2026-03-03 - ACCESS EC Meeting Agenda & Summary

Attendees:

RAMPS/Allocations: Bruno Abreu (v), Nathan Tolbert
MATCH/Support: Shelley Knuth (v), Alana Romanella, Jim Griffioen
CONECT/Operations: Tim Boerner (v), Leslie Froeschl
MMS/Metrics: Tom Furlani (v), Joe White
RP: Eric Adams (v), Virginia Trueheart
EAB: Chuck Pavloski
OpenCI/ACO: John Towns (v), Amit Majumdar, Misha Shah, Lisa Kaczmarczyk, Shannon Bradley
NSF: Sharon Geva, Ed Walker
Speakers:

Parking Lot

No Meeting on Mar 10, 2026

https://docs.google.com/spreadsheets/d/1qlv6quvIWVgjtkh6KDZwH7lzP7AX9Pcnv-T40vf9U6Y/edit?gid=2127193757#gid=2127193757

Decisions made during the meeting:

Use Decision Macro - Tool (under Insert Elements in the toolbar)

Approved: Policy NSF request regarding restricting users from non-authorized countries - ready to implement as long as we move to remove users who have non institutional emails now

Agenda

Consent Agenda - Updates for the team that should be completed/read offline

If possible, please fill in this info prior to the meeting - thank you!

Consent Agenda - @Tom Furlani (5 mins)
1. Approval of summaries from prior EC meeting - https://access-ci.atlassian.net/wiki/spaces/ACP/pages/1987149825
2. approved
Informational Items
1. Link to ACCESS swag shop - https://dixon-graphics.com/access-ci/shop/home
Allocations - @Bruno Abreu
1. no updates
Support - @Shelley Knuth /Alana/Jim
1. AI workshop that happens in June - registration open for a few more days - over 400 applications and 20+ proposals to speak - may need to have a virtual option for this one
  1. deadline 3/9/2026
2. Tool Development
Operations Tim/Leslie
1. no updates
Metrics @Tom Furlani @Joseph White
1. no updates
RP Forum @Eric Adams (RCAC) @Virginia Trueheart
1. already covered in the meetings
2. with all of the unknows trusting we can work together to work it out
3. they will have responses to the international requirements
EAB @Chuck P
1. Waiting on report from EAB Chair from the ACCESS Meeting on Feb 17, 2026
2. Need to filter down old issues ASAP in order bring closure to them https://access-ci.atlassian.net/browse/ATT-219
  1. report as needed back to the EC Leads
ACO @John Towns
1. wrapping up quarterly and EAB meetings
NSF - Sharon and Ed -
1. no updates
Standing Committee Updates - EC Liaison - (Chuck lead)
1. https://docs.google.com/document/d/1pNfsXwr7640_7zk03mJu2jDUqDAsG37fOezlqNYcX0E/edit?usp=sharing -
2. Communications Standing Committee
  1. no report
3. Cybersecurity Standing Committee
  1. Did not meet since last EC meeting; nothing to report.
4. Evaluation Standing Committee
  1. no report
5. Infrastructure Standing Committee
  1. no report
6. Ticketing Standing Committee
  1. no report
7. Web Presence Standing Committee
  1. no report
8. Data Architecture WG (Proposed)
  1. no report
Milestone Review: (Link Below)
EC Meeting To Do / Follow Ups: (Link Below)
Reminders
1. don't forget to review Engagement Tracker and Risk Register Review
  1. Upcoming Meetings & Events (https://docs.google.com/spreadsheets/d/1_EXKUOXmY-TVkDWaHR1-SuiKt404uGEnGSr6uQCkwzw/edit?gid=0#gid=0 )
  2. https://access-ci.atlassian.net/jira/core/projects/RR/list?sortBy=assignee&direction=DESC&filter=status%20in%20(%22Execute%20Contingency%22%2C%20Monitor%2C%20Review)
2. create a ticket if you have anyone onboarding or offboarding and need access permissions set properly

