ICHEC Account Registration

Privacy Policy

Version 1.4 (August 2018)

1. Introduction

This National HPC Service is managed by the Irish Centre for High End Computing (ICHEC). We at the Irish Centre for High End Computing (ICHEC), respect your right to privacy and comply with our obligations under the General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018. The purpose of this Privacy Policy is to outline how we deal with any data (personal or otherwise) which you provide to us while using this service.

2. Types of Information Collected

Some Personal Data that identifies you or can be used to identify or contact you is required and includes your name, username, address, email address, institution affiliation and project memberships. Your nationality is also recorded for compliance with export law restrictions. Additionally Non-Personal Data is generated through your usage of the HPC service and includes system access logs, resource usage, application license usage and helpdesk support requests. It also includes all research data, source code, etc which is held on the HPC filesystems and tape backup media during the course of the use of the HPC service.

3. Purposes for which we hold your Information

We will process any Personal Data you provide to us for the following purposes:

  1. To contact you if required in connection with National HPC Service project management
  2. To contact you if required in connection with any security or acceptable usage policy violations.
  3. To respond to any communications or support requests you might send to us.
  4. To inform you of any operational HPC service notifications deemed essential for dissemination to all current users of the service via a purpose specific mailing list.
  5. To keep you informed of updates if you clearly request this by signing up to relevant mailing lists.

We use the various types of Non-Personal Data in a variety of ways:

  1. Resource usage in an aggregate form is used to provide system usage reports to funding agencies and other stakeholders.
  2. Helpdesk and support data is used in aggregate form to produce reports and statistics for funding agencies and other stakeholders.
  3. Access logs, system accounting logs and command execution history files may be used by authorised ICHEC technical support staff for the purposes of troubleshooting faults or technical support requests or as part of any security related investigations.

4 Research data, source code or any other files held on the HPC filesystems or tape backup media may be accessed by ICHEC technical support staff when required as part of a support request or while investigating technical faults or performance problems on the HPC systems.

4. Disclosure of Information to Third Parties

We will not disclose your Personal Data to third parties unless you have consented to this disclosure. We will disclose your Personal Data if we believe in good faith that we are required to disclose it in order to comply with any applicable law, a summons, a search warrant, a court or regulatory order, or other statutory requirement. We may provide Non-Personal Data to third parties, where such information is combined with similar information of other users of the HPC service. For example, we might inform third parties regarding the number of unique users who use the service, the number of users from each institution, the resource usage in total or broken down by institution or project class, etc. The third parties to whom we may provide this information include government agencies funding the service and other stakeholders involved in the management and oversight of the service. Some of this data, particularly aggregate resource usage data may also be published on ICHEC’s website or other publications. Research data such as files or source code used as part of a project or resource usage information relevant to a specific project may be shared with the Principal Investigator of that project.

5. Security

Your Personal Data is held on secure servers hosted by us. The nature of the Internet is such that we cannot guarantee or warrant the security of any information you transmit to us via the Internet. No data transmission over the Internet can be guaranteed to be 100% secure. However, we will take all reasonable steps (including appropriate technical and organisational measures) to protect your Personal Data.

6. Updating, Verifying and Deleting Personal Data

We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with the ICHEC. You may inform us of any changes in your Personal Data, and in accordance with our obligations under the General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018 we will update or delete your Personal Data accordingly. To find out what Personal Data we hold on you or to have your Personal Data updated, amended or removed from our database, please email us at privacy@ichec.ie.

7. Changes to the Privacy Policy

Any changes to this Privacy Policy will be posted on ICHEC’s website and you will be notified by email (where available).

Acceptable Usage Policy

Version 1.6 (June 2020)

The Irish Centre for High-End Computing (ICHEC) operates a national service for the provision of High-Performance Computing to researchers in Ireland. This service is shared by a large number of people and projects so to ensure that this common resource is run securely, fairly and efficiently the present document defines a set of rules which we require of users in order to achieve this end. Any breaches of this policy will be brought to your attention, and if you do so seriously or constantly, we will take it up with your Principal Investigator. If necessary, we will hold jobs, or even kill them, in order to keep the system as a whole operating smoothly and may suspend your login account.

