Xref: eff comp.admin.policy:3077 alt.comp.acad-freedom.talk:8107
Newsgroups: comp.admin.policy,alt.comp.acad-freedom.talk,cis.opinion
Path: eff!kadie
From: kadie@eff.org (Carl M. Kadie)
Subject: Newer Policy from Ohio State University's CIS Dept.
Message-ID: <1993Apr28.190034.13600@eff.org>
Originator: kadie@eff.org
Sender: usenet@eff.org (NNTP News Poster)
Nntp-Posting-Host: eff.org
Organization: The Electronic Frontier Foundation
Date: Wed, 28 Apr 1993 19:00:34 GMT
Lines: 645

[Richard Parent, parent@cis.ohio-state.edu, says that the updated CIS
policy I posted last week is out-of-date. He sent me a TeX version of
the current policy, which I've reformatted for on-line display. I'm
not sure, but I believe the out-of-date policy is the one that is
available on-line to CIS users. - Carl]

                                      Policies of the CIS Department
                                  Computer Access, Staff and Support
                                                  Computer Committee
                                                     29 January 1993

1    Overview

This document is intended to specify policies that pertain to the
usage and administration of the computer facilities within the
Department of Computer and Information Science (CIS) at The Ohio State
University. They have been reviewed by the Computer Committee and
adopted by the CIS faculty. These policies reflect the current
official position of the Department. They are reviewed periodically
and brought up to date to reflect the current state-of-affairs in the
CIS Department.

With the advent of the College of Engineering computing fee, several
issues have been raised concerning the equitable policies towards both
fee-payers and non-fee-payers. Some of these have not been resolved
yet and this is reflected in this document.

This document is available from the Chair of the Computer Committee.
The name of the current Chair can be obtained from the main office of
the CIS Department.

1.1   The Computer Committee

The Computer Committee of the CIS Department is responsible for making
all policy decisions relating to the computer facilities within the
Department.

1.2   Review Process

Revisions that represent minor changes, after having been discussed
and approved by the Computer Committee, are made by the Computer
Committee once the full faculty has been notified of the changes.
Revisions that represent major shifts in policy are discussed in the
Computer Committee and voted on by the full faculty.

1.3   Attitudes and Assumptions

The following attitudes and assumptions guide the policies:

     o Right to Privacy. Privacy issues relating to electronic
       information and electronic property generally are treated
       analogous to privacy issues relating to material property.

     o Reasonable Use. It is assumed that the computing environment
       within the Department is characterized by a friendly user
       community and that there will be "reasonable use" of the
       computing environment by the users.

     o Fair Allocation of Resources. Limited resources and a large
       user population make it necessary to establish allocation
       guidelines for the computing resources in order to ensure equal
       access to all.

     o Social Responsibility. The CIS Department, because its computer
       network is on a larger international network, assumes certain
       responsibilities as a member of a growing electronic community;
       this has consequences both in terms of the services the CIS
       Department provides as well as the need for security measures.

1.4 Types of Users

Various classes of users have different usage limits or access rights
because of the roles they fulfill in the official activities of the
Department. At the same time, the Department tries to be flexible
enough to accommodate individual needs. Petitions for exceptions to
the general policies stated in this document are to be made in writing
to the Computer Committee. The following categories of users have been
identified as being relevant to the policy considerations discussed.

     o Faculty consists of both tenure-track faculty as well as instructors.

     o Computer Support Staff are the full-time and part-time staff
       members whose job it is to administer, enhance and maintain the
       computing environment for the Department.

     o Graduate Students are active CIS graduate students who are
       officially in the Department.

          - Supported Graduate Students receive support from the CIS
            Department: GTAs, GRAs and GAAs.

          - Unsupported Graduate Students are graduate students not
            receiving support from the CIS Department, but who may or
            may not be receiving support from other sources within the
            University or from outside agencies.

     o Undergraduate CIS Majors are undergraduate students that have
       been officially admitted to the CIS Department as majors; they
       may be in the College of Engineering, or the College of Arts
       and Sciences, or in the Business College.

     o non-CIS students are CIS pre-majors, non-CIS Undergraduates and
       non-CIS graduate students who are currently taking CIS
       courses.

     o Guests are all others.

     In addition to these categories, the College of Engineering
     computer fee has established another classification:

     o fee-payers are, obviously, all users of the CIS computing
       network who are paying the College of Engineering computing
       fee. This will consist of all CIS Graduate Students, all
       Undergraduate CIS ENG majors and anyone who voluntarily pays
       the fee.

     o non-fee-payers are all the people who have an account on the
       CIS computing network who are not fee-payers.

