Terms and Conditions

Terms and Conditions for Use of SCARF

0. Introduction

SCARF - Scientific Computing Application Resource for Facilities - is a computing resource for academic research by members of STFC departments, users of STFC facilites and external collaborators of STFC staff. SCARF is operated by the STFC Scientific Computing Department.

1. Purpose of this Document

These regulations are provided to guide and inform you about what constitutes acceptable (i.e. permitted) use of SCARF resources.

The regulations are not intended to constrain you unnecessarily, but to make you aware and protect you as far as reasonable, along with all the participating institutions, from the consequences of any misuse or illegal activity.

2. Scope

These regulations apply to every user of SCARF.

These regulations apply to use of the hardware which comprises SCARF, including internal networks.

These regulations apply to use of all software and data within any SCARF system.

3. Registering to use SCARF

You should refer to the SCARF registration page for details.

STFC staff with a Federal ID and password are not required to use a X.509 Certificate, as this is handled seamlessly using the STFC Single Sign On service.

All other users will have to provide an ssh public key.

4. Regulations

You are granted resources on SCARF for the purposes you described in your application. These resources are not provided for other purposes.

SCARF is intended to provide a stable, high quality service. If there is evidence that the actions of particular users are impacting this, SCARF administrators will take reasonable measures to terminate or reprioritise jobs and processes in order to protect the overall operation of their services. Implicated users will be contacted by SCARF administrators as early as is reasonable.

In order to keep SCARF operating correctly in both the technical and legal senses, it may become necessary to investigate network traffic (including e.g. emails) as well as examine information held on systems that are, or have been, connected to SCARF. Note that the process of accepting a SCARF user identity implies directly that you have given your agreement for this, as described under the provisions of the Regulation of Investigatory Powers Act.

You are granted access to SCARF so that you can use SCARF for the purposes you described in your application. These resources are not provided for other purposes.

You must not interfere with others' work or attempt to invade their privacy.

You must not attempt to disrupt the working of SCARF or any other system.

It is important to understand that when you use SCARF you are bound by three sets of regulations, the ICT regulations of your own institution, those of the SCARF itself (as described here), and the Acceptable use policy of JANET, the network that provides SCARF's connection to the internet. Thus you must have read and understood these before using SCARF.

You are also bound by a number of laws and directives, some of which are alluded to in the appendix Laws and Directives

The terms of software and data licences must be respected.

5. Enforcement

As a user, whenever you use SCARF, you are bound by all the above regulations and the legislation in force at the time. Note that for breaches of some legislation, the police can be involved. Ignorance of regulations or legislation is not a defence. Penalties will be levied for confirmed breaches of regulations. We reserve the right to revoke access to SCARF resources if a breach concerning you is under investigation.

6. Acknowledgements

This document is based on the NGS Terms And Conditions of Use.

Queries

Please address queries regarding the SCARF TACU to the SCARF Helpdesk.

Appendix: Laws and Directives

1. Copyright, Designs and Patents Act 1988

Copyright legislation applies to software and data and because of this: Many items of software and data are only made available under licence agreements, which restrict their use, e.g. to academic research and teaching. The terms of these licences must be respected.

2. Computer Misuse Act

The Computer Misuse Act became law in August 1990. Under the Act attempting to gain unauthorised access and the introduction of viruses are criminal offences. Three new offences were created under the Act: Unauthorised access to computer material Unauthorised access with intent to commit or facilitate commission of further offences Unauthorised modification of computer material In the first category, a person is guilty of an offence if ... "he causes a computer to perform any function with intent to secure access to any program or data held in any computer AND the access or intended access is unauthorised AND he knows at the time when he causes the computer to perform that function that that is the case". Imprisonment can arise from breaking this law. SCARF adminstrators will assume that anyone using someone else's identity, whether registered or not, is committing an offence at least under the first category of this Act. This applies equally to accesses to or from any other computer, whether in this country or abroad. The copying of any data not specifically authorised, even into your own files is an offence in the first category above.

3. Data Protection Act

The Data Protection Act, 1998, provides for the registration and protection of personal data (i.e. that which relates to an identifiable living individual). The principles of the the Data Protection Act The only personal data which users are permitted to store on SCARF resources is research data that has been registered under the Data Protection Act. Using the terminology of the Act, the data controller (usually the person who put the data on the system) is responsible for ensuring that this data is registered and used in accordance with the Act. This would be effected through their own organisation, via its Data Protection Officer (every organisation has one). Note that registration with SCARF will imply that the user has given permission for their details to be stored in a database and to be used for mailing, accounting, reporting, and other administrative purposes connected with running the computer service.

4. Use of High Performance Computers Directive

Following guidance issued by the U.K. Department of Trade and Industry on the use of High Performance Computers, users are not permitted to use the SCARF resources for any research, development, manufacture and procurement of weapons of mass destruction and their delivery systems, in support of internal repression or international aggression, or any other restricted usage as may be listed from time to time. These universal criteria support: The UK's international obligations and commitments to enforce United Nations Organisation for Security and Co-operation in Europe and European Union arms embargoes, together with any national embargoes or other commitments regarding the application of strategic export controls; The UK's international obligations under the nuclear non-proliferation treaty, the biological weapons convention, the chemical weapons convention and the missile weapon convention; The UK's commitments to the international export control regimes -- the Australia group, the missile technology control regime, the nuclear suppliers group and the Wassenaar arrangement which limits usage for proscribed countries including Iran, Iraq, Libya and North Korea; The EU common criteria for arms exports, the guidelines for conventional arms transfers agreed by the permanent five members of the UN Security Council, and the OSCE principles governing conventional arms transfers. Other legislation that may be applicable includes:

5. The Malicious Communications Act 1988

This Act applies particularly in relation to the transmission of grossly obscene or offensive messages.

6. The Obscene Publications Acts

These are a series of Acts relating to publishing obscene materials.

7. The Regulation of Investigatory Powers Act 2000

The Regulation of Investigatory Powers Act 2000 contains provisions about Lawful Business Practices and states that individuals have a right to respect for their private life and correspondence. However this is not an absolute right and the Act recognises situations where other needs take priority. For example some actions which are essential to keep a network functioning may result in communications being seen by the network operator. The Act makes clear that users of networks should expect such actions to take place routinely: there is no requirement on the network operator to give warning of the possible loss of privacy. Organisations that provide computer networks may also examine activity on their own networks for some business purposes. However, before this may be done, all users must be informed that their communications may be monitored. The Lawful Business Practice regulations supporting the Act set out the purposes for which monitoring may be used. These include ensuring compliance with acceptable use policies and other organisational rules but, again, only if users have been informed of the rules in advance. Organisations should therefore ensure that their rules for use of the network, including the JANET Acceptable Use Policy, are clearly and widely advertised. For more information see JANET acceptable use policies and the JANET article on Regulatory Powers.