PRObE User Agreement

Version 1, Dated: 2013-02-01

1 Introduction

2 Requirements

2.1 Account Management

2.1.1 No Sharing Account

2.1.2 Required information

2.1.2.1 Automatically collected information

2.1.3 Protecting Passwords

2.1.4 Authorized/Acceptable Use

2.1.4.1 Authorized Use

2.1.4.2 Acceptable Behavior

2.1.4.3 Acceptable Use

2.1.5 Reporting Suspicious Activity

2.3 Data Confidentiality

2.3.1 Confidential Data

2.3.1.1 Proprietary Data

2.3.1.2 "Regulated" Data

2.3.1.3 Sensitive but Unclassified Data

2.4 Intellectual Property

2.4.1 Acknowledgment

2.4.2 Software Development

2.4.3 Publication

2.4.4 Non-Academic User Requirements

2.5 Software Licenses

2.6 Final Reports

2.7 Additional Requirements

3 Penalties

3.1 Account Suspension/Revocation

3.2 Loss of Allocation

3.3 Administrative Action

3.4 Civil Penalties

3.5 Criminal Penalties

4 Disclaimers

4.1 Additional requirements

4.2 Support/Diagnostic Access

4.3 Monitoring

4.4 Access Notification

4.5 Non-Liability

5 Guidelines

5.1 Password Management

5.2 Reporting Suspicious Activity

5.2.1 Password Exposure

5.2.2 Certificate Exposure

5.2.3 Account Compromise or Suspicious Activity

6 Contacts

6.1 General Assistance

6.2 Suspicious Behavior

6.3 Password and Certificate Changes

6.4 Exposure of Passwords, Passphrases, etc.

7 Acceptance Statement

1 Introduction

The New Mexico Consortium's (NMC) PRObE computing facility (which includes its hardware, software, network connections, and data), of 4200 West Jemez Road, Suite 301, Los Alamos, New Mexico 87544, is a limited resource for the scientific community. Therefore NMC has an obligation to protect that facility and ensure that it is used properly. Additionally, NMC has legal and other obligations to protect resources and the intellectual property of its users.

Because we cannot do this job alone, we depend on your cooperation. Responsible conduct on your part helps ensure that the maximum amount of CPU time is available to you and other researchers.

Failure to use these resources properly may result in various penalties, including civil and criminal action.

By clicking “I Accept” for this Agreement you assert that you have read, understood, and agree to the responsibilities stated here. NMC requires this agreement to enable/continue your account. If you have any questions about this document, please use the contact(s) identified in §6.1 to discuss the issues.

2 Requirements

2.1 Account Management

PRObE is federally funded through the NSF and external Internet access is provided through U.S. Government sponsored links.  The PRObE Management Group must ensure that computational resources are used in a manner consistent with the purpose and scope stated in our agreements with NSF and ESNet. We have taken reasonable measures to ensure appropriate usage, including monitoring of all gateway usage by the community. Any user information collected shall be used for this purpose, and may be disclosed to local, state, or federal law enforcement if the NMC is subpoenaed for such information.

You as a user also have responsibilities to protect your account from unauthorized use; this section outlines your responsibilities.

2.1.1 No Sharing Account

User accounts are created and intended for a one person only. It is not to be shared with others; neither students nor other collaborators. User certificates (i.e., ssh public keys) are not to be shared either.

2.1.2 Required information

The NMC will collect information about each user accessing PRObE systems. Such information may include, but is not limited to:

  1. Name, address (work and home), telephone number, affiliation, email address
  1. IP address and DNS name of the computer used to access PRObE gateway machines
  2. Current estimated long-term disk storage requirements for the project
    (this can be modified in the future to accommodate gateway growth)
2.1.2.1 Automatically collected information

Whenever you access any PRObE compute resources you automatically agree to have information about you collected. This information includes, but is not limited to:

  1. Logging of users IP address, UTC timestamp, and username
  2. Means by which access to the compute resource was requested (ssh, www, etc...)
  3. Any compute resources requested like number of nodes and cpu hours used
  4. Idle time during resource allocations

2.1.3 Protecting Passwords

Passwords and certificates are the keys to account access. You are responsible for protecting your passwords and certificates. Protection includes not sharing passwords, not writing passwords down where they can be easily found, and not using tools which expose passwords on the network (e.g., telnet). See the Guidelines section (§5) for more information.
The private key portion of a certificate is the equivalent of a password. You are responsible for ensuring that file and directory permissions prevent others from reading or copying any private keys.