1. Access

1.1 User accounts must not be shared between individuals under any circumstances. Passwords, SSH keys and other credentials must be kept private and secure. Provision is made for collaboration and data sharing through shared project work directories so there is no reason for user account sharing.

1.2 Users may not apply for multiple accounts. However, users may join more than one project, and therefore gain legitimate access to resources associated to all these projects, including access to more than one project directory.

1.3 Multi-Factor authentication may be required to access some/all of our services.

1.4 Only secure, encrypted connection protocols (such as SSH, SCP, etc.) will be accepted.

1.5 Users should make themselves aware of the ICHEC Privacy Policy before using the ICHEC service in order to understand what personal data and non-personal data is stored and how it is used.

2. Data and Storage

2.1 Do not use /tmp for temporary storage. Special per-job scratch directories are created for running jobs as well as special directories for specific applications. See system documentation on the website or open a support query if in doubt.

2.2 Do not process or store any copyrighted applications or data without permission or license or illegal data or applications on the system. All users are responsible for the contents of their storage areas.

2.3 Sensitive or personally identifiable data such as medical patient data must not be stored on the system.

2.4 All users have a responsibility to ensure that any data has been fully anonymised before transferring to ICHEC Systems and that all data is used, gathered, processed, stored and transferred in compliance with Data Protection obligations.

2.5 Only user home directories are backed up. Project work directories under /ichec/work are NOT backed up. Backups of home directories are only carried out as part of our system failure recovery plan, and the restoration of user files deleted accidentally is NOT provided as a service. Any valuable data should be copied off ICHEC systems regularly as we do not have the resources to guarantee the long term integrity of the large volumes of data stored.

2.6 Users may not attempt to read other users' data without their prior authorisation, (irrespective of the file permission) except in the case where members of a common project/group share data in the dedicated project directories.

3. Running applications

3.1 Login nodes are for the sole purpose of performing code development (editing, compiling, etc.), submitting batch jobs and running short, lightweight pre- and post-processing tasks. Production applications must not be run on the login nodes, and must instead be submitted to the batch system.

3.2 As the number of development nodes is limited and ICHEC is a shared service, we ask users to use these nodes responsibly, and refrain from grabbing all available resources. Users are therefore asked not to reserve more than one set of development nodes for interactive use.

3.3 Applications which adversely impact the stability or performance of the system for other users will not be permitted. If and when such applications are identified by ICHEC technical staff, users must stop all runs until a solution is in place and permission has been given by ICHEC technical staff to resume running the application.

3.4 The use of unlicensed software, or the use of licensed software which contravenes the licensing terms is strictly prohibited. To that effect, ICHEC has made a number of centrally supported licensed packages only available on request to ensure strict compliance with licensing terms.

4. Commercial use

4.1 Unauthorised commercial use of our systems is strictly prohibited.

5. Security

5.1 The password for your ICHEC account should be unique and kept private. Similarly, a unique ssh keypair should be used for ICHEC with the private key encrypted with a strong passphrase.

5.2 If you suspect that your password or ssh key has been compromised, for any reason whatsoever, change it immediately using a secure channel! Also, this incident should be reported via email to the ICHEC helpdesk.

5.3 If you suspect that a machine has been compromised, contact the ICHEC helpdesk immediately.

5.4 Any attempt to gain unauthorised access through password guessing, network and system scanning or the use of software vulnerability exploits is strictly prohibited.

5.5 ICHEC staff will never ask you for your password and if you do receive anything suspicious please notify us via a valid email address such as support@ichec.ie.

6. Acknowledgement and Support

As ICHEC is publicly funded to help enable high level research, it is of vital importance that the results of this research are publicised to a wide audience. This is essential in justifying any past and future investment in HPC resources. In order to do this we require at a minimum that:

6.1 Any publications, posters, presentations, etc. arising out of work completed with the help of ICHEC should include an acknowledgement such as "The authors wish to acknowledge the Irish Centre for High-End Computing (ICHEC) for the provision of computational facilities and support."

6.2 Researchers should notify ICHEC of any publications, posters, presentations, etc. arising out of work completed with the help of ICHEC.

6.3 On request, researchers should provide summaries of the work carried out on ICHEC resources for the purposes of annual reports, etc.

If you experience any problems with this page, or if you have any questions, please email support@ichec.ie.