Lick Observatory Computing Policies

Revised November 1999

CONTENTS:

By using the UCO/Lick computing services you agree to the terms and conditions described in this document.

Definitions:

UCO/LICK: University of California Observatories/Lick Observatory

DAA: Department of Astronomy and Astrophisics

NICS: Network, Information, and Computing Services; the group providing computing services to UCO/Lick and DAA

CMPC: Computing Policy Management Committee- a committee that meets once each month to serve as a forum for user concerns, approve major purchases, define policies and establish priorities.

Public computers: purchased using NICS funds and used to provide services.

Private computers: purchased by and reserved for the use of particular UCO/Lick/DAA faculty, staff, and their collaborators.

General Access Policy:

The ucolick computing network and the servives provided by the NICS staff are private and dedicated to promoting education and research in astronomy and astrophysics.

Computing services by NICS are provided to qualifying UCO/Lick/DAA staff, faculty and gradute students, and UCO/Lick/DAA - affiliated guests. Each user is provided with a personl account and fees for services are charged for each account. In addition, fees are charged for each computer on the network. The fees are recom mended by the CPMC and approved by the UCSC Direct Costs committee.

Faculty, staff, or graduate students from other UCSC departments may be given accounts if they are;

UCSC undergraduates and non-UC users may be given accounts under similar circumstances.

Exceptional Access:

At the Director's discretion, accounts may be given to individuals affiliated in some way with the Observatories for private individual no-germane projects, provided that fees are charged to the individual or to some other funding source approved by the Director.

No accounts are available to the general public or to the rest of the campus population or to the UC system as a whole; excluding these exceptiona cases.

Application for Access:

Application for computer access shall be made in writing, by means of the appropriate form kept on file at the UCO/Lick Business Office and the NICS Coordinators Office and requires;

  1. the signature of a responsible faculty member and/or administrative staff member
  2. a specific funding source
  3. a specific date when the account will be terminated

In some cases, as described above, additional and more detailed application must be sumitted to the Director. Vendor accounts are the only exception to this rule; the Systems Manager may create vendor accounts as needed, without requiring the vendor or vendor's representative to apply in writing. When access is granted to a private machine, for which no standard application form has been filed, the Systems Manager shall be informed in writing (e-mail will satisfy this requirement) of the account name, privileges, and the name of the user.

Revocation of Access:

User accounts on any UCO/Lick/DAA machine may be de-activated temporarily or permanently for violation of Acceptable Usage guidelines (see below). This revocation of access privilege may be made temporarily and immediately on the decision of the Systems Manager or responsible alternate, but can only be made permanent by decision of the CPMC. It may be appealed to the Director, whose decision shall be final.

Back to top

General Policy:

In general, accounts with privileges beyond the default (i.e. requiring root passwords) shall be accessible only to NICS staff, usually the Systems Manager and selected members of the programming staff who may need to serve as alternate Systems Manager. System or root passwords may be granted to other users only on private computers, and only by special application which must show compelling reason and must be approved by the CPMC.

Private computer management:

A privately-purchased computer may be placed on the ucolick.org network. If it has a full level of NICS service, it will be within the inner firewall. If it has a reduced level of service, it will be dwsignated a "self-managed" UNIX host", will be outside the firewall, and one individual must be designated to have formal responsibility for the privileged accounts and their passwords and shall be answerable for security and system integrity.

Security:

Any user who has knowledge of a privileged account password is responsible for restricting the dissemination of that password. A condition of awarding privileged access is that the user thus entrusted shall not reveal any sensitive information about UCO/Lick/DAA systems to any other person without approval of the Systems Manager. Irresponsible use of elevated privileges, or revelation of passwords or other sensitive information to other users shall be sufficient grounds for temporary or permanent revoacation of user access and possibly for furhter disciplinary or legal proceedings as appropriate.

Back to top

For our most current list of Services and Fees go to AboutUs/Services

Account Fees

A flat fee per month is charged for maintenance of any user account. In addition, there are fees for certain resources consumed by users (for example, high quality color printing). The user implicitly agrees to pay the fees for these special consumed resources. Funded users must supply the account/fund number of their supporitn funds, and an authorizing signature. Sytem management is responsible for presenting a current accounting to any user who requests one. All fees and recharges shall be public information.

Networked Host Fees

A fee is charged for each host on the ucolick.org network for configuration, backup, security, and maintenance services. Some hosts require fewer configuration and maintenance services, and these are charged a lower fee. We distinguish between different levels of service for the following networked devices.

