5.9. ETHICAL CONDUCT OF ADMINISTRATORS AND USERS 181 consideration for others, and focus on ‘larger’ issues where quantities of greater value are at stake. Users tend to think locally, but the power of the Internet is to allow them to act globally. Bad behavior on the net is rather like tourists who travel to other countries and behave badly, without regard for local customs. Users are not used to the idea of being ‘so close’ to other cultures and policies. Guidelines for usage of the system need to encompass these issues, so that users are forced to face up to their responsibilities. Principle 24 (Conflicts of interest). The network reduces the logical distance to regions where different rules and policies apply. If neighbors do not respect each others’ customs and policies, conflict (even information warfare) can be the result. If a single user decides to harass another domain, with different customs, then it becomes the system administrator’s problem, because he or she is the first point of contact for the domain. System administrators have to mediate in such conflicts and avoid escalation that could lead to information warfare (spamming, denial of service attacks etc.) or even real-world litigation against individuals or organizations. Normally, an organization giving a user access to the network is responsible for that user’s behavior. Responsibility for actions also has implications for system administrators directly. For example, are we responsible for deploying unsafe systems even if we do not know that they are unsafe? Are we responsible for bad software? Is it our responsibility to know? Is it even possible to know everything? As with all ethical issues, there is no fixed line in the sand for deciding these issues. The responsibility for giving careless advice is rather easier to evaluate, since it is a matter of negligence. One can always adopt quality assurance mechanisms, e.g. seek peer review of decisions, ensure proper and achievable goals, have a backup plan and adequate documentation. Even knowing the answer, there is the issue of how it is implemented. Is it ethical to wait before fixing a problem? (Under what circumstances?) Is it ethical of users to insist on immediate action, even if it means a system administrator working unreasonable hours? 5.9.6 Harassment Organizations are responsible for their users, just as countries are responsible for their citizens. This also applies in cyberspace. An information medium, like the Internet, is a perfect opportunity for harassing people. Principle 25 (Harassment). Abuse of a public resource or space may be viewed as harassment by others sharing it. Abuse of one user’s personal freedom to others’ detriment is an attack against their personal freedoms. Example 4. Is spam mail a harassment or a right to freedom of speech? Dealing with spam mail costs real money in time and disk space. Is poster advertising harassment on the streets or a freedom of speech? 182 CHAPTER 5. USER MANAGEMENT Harassment can also touch on issues like gender, beliefs, sexual persuasion and any other attribute that can be used to target a group. Liability for libelous materials is a potential problem for anyone that is responsible for individuals, since a certain fraction of users will not obey policy for whatever reason. The question of how to deal with harassment is equally tricky. Normally one prefers law enforcement to be sanctioned by society at large, i.e. we prefer police forces to vigilante groups and gang-warfare. However, consider what E- mail has done to the world. It has removed virtually every cultural barrier for communication. It belongs to no country, and cannot be controlled by anyone. In that instance, there is no official body capable of enforcing or even legislating on E-mail realistically. Example 5. The Realtime Black Hole List (RBL) is a database of known E-mail abusers that was created essentially by an Internet vigilante group that was tired of dealing with spam. Known spammers were entered into a database that is accessible to everyone. Mail programs are thus able to check for known spammers before accepting mail from them. While this idea seems to work and might even be necessary, it flies in the face of conventional civic practice in many countries, to allow a random group to set up such a service, however well-intentioned the service may be. See http://www.mail-abuse.org. Clearly, the Internet distorts many of our ideas about law-making and enforce- ment. 5.9.7 Privacy in an open network As the information age opens its sluices and pours information over us in every imaginable form, by every imaginable medium, carving ourselves a quiet space for private thoughts is becoming the central challenge for this new age. The right to privacy has long been an issue in societies around the world, but the vast connectivity coupled to light-speed resources for manipulating data present us with ways for invading privacy that we have never seen the like of before. • Software manufacturers have begun to include spy-software that monitors user behavior and reports it to interested parties: advertising companies, law enforcement agencies etc. • Have you ever read the license agreements that you click ‘accept’ to, when installing software? Some of these contain acceptance clauses that allow software manufacturers to do almost anything to your computer. • Companies (e.g. search engines) now exist that make a living from data mining – i.e. finding out behavioral information from computer log files. Is this harassment? That depends very much on one’s point of view. • In recent years, several research organizations and groups have used the freedom of the Internet to map out the Internet using programs like ping and traceroute. This allows them to see how the logical connections are made, but it also allows them to see what machines are up and down. This is a form of surveillance. 