1.5 Document Structure

The policies herein concern access to, and support of, the computer
facilities of the CIS Department. The following general categories of
issues for policy considerations have been identified and are
discussed in the following sections:


     o Physical Access.
     o Accounts: Electronic Access and Use.
     o Bitmaps 
     o Making Requests to the Computer Support Staff
     o Software Support.
     o Hardware Support.
     o Research Monies Charged to External Grants.
     o Computer Support Staff.

2 Physical Access

Our objective is to provide maximum access to the physical facilities
of the Department while maintaining a reasonable level of security and
while staying within the constraints imposed by limited resources of
money and staff. Physical access to the following is of concern:

     o Buildings:
          - Bolz Hall (note that Hitchcock Hall connects to Bolz and
            that giving access to Bolz is also giving access
            to Hitchcock.)
          - Welding Engineering Labs.
          - Caldwell Lab.

     o CIS Main Office (228 Bolz Hall).

     o General CIS labs:
          - 422 Bolz Hall.
          - 118 Bolz Hall.
          - 111 Bolz Hall.

     o Grad Labs:
          - 314 Hitchcock Hall.
          - 119 Welding Engineering Labs.

     o Special-Purpose Labs, e.g.:
          - Graphics Lab
          - LAIR
          - PAL

     o Departmental Equipment at Home


2.1 Buildings

In giving access to buildings we need to consider the other
Departments in the building. For security reasons, we do not want to
give out too many keys. We give building keys to supported grad
students, faculty, and staff because they are official employees of
the Department. We also give building keys to anyone who has an
office, assigned by us, in the building.

For buildings in which graduate labs are located, building keys will
also be given out to unsupported graduate students when requested in
writing and when the return of the key can be assured. Specific policy
concerning return of keys is to be determined by the Computer
Committee.

2.2 Main Office

Access to the main office is necessary for all faculty and all
full-time staff. Therefore, they are given keys to the main office. At
one time keys to the main office were also given to supported grad
students, but because of problems, this policy has been discontinued.

2.3 General CIS Labs

These are accessible to everyone during the hours that they are open.
Of course, if the lab has CIS workstations, only individuals with

2.4 Grad Labs

The grad labs are set aside for general use by graduate students and
faculty. Access to workstations and printers are needed to prepare
classes, dissertations and papers. We give grad lab keys to all
faculty, staff and grad students.  Grad labs are necessary as a means
of designating workstations to which graduate students have priority
access. In addition, because the printers in the grad labs are used by
GTAs and faculty for test preparation, it is necessary to exclude
undergraduates from these labs.

2.5 Special-Purpose Labs

Various special purpose labs, such as the Graphics Lab, the AI Lab,
the Chameleon Lab, and the PAL Lab spring up at various times. Keys to
these labs are to be handled by the faculty members involved in
conjunction with the staff. No formal policy on these labs will be
considered by the Computer Committee unless petitioned by one of the
faculty members involved.

2.6 Departmental Hardware at Home

At times, it may be necessary and/or convenient for a faculty member
to work extensively at home on a paper, book or programming project.
Short term usage of OSU hardware at home is permitted but requires
written justification (see appropriate form) to the Departmental
Chair. Any long term use of Departmental equipment is not acceptable.


3 Accounts: Electronic Access and Use


3.1 Philosophy

Three main principles guide the policies of accounts and electronic
access.

     o Right to Privacy. An individual has the same rights to privacy with
       regard to his electronic domain that he has with regard to his
       physical domain, such as desk and office. The Department treats
       violations of the rights of privacy with the same severity,
       whether they be physical or electronic transgressions.

     o Reasonable Use. Limited resources and a large user community dictate
       the need for all users to consider the right of others to work
       effectively. Any behavior by a user that significantly impacts
       the working environment of others, either directly or
       indirectly, is considered unreasonable.  Extensive use of
       computer facilites for personal use is prohibited.

     o Academic Integrity.  As an educational institution, we must maintain
       the integrity of activities relating to education. Electronic
       violations of such will warrant the same severity as would any
       other violation.

3.2 Handling of Violations

A user who violates the electronic access and use guidelines should be
aware that such transgression can be taken very seriously. Privacy
violations may be dealt with by charges equivalent of "breaking and
entering" if appropriate.  Violating reasonable use of computer
resources may result in permanent termination of access to the
Department's computing facility. For academic integrity violations,
academic misconduct proceedings are a typical recourse, if
appropriate, forfeiting any and all rights to electronic access in
this Department in the future and may result in termination of
employment and/or grounds for denial of future employment by the
Department. (As usual with Academic Misconduct, this is a matter for
the instructor of the course to determine, with the possible
assistance of the Computer Committee Chair and Computer Support
Staff.)

