Acceptable Use Agreement
This document provides guidelines for use of the computing systems,
resources, and facilities at the Maui High Performance Computing Center (MHPCC).
The purpose of these guidelines is to increase awareness of computer security
issues and to ensure that all MHPCC users employ the MHPCC computing systems,
resources, and facilities in an efficient, ethical, and lawful manner.
MHPCC accounts are to be used only for the purpose for which they are authorized
and are not to be used for non-MHPCC approved or related activities. Unauthorized
use of a MHPCC account/system is in violation of Section 799, Title 18, U.S. Code,
and constitutes theft and is punishable by law. Therefore, unauthorized use of
MHPCC computing systems, resources, and facilities may constitute grounds for
either civil or criminal prosecution.
By signing this document, you acknowledge and consent that when you access Department
of Defense (DoD) information systems, you are accessing a U.S. Government (USG)
information system (IS) (which includes any device attached to this information
system) that is provided for U.S. Government authorized use only.
Please READ each section. Sign and date the document at the bottom. When
the MHPCC receives this document with your signature, your account
will be activated. We must have a signature on file, so please do not email this
document.
Please return this document through mail or fax to:
MHPCC
550 Lipoa Parkway
Kihei, Maui, HI 96753
ATTN: User Services Group
FAX: 808-879-5018
In the text below, "users" refers to all users of
the MHPCC computing systems, resources, and facilities.
| |
POLICY STATEMENT
|
| 1. |
Users are responsible for using the MHPCC computing systems, resources,
and facilities in an efficient and effective manner. |
| 2. |
Accounts that have not been used for node processing for six
months will be locked. Accounts that have not been used for node processing for
twelve months will be removed from the system. |
| 3. |
ALL data from removed accounts will be deleted. It is the users
responsibility to move/copy data to their home site PRIOR to deletion. Users will
receive deletion notification PRIOR to account deletion. |
| 4. |
The MHPCC computing systems are unclassified systems. Therefore,
classified information may not be processed, entered, or stored on a computing
system. |
| 5. |
Users are responsible for protecting any information used or stored
in their MHPCC accounts. Consult the MHPCC website for guidelines on protecting
your account using the standard system protection mechanisms. |
| 6. |
Users shall not divulge access information (e.g. lists of user
accounts). |
| 7. |
Users are requested to report any weaknesses in MHPCC computer
security, any incidents of possible misuse or violation of this agreement to the
proper authorities by contacting MHPCC User Services or by sending electronic
mail to:
security-post@mail.mhpcc.hpc.mil |
| 8. |
Users shall not attempt to access any data or programs contained
on MHPCC systems for which they do not have authorization or explicit consent
of the owner of the data/program or the MHPCC Director. |
| 9. |
Users shall not share their MHPCC account(s) with anyone. This
includes sharing access to the account. If sharing of an account is suspected,
access will be denied until confirmation is obtained. |
| 11. |
Users shall not make copies of copyrighted software or other materials,
except as permitted by law or by the owner of the copyright. |
| 12. |
Users shall not purposely engage in activities to: harass other
users, degrade the performance of systems, deprive an authorized MHPCC user access
to a MHPCC resource, obtain extra resources beyond those allocated, circumvent
MHPCC computer security measures, or gain access to an MHPCC system for which
proper authorization has not been given. |
| 13. |
Electronic communication facilities are for MHPCC-authorized use
only. Fraudulent, harassing, or obscene messages or materials shall not be sent,
received, or stored on MHPCC systems. |
| 14. |
Users shall not download, install, or run security programs or
utilities which reveal weaknesses in the security of a system unless they have
the written permission of the MHPCC Executive Director and the Director of Operations. |
| 15. |
Users will not use .rhosts files, except to point to those systems
that are in the approved list described in MHPCC's online documentation. |
| 16. |
Users will use passwords that conform to MHPCC's password policy.
