Policies Governing Access to
                      and Appropriate Usage of the
                        University of Connecticut
                              Campus Network
 
                         Revised: April 5, 1993
                     Originated: September 13, 1991
 
1  Introduction
 
This document describes the policies and personnel structure for
administration of the University of Connecticut Campus Network.  The
intended audience for this document is computer system administrators
who would like to connect computers and existing networks to the campus
network.  While most of the policy and structure defined herein pertains
to network connection to the campus network, much of it is inspired
and required by external policies governing access to the Internet.
 
   The Internet is a geographically distributed network, which has been
constructed by interconnecting a number of regional backbone networks
and NSFNET (the National Science Foundation  Network), and imposing
the Internet family of protocols on traffic over these networks.
The current regional backbone provider for the University of Connecticut
is JvNCnet (the John von Neumann Computer Network).  The core services
provided by the Internet include:
 
- ftp --- file transfer protocol
  - allows a user to copy files to/from remote hosts
 
- telnet, rlogin --- remote login service
  - allows a user to establish a login session with a remote host and
    allows remote users to establish login sessions with one of our hosts
 
- rsh --- remote shell
  - provides a facility for remote execution of programs
 
- mail --- electronic mail
  - supports the ability to send and receive electronic mail directly
    from other remote hosts connected to the Internet network
 
    BITNET (Because It's Time NETwork) is an electronic communication
network linking institutional and departmental computers at participating
CREN Members and Affiliates in the United States, including universities,
colleges, and collaborating research centers.
BITNET users share information via: electronic mail to individuals
and shared-interest groups, transfer of documents, programs, and data,
access to BITNET server machines and associated data services, and brief,
interactive messages.  BITNET is a 'store-and-forward' network;
information originating at a given BITNET-connected computer (node)
is received by intermediate nodes and forwarded to its destination.
 
   The Network Committee is a group of individuals, technical and
administrative, who are responsible for planning, implementing, and
managing the University access to Internet networks and services,
including but not limited to, JvNCnet, NSFNET, BITNET, and the
University of Connecticut Network (UConn-Net).
   This document describes the policies and technical requirements
associated with access and connection to UConn-Net. The following
definitions are assumed within this document.
 
1.1 Definitions
 
A user is a person who has a computer account or legitimate access to a
host. A host is a computer, e.g. a mainframe, a workstation, or a PC.
A network is a physical interconnection of computers through wire fibre, ,
satellite, etc.  An IP--subnet is a segment of a network which has been
isolated from the rest of the network by a router;  a subnet has a
specific range of Internet addresses.  A router is a device which is used
to interconnect segments of a network and which also provides filtering
of traffic between the segments.  A domain is a collection of hosts which
function administratively as a unit for such services as electronic mail,
shared resources, and databases.  TCP/IP is a set of communication
protocols which are used to access other hosts on the Internet.
A postmaster is a person assigned to the task of managing the electronic
mail system associated with a domain.
 
 
2  Network Administration
 
2.1 Introduction
 
The following subsections describe the responsibilities of the personnel
who administer the University of Connecticut component of the Internet.
Personnel must be assigned to each of the functions described below and
must assume responsibility for the tasks associated with that function.
One person may perform more than one of the functions concurrently.
 
2.2 The Host System Administrator Function
 
The host (i.e. computer) administrator is responsible for the actions
of  both the host and the users of that host.
The responsibilities of the host system administrator include the
following:
 
- setup and maintenance of user accounts, maintaining a paper audit
  trail, including signed affadavits concerning network use
 
- administration of the host mail system, i.e. the postmaster function
  for this host
 
- training of users with respect to mail and other network services
 
- enforcement of rules concerning network use as dictated by the Network
  Committee or its delegate
  - installation and maintenance of appropriate operating system versions
  - upgrades to the operating system may be required periodically to ensu
    continued connectivity
  - cost of such upgrades is the responsibility of the organization
    which owns the host
 
2.3 The Domain Administrator Function
 
The responsibilities of the domain administrator include the following:
 
- assignment of host names within a domain, subject to approval by the
  Network Committee or its delegate
 
- maintenance of NIS (Network Information Services) and a secondary
  name server if appropriate
 