Since the UCO/Lick contributes the salary of the NICS person providing the services for PC's and Macintoshes, the fee for this type of host is discounted. Since the Printers, X-terminals, and self-managed hosts all require a lower level of service, they are also charged a discounted fee. For convenience the same dollar fee is charged fro all of the discounted fees.

Exceptional usage: Excessive resource consumption due to failur of public hardware or of system software shall not be the responsibility of the user.Excessive resource consumption due to failure of user-written code or to user error, however, shall be the responsibility of the user.

Errors in Accounting: It is the System mangement's responsibility to keep the resource accounting accurate and timely. If users discover errors in their resouce billing, it is the user's responsibility to bring this to the attention of system management. It may not always be possible to correct such errors retroactively, sousers are advised to monitor their resource usage and billing carfully, System mangement shall make its best effort to correct or compensate for errors in billing.

It is the responsibility of users to notify NICS and the Lick Observatory Business Office of host and user changes.

Back to top

General Conduct

General Conduct of all users must comply with the University Electronic Communications Policy defined by the University Office of the President.

Users of the UCO/Lick/DAA facility agree, by application for access, to conform to the following general standard of conduct. Computing resources shall not be used to intimidate, insult, offend or harass other users. "Harrassment" shall be understood to include, but not be limited to, material sent through or displayed on the computer which is sexually explicit and unwanted, and electronically transmitted or posted uncivil comments based on a perons's gender, sexual orientation, or race.

Users of the UCO/Lick/DAA facility agree, by application for access, to maintain a civil and professional tone in their communications with others on the Internet, whether via e-mail or postings to information services such as news and WWW. Use of obscene, insulting, or hostile language in communications made from addresses within the UCO/Lick/DAA domain is not acceptable usage of the facility.

Users shall not attempt to circumvent or overcome security mechnisms on any UCO/Lick/DAA machine, or on any other computer system anywhere, except with the express permission of the Systems Manager, as controlled test of security features. Users shall not attempt to circumvent or overcome resource allocation or limitation mechanisms.

Users shall not invite or permit use of thir accounts by unauthorized people. Users shall not use computing resources in the pursuit of any activities which violate Federal or State penal codes or the internal regulations of the University of California. Violation of these basic tenets of user conduct shall be sufficient grounds for temporary or permanent revocation of access privileges, and possibly for such further disciplinary or legal action asmay be appropriate.

It is the responsibility of users to notify NICS and the Lick Observatory Business Office of equipment changes and the location of equipment.

Appropriate Use

UCO/Lick/DAA computing resources shall be used for activities germane to the purpose of UCO/Lick/DAA; it is inappropriate to consume significant resources for private purposes or for entertainment, such as games, personal correspondence or resumes, reading non-germane bulletin boards, etc, "Significant resources" shall mean, in this context, resources in excess of a value of $10 per month as calculated by the fees in effect at UCO/Lick, or resources whose consumption in any way interferes with the intended purpose of the UCO/Lick/DAA. This prohibition shall apply to both public and private machines. The UC-wide prohibition of use of UC resources for political campaigns necessarily applies to all UCO/Lick/DAA computing resources.

Security Precautions

Users shall observe reasonable and customary security precautions at all times; in particular, they shall not disclose their own or other people's passwords. In the case of shred accounts such as are used for teaching purposes, a written list ofusers with access to the account shall be filed with the Systems Manager when the access is granted, and the password shall be changed as soon as the class or project is complete. Other reasonable and customary security precautions include, but are not limited to:

The first detected instance of disregard of security precautions shall result in a warning, and persistent disregard of these precautions shall be sufficient grounds for temporary or permanent revocation of access privileges, and possibly for such further disciplinary or legal action as may be appropriate.

Malicious Abuse

Users shall not interfere with the work of other users, or knowingly violate the integrity or privacy of other users' files. Users shall not take advantage of error or accident to disable other users' accounts or to interfere with other users' files in any way. Users shall not knowingly "hog" CPU or other resources so as to present problems for other users or for system management. Users shall not knowingly circumvent the UCO/Lick resource recharging system. Users shall not use UCO/Lick/DAA resource in any attempt to violate the security or integrity of any other computer systems of networks. Users shall not knowingly misuse, damage, or relocate any UCO/Lick/DAA hardware, media sets or documentation without express permission of the systems manager or other UCO/Lick management. Detected violation of any of these specific prohibitons shall be sufficient grounds for temporary or permanent revocation of access privileges, and possibly for such further disciplinary or legal action as may be appropriate.

Back to top

AboutUs/Policy/ComputingUse (last edited 2007-02-16 00:51:49 by CatherineSterner)