficient for research data access and storage.

Software Licensing and Copyright Compliance

  • ARCC users must ensure that when using ARCC resources, all software is acquired and used according to appropriate licensing. Possession, use, or transmission of illegally obtained software on ARCC resources is prohibited.
  • ARCC users shall not copy, store or transfer copyrighted software or data using ARCC resources, except as expressly permitted by the copyright owner.
  • Installation of software on ARCC systems must include a valid license (if applicable). No software will be installed on ARCC cluster(s) without prior proof of license eligibility.
  • Installation of commercial or licensed software will be performed in a best effort manner. If the requirements for the software is outside the current configuration of ARCC systems, ARCC may reject the installation.

Data Retention

  • Users who leave UW: ARCC reserves the right to remove any data at any time and/or transfer data to other individuals (such as Principal Investigators working on a same or similar project) after a user account is deleted, or permanently deactivated, or a user no longer has an association with UW/ARCC.
  • Data backups:
    • Although ARCC takes steps to ensure the integrity of stored data, ARCC does not guarantee that data files are protected against destruction. ARCC users should read the information on data retention, backups, and data deletion in any applicable policies for the ARCC resources they use, and make backups of necessary data and software in an archive system or at other sites.
    • In some cases, ARCC may elect to make backup copies of some data files. When backup copies are made, ARCC reserves the right, at its sole discretion, to hold such backup copies indefinitely or to delete them.

Policy Violations

  • If it has been determined that you have violated any of the ARCC resource policies, or any other UWYO computing policies, your account(s) will be deactivated immediately. Your account will not be reactivated until the ARCC director receives a formal request from the Principal Investigator of your project.
  • UW personnel and ARCC users are required to address, safeguard against, and report misuse, abuse and criminal activities. Misuse of ARCC resources can lead to temporary or permanent disabling of accounts, loss of access to ARCC resources, and administrative sanctions or legal actions.

Disclaimer

  • The information contained in the Privacy Policy, Terms of Use Policy, and any other ARCC policies should NOT be construed as giving legal, professional, or any other advice.
  • The content of this site is provided by ARCC and UW researchers as a service to the UW research community without any warranty of being accurate, current, or applicable to any particular use. The University makes no express or implied warranty with respect to the use of ARCC resources. Neither the University nor ARCC shall be liable in the event of any resource failure or loss of data.