- enforcement of rules concerning network use as dictated by the Network
  Committee or its delegate
 
- addressing problems of saturation on the local segment of the network
  when caused by a system in the domain administrator's domain
 
- the postmaster function
  - Each domain administrator must provide for the postmaster function.
    The postmaster for a domain is responsible for the following:
    * guaranteeing that each hosts in the domain recognize its
      appropriate address and generate a correct return address.
      Hosts which do not generate a correct return address
      should be disallowed mail access until they do
    * working closely with the postmaster--general to resolve any
      problems
 
2.4 The IP--Subnet Administrator Function
 
The  responsibilites of the subnet administrator consist of the following:
 
-  control of all physical connections to the subnet
 
-  allocation of Internet numbers to domain administrators connecting
   hosts to the subnet
 
-  responsible for all traffic on the subnet with respect to saturation
   problems, abuse, and malfunctioning software or hardware
 
2.5 The Gatekeeper Function
 
The gatekeeper function is divided into an administrative and a
technical component.
The administrative component will be performed by the Network Committee
and  consists of the following responsibilities:
 
- overall administration of the network, i.e. contractuals, equipment
  maintenance, etc.
 
- control of the uconn.edu Internet name and number space
 
- allocation of subnets as deemed necessary
 
- assignment of third level domain names
 
- control of the developing architecture of the network
 
- analysis and design policies
 
The technical component of the gatekeeper function will be performed by
personnel assigned to the following tasks:
 
- primary technical contact person to interface between the University   y of
  of Connecticut and JvNCnet
 
- maintenance of the router closest to the JvNC router
 
- maintenance of the name server, including the mail exchange records
  for the mail system
 
- the postmaster--general function
  - controls network wide name aliasing for mail
  - top level person who detects and resolves mail problems for uconn.edu
 
3  Internet Access
 
The network is a limited resource and must be subject to reasonable use
as defined by the Network Committee.  The following subsections describe
the policies and technical requirements for access and
connection to the UConn-Net.
 
 
3.1 Host Connection
 
A host (or computer) may be connected to UConn-Net (and the Internet) if
it adheres to the policies and satisfies the technical requirements
defined below.
 
3.1.1 Policies
 
The following policies must be strictly adhered to for a host to be
connected to UConn--Net:
- An application must be submitted to the Network Committee for each host
  connection requested.  Application forms are available at the Universit
  Computer Center.
 
- If Internet access is requested
  - The host computer must be assigned a unique Internet number by the
    Network Committee or its delegate.
  - The host computer must be assigned a unique host/domain name which
     conforms to the Internet naming conventions;
     e.g. myhost.dept.uconn.edu is the name of host myhost in the
     domain dept.uconn.edu.  This name will be assigned by the Network
     Committee or its delegate.
  - The host administrator must be able to provide signed documentation
    by each user of the system, stating that the user understands and
    intends to adhere to the rules of use for the local host, the campus
    network, the Internet, JvNCnet, NSFNET and BITNET.  The Network
    Committee or its delegate may request such a form for any account
    on any system at any point in time.  Failure to provide such
    documentation may result in disconnection from the Internet until the
    host administrator complies with this requirement.
 
3.1.2 Technical Requirements
 
A host system must conform to the following standards to be able to
access the Internet:
 
- The system must be running an approved version of the operating system
  which supports appropriate versions of TCP/IP (the protocols used for
  communication on the Internet).  Additionally, the operating system may
  be required to be upgraded or patched periodically to fix newly found
  problems.  A system may be disconnected from the Internet if these
  upgrades are not installed expeditiously.
 
- The system should be either physically secured or have appropriately
  installed software to safeguard against inappropriate access to the
  Internet.
 
The following requirements must be met and maintained for a host to send
or receive electronic mail on the Internet:
 
- The host mail system must create return addresses with the correct
  Internet host/domain address.
 
- The host mail system must recognize its own address and accept mail
  destined for users at that host.
 
- There must be a designated postmaster on each host which is connected
  to the Internet.
 
3.2 User Access
 
A user may have access to the Internet if that user:
 
- is a faculty or staff member, a graduate student, or is otherwise
  professionally associated with the University of Connecticut.
  - an undergraduate student engaged in faculty-directed research or      study
    study may be granted Internet access in special cases if the
    faculty member assumes responsibility for the student account
    activities.
 
