The HPCMP has several facets which have need of the same or similar information for different purposes. Program Managers in the HPCMO, Center Managers, S/AAA’s, and users all have need of the same information for different purposes. The information should be consistent, correct, and easily accessible.

I tend to think of the information we need in the following categories:

Project information- This includes information at the sub-project level and is mostly captured from Section 1 of the account application in conjunction with the Requirements database. Some of the project info is in the requirements database, but all that we need is not there.

User information- We currently capture some user information on Project Leaders, but we don’t capture all we need, and we don’t capture it for everyone for whom we need it.

Allocation/Utilization information- Currently each center, S/AAA, and the HPCMO have allocation info as well as utilization info. I’d be surprised if the allocation info matched from one database to the next. With regards to the Utilization information, Centers should NOT be in the business of generating reports. Rather they should have a specified format and a specified place to put the information so that those who need a report can get what they want/need/are allowed to have.

Transaction information- Allocations are traded nearly constantly among projects, organizations, and services. It is a good idea to have a record of all transactions.

Project Information-

• PI/PL Name
• Title
• Organization
• Project number
• Sub project number
• Resources with valid allocation (link to allocation info below)
• CTA
• S/AAA info
• Name
• Organization
• phone
• email
• fax
• Requirements
• Co-Investigators working on project (link to user info below)
• Special software requested
• Requirements data (from Larry’s db)
• Latest FY for which paperwork complete (per center/system)

User Information-

• User name
• User title (only for the extremely pompous ;-> )
• Citizenship
• alien registration number/expiration date if not US citizen
• Organization
• Organizational hierarchy indicator (Code, group, etc)
• Mailing address
• line 2
• line 3
• line 4 (optional)
• line 5 (optional)
• Phone
• Fax
• Email
• Sub-projects has valid access to (link to project info above)
• Government/non-government
• Gov’t POC + POC info (if not gov’t)
• Contract number/expiration date (if not gov’t)
• NAC info
• Relevant Issuing Security Office
• Date issued/expired
• Kerberos Principal
• Last 4 digits of SSN (optional)
• S/AAA (linked via project above)
• Centers/systems on which user has valid access
• unames at the above centers
• Signed Section 3 on file where? dated?

• Latest FY for which paperwork complete (per center/system)

Allocation/Utilization information

• Challenge allocation by center/system

• Service/Agency level allocation by center/system

• Allocation request per sub-project by center/system
• Allocation awarded per sub-project by center/system
• Utilization per user per sub-project per center/system (daily values)

Transaction information

• Debits/Credits
• Date of transaction
• Organization(s) involved
• Appropriate concurrence(s)

One of the first things this database can be used for is to generate the account applications for FY00 renewals. We would need a mechanism to include new projects/PI’s. Other uses include simplified procedures for moving allocations among projects, cleaning out old accounts/projects, generating usage reports, managing allocations (PIs and S/AAAs), finding the extent of a user’s valid access (security incidents), establishing accounts (cross-realm setup). I’m sure there are things I’m missing here, but this is a start.

I’m aware of the fact that the security of our current method is very good because it is so convoluted, diverse, and you get different answers depending upon whom you ask. Consolidating all the info and making access of the information to valid people would necessitate much more careful scrutiny and security practices to keep from compromising the data. All involved would need assurance regarding the integrity of the data. I know this can be. We all use ATM machines and do online banking, so accurate, secure info is not impossible or new.