1. ARCC General Use Policies
A. Terms of Use
i. UW Acceptable Use Policy
ARCC clusters and UW resources are made available to the UW research community, and
as such are covered by Unireg 8-1. All users of ARCC resources are required to adhere to UW regulations in addition
to ARCC specific policies. All users should read and be familiar with this regulation
as it is applicable to all UW resources and users must accept terms of use when requesting
access to our resources, which includes adherence to UW Regulation 8-1.
Regulation 8-1 includes the following provisions which may be particularly applicable
to users of the ARCC resources, but the list below is NOT complete and you are bound
by all directives under the regulation:
-
“It is the responsibility of individuals to protect their access privileges, including
any access codes or passwords, so that they are not used by any unauthorized persons.”
Protect your passwords and do not share your login information with others.
-
“The technology resources of the University are supported by State funds and are intended
to be used primarily for University related activities that support teaching, learning,
research, and service, including University administrative functions and student activities
consistent with the University’s mission and learning environment.”
-
“Improper use [of UW resources] includes, but is not limited to, use for personal gain; use which intentionally interferes
with legitimate use by others; and, use which violates any law or University Regulation”. Engaging in conduct that interferes with others' use of shared ARCC resources is
prohibited and the use of ARCC resources for commercial or profit-making purposes
is prohibited without written authorization from the University.
ii. ARCC Specific Acceptable Use Policy
In addition to the University regulations, the ARCC resources are subject to additional
policy listed on our Policy page. The use of any ARCC resource requires compliance
with all policies linked or referenced on UW ARCC’s Policies Pages. The process of requesting an allocation
and/or account on a UW ARCC resource includes acceptance of any policies specific
to the resource in your request. All terms of use apply to all ARCC resources.
B. User Responsibilities
i. Global User Prerequisites:
All ARCC users must meet prerequisites to use ARCC High Performance Computing (HPC)
or Research Data Storage services.
-
Be a UWYO Faculty member, or have sponsorship from a UWYO faculty member.
-
Have an active UWYO Account or ARCC created HPC account.
-
Enroll in Two-Factor Authentication
-
Have access to Internet
ii. Global User Responsibilities:
ARCC users are accountable for their actions and while using ARCC resources. Violations of any university regulation, policy, procedure, and/or security may result
in administrative or legal actions.
iii. PI Responsibilities:
Please see HPC Policy->HPC/HPS Accounts->PI Accounts for who qualifies as a PI.
User Account Requests: To obtain an account necessary to access ARCC resources, users must have approval
from a Principal Investigator (PI).
A PI must request or approve of any user access to ARCC resources. PIs must also request
or approve access changes on their managed projects. Additionally, all resource access
should be associated with a project (either requested for creation or existing) on
that resource. If an associated project does not exist on the resource for which
the user account request is made, a project must be created in conjunction with the
user account request.
PIs are responsible for ensuring that these policies, procedures, and security rules
are followed for their project members and ensuring that project members working under
their supervision fulfill these responsibilities.
Project Requests: Principal Investigators (PIs) are the only individuals that may request the creation
of new projects, or request changes to their projects, unless the PI designates a
project manager in writing. The project PI has the duty to oversee any projects created
at their request.
PI's are responsible for ensuring that policies, procedures, and security rules are
followed for their project members and ensuring that project members working under
their supervision fulfill these responsibilities.
Designate Project Managers: PIs may identify designated manager(s) for their project(s). A designated manager
(DM) is a project member allowed to request specific actions associated with a project
on behalf of the project PI. Designated manager requests should be made in writing
to ARCC and specify:
The individual granted DM status
The project(s) they are granted DM for
The associated actions on the project that may be requested by the DM on the PI’s
behalf
Timeframe (if any) for DM designation
iv. Research Use:
ARCC resources may only be used for research activities and must never be used in
the violation of any other university regulation.
