1.1 Terms of Use Policy

Policy directing terms for use of ARCC resources.

Contents

- 1.1 1.1.1 UW Acceptable Use Policy
- 1.2 1.1.2 ARCC Specific Acceptable Use Policy
- 1.3 1.1.3 User Responsibilities
  - 1.3.1 1.1.3.1 Prerequisites for all users
  - 1.3.2 1.1.3.2 Responsibilities of All Users
  - 1.3.3 1.1.3.3 Responsibilities of PIs
  - 1.3.4 1.1.3.4 Research Use
  - 1.3.5 1.1.3.5 User Data Requirements
  - 1.3.6 1.1.3.6 Compliance with requests from ARCC
  - 1.3.7 1.1.3.7 Monitor the email address for your account
  - 1.3.8 1.1.3.8 Provide notification
- 1.4 1.1.4. Appropriate Use
  - 1.4.1 1.1.4.1 Unauthorized Access
  - 1.4.2 1.1.4.2 Altering Authorized Access
  - 1.4.3 1.1.4.3 Reconstruction of Information or Software
  - 1.4.4 1.1.4.4 Data Modification or Destruction
  - 1.4.5 1.1.4.5 Malicious Software
  - 1.4.6 1.1.4.6 Denial of Service Actions
  - 1.4.7 1.1.4.7 Pornography
  - 1.4.8 1.1.4.8 Harassment
2 1.2 Software, Data, Security and Access Control
- 2.1 ARCC Use by Foreign Nationals
- 2.2 Restricted Data
- 2.3 System Security
- 2.4 Software Licensing and Copyright Compliance
- 2.5 Data Retention
3 Policy Violations
4 Disclaimer

https://arccwiki.atlassian.net/wiki/spaces/DOCUMENTAT/pages/64192662

https://arccwiki.atlassian.net/wiki/spaces/DOCUMENTAT/pages/33184

1.1.1 UW Acceptable Use Policy

ARCC clusters and UW resources are made available to the UW research community, and as such are covered by Unireg 8-1. All users of ARCC resources are required to adhere to UW regulations in addition to ARCC specific policies. All users should read and be familiar with this regulation as it is applicable to all UW resources and users must accept terms of use when requesting access to our resources, which includes adherence to UW Regulation 8-1.

Regulation 8-1 includes the following provisions which may be particularly applicable to users of the ARCC resources, but the list below is NOT complete and you are bound by all directives under the regulation:

“It is the responsibility of individuals to protect their access privileges, including any access codes or passwords, so that they are not used by any unauthorized persons.”
Protect your passwords and do not share your login information with others.
“The technology resources of the University are supported by State funds and are intended to be used primarily for University related activities that support teaching, learning, research, and service, including University administrative functions and student activities consistent with the University’s mission and learning environment.”
“Improper use [of UW resources] includes, but is not limited to, use for personal gain; use which intentionally interferes with legitimate use by others; and, use which violates any law or University Regulation”. Engaging in conduct that interferes with others' use of shared ARCC resources is prohibited and the use of ARCC resources for commercial or profit-making purposes is prohibited without written authorization from the University.

1.1.2 ARCC Specific Acceptable Use Policy

In addition to the University regulations, the ARCC resources are subject to additional policy listed on our Policy page. The use of any ARCC resource requires compliance with all policies linked or referenced on UW ARCC’s Policies Pages. The process of requesting an allocation and/or account on a UW ARCC resource includes acceptance of any policies specific to the resource in your request. All terms of use apply to all ARCC resources.

1.1.3 User Responsibilities

1.1.3.1 Prerequisites for all users

All ARCC users must meet prerequisites prior to using ARCC High Performance Computing (HPC) or Research Data Storage services. They are as follows:

Be a UWYO Faculty member, or have sponsorship from a UWYO faculty member.

Have an active UWYO Account

Enroll in Two-Factor Authentication

Access to Internet

1.1.3.2 Responsibilities of All Users

ARCC users are accountable for their actions.

Violations of any university regulation, policy, procedure, and/or security may result in administrative or legal actions.

1.1.3.3 Responsibilities of PIs

Principal Investigators (PIs) are responsible for ensuring that these policies, procedures, and security rules are followed for their project members and ensuring that project members working under their supervision fulfill these responsibilities.

1.1.3.4 Research Use

ARCC resources may only be used for research activities and must never be used in the violation of any other university regulation. The following categories of use (without limitation) are prohibited:

for personal or private benefit,

to support illegal, fraudulent, or malicious activities,

to facilitate any transaction that would violate U.S. export control regulations.

1.1.3.5 User Data Requirements

Users of ARCC resources agree to store only data that meets the following conditions:

is research data,

is NOT covered by HIPAA or FERPA,

does NOT contain personal information such as credit info, entertainment media, illicit material, SSNs or similar personal data,

does NOT contain copyrighted material that the user doesn’t have appropriate rights to.

1.1.3.6 Compliance with requests from ARCC

You are required to comply within a prompt timeframe to ARCC direct requests from regarding the use of ARCC resources. This includes requests to reduce disk space consumption or halting prohibited actions. ARCC purposefully aims to keep our list policies as short as possible in order to facilitate the use of these research tools in novel and creative ways, however, behaviors or practices that interfere with the ability of others to use shared resources, must be handled with immediacy and ARCC staff require prompt compliance on such requests.

1.1.3.7 Monitor the email address for your account

You are required to monitor your USERNAME@uwyo.edu email address. If you are an external collaborator, you should monitor the email address provided to IT Application Security upon your account creation.

1.1.3.8 Provide notification

ARCC users should notify arcc-help@uwyo.edu immediately when aware that any accounts used to access ARCC resources have been compromised.

ARCC users should promptly inform UW of any changes in their contact information.