2.1.4 Authorized/Acceptable Use

Having an account does not confer upon you the right to do whatever you might wish to with that account.

2.1.4.1 Authorized Use

Your account is granted for the activity stated on your application. Your use of the account should be limited to that activity.

2.1.4.2 Acceptable Behavior

The following activities are explicitly considered unacceptable and are subject to the penalties outlined below:

  1. using, or attempting to use, NMC computing resources without authorization or for purposes other than those stated on your application for computer time;
  2. tampering with or obstructing the operation of the facilities;
  3. reading, changing, distributing, or copying others' data or software without authorization;
  4. using NMC resources to attempt to gain unauthorized access to other (non-NMC) sites;
  5. activities in violation of local or federal law.

2.1.4.3 Acceptable Use

NMC has acquired access to the Internet through the Energy Science Network (ESNet). The ESNet Acceptable use policy (http://www.es.net/about/governance/ESnet- Acceptable-Use-Policy/) therefore also applies to all network connectivity to the PRObE facility.

2.1.5 Reporting Suspicious Activity

You are responsible for reporting, as soon as possible, suspicious activity on your account, or exposure or compromise of passwords, passphrases, or certificates. See §5 for reporting procedures.

2.3 Data Confidentiality

It is your responsibility to ensure the confidentiality of any intellectual property or other confidential data used on NMC resources.

NMC provides technology to preserve the confidentiality of data, but it is your responsibility to use that technology appropriately.

2.3.1 Confidential Data

Some of your data may not be considered intellectual property but may have confidentiality requirements. It is your responsibility to be aware of those requirements and verify whether or not NMC's site has the capabilities appropriate to the level of protection required.

2.3.1.1 Proprietary Data

Proprietary or private data (which may also be considered intellectual property) may have confidentiality requirements imposed by the owner of the data.

2.3.1.2 "Regulated" Data

Some data may not be explicitly confidential but may have a confidentiality requirement due to various laws or organizational policies. It is your responsibility to be aware of those requirements and verify that NMC's site can provide appropriate protection. Also be aware that some sites may be subject to state laws, which impose requirements on any data stored on those sites. Note that data with personal identifying information (e.g., Social Security Numbers) and med cla rec not us cefined by the federal Health Insurance Portability and Accountability Act (HIPAA) are not to be kept on NMC’s site without prior express written permission from NMC.

2.3.1.3 Sensitive but Unclassified Data

Some types of data or resources may be considered "Sensitive but Unclassified" by the Federal government, and thus may have restrictions and protection requirements. It is your responsibility to be aware of those requirements and verify that NMC's site can provide appropriate protection. Furthermore, such data is not to be kept on NMC’s site without prior express written permission from NMC.

2.4 Intellectual Property

You have specific responsibilities with regard to intellectual property used on NMC resources.

2.4.1 Acknowledgment

Papers, publications, and web pages of any material, whether copyrighted or not, based on or developed under NMC-supported projects must acknowledge this support by including the following paragraph:

"This material is based upon work supported by the National Science Foundation under the following NSF program: Parallel Reconfigurable Observational Environment for Data Intensive Super-Computing and High Performance Computing (PRObE)."

In addition, a copy of each publication must be emailed to This email address is being protected from spambots. You need JavaScript enabled to view it. . More information on publications can be found at http://www.nmc-probe.org/publications/.

2.4.2 Software Development

Software developed with allocations approved by NSF, or by proxy, via the allocations processes governing allocation of NMC resources, is subject to the NSF General Grant Conditions (GC-1) and thus certain copyright restrictions apply. In the January 2013 revision of this (http://www.nsf.gov/awards/managing/general_conditions.jsp?org=NSF), this issue is specifically addressed in Article 24. Copyrightable Material.