This policy pertains to staff as well as students and faculty. Staff
are expected to only access information which is necessary for the
performance of their job, and only inspect that information to the
degree dictated by the level necessary for carrying out activities
specific to their job.

In a situation in which a possible violation has been detected, the
evidence will be taken to the Chair of the Computer Committee or the
Chair of the Department. If the case is deemed to have merit, the
accounts involved may be locked in order to preserve evidence, and the
backups of those accounts will be saved. New working accounts may be
set up when appropriate to allow the individuals involved to continue
with their work until the case is resolved. The case will then be
presented to the full Computer Committee and the Chair of the
Department for further processing and/or investigation. If warranted,
legal authorities may be called in, and/or academic misconduct
procedures may be initiated.

3.3 Categories

Electronic access to and use of the following is of concern:

     o Computing, Accounts and Associated Files.
     o Workstations.
     o Printers.
     o Mail.
     o File Servers and Disks.

3.4 Computing, Accounts and Associated Files

3.4.1 Reasonable Use

A computing account is meant to be used for classwork or research work
directly related to the reason the individual was given the account.
"Reasonable use" of the account is allowed, such as for experimenting
with software not directly related to a class or occasionally playing
a computer game. This is permitted only as long as such use does not
impact the ability of others to get their "legitimate" work done and
there is not a significant financial cost incurred either directly or
indirectly by the Department (e.g. printer paper). Using up excessive
amounts of CPU time or disk space are example violations of
"reasonable use."

Non-instructional computing (computing not directly concerned with
completing class work), such as game-playing or experimenting with
non-instructional software, is only to be done when not restricting
the use of computers by others.  Specifically, if a lab is busy,
game-playing and experimentation are not allowed and are considered a
violation of "reasonable use". Violators may be ejected from the
system by the lab operator.

Displaying offensive bitmaps in a public lab is not allowed. A
conservative interpretation of 'offensive' should be used.

3.4.2 Rights to Privacy of Electronic Information

A CIS computer account is meant to be used by the individual assigned
to it and and by no one else. If this principle is violated, it may be
considered as academic misconduct and dealt with accordingly. The
rationale for this inflexible position is one of accountability. If
mischief has been traced to a certain account, then the owner of that
account is held entirely responsible. To allow unrestricted access of
an account, even when permission is given by the owner, is to open the
Department up to owners of accounts not being able to be held
accountable for security problems originating from their accounts.
This is an unacceptable position for the Department to put itself in
and, therefore, sharing access to an account is not permitted.

Computer files represent a new form of property separable from the
media they are recorded on. The contents of a file are to be treated
analogous to physical property. The computer files of an account may
not be inspected, copied, changed or otherwise tampered with unless
explicit permission is given by the owner. The only exception is for
purposes relevant to the administration of the computer system. Notice
that copying (i.e., stealing or "pirating") computer software is also
prohibited under this policy.

3.4.3 Types of Accounts, Their Longevity and Termination

There are five types of accounts that are of concern:

     o Permanent Accounts.  These accounts are given to individuals for as
       long as they are affiliated with the Department. The user has
       two weeks to save his files after his affiliation with the
       Departmented is terminated.  The Department will maintain email
       connections to his account for six months.

     o non-CIS OSU students wanting to use software here. Students should
       get access to the CIS network if and only if they are enrolled
       in a class. These accounts are given only for a specific CIS
       course and last only for that one quarter. The account will be
       terminated at the end of exam week for the quarter which it is
       given.  This may change if the College computer fee is
       established. The policy that we would consider then would be to
       allow students in the college to get accounts subject to
       availability of resources.


     o non-CIS persons collaborating with CIS faculty If an account
       directly contributes to the specific research of the CIS
       faculty member, then the account is allowed. We don't want to
       get into issues of formally policing the 'directly contributes'
       or the 'specific research' but we do want to be assured that
       that is the reason for the account. It must be renewed every
       quarter and considered by the committee. It would NOT be a free
       account.  Quarterly renewal is based on identifiable progress
       made in the research.

     o companies with CIS connections wanting internet access. This is to
       be discouraged. We will consider some type of policy in which
       the company must give a grant to the Department.

     o non-CIS classes in crisis. This must be considered on a case-by-case
       basis. It will be reviewed by the Committee. It is to be
       discouraged and will, in general, require a letter from
       Chairman of the class' Department and monthly rental for each
       account. This is not to be granted repeatedly.

