gtaylor@lasspvax.UUCP (Greg Taylor) (01/23/85)
Good morning. I am posting this inquiry for a member of a committee investigating computer abuse policies (in place or under development at Universities around the country) for James E. Cutting, Associate Professor of Psychology at Cornell (since he is not a theorist, he's not on this network...talk about a secure system :-) ). We here at Cornell have begun to realize that as we connect our systems and LAN to the larger area networks, the issue of security and abuse becomes a far more complex one than the traditional formulations that we've applied in the past to a student's access to files, resources, etc. on a single machine. We want to establish a rational computer abuse policy here (if it's at all possible....) I am collecting information about abuse of computer network systems, particularly with respect to: Guidelines given to users Access given to student users Steps taken when those guidelines are not followed, Precautions taken to protect the system Precautions taken to detect abuse. Clearly, some of those questions you may not wish to answer in detail, as they involve your system security. Also, the actual deifinitions of access (particularly in an open system like UNIX) and abuse are difficult to define. We would appreciate any information you could send us about your system, and your experiences in formulating a defining the guidelines you currently follow. Please reply by mail, and I will gladly summarize and and all remarks for net readers (minus any and all information you'd prefer to have edited-please indicate if there is any in the content of your articles). If you would be willing to accept any further inquiry and/or correspondence from us on this matter, please mention it: We don't want to be pestering you. Thanks in advance (and pass this along to anyone you know who could be of some assistance to us). Gregory Taylor (for James Cutting) Cornell Theory Center lasspvax%gtaylor@cornell.arpa {wherever}!cornell!lasspvax!gtaylor