|
| 17. |
User .netrc and .rhosts files must have file permissions set to
600. All other dot files should have file permissions set to 600 or 640. |
| 18. |
All user directories and files are required by security mandates
to not have ANY world permissions. All files and directories must have permissions
set to ##0, EXCEPT files on the MHPCC world permissions exceptions list. |
| 19. |
All MHPCC users are responsible to notify MHPCC whenever ITAR/export
controlled software is being installed on any MHPCC system. |
| 20. |
The U.S. Government routinely intercepts and monitors communications
on this information system for purposes including, but not limited to, penetration testing,
communications security (COMSEC) monitoring, network operations and defense, personnel
misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
|
| 21. |
At any time, the U.S. Government may inspect and seize data stored
on this information system.
|
| 22. |
Communications using, or data stored on, this information system
are not private, are subject to routine monitoring, interception, and search,
and may be disclosed or used for any U.S. Government-authorized purpose.
|
| 23. |
This information system includes security measures (e.g.,
authentication and access controls) to protect U.S. Government interests--not
for your personal benefit or privacy
|
| 24. |
Using an information system does not constitute consent to personnel
misconduct, law enforcement, or counterintelligence investigative searching or monitoring
of the content of privileged communications or data (including work product) that are
related to personal representation or services by attorneys, psychotherapists, or clergy,
and their assistants. Under these circumstances, such communications and work product are
private and confidential, as further explained below:
|
| 25. |
Nothing in this User Agreement shall be interpreted to limit the user's
consent to, or in any other way restrict or affect, any U.S. Government actions for purposes
of network administration, operation, protection, or defense, or for communications security.
This includes all communications and data on an information system, regardless of any
applicable privilege or confidentiality.
|
| 26. |
The user consents to interception/capture and seizure of ALL communications
and data for any authorized purpose (including personnel misconduct, law enforcement, or
counterintelligence investigation). However, consent to interception/capture or seizure of
communications and data is not consent to the use of privileged communications or data for
personnel misconduct, law enforcement, or counterintelligence investigation against any party
and does not negate any applicable privilege or confidentiality that otherwise applies.
|
| 27. |
Whether any particular communication or data qualifies for the protection of
a privilege, or is covered by a duty of confidentiality, is determined in accordance with established
legal standards and DoD policy. Users are strongly encouraged to seek personal legal counsel on
such matters prior to using an information system if the user intends to rely on the protections
of a privilege or confidentiality.
|
| 28. |
Users should take reasonable steps to identify such communications or data that
the user asserts are protected by any such privilege or confidentiality. However, the user's
identification or assertion of a privilege or confidentiality is not sufficient to create such
protection where none exists under established legal standards and DoD policy.
|
| 29. |
A user's failure to take reasonable steps to identify such communications or data
as privileged or confidential does not waive the privilege or confidentiality if such protections
otherwise exist under established legal standards and DoD policy. However, in such cases the U.S.
Government is authorized to take reasonable actions to identify such communication or data as being
subject to a privilege or confidentiality, and such actions do not negate any applicable privilege
or confidentiality.
|
| 30. |
These conditions preserve the confidentiality of the communication or data, and the
legal protections regarding the use and disclosure of privileged information, and thus such communications
and data are private and confidential. Further, the U.S. Government shall take all reasonable measures to
protect the content of captured/seized privileged communications and data to ensure they are appropriately
protected.
|
| 31. |
In cases when the user has consented to content searching or monitoring of communications
or data for personnel misconduct, law enforcement, or counterintelligence investigative searching,
(ie., for all communications and data. Other than privileged communications or data that are related to
personal representation or services by attorneys, psychotherapists, or clergy, and their assistants), the U.S.
Government may, solely at its discretion and in accordance with DoD policy, elect to apply a privilege or other
restriction on the U.S. Government's otherwise-authorized use or disclosure of such information.
|
| 32. |
All of the above conditions apply regardless of whether the access or use of an information
system includes the display of a Notice and Consent Banner ("banner"). When a banner is used, the banner
functions to remind the user of the conditions that are set forth in this User Agreement, regardless of
whether the banner describes these conditions in full detail or provides a summary of such conditions,
and regardless of whether the banner expressly references this User Agreement.
|
|
