Version 1.4 (August 2018)
2. Types of Information Collected
Some Personal Data that identifies you or can be used to identify or contact you is required and includes your name, username, address, email address, institution affiliation and project memberships. Your nationality is also recorded for compliance with export law restrictions. Additionally Non-Personal Data is generated through your usage of the HPC service and includes system access logs, resource usage, application license usage and helpdesk support requests. It also includes all research data, source code, etc which is held on the HPC filesystems and tape backup media during the course of the use of the HPC service.
3. Purposes for which we hold your Information
We will process any Personal Data you provide to us for the following purposes:
We use the various types of Non-Personal Data in a variety of ways:
4 Research data, source code or any other files held on the HPC filesystems or tape backup media may be accessed by ICHEC technical support staff when required as part of a support request or while investigating technical faults or performance problems on the HPC systems.
4. Disclosure of Information to Third Parties
We will not disclose your Personal Data to third parties unless you have consented to this disclosure. We will disclose your Personal Data if we believe in good faith that we are required to disclose it in order to comply with any applicable law, a summons, a search warrant, a court or regulatory order, or other statutory requirement.
We may provide Non-Personal Data to third parties, where such information is combined with similar information of other users of the HPC service. For example, we might inform third parties regarding the number of unique users who use the service, the number of users from each institution, the resource usage in total or broken down by institution or project class, etc. The third parties to whom we may provide this information include government agencies funding the service and other stakeholders involved in the management and oversight of the service. Some of this data, particularly aggregate resource usage data may also be published on ICHEC’s website or other publications. Research data such as files or source code used as part of a project or resource usage information relevant to a specific project may be shared with the Principal Investigator of that project.
Your Personal Data is held on secure servers hosted by us. The nature of the Internet is such that we cannot guarantee or warrant the security of any information you transmit to us via the Internet. No data transmission over the Internet can be guaranteed to be 100% secure. However, we will take all reasonable steps (including appropriate technical and organisational measures) to protect your Personal Data.
6. Updating, Verifying and Deleting Personal Data
We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with the ICHEC. You may inform us of any changes in your Personal Data, and in accordance with our obligations under the General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018 we will update or delete your Personal Data accordingly. To find out what Personal Data we hold on you or to have your Personal Data updated, amended or removed from our database, please email us at firstname.lastname@example.org.
Version 1.5 (October 2018)
The Irish Centre for High-End Computing (ICHEC) operates a national service for the provision of High-Performance Computing to researchers in Ireland. This service is shared by a large number of people and projects so to ensure that this common resource is run securely, fairly and efficiently the present document defines a set of rules which we require of users in order to achieve this end. Any breaches of this policy will be brought to your attention, and if you do so seriously or constantly, we will take it up with your Principal Investigator. If necessary, we will hold jobs, or even kill them, in order to keep the system as a whole operating smoothly and may suspend your login account.
1.1 User accounts must not be shared between individuals under any circumstances and passwords and ssh keys must be kept private and secure. Provision is made for collaboration and data sharing through shared project work directories so there is no reason for user account sharing.
1.2 Users may not apply for multiple accounts. However, users may join more than one project, and therefore gain legitimate access to resources associated to all these projects, including access to more than one project directory.
1.3 Password authenticated access to the infrastructure may only be granted from authorised Internet domains of partner institutions. Access from any other location will only be possible by tunnelling connections through an authorised domain or by using key based authentication.
1.4 Only secure, encrypted connection protocols (such as SSH, SCP, etc.) will be accepted.
2. Data and Storage
2.1 Do not use /tmp for temporary storage. Special per-job scratch directories are created for running jobs as well as special directories for specific applications. See system documentation on the website or open a support query if in doubt.
2.2 Do not process or store any copyrighted applications or data without permission or license or illegal data or applications on the system. All users are responsible for the contents of their storage areas.
2.3 Sensitive or personally identifiable data such as medical patient data must not be stored on the system.
2.4 All users have a responsibility to ensure that any data has been fully anonymised before transferring to ICHEC Systems and that all data is used, gathered, processed, stored and transferred in compliance with Data Protection obligations.
2.5 Only user home directories are backed up. Project work directories under /ichec/work are NOT backed up. Backups of home directories are only carried out as part of our system failure recovery plan, and the restoration of user files deleted accidentally is NOT provided as a service. Any valuable data should be copied off ICHEC systems regularly as we do not have the resources to guarantee the long term integrity of the large volumes of data stored.
2.6 Users may not attempt to read other users' data without their prior authorisation, (irrespective of the file permission) except in the case where members of a common project/group share data in the dedicated project directories.
3. Running applications
3.1 Login nodes are for the sole purpose of performing code development (editing, compiling, etc.), submitting batch jobs and running short, lightweight pre- and post-processing tasks. Production applications must not be run on the login nodes, and must instead be submitted to the batch system.
3.2 As the number of development nodes is limited and ICHEC is a shared service, we ask users to use these nodes responsibly, and refrain from grabbing all available resources. Users are therefore asked not to reserve more than one set of development nodes for interactive use.
3.3 Applications which adversely impact the stability or performance of the system for other users will not be permitted. If and when such applications are identified by ICHEC technical staff, users must stop all runs until a solution is in place and permission has been given by ICHEC technical staff to resume running the application.
3.4 The use of unlicensed software, or the use of licensed software which contravenes the licensing terms is strictly prohibited. To that effect, ICHEC has made a number of centrally supported licensed packages only available on request to ensure strict compliance with licensing terms.
4. Commercial use
4.1 Unauthorised commercial use of our systems is strictly prohibited.
5.1 The password for your ICHEC account should be unique and kept private. Similarly, a unique ssh keypair should be used for ICHEC with the private key encrypted with a strong passphrase.
5.2 If you suspect that your password or ssh key has been compromised, for any reason whatsoever, change it immediately using a secure channel! Also, this incident should be reported via email to the ICHEC helpdesk.
5.3 If you suspect that a machine has been compromised, contact the ICHEC helpdesk immediately.
5.4 Any attempt to gain unauthorised access through password guessing, network and system scanning or the use of software vulnerability exploits is strictly prohibited.
5.5 ICHEC staff will never ask you for your password and if you do receive anything suspicious please notify us via a valid email address such as email@example.com.
6. Acknowledgement and Support
As ICHEC is publicly funded to help enable high level research, it is of vital importance that the results of this research are publicised to a wide audience. This is essential in justifying any past and future investment in HPC resources. In order to do this we require at a minimum that:
6.1 Any publications, posters, presentations, etc. arising out of work completed with the help of ICHEC should include an acknowledgement such as "The authors wish to acknowledge the Irish Centre for High-End Computing (ICHEC) for the provision of computational facilities and support."
6.2 Researchers should notify ICHEC of any publications, posters, presentations, etc. arising out of work completed with the help of ICHEC.
6.3 On request, researchers should provide summaries of the work carried out on ICHEC resources for the purposes of annual reports, etc.
If you experience any problems with this page, or if you have any questions, please email firstname.lastname@example.org.