The Conditions of Use are split into sections. Click on a link below to jump to that section.

  1. Network Policy
  2. Security Policy
  3. Password Policy

To use iVEC’s high performance computing facilities and communications infrastructure you must agree to the conditions below.


General

  • The systems provided by the iVEC Facilities and the communications infrastructure are only to be used for activities directly related to approved projects.
  • The systems provided by the iVEC Facilities and the communications infrastructure are to be used in an efficient and economical manner.
  • iVEC and the iVEC Facilities take no liability for any loss as a result of use of the iVEC Facilities and the communications infrastructure.
  • Users are bound by various state and federal legislation that, amongst other things, bans Discrimination, Harassment, Vilification, Bullying and Defamation and movement or retention of Illicit material.
  • Users are bound by the Australian Copyright Act and must not use iVEC infrastructure to break any of these laws. More detail is available at http://www.copyright.org.au/information, particularly the section “Websites, internet, software”.
  • iVEC has mailing lists associated with some of its infrastructure, as well as a general "friends" mailing list.  It is compulsory to receive these notifications while having an active iVEC account.
  • If emails to you repeatedly stop working we may temporarily suspend your account.  Please keep us informed of changes in your email address.
  • These Conditions of Use and associate policies may change over time and the most recent version supercedes all others.

Publications

  • All publications resulting from the use of iVEC Facilities and communications infrastructure must acknowledge iVEC as well as the iVEC Facility used. Addition of the following text to the paper acknowledgments will be sufficient: The work was supported by iVEC through the use of advanced computing resources located at FACILITY(s).  Examples for FACILITY include iVEC@Murdoch and iVEC@UWA.

Computational Resources

  • Installation of any software must have prior approval from the relevant iVEC Facility.
  • Use of software covered by any license agreement is bound by that agreement.
  • Users must not divulge their account details to any other person and must take every reasonable precaution to ensure their passwords are secure.
  • Users agree to advise the iVEC management if they become aware of any security breach or potential risk.

Return to Top

 

Network Policy

Preamble

The iVEC network connects all joint-venture partners via dark fibre over which iVEC has complete control – there are no managed services. This network was first put in place in 2002 when CSIRO entered into a 15 year IRU (Indefeasible Right to Use) with UEComms for fibre connections between the ARRC Facility and UWA, and between UWA and Central TAFE, with CSIRO paying the yearly maintenance on these fibres. The fibres connecting ARRC to Curtin were put in by Curtin University, and the fibre from ARRC to Murdoch is leased from Amcom, as is the fibre connecting ECU. The iVEC network connects to the outside world via CSIRO’s connection to AARNet at ARRC, and currently the traffic charges are picked up by CSIRO and not charged back to iVEC.

Purpose and Policies

The purpose of the iVEC network is to provide high-speed connectivity amongst the various iVEC Facilities and connectivity to the outside world for research purposes. It is primarily a research network, and should not be used to transit commercial traffic across any associated R&E networks, such as AARNet.

Apart from iVEC staff at the various Facilities, individual users or groups at the partner organisations may request connection to the iVEC network as part of a project or ongoing series of projects for which they are using iVEC facilities, assuming that they can physically be connected. These requests will be considered on a case-by-case basis, and should not be motivated by a desire to avoid their host institution’s internet traffic charges. The connection of any networking equipment, including wireless access points, to the iVEC network must be approved by the iVEC Network Manager, and come under the administrative control of iVEC (this excludes the interconnection of other partner networks to iVEC, or the reticulation of the iVEC network through another network provider’s infrastructure, where administrative control of the network equipment lies with the provider). Where the iVEC network is reticulated through another network provider’s infrastructure, iVEC will have the final say on the connection of endpoints to the iVEC network. No connections to the internet-at-large may be made except through the official iVEC gateway(s), currently AARNet at ARRC. This includes connecting modems to the network. Except in rare and approved circumstances, hosts should not be simultaneously directly connected to the iVEC network and any other network.

All traffic on the iVEC network may be monitored, and network access to individuals and hosts may be terminated without notice, if network activity is considered inappropriate. Inappropriate use includes downloading or uploading of offensive or illegal or copyrighted content. The iVEC network is not to be used for the sharing of music, movies or videos, nor for the purpose of connecting to iVEC servers or external servers or organisations for which the user does not have authorised access. The conditions of use of iVEC computers also apply here.

It is the user’s responsibility to ensure that hosts connected to the iVEC network run up-to-date anti-virus software where possible and appropriate. Incoming traffic is filtered at iVEC’s firewall, and the default posture is that such traffic is blocked unless explicitly allowed. Requests for ports to be opened on the firewall will be considered by iVEC’s Network Management. Some outgoing traffic may also be blocked, for example, email. All incoming email traffic will go via the CSIRO external email gateways, where it is filtered for viruses and spam. Outgoing email will also travel via these gateways. Anyone on the iVEC network wishing to send outgoing email must send it via the mailserver smtp.ivec.org, which will pass it to the CSIRO gateways. The installation of externally visible servers on the iVEC network must be approved, and should be part of an iVEC-related project. 

Return to Top

 

Security Policy

iVEC and the iVEC Facilities may terminate or restrict any user's access to its computer systems, without prior notice, if such action is necessary to maintain computing availability and security for other users of the systems.

Computer abuse includes, but is not limited to:

  • Using, or attempting to use, iVEC computer systems without prior authorization or for unauthorized purposes
  • Tampering with or obstructing the operation of iVEC computer systems, or attempting to do so
  • Inspecting, modifying, distributing, or copying privileged data or software without proper authorization, or attempting to do so
  • Supplying, or attempting to supply, false or misleading information or identification in order to access iVEC computer systems.

Return to Top

 

Password Policy

Do not fear losing your password. We can reset it for you.

Passwords must:

  • be at least 8 characters.
  • contain a mix of alphabet, digit, and special characters. A mix of case for alphabet characters is recommended.

Passwords must not be:

  • the original password allocated to you
  • a real word with random characters appended or prepended. E.g. "hello!!!"
  • the name of a person, place, or thing, from any language.
  • a real word with substitution of characters of similar appearance. E.g. "pa55w00rd".
  • based on the keyboard layout. E.g. "qwerty!@#"
  • based on personal information, such as family birthdays or pets
  • any passwords forbidden by this policy but spelled backwards
  • shared with anyone else
  • the same as on another system you use.
  • stored or sent unencrypted. This also includes fax, telephone and written down.

SSH Public/Private Key Pairs

You should use public/private key pairs when using ssh. Putty and OpenSSH have facilities for generating keys. In Putty it is "PUTTYGEN.EXE", and for OpenSSH it is "ssh-keygen". Consult their manuals. The ssh passphrase should be different to your account password.

Use SSH2 encryption, not SSH1. Keep the private key on your own computer, and do not let anyone else have it. The public key you can freely distribute. Insert the public key into ~/.ssh/authorized_keys on the iVEC machine (and any others that you log in to with ssh) and make it only readable by you. If the file does not exist, create it. Alternatively, send the public key to a system administrator and get them to install it.

Password Managers

We recommend you use a password manager to store your passwords in an encrypted format. There are plenty of these, such as Norton Password Manager (WindowsXP), PwManager (Linux), and Keepass/KeepassX (Windows, Linux, OSX, Blackberry).

When using a password manager, you only have to remember two passwords. One for the machine you have the passwords on, and one for the master password of the password manager. Seeing you do not need to remember the passwords stored in the manager, they can be very random and secure. Most password managers can generate strong random paswords for you.

If you use the clipboard to copy passwords, then empty the clipboard straight away.

Return to Top