Additional Agenda Items

Update on NSF request regarding restricting users from non-authorized countries (Bruno, Nathan)
1. Nathan and I will go over the plan with you all today. Here's what we have so far if you want to check it out:
  1. https://docs.google.com/document/d/1vuo9Uxjmu4j9bE2wp19Y3TdaZTR6oxMjzyH9XNpLi6Y/edit?tab=t.0#heading=h.cscdmaijbyoi
2. Asked NSF for clarification - they said it was up to us - but they have no flexibility to what they provided
3. Any international user that needs to be added moving forward - it will be done by Allocations - it cannot be done by a PI
  1. NSF wants to know beforehand - they want to know why they want the allocation
  2. We need to build the framework
4. Amit - if the machine has a user outside of ACCESS user that is wrong
  1. all user management HAS to come thru ACCESS
  2. RP has to have their own screening progress but it still has to be screened through ACCESS
5. AUP language needs to be updated - Cybersecurity Guidance Council
  1. https://access-ci.atlassian.net/browse/ATT-253
6. Tom - if someone applies for an allocation and they have an international users
  1. we have to request name, email and affil, justification and ACCESS ID
  2. then a request comes to ACCESS team
  3. and they review
7. What if someone changes institution
  1. had a US institution and then moves
  2. We need to catch those - need to put them in the document
  3. will need to catch on renewals - they will need to be caught
8. Tom - how will you define someone as a visiting researcher
  1. they have an illinois account
  2. but is actually an international user
9. definition - exclusively international
10. John - there are a bunch of international people who have an illinois email that last a long time
11. Bruno - yes this is an identified risk
12. John - how do we prevent an RP from adding a user - just telling them to not do that might not work
13. Nathan - we can yell at them but we have no way to prevent them
14. John - we will have unknown user records - Sharon should keep this on their radar
15. Virginia - at TACC we make PIs responsible for those who are on their account - and they don’t have a way to shut off a subset of allocations on discretionary accounts
16. John - letting Sharon and Ed know that this is something they need to know
17. Tom - it will not look good if we say we can’t control it - the RP did it - from the US government’s position you guys are ultimately responsible - why should we fund you if you can’t control your systems
18. We need to have a system that is as iron clad as we can
19. Eric - this was brought up in the RP forum a lot - Bob brought this up there as well - RPs have the same responsibilities - Access does not have systems - ACSS monies paid for the systems - ACCESS doesn’t have the control - but if we do find out we can turn off access but this is a dangerous path to go down - Regardless of what ACCESS does the RP does have to take their own steps
20. Amit - PIs did get email from Bob C - they have to follow requirements which were sent by Sharon and Bob - both ACCESS users and discretionary users
21. Tom - so when a PI wants to add a user - it gets vetted twice
22. Amit - yes - and the discretionary ones are only vetted once but they should go thru a similar vetting process
23. Consistent definition of active users between RPs and ACCESS - the only way we can guarantee that is if we collaborate - the user list should agree between both sides
24. John - safety check - if you get an unrecognized user what happens -
25. Joe - if they find unknown mappings - they should be able to identify some of them - they only get post usage from some sites (like sdsc)
26. Virginia - they have started running a nightly audit to find mismatches to send to ACCESS
27. Tom - last week we talked about working from the same list
28. Bruno - it is not feasible to get a single list - what RPs are being told and what ACCESS is being told is slightly different - ACCESS is being told to create a whole international framework - not just a manage people on a certain list
29. Virginia - NSF was to disallow gmail accounts
30. Nathan - for old ones we have not removed people - new requirement is annual recertification for international - we are thinking of doing for all and then they won’t be able to use gmail
31. Sharon - you can’t verify anything with a gmail these days
32. Nathan - removed or correct the profiles
33. Bruno - people can still add international users until the next review cycle? should we stop this before the review?
34. Shelley - agrees with Tom - if there was an article in the news paper about this - could we defend it? Concerned if we are using email and only checking it 1x a year this could cause a problem - this does not correct the problem - ACCESS will be in a heap of trouble
35. Tom - we have corrected some of the problem - but we need to do more now
36. Bruno - we have over 700 people who are international that we can disable right now - is that what we want to do - is this good user support?
  1. Per Joe looks like ~1300 users who have run ACCESS jobs in the last year who have a gmail, hotmail aol, or yahoo address
  2. Plus the ones that don’t match a known institution
37. Shelley - we can probably do it better than just flipping a switch
38. Virginia - at TACC they took 2 weeks and publicized it all over - for the most part they only had 10 tickets with issues immediately - they reminded everyone - with preemptive communication it is not as bad as it could be
39. Nathan - it does make sense to just deactivate now
40. Tom - it is not owed to them to have access - we just need them to verify and follow the rules - just trying to protect the program
41. John - agree - we just need to rip the bandaid off
42. Thank you to Bruno Nathan Virginia and Eric
43. Previously it was just countries of concern - now it is all international
44. Bruno - we have to have approval to run plan as it stands
  1. Tom - as long as we are turning off gmail and things now yes
  2. all the rest yes
EAB Meeting review and any next steps (Chuck)
1. raw meeting notes: https://docs.google.com/document/d/1X_nTv84tI7af0suIQw0SNLRPcQ1T7ognN9m1zJPopII/edit?usp=sharing
2. waiting for report from Nitin (has until March 17th)
3. report is then shared with EC with specific action items highlighted
4. action items are then added to the https://access-ci.atlassian.net/browse/ATT-219
What are we planning for PEARC?
1. Tom was looking into PEARC sponsor Level - ATT-215
2. Support for PEARC26. The support of our exhibitors helps drive our conference forward. The Exhibitor Sign-up sheet is at
  https://forms.gle/NCxFG64tfJBbjKM2A
3. Supposed to be in Minneapolis - there is some angst
Standing Committee Reports
1. are there any? - not this week - Chuck