Upon actual or suspected loss, disclosure, or compromise of the two-factor authentication physical or virtual token and/or associated password, account holders should immediately notify the UW IT Security Office (IT_Security_Office@uwyo.edu). Two-factor authentication tokens must not be transferred to another person.

1.1.4. Appropriate Use

ARCC resources may only be used for activities authorized by the University and are always subject to Unireg 8-1. Prohibited actions include, but are not limited to, the following:

1.1.4.1 Unauthorized Access

Attempting to send or receive messages or access information by unauthorized means, such as imitating another system, impersonating another user or other person, misusing legal user credentials (usernames, passwords, etc.), or causing some system component to function incorrectly

1.1.4.2 Altering Authorized Access

Changing or circumventing access controls to allow the user or others to perform actions outside authorized privileges

1.1.4.3 Reconstruction of Information or Software

Reconstructing or re-creating information or software outside authorized privileges

1.1.4.4 Data Modification or Destruction

Taking actions that intentionally modify or delete information or programs outside authorized privileges

1.1.4.5 Malicious Software

Intentionally introducing or using malicious software, including, but not limited to, computer viruses, Trojan horses, or worms

1.1.4.6 Denial of Service Actions

Using UW/ARCC resources to interfere with any service availability, either at UW or at other sites

1.1.4.7 Pornography

Using UW/ARCC resources to access, upload, download, store, transmit, create, or otherwise use sexually explicit or pornographic material

1.1.4.8 Harassment

Engaging in an offensive or harassing actions toward another individual or organization

1.2 Software, Data, Security and Access Control

ARCC Use by Foreign Nationals

ARCC use by foreign nationals is generally permitted regardless of whether access to ARCC resources is from the United States or abroad. However, the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) regulations prohibit the of ARCC resources by citizens of Cuba, Iran, Syria, or Sudan while residing and/or working in one of those countries.

Restricted Data

The use of UW/ARCC resources to store, manipulate, or remotely access information, software, or data (materials) that require additional controls or that could negatively impact or compromise administrative and business operations of ARCC resources requires prior written approval from the University. Such materials include, but are not limited to, export-controlled software or technical data subject to Export Administration Regulations (EAR) or International Traffic in Arms Regulations (ITAR); Personally Identifiable Information (PII) or health information subject to the Health Information Portability and Accountability Act (HIPAA), and materials subject to "Official Use Only" or similar government restrictions.

THE USE OF UW/ARCC RESOURCES TO STORE, MANIPULATE, OR REMOTELY ACCESS CLASSIFIED INFORMATION, UNCLASSIFIED CONTROLLED NUCLEAR INFORMATION (UCNI), NAVAL NUCLEAR PROPULSION INFORMATION (NNPI), SECRET RESTRICTED DATA (SRD), SPECIAL ACCESS REQUIRED DATA (SAR), THE DESIGN OR DEVELOPMENT OF NUCLEAR, RADIOLOGICAL, BIOLOGICAL, OR CHEMICAL WEAPONS, OR OF ANY WEAPONS OF MASS DESTRUCTION IS EXPRESSLY PROHIBITED.

UW/ARCC resources are operated as research systems and should only be used to access and store data related to research. These research systems are categorized as low per FIPS-199 and protected to the NIST 800-53 low-security control baseline.

System Security

UW/ARCC resources control data access via username and password authentication for network access and UNIX directory and file permissions for data storage. Network access and data storage systems provide no explicit encryption. ARCC users are responsible for protecting data files and acknowledge and understand that UW/ARCC security control implementation is sufficient for research data access and storage.

Software Licensing and Copyright Compliance

ARCC users must ensure that when using ARCC resources, all software is acquired and used according to appropriate licensing. Possession, use, or transmission of illegally obtained software on ARCC resources is prohibited.
ARCC users shall not copy, store or transfer copyrighted software or data using ARCC resources, except as expressly permitted by the copyright owner.
Installation of software on ARCC systems must include a valid license (if applicable). No software will be installed on the ARCC cluster(s) without prior proof of license eligibility.
Installation of commercial or licensed software will be performed in a best-effort manner. If the requirements for the software are outside the current configuration of ARCC systems, ARCC may reject the installation.

Data Retention

Users who leave UW: ARCC reserves the right to remove any data at any time and/or transfer data to other individuals (such as Principal Investigators working on a same or similar project) after a user account is deleted or permanently deactivated, or a user no longer has an association with UW/ARCC.
Data backups:
- Although ARCC takes steps to ensure the integrity of stored data, ARCC does not guarantee that data files are protected against destruction. ARCC users should read the information on data retention, backups, and data deletion in any applicable policies for the ARCC resources they use, and make backups of necessary data and software in an archive system or at other sites.
- In some cases, ARCC may elect to make backup copies of some data files. When backup copies are made, ARCC reserves the right, at its sole discretion, to hold such backup copies indefinitely or to delete them.

Policy Violations

If it has been determined that you have violated any of the ARCC resource policies, or any other UWYO computing policies, your account(s) will be deactivated immediately. Your account will not be reactivated until the ARCC director receives a formal request from the Principal Investigator of your project.
UW personnel and ARCC users are required to address, safeguard against, and report misuse, abuse, and criminal activities. Misuse of ARCC resources can lead to temporary or permanent disabling of accounts, loss of access to ARCC resources, and administrative sanctions or legal actions.

Disclaimer

The information contained in the Privacy Policy, Terms of Use Policy, and any other ARCC policies should NOT be construed as giving legal, professional, or any other advice.
The content of this site is provided by ARCC and UW researchers as a service to the UW research community without any warranty of being accurate, current, or applicable to any particular use. The University makes no express or implied warranty with respect to the use of ARCC resources. Neither the University nor ARCC shall be liable in the event of any resource failure or loss of data/