2.4.3 Publication

Work performed under a peer-reviewed allocation must be published in the open literature.

2.4.4 Non-Academic User Requirements

Non-academic (corporate/industrial, government, etc.) users frequently have more stringent usage requirements than those that might be required by NMC. It is the user's responsibility to assure the resources used satisfy the requirements of their organization.

2.5 Software Licenses

All software used on NMC systems must be appropriately acquired and used according to the specified licensing. Possession or use of illegally copied software is prohibited. Likewise users shall not copy copyrighted software or materials, except as permitted by the owner or the copyright. Some software installed on NMC resources may require special authorization in order to be used. Users must abide by the requirements for protecting it from misuse.

2.6 Final Reports

Requests for subsequent allocation awards will not be allowed until an end of project report has been received for all prior awards for the specific project. It is rec mmended that renewals and continuing projects also include a copy of prior award final reports as an attachment to the submitted proposal.

2.7 Additional Requirements

Individual sites may be subject to state/local laws and/or have organizational policies with additional requirements beyond this policy.

Those organizations will make those policies available. It is your responsibility to be aware of and abide by those policies.

3 Penalties

Failure to abide by this agreement may result in a variety of penalties imposed.

3.1 Account Suspension/Revocation

Accounts may be temporarily suspended or permanently revoked if compromised or abused.

Your account may be suspended without advance notice if there is suspicion of account compromise, system compromise, prohlicious iciused ac activity.

3.2 Loss of Allocation

This policyrmittsospicion of 3.3 Administrative Action

abutive activity may be reporled toc4.oT home insituation foraAdministrative-revief and action.

3.4 Civil Penalties

3.5 Criminal Penalties

Activities in violation of federal, state, or/local lay may be reporled to the appropriatenauthoritiesf icinv estg="id.hcal lrposcuction.

4 Disclaimers

4.1 Additional requirements

se stated in 2.F,  may be subject to requirements beyond ted scope of this document.

4.2 Support/Diagnostic Access

authorized NMC site personelt may reviefsfor the purposes ffs >for NMC systemt.

4.3 Monitoring

User activity may be monitosed se allowed urders

Anyfor alluoses ff this system and all ilies on this system may be intrxceped,e monitose,a rec nse,a copie,enadiped,e inptectes, and disclosed tonauthorized site or/law enforcement personelg, asweall se authorizedofifirials ff otheragencties,:bots dimestic andeforign. Byt using this syste,s the usee conments o, suchhat the disrertion of authorized site personely.

4.4 Access Notification

Access to usee data and communczations will not'normalay bepperformed without explicil authorization and/or advance noticeunlcessexingentcirocuistancssexisnt. Pnos-inc idenrnNotificatios willbes provided in suchcrasey.

4.5 Non-Liability

Youdod herbay rpleas,a rlieveg, di chaage, idemnrify and hlds hamlcess . ,f itsofifipers,truystses, emplytses,agennts and represntrativs,s  from any and alllLiabilit, or clain of Liabilitl, whetherf or personal njurtl, proper unders and and agree that NMl makis nd represntrations ss to the conditioy of its facility and you accput it“ais it” forists intended purpose,r haring beengtivin the oppormunity to inptecf the facilitd toc4.oT satis action. You>unders and that the facilitd is beingmaude available for the intended purposs on the conditioy that yoro presance and activitie,y including the presance and activities ff othens ssSocitped withyYou andc4.oT use of the facilit,s will not>unulny intrfeare witn or isrupat the'normae operatiosn of NMC and the'normae users of the facility.

5 Guidelines

The following are sgguestions for heleingmaiontaid ted Security

5.1 Password Management

  1. This email address is being protected from spambots. You need JavaScript enabled to view it. .
  2. .
  3. .

5.2 Reporting Suspicious Activity

  belon foraappropriate contacs).

5.2.1 Password Exposure

5.2.2 Certificate Exposure

5.2.3 Account Compromise or Suspicious Activity