The following categories of use (without limitation) are prohibited:
-
For personal or private benefit
-
In support of illegal, fraudulent, or malicious activities,
-
Facilitation of transaction(s) in violation of US Federal, or UW institutional export
control regulations.
v. User Data Requirements:
Users of ARCC resources agree to store only data that meets the following conditions:
-
Is research data
-
is NOT covered by HIPAA or FERPA,
-
Does NOT contain personal information such as credit info, entertainment media, illicit
material, SSNs or similar personal data and does NOT contain copyrighted material that the user doesn’t have appropriate rights
to.
vi. Compliance with requests from ARCC
ARCC users are required to comply within a prompt timeframe to ARCC direct requests
from regarding the use of ARCC resources. This includes requests to reduce disk space
consumption or halting prohibited actions. ARCC purposefully aims to keep our list
policies as short as possible in order to facilitate the use of these research tools
in novel and creative ways, however, behaviors or practices that interfere with the
ability of others to use shared resources, must be handled with immediacy and ARCC
staff require prompt compliance on such requests.
vii. Monitor your provided e-mail account
You are required to monitor your USERNAME@uwyo.edu email address. If you are an external
collaborator, you should monitor the email address provided to IT Application Security
upon your account creation.
viii. Providing notifications
-
ARCC users should notify arcc-help@uwyo.edu immediately when aware that any accounts used to access ARCC resources have been
compromised.
-
ARCC users should promptly inform UW of any changes in their contact information.
-
Upon actual or suspected loss, disclosure, or compromise of the two-factor authentication
physical or virtual token and/or associated password, account holders should immediately
notify the UW IT Security Office (IT_Security_Office@uwyo.edu). Two-factor authentication tokens must not be transferred to another person.
ix. ARCC Notifications
-
ARCC uses our arcc-announcement mailing list to keep users up to date on all arcc
news and announcements. Upon being added to any ARCC service, users are auto-enrolled
into this list.
-
All ARCC announcements will be sent out through e-mail to our list members, and posted
to our ARCC News and Announcements webpage.
-
Users may unenroll from our announcements list, but should be aware that this is our
method for providing relevant information to our users, and users who do unenroll
may not receive important information related to ARCC services.
C. Appropriate Use
ARCC resources may only be used for activities authorized by the University and are
always subject to Unireg 8-1. Prohibited actions include, but are not limited to, the following:
i. Unauthorized Use
Attempting to send or receive messages or access information by unauthorized means,
such as imitating another system, impersonating another user or other person, misusing
legal user credentials (usernames, passwords, etc.), or causing some system component
to function incorrectly
ii. Altering Authorized Access
Changing or circumventing access controls to allow the user or others to perform actions
outside authorized privileges
iii. Reconstruction of Information or Software
Reconstructing or re-creating information or software outside authorized privileges
iv. Data Modification or destruction
Taking actions that intentionally modify or delete information or programs outside
authorized privileges
v. Malicious Software
Intentionally introducing or using malicious software, including, but not limited
to, computer viruses, Trojan horses, or worms
vi. Denial of Service Actions
Using UW/ARCC resources to interfere with any service availability, either at UW or
at other sites
vii. Pornography
Using UW/ARCC resources to access, upload, download, store, transmit, create, or otherwise
use sexually explicit or pornographic material
viii. Harassment
Engaging in an offensive or harassing actions toward another individual or organization
D. Software, Data Security, and Access Control
i. ARCC Use by Foreign Nationals
ARCC use by foreign nationals is generally permitted regardless of whether access
to ARCC resources is from the United States or abroad. However, the U.S. Department
of Treasury’s Office of Foreign Assets Control (OFAC) regulations prohibit the of
ARCC resources by citizens of Cuba, Iran, Syria, or Sudan while residing and/or working
in one of those countries.
ii. Restricted Data
The use of UW/ARCC resources to store, manipulate, or remotely access information,
software, or data (materials) that require additional controls or that could negatively
impact or compromise administrative and business operations of ARCC resources requires
prior written approval from the University. Such materials include, but are not limited
to, export-controlled software or technical data subject to Export Administration
Regulations (EAR) or International Traffic in Arms Regulations (ITAR); Personally
Identifiable Information (PII) or health information subject to the Health Information
Portability and Accountability Act (HIPAA), and materials subject to "Official Use
Only" or similar government restrictions.