- has an authorized individual account on a host computer connected to
  UConn--Net.
 
- has signed an affadavit stating that he/she agrees to the rules of use
  in accordance with the JvNCnet, NSFNET, and CREN Acceptable Use
  Policies, and the policies associated with use of the local host and
  campus network.
 
3.3 Charges for Internet Access
 
Charges may be assessed for Internet access.
 
4  Violations and Disciplinary Action
 
Disciplinary action and/or disconnection from UConn--Net (and the
Internet) may occur, as appropriate, for any of the following violations
of the policies described above:
 
- Users who violate the policies governing the use of the Internet as
  described in Section 3 of this document may undergo appropriate
  disciplinary action by the Network Committee and/or
  the University of Connecticut.
 
- Host computers which are not upgraded in an expeditious manner as
  specified by the Network Committee or its delegate may be disconnected
  from UConn--Net (and the Internet).
 
- Any computer which malfunctions in such a way as to cause disruption on
  UConn--Net or the Internet will be disconnected immediately until the
  problem is solved.
 
- Failure on the part of a host administrator to be able to provide
  signed affadavits for each user on his/her host may result in
  disconnection from the Internet until the host administrator complies
  with this requirement.
 
5  Additional Restrictions
 
The Network Committee reserves the right to impose restrictions on the
use of any Internet resource.  For example, care must be taken to prevent
exceeding the capacity of our connection to the Internet.  The following
activities and others must be requested from the Network Committee:
 
- providing anonymous ftp service to the Internet
 
- establishing bulletin boards or list servers
 
Security issues may require additional restrictions to be imposed.
 
 
                        JvNCnet Acceptable Use Policy
                                March 1, 1991
 
This statement represents a guide to the acceptable use of JvNCnet for
data communications.  It is only intended to address the issues of
JvNCnet use.  In those cases where data communications are carried
across other regional networks or the Internet, JvNCnet users are advised
that acceptable use policies of those other networks apply and may limit
use.
 
JvNCnet member organizations are expected to inform their users of both
the JvNCnet and the NSFNET acceptable use policies.
 
1.  JvNCnet Primary Goals
 
 1.1  JvNCnet, the John von Neuman Computer Network, has been established
      to:
      1) provide the highest quality and optimum access of networking
      services to the research and educational community of the United
      States and internationally,
      2) offer network resources at the maximum level of cost--efficiency, and
      3) promote and facilitate innovation and regional and national
        competitiveness.  These goals remain the standard for
        excellence in service and price and should not be compromised.
 
2.  JvNCnet Acceptable Use Policy
 
  2.1 All use of JvNCnet must be consistent with JvNCnet's primary goals.
 
  2.2 It is not acceptable to use JvNCnet for illegal purposes.
 
  2.3 It is not acceptable to use JvNCnet to transmit threatening,
      obscene, or harassing materials.
 
  2.4 It is not acceptable to use JvNCnet so as to interfere with or
      disrupt network users, services, or equipment.  Disruptions
      include, but are not limited to, distribution of unsolicited
      advertising, propagation of computer worms and viruses, and using
      the network to make unauthorized entry to any other machine
      accessible via the network.
 
  2.5 It is assumed that information and resources accessible via JvNCnet
      are private to the individuals and organizations which own or hold
      rights to those resources and information unless specifically
      stated otherwise by the owners or holders of rights.  It is
      therefore not acceptable for an individual to use JvNCnet to access
      information and resources unless permission to do so has been
      granted by the owners or holders of rights to those resources
      or information.
 
3.  Violation of Policy
 
 3.1  JvNCnet will review alleged violations of Acceptable Use Policy on
      case--by--case basis.  Clear violations of policy which are not
      promptly remedied by member organization may result in termination
      of JvNCnet membership and network services to member.
 
 
 
 
                     NSFNET Backbone Acceptable Use Policy
 
The purpose of NSFNET is to support research and education in and among
academic institutions in the U.S.\ by providing access to unique
resources and the opportunity for collaborative work.
 
