NREL HPC Appropriate Use Policy
NREL HPC Resources
The following is a list of general computer use policies, procedures, and security rules that apply to individual end users of the National Renewable Energy Laboratory (NREL) High Performance Computing (HPC) resources. Further information on NREL HPC data security policies and practices can be found on the NREL HPC Home page. Principal Investigators are responsible for ensuring that these policies, procedures, and security rules are followed for their organizations and ensuring that HPC users working under their supervision fulfill these responsibilities.
HPC User Accountability
HPC users are accountable for their actions. Violations of policy, procedure, and security rules may result in applicable administrative sanctions or legal actions.
HPC Resource Use
NREL HPC resources are to be used only for activities authorized by the U.S. Department of Energy (DOE) or the NREL Computational Science Center.
The use of NREL HPC resources for personal or private benefit is prohibited. The use of NREL HPC resources to support illegal, fraudulent, or malicious activities is prohibited. The use of NREL HPC resources to facilitate any transaction that would violate U.S. export control regulations is prohibited.
The DOE and NREL make no express or implied warranty with respect to the use of NREL HPC resources. Neither DOE nor NREL shall be liable in the event of any HPC system failure or loss of data.
HPC Use by Foreign Nationals
HPC use by foreign nationals is generally permitted regardless of whether access to NREL HPC resources is from the United States or abroad. However, the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) regulations prohibit use of HPC resources by citizens of Cuba, Iran, Syria or Sudan while residing and/or working in one of those countries.
DOE funds support NREL HPC resources and the use of HPC resources by users. If the use of the NREL HPC resources is funded by a Federal research grant, cooperative agreement, or contract the intellectual property terms (if any) of that grant, agreement, or contract will govern the use of NREL HPC resources. If an HPC user is employed by a Federal government agency, National Laboratory, University, or private entity, the intellectual property terms (if any) of such employment will govern the use of NREL HPC resources.
Usernames and Passwords
A user identifier (username) and an associated password are required of all NREL HPC users. Individuals who have an NREL-assigned user identifier are responsible for protecting the associated password. Passwords must be changed at NREL’s request. All passwords must conform to the NREL HPC guidelines which are found on Home/For Users/Passwords. Passwords must not be shared with any other person and must be changed as soon as possible after an unacceptable exposure, suspected compromise, or at the direction of NREL personnel.
HPC users who are account holders connecting to NREL HPC resources from offsite will be issued a multifactor token which may be a physical token or a virtual token used with one-time password software installed on a smartphone. When account entitlement ends, the HPC user’s token will be disabled. Physical tokens remain the property of NREL and must be returned upon completion of approved activities.
HPC users are not permitted to share their accounts with others.
HPC users must immediately notify firstname.lastname@example.org upon awareness that any of the accounts used to access NREL HPC resources have been compromised. HPC users should promptly inform NREL of any changes in contact information.
Upon actual or suspected loss, disclosure, or compromise of the two-factor authentication physical or virtual token and associated password, account holders must immediately notify email@example.com. The two-factor authentication token may not be transferred to another person. If a physical token is no longer required, it must be returned to NREL.
Software and Data
The use of NREL HPC resources to store, manipulate, or remotely access information, software, or data (materials) that require additional controls or that could negatively impact or compromise administrative and business operations of NREL HPC resources requires prior written approval from NREL. Such materials include, but are not limited to, export-controlled software or technical data subject to Export Administration Regulations (EAR) or International Traffic in Arms Regulations (ITAR); Personally Identifiable Information (PII) or health information subject to the Health Information Portability and Accountability Act (HIPAA), and materials subject to "Official Use Only" or similar government restrictions.