THE USE OF UW/ARCC RESOURCES TO STORE, MANIPULATE, OR REMOTELY ACCESS CLASSIFIED INFORMATION,
UNCLASSIFIED CONTROLLED NUCLEAR INFORMATION (UCNI), NAVAL NUCLEAR PROPULSION INFORMATION
(NNPI), SECRET RESTRICTED DATA (SRD), SPECIAL ACCESS REQUIRED DATA (SAR), THE DESIGN
OR DEVELOPMENT OF NUCLEAR, RADIOLOGICAL, BIOLOGICAL, OR CHEMICAL WEAPONS, OR OF ANY
WEAPONS OF MASS DESTRUCTION IS EXPRESSLY PROHIBITED.
UW/ARCC resources are operated as research systems and should only be used to access
and store data related to research. These research systems are categorized as low
per FIPS-199 and protected to the NIST 800-53 low-security control baseline.
iii. System Security
UW/ARCC resources control data access via username and password authentication for
network access and UNIX directory and file permissions for data storage. Network access
and data storage systems provide no explicit encryption. ARCC users are responsible
for protecting data files and acknowledge and understand that UW/ARCC security control
implementation is sufficient for research data access and storage.
vi. Software Licensing and Copyright Compliance
-
ARCC users must ensure that when using ARCC resources, all software is acquired and
used according to appropriate licensing. Possession, use, or transmission of illegally
obtained software on ARCC resources is prohibited.
-
ARCC users shall not copy, store or transfer copyrighted software or data using ARCC
resources, except as expressly permitted by the copyright owner.
-
Installation of software on ARCC systems must include a valid license (if applicable).
No software will be installed on the ARCC cluster(s) without prior proof of license
eligibility.
-
Installation of commercial or licensed software will be performed in a best-effort
manner. If the requirements for the software are outside the current configuration
of ARCC systems, ARCC may reject the installation.
v. Data Retention
-
Users who leave UW: ARCC reserves the right to remove any data at any time and/or transfer data to other
individuals (such as Principal Investigators working on a same or similar project)
after a user account is deleted or permanently deactivated, or a user no longer has
an association with UW/ARCC.
-
Data backups:
-
Although ARCC takes steps to ensure the integrity of stored data, ARCC does not guarantee
that data files are protected against destruction. ARCC users should read the information
on data retention, backups, and data deletion in any applicable policies for the ARCC
resources they use, and make backups of necessary data and software in an archive
system or at other sites.
-
In some cases, ARCC may elect to make backup copies of some data files. When backup
copies are made, ARCC reserves the right, at its sole discretion, to hold such backup
copies indefinitely or to delete them.
E. Policy Violations
i. Repercussions
If it has been determined that you have violated any of the ARCC resource policies,
or any other UWYO computing policies, your account(s) will be deactivated immediately.
Your account will not be reactivated until the ARCC director receives a formal request
from the Principal Investigator of your project.UW personnel and ARCC users are required
to address, safeguard against, and report misuse, abuse, and criminal activities.
Misuse of ARCC resources can lead to temporary or permanent disabling of accounts,
loss of access to ARCC resources, and administrative sanctions or legal actions.
F. Disclaimers
i. The information contained in the Privacy Policy, Terms of Use Policy, and any other
ARCC policies should NOT be construed as giving legal, professional, or any other advice.
ii. The content of this site is provided by ARCC and UW researchers as a service to the
UW research community without any warranty of being accurate, current, or applicable
to any particular use. The University makes no express or implied warranty with respect
to the use of ARCC resources. Neither the University nor ARCC shall be liable in the
event of any resource failure or loss of data