3.5 Workstations

A person logged onto the console of a workstation has the right to
exclusive use of the workstation. Users who remotely log in should
exercise judicious use of cycles and memory if there is a console
user.

Dial-in users should use designated dial-in workstations, or their own
office workstations.

Judicious use of multiple workstations in parallel during the day or
during the night is allowed. If such use is extensive, the Chair of
the Computer Committee or the facilities manager should be notified
prior to its initiation.

Basically, the ability of other users to work should not be impeded by
anyone else's use of the resources.

3.6 File Servers and Disks

Standard quota for disk space is determined in a way to provide the
most disk space to a wide range of users while still allowing for the
flexibility to accommodate individual requirements.

A user who needs additional disk space may request an increase in the
quota by filling out a "UNIX Disk Space Request" form available in the
document rack in the 2nd floor hallway in Bolz Hall. A requested
increase of 50% from the default personal quota (with reasonable cause
and a faculty member's signature) will be granted by the operator
without further review. Any larger increase must be approved by the
CIS Computer Committee Chair.  When necessary, the Chair will bring
increases to the attention of the full Committee. Special project or
group directories to be under the control of a faculty or staff member
may be requested and these may receive significantly larger disk
allocations with approval of the CIS Computer Committee.

Any user who consistently violates the disk quota limits and who
refuses to conform to the approved limits or to successfully apply for
an increase in the limits may have the account locked. The user must
provide assurance that disk quota will be honored before access will
be reinstalled. Continued violation or an unwillingness to honor the
disk quota will be brought to the attention of the Chair of the
Computer Committee and considered to be a violation of "reasonable
use." and may result in permanent termination of computer privileges.

3.7 Printers

Each user is permitted to make appropriate use of the printers for
his/her own work. It is recognized that legitimate printing needs will
vary widely among users. However, all users are expected to observe
the guidelines found in the short subject document on "Reducing Your
Laser Printer Use" available in HI 314. At present there are no
printer quotas; we rely on the reasonableness of the user community
until and unless that proves unwise. Extensive use of printer
facilites for personal use is prohibited.

3.8 Electronic Mail

All users of the CIS Department labs are encouraged to use electronic
mail and electronic bulletin boards as a source of information and
better communication. All users are expected to learn to use
electronic mail and bulletin boards/newsgroups to facilitate internal
communication (see short subject documents available in HI 314).  All
messages sent anywhere by any one must be "appropriate" (see short
subject document on "Standards and Customs").  The Department expects
"reasonable use" of electronic networks by everyone. Bandwidth should
be limited and access should not be viewed as an unlimited resource.

The objectives of this policy are obvious. First, on-campus electronic
communication is a very effective way of contacting people who may not
be immediately available, thus avoiding"telephone tag" and wasting
time. It is also used by instructors to disseminate information and
receive feedback from their students in a timely fashion, and it is
therefore crucial that everyone use it.

Electronic mail, as far as reasonable use and access is concerned,
should be considered analogous to what is often referred to as 'snail
mail' or 'real' mail. That is, electronic mail has the same privacy
rights as would a regular letter.

While the Department has no desire to try to censor electronic
messages, it does have a specific obligation to the organizations that
operate computer networks to which the Department connects. In
addition, the University has guidelines for acceptable behavior on the
network. The Department abides by these guidelines and adopts them as
defining acceptable behavior on its network. Without exception, these
rules prohibit obscene language, graphics, personal attacks, attempts
to send anonymous messages, using too much bandwidth, participation in
or promoting chain messages and a variety of other unsociable acts.

4 Bitmaps

Computers in public labs and offices are the property of the
University and are part of the workplace. Therefore, images displayed
on them should be governed by principles concerning appropriate use of
University resources and a supportive, friendly work environment.

Many users like to display an image on the background of their machine
instead of the default gray background.  There are publicly available
images in directory /usr/local/bitmap/raster. Other images may be
displayed if they meet the above guidelines and they can be stored
within the user's disk quota.

Any user who finds the display of a particular bitmap inappropriate
may notify the operations staff. The staff will notify the displayer
to remove the bitmap immediately and to refrain from further public
display. The bitmap will be removed from the CIS public directory if
it resides there.