THE USE OF NREL HPC RESOURCES TO STORE, MANIPULATE, OR REMOTELY ACCESS CLASSIFIED INFORMATION, UNCLASSIFIED CONTROLLED NUCLEAR INFORMATION (UCNI), NAVAL NUCLEAR PROPULSION INFORMATION (NNPI), SECRET RESTRICTED DATA (SRD), SPECIAL ACCESS REQUIRED DATA (SAR), THE DESIGN OR DEVELOPMENT OF NUCLEAR, RADIOLOGICAL, BIOLOGICAL, OR CHEMICAL WEAPONS, OR OF ANY WEAPONS OF MASS DESTRUCTION IS EXPRESSLY PROHIBITED.
NREL HPC resources are operated as research systems and should only be used to access and store data related to research. These research systems are categorized as low per FIPS-199 and protected to the NIST 800-53 low security control baseline.
NREL HPC resources control data access via username and password authentication for network access and UNIX directory and file permissions for data storage. Network access and data storage systems provide no explicit encryption. HPC users are responsible for protecting data files and acknowledge and understand that NREL’s HPC security control implementation is sufficient for research data access and storage.
HPC users must ensure that when using HPC resources that all software is acquired and used according to appropriate licensing. Possession, use, or transmission of illegally obtained software on HPC resources is prohibited. HPC users shall not copy, store or transfer copyrighted software or data using HPC resources, except as expressly permitted by the copyright owner.
NREL reserves the right to remove any data at any time and/or transfer data to other individuals (such as Principal Investigators working on a same or similar project) after a user account is deleted or a user no longer has a business association with NREL.
Although NREL takes steps to ensure the integrity of stored data, NREL does not guarantee that data files are protected against destruction. HPC users are strongly encouraged to read the NREL HPC data retention policy and to make backup copies of all data and important software in the Mass Storage tape archive system or at other sites.
In some cases, NREL may elect to make backup copies of some data files. When backup copies are made, NREL reserves the right, at its sole discretion, to hold such backup copies indefinitely or to delete them.
Deviations from Authorized Privileges Not Allowed
HPC users may not deviate from the terms of this NREL HPC Appropriate Use Policy in any way, including, but not limited to, the following prohibitions:
Unauthorized Access: HPC users are prohibited from attempting to send or receive messages or access information by unauthorized means, such as imitating another system, impersonating another user or other person, misusing legal user credentials (usernames, passwords, etc.), or causing some system component to function incorrectly.
Altering Authorized Access: HPC users are prohibited from changing or circumventing access controls to allow the user or others to perform actions outside authorized privileges.
Reconstruction of Information or Software: HPC users are prohibited from reconstructing or re-creating information or software outside authorized privileges.
Data Modification or Destruction: HPC users are prohibited from taking actions that intentionally modify or delete information or programs outside authorized privileges.
Malicious Software: HPC users are prohibited from intentionally introducing or using malicious software, including, but not limited to, computer viruses, Trojan horses, or worms.
Denial of Service Actions: HPC users are prohibited from using NREL HPC resources to interfere with any service availability, either at NREL, or at other sites.
Pornography: HPC users are prohibited from using NREL HPC resources to access, upload, download, store, transmit, create, or otherwise use sexually explicit or pornographic material.
Harassment: HPC users are prohibited from engaging in offensive or harassing actions toward another individual or organization.
Monitoring and Privacy
HPC users have no explicit or implicit expectation of privacy. NREL retains the right to actively monitor all HPC resources, activities on NREL systems and networks and to access any file without prior knowledge or consent of HPC users, senders, or recipients. NREL may retain copies of any network traffic, computer files, or messages indefinitely without user's prior knowledge or consent. NREL may, at its discretion, share information gathered through monitoring with the Department of Energy, other incident response organizations, and local, state, federal, and international law enforcement organizations.
NREL personnel and HPC users are required to address, safeguard against, and report misuse, abuse and criminal activities. Misuse of NREL HPC resources can lead to temporary or permanent disabling of accounts, loss of DOE allocations, and administrative sanctions or legal actions.
NREL HPC Appropriate Use Policy, revision 2.0, date: January 20, 2017