Privileged Access Policy

The following policies govern privileged (root, superuser or administrator) access to Compuer Science workstations and servers. They are designed to protect the integrity of these systems, while allowing appropriate access for research purposes. Failure to follow these policies could result in having access revoked. A signed copy of this policy must be on file with the Computer Science IT staff as part of the access granting process.

These policies serve to augment the User Accounts Policy.

Desktop Workstations

When a student is assigned a workstation in one of the Computer Science department research labs, he/she will also be provided with local privileged access to that workstation. Privileged access will be for a specific research purpose and will expire when no longer needed for that purpose.


Privileged Access Restrictions:

  • Users do not have permission to modify any files except in designated user directories without specific authorization from the IT Staff. Specifically, no system configuration files may be modified unless specifically authorized.
  • Users may not use their privileged access to examine or modify the files of any other users of the system.
  • Users may not give other students access to the privileged access account.
  • Users may not add or remove users from the workstation.
  • Users may not add or remove software and operating system components other that what is required for their research project
  • Users may not in any way compromise the security of the system.

Privileged Access To Special Purpose Research Computers/Servers

Privileged access to computers designated for special-purpose research may be granted to users of those computers. Such special-purpose computers will not have any users' home accounts or contain confidential information. Mechanisms and policies governing privileged access will be agreed to by the faculty members responsible for the computer system and the IT staff. If necessary, the IT staff may impose other restrictions on such computers in order to protect the security of the computing facility.


If privileged access is granted:

  • Users do not have permission to modify any files except in designated user directories without specific authorization from the IT staff. Specifically, no system configuration files may be modified unless specifically authorized.
  • Users may not use their privileged access to examine or modify the files of any other users of the system.
  • Users may not add or remove users from the workstation.
  • Users may not give other students access to the privileged access account.
  • Users may not add or remove software and operating system components other that what is required for their research project
  • Users may not in any way compromise the security of the system.

Privileged Access To Other Facilities

Privileged access to the following CIS facilities is restricted to designated IT staff:

  • Instructional facilities
  • Servers and Infrastructure computers
  • General-purpose multiuser computers

 



By signing below, you agree to abide by the Privileged Access Policy terms described above.


Student Name: _______________________________________

 

Student userid: _______________________________________


Student Signature: ____________________________________


Date: _______________________________________________


Workstation/Server Name: ______________________________


Advisor Name: ________________________________________


Advisor Signature: _____________________________________