1. All use must be consistent with the purposes of NSFNET.
 
2. The intent of the use policy is to make clear certain cases which
   are consistent with the purposes of NSFNET, not to exhaustively
   enumerate all such possible uses.
 
3. The NSF NSFNET Project Office may at any time make determinations
   that particular uses are or are not consistent with the purposes of
   NSFNET.  Such determinations will be reported to the NSFNET Policy
   Advisory Committee and the user community.
 
4. If a use is consistent with the purposes of NSFNET, then activities
   in direct support of that use will be considered consistent with the
   purposes of NSFNET.  For example, administrative communications for
   the support infrastructure needed for research and instruction are
   acceptable.
 
5. Use in support of research or instruction at not--for--profit
   institutions of research or instruction in the United States is
   acceptable.
 
6. Use for a project which is part of or supports a research or
   instruction activity for a not--for--profit institution of research or
   instruction in the United States is acceptable, even if any or all
   parties to the use are located or employed elsewhere.  For example,
   communications directly between industrial affiliates engaged in
   support of a project for such an institution is acceptable.
7. Use for commercial activities by for--profit institutions is
   generally not acceptable unless it can be justified under (4) above.
 
8. Use for research or instruction at for--profit institutions may or
   may not be consistent with the purposes of NSFNET, and will be
   reviewed by the NSF Project Office on a case--by--case basis.
 
 
 
 
               Corporation for Research and Educational Networking
                           Acceptable Use Policy
                              April 5, 1993
 
CREN networks are for the use of persons legitimately affiliated with
CREN Member or Affiliate organizations, to facilitate the exchange of
information consistent with the academic, educational and research
purposes of its members.  All individuals affiliated with CREN Member
or Affiliate organizations are responsible for seeing that their
communities are aware of these guidelines, and that the guidelines
are followed, both in letter and in spirit.
 
CREN networks are, at the discretion of the institutions involved, open
to use by students enrolled at participating CREN Member or Affiliate
educational institutions.
 
Use of CREN networks shall:
 
- Be consistent with the purposes and goals of the networks
 
- Avoid interfering with the work of other users of the networks
 
- Avoid disrupting the network host systems (nodes)
 
- Avoid disrupting network services
 
Acceptable Use of the Networks
 
The following examples may help users of the networks apply these
principles in particular cases.
 
- Messages that are likely to result in the loss of recipients'
  work or systems are prohibited.
 
- CREN networks are not to be used for commercial purposes, such as
  marketing, reselling bandwidth, or business transactions between
  commercial organizations.
 
- Advertising is forbidden.  Discussion of a product's relative
  advantages and disadvantages by users of the product is encouraged.
  Vendors may respond to questions about their products as long as
  the responses are not in the nature of advertising.
 
- CREN networks may be used for the provision of services which
  support the
 
needs and purposes of the CREN networks, and for which a charge is made,
if the network is an optional mechanism for provision of this service for
which no additional charge is made, and as long as the use of the service
is consistent with the bandwidth of the network and the forwarding hosts.
Providers of such information may be non-profit or for-profit
organizations.
 
- Any communication which violates applicable laws and regulations
  is not allowed.
  {In particular, messages and data sent to destinations outside the US
  must satisfy the Department of Commerce regulations
  (either be within the GTDA guidelines for information which
  may be generally transmitted or have the required license).}
 
Users of CREN networks are expected to be responsible in their use:
 
- Chain letters, broadcasting, messages to lists or individuals, and
  other types of use which would cause congestion of the networks or
  otherwise interfere with the work of others are not allowed.
 
- Users are requested to minimize the transmission of large files
  in order not to degrade network performance.
Files up to 1 MB should be able to traverse most of the network.\footnote
{See the file BITNET FILESIZE on LISTSERV@BITNIC for CREN guidelines on
file size and handling.}
 
CREN Members or Affiliates are expected to take reasonable measures
(given the constraints of technology and management) to ensure that traffic
using gateways between CREN networks and other networks conforms to these
guidelines.
 
Final authority for CREN acceptable use policies lies with the CREN
Board.  It is the responsibility of member representatives to contact
the CREN Board, in writing, regarding questions of interpretation.
Until such issues are resolved, questionable use should be considered
not acceptable.
.