Discussed offline - FYI

Process for new people questions

It looks like there are two people who were possibly new in August and September of 2025. Shannon sees request for access to JSM. Do they have access now?
This is why the proposed - make a ticket and assign it to Shannon would help so much. I don’t remember getting notified of these.

RESPONSE FROM TICKETING SYSTEM TEAM: We denied these requests. Any requests for ticket handling access by any ACCESS team or RP should be submitted as a ticket at https://support.access-ci.org/help-ticket. Shannon should NOT be approving JSM access. The ticketing team handles these requests 1) to allow us to vet requests and ensure the person indeed should have JSM access, and 2) to ensure we grant the person correct permissions to the correct ticket queue(s).

Next Meeting: Mar 17, 2026

LINKS

Program Milestones

https://access-ci.atlassian.net/jira/core/projects/ECMT/list?sortBy=duedate&direction=ASC&filter=status%20in%20(Annually%2C%20Monthly%2C%20Ongoing%2C%20Quarterly%2C%20%22Semi%20Annually%22%2C%20Upcoming)%20AND%20labels%20%3D%20EC

EC Meeting Task Tracking + Quarterly and Annual Meetings To Do Follow Ups

https://access-ci.atlassian.net/jira/core/projects/ATT/list?sortBy=duedate&direction=ASC&filter=%22Category%5BCategory%5D%22%20IN%20(%22EC%20Meeting%20To%20Do%22%2C%20%2224Feb-QtrlyMtg%22%2C%20%2224June-QtrlyMtg%22%2C%20%2224Dec-QtrlyMtg%22)%20AND%20status%20IN%20(%22In-Progress%22%2C%20%22To%20Do%22)

Reference:

Risk Register:

https://access-ci.atlassian.net/jira/core/projects/RR/board

Project Change Request:

https://access-ci.atlassian.net/jira/core/projects/PCR/board