5 Making Requests to the Computer Support Staff

There are four mechanisms that provide interaction with the support
infrastructure for the users of the computing facilities:
    1. electonic request for action
    2. request for project directory
    3. request for increase in disk quota
    4. petition to the Computer Committee.

These are listed in order of the importance of the issues with which
they deal.

5.1 Request

There is an electronic "request" program that is available to the
general user community. The request is intended to report bugs and
failures of the existing system or to request for some task to be
performed. This generates a message that is sent to the staff in
general and ultimately to the staff member identified as being most
appropriate.  The resolution of the request takes place between that
staff member and the person who issued the problem report.


5.2 Project Directory Request

There is a paper form which can be filled out to request a project
directory to be set up. Such projects should be instructional in
nature and can be requested by graduate students or faculty. The form
is available in HI 314 and should be turned back in there.

5.3 Request for increase in disk quota

There is a paper form which can be filled out to request an increase
in disk quota.  Such increases should be instructional in nature and
can be requested by graduate students or faculty. The form is
available in HI 314 and should be turned back in there. If the
increase is not considered excessive, it will be put into effect by
the facilities manager. If the increase seems excessive, then it will
be brought to the Chair of the Computer Committee and possibly to the
full Computer Committee for a priority assessment.

5.4 Petition to the Computer Committee

Petitions to the Computer Committee usually involve requests for
special case exemptions to the policies stated in this and related
documents, or project requests whose nature is such that submission to
the facilities manager is not deemed appropriate. The Computer
Committee chair will review such petitions and decide whether and when
to bring them to the attention of the full Committee.


6 Software Support


The computer support staff of the CIS Department provides support for
the baseline computing capability of the faculty and staff, and
supports the instructional mission of the Department.

The baseline computing capability consists of:

     o standardized user interface, including shell
     o standardized editor, mail and other utilities
     o access to news boards
     o regular backups

In addition, any software approved by the Curriculum Committee for
instruction is supported by the staff. This consists mainly of
languages and libraries used in any of the CIS courses. Occasionally,
a faculty member will assume responsibility for the maintenance of a
specific piece of instructional software.

The staff manager is responsible for keeping an up-to-date list of
supported software.

6.1 Backup, Archiving and Retrieval

Daily and weekly backups are done on a continuing basis. During a
particular quarter, files from that quarter which pertain to
instruction use will be restored by the staff upon request. Other than
in that case, files can be retrieved only in an emergency of equipment
failure or in the case that past records are needed for academic
misconduct fact gathering, a disputed grade or some other similar
reason. Students whose accounts are wiped out as part of the quarterly
purge should consider their files permanently gone.

Individuals wanting to archive their own files should purchase their
own tape and requesting a personal backup onto that tape from the
staff. There are cartridge tape drives available for use by the
general user community.


7 Hardware Support

Similar to software support, hardware support is dictated by the fact
that the funding the Department receives for its support staff is
explicitly intended for its instructional mission. While some blurring
of instructional and research use of equipment is useful, support of
hardware being used strictly for research purposes does not fall under
the responsibility of the computer support staff unless money from
research grants is set aside explicitly for that purpose.


8 Incorporating Computing Charges into External Grants


The formal policy with regard to incorporating computing charges into
external grants is still being formed. Presently, the Department has
no policy that is accepted by the OSU auditors.


9 The Computer Support Staff


While the Computer Committee should not micro-manage the computer
support staff, all matters pertaining to the operations of the
computer facilities in the Department are, in fact, ultimately the
responsibility of the Computer Commitee. Therefore, there are some
issues which need the special attention of the Committee.

9.1 Hiring New Staff

The manager of the computer support staff should consult the Chair of
the Computer Committee prior to hiring a key staff person so the Chair
may review the candidate's qualification and background prior to
hiring.

9.2 Academic Misconduct in General

The opportunity for abusive use of power in a staff position exists.
Any staff person found guilty of Academic Misconduct, whether computer
related or not, may be dismissed in order that the Department maintain
the integrity of its instructional computing environment. Such action
will be determined by the staff manager, the Chair of the Computer
Committee and the Department Chair.

9.3 Faculty Files in Particular

Some of the staff are in the unique position of having access to the
entire network. Some members of the staff, especially part-time staff,
are often students. The network has a major function as the
instructional backbone of the Department. Therefore, it is of utmost
importance that the integrity of each instructor's electronic
information be maintained. Any violation of this by staff members will
be dealt with by Academic Misconduct and/or legal action.

-- 
Carl Kadie -- I do not represent EFF; this is just me.
 =kadie@eff.org, kadie@cs.uiuc.edu =