5.9. ETHICAL CONDUCT OF ADMINISTRATORS AND USERS 183 Example 6. In the military actions on Kosovo and the former Yugoslavia, scientists were able to follow the progress of the war simply by pinging the infrastructure machines of the Yugoslavian networks. In that way, they were able to extract information about them and their repair activities/capabilities simply by running a program from their office in the US. Clearly, there are information warfare issues associated with the lack of privacy of the Internet, or indeed any public medium that couples large numbers of people together. Is it ethical to ping someone? Is it ethical to use the process list commands in operating systems to see what other users are doing? Example 7. Mobile technologies rely on protocols that need to understand the location of an individual in relation to transmitters and receivers. Given that the transmitters have a fixed location, it is possible (at least in principle) to use the very technology that makes freedom of movement possible, to trace and map out a user’s motion. Who should have access to this information? What is a system administrator’s role in protecting user privacy here? Where does one draw the line on the ethical usage of these materials? 5.9.8 User surveillance The dilemma of policing any society is that, in order to catch criminals, one has to look for them among the innocent. Offenders do not identify themselves with T-shirts or special hairstyles, so the eye of scrutiny is doomed to fall on the innocent most of the time. One of the tools in maintaining order, whether it be local policy, national or international law, is thus surveillance. It has been argued that the emergence of a virtual society (cyberspace) leaves regular police forces ill-equipped to detect crime that is committed there. Similarly, local administrators often feel the need to scan public resources (disks and networks) for transgressions of policy or law. Some governments (particularly the EU and the US government) have tried to push through legislation giving greater powers for conducting surveillance. They have developed ways of cracking personal encryption. At the time of writing, there are rumours of an FBI Trojan horse called Magic-Lantern that is used to obtain PGP and other encryption keys from a computer, thus giving law enforcement the power to listen in on private conversations. In the real world, such wire-tapping requires judicial approval. In cyberspace, everyone creates their own universe and the law is neither clear nor easily enforceable. The tragic events of 11th September 2001, surrounding the destruction of the World Trade Center in New York, have allowed governments to argue strongly for surveillance in the name of anti-terrorism. This seems, on the one hand, to be a reasonable idea. However, large quantities of data are already monitored by governments. The question is: if the existing data could not be effectively used to avoid terrorist attacks from happening, how will even more data do so in the future? Many believe it will not, and that our privacy will be invaded and some people will get a very good profile of who we are talking to and for how long, who we have exchanged E-mails with etc. Such information could be used for corrupt purposes. 184 CHAPTER 5. USER MANAGEMENT Richard Stallman of the Free Software Foundation expresses it more sharply: ‘When the government records where you go, and who you talk with, and what you read, privacy has been essentially abolished.’ The EU Parliament decided, contrary to the basic statement of the directive about data protection, and the recommendations of the committee for civil rights in the European Parliament, to say ‘yes’ to data retention by Internet service providers without evidence. Thus the member countries are empowered to enact national laws about retention of digital network data, in open disregard of the EU Directive on data protection. • Should ISPs record surveillance data, IP addresses, E-mail message IDs etc? • Who should have access to this? Europol wishlist In the European Union, police forces have published a list of information they would like to have access to, from Internet service providers and telecommunica- tions companies. If they have their way, this will present a great burden in real cost of delivering computing services to these companies. 1. Network (NAS) Access logs specific to authentication and authorization servers such as TACACS+ (Terminal Access Controller Access Control System) or RADIUS (Remote Authentication Dial in User Service) used to control access to IP routers or network access servers Member States comments: A Minimum List • Date and time of connection of client to server • User-id and password • Assigned IP address NAS Network • Attached storage IP address • Number of bytes transmitted and received • Caller Line identification (CLI) B Optional List • User’s credit card number / bank account for the subscription payment 2. E-mail servers SMTP (Simple Mail Transfer Protocol) Member States comments: Minimum List • Date and time of connection of client to server • IP address of sending computer 5.9. ETHICAL CONDUCT OF ADMINISTRATORS AND USERS 185 • Message ID (msgid) • Sender (login@domain) • Receiver (login@domain) • Status indicator POP (Post Office Protocol) log or IMAP (Internet Message Access Protocol) log Member States comments: Minimum List • Date and time of connection of client to server • IP address of client connected to server • User-id • In some cases identifying information of E-mail retrieved 3. File upload and download servers FTP (File Transfer Protocol) log Member States comments: A Minimum List • Date and time of connection of client to server • IP source address • User-id and password • Path and filename of data object uploaded or downloaded B Optional List • Web servers • HTTP (HyperText Transfer Protocol) log Member States comments: A Minimum List • Date and time of connection of client to server • IP source address • Operation (i.e. GET command) • Path of the operation (to retrieve HTML page or image file) • Those companies which are offering their servers to accommodate web pages should retain details of the users who insert these web pages (date, time, IP, UserID etc.) B Optional List • ‘Last visited page’ • Response codes 186 CHAPTER 5. USER MANAGEMENT 5.9.9 Digital cameras Face recognition is now possible with a high level of accuracy. If cameras are attached to computers and they can be accessed by anybody, then anybody can watch you. 5.10 Computer usage policy Let us formulate a generic policy for computer users, the like of which one might expect company employees to agree to. By making this generic, we consider all kinds of issues, not all of which are appropriate for every environment. A user’s behavior reflects on the organization that houses him or her. Computer systems are uniforms and flags for companies (as well as for public services). It is therefore generally considered an organization’s right to expect its users to comply with certain guidelines of behavior. Information Technology Policy Documents are becoming more widely used. Their practice has to be recommended, if only to make it clear to everyone involved what is considered acceptable behavior. Such documents could save organizations real money in law-suits. The policy should include: • What all parties should do in case of dismissal • What all parties should do in case of security breach • What are users’ responsibilities to their organization? • What are the organization’s responsibilities to their users? The policy has to take special care to address the risks of using insecure operating systems (Windows 95, 98, ME and Macintosh versions prior to MacOSX), since these machines are trivially compromised by careless use. 5.10.1 Example IT policy document for a company 1. Whydoweneedapolicy? As our dependence on technology increases, so do the risks and opportunities for misuse. We are increasingly vulnerable to threats from outside and inside the organization, both due to carelessness and malice. From our clients’ viewpoint: we need to be perceived as competent and professional in our ability to conduct our business electronically. From our company’s perspective: we need to maximize the benefits and reduce the risks of using information technology and protect company assets (including reputation). From your viewpoint: we need to protect your interests as an individual in a community, and reduce the risk of your liability for legal damages. These policy guidelines must be adhered to at all times to ensure that all users behave in a professional, legal and ethical manner. Failure to 5.10. COMPUTER USAGE POLICY 187 do so may result in disciplinary action, including dismissal and legal action. 2. The network Forthepurposeofthispolicy,wedefine‘thenetwork’tomeanthecompany computer and telephone network, including all of its hardware and software. The use of the network is not private. The company retains the right to monitor the use of the network by any user, within the boundaries of national law. All users are obliged to use company resources in a professional, ethical and lawful manner. Material that is fraudulent, harassing or offensive, profane, obscene, intim- idating, defamatory, misleading or otherwise unlawful or inappropriate may not be displayed, stored or transmitted using the network, by any means, or in any form (including SMS). 3. Security Any hardware or software that is deemed a security risk may be disconnected or de-installed at any time, by the system administrator. User accounts are set up, managed and maintained by the system adminis- trators. Users accessing the network must have authorization by access-rights, pass- word or by permission of the owner of the information. Users must take reasonable precautions to prevent unauthorized access to the network. This includes leaving equipment unattended for extended periods while logged on. Users must not attempt to gain unauthorized access to restricted information. Passwords are provided to help prevent unauthorized access to restricted areas of the network. Users must not log on to any system using another user’s password or account without their express permission. Under no circumstances should any user reveal his/her password to anyone else, even by consent. Users have a responsibility to safeguard passwords. They must not be written down on paper, stored unprotected online, or be located in readable form anywhere near a network terminal. 4. Copyright Copyright is a statutory property right which protects an author’s interest in his or her work. The right exists as soon as the work is created and continues to exist for the lifetime of the author and beyond, during which time the owner of the copyright may bring actions for infringement. International copyright law protects a copyright owner’s interest by prevent- ing others from unlawfully exploiting the work that is protected. There are no registration requirements for the legal existence of copyright. Copyright subsists in most materials that are found on the Internet, including imagery and databases. 188 CHAPTER 5. USER MANAGEMENT Copyright is infringed when a copyright work is copied without the consent of the copyright owner. Downloading information from any source constitutes copying. Unauthorized copy-cut-pasting from any text, graphical or media source may be in breach of copyright, as may copying, distributing or even installing software. Many information sites express legal terms by which materials may be used. Users should refer to those terms and conditions before downloading any materials. 5. Data protection (e.g. UK) Any person using a computer may be a data processor. Every individual is responsible for maintaining confidentiality of data by preventing unautho- rized disclosure. Personal data are legally defined as data that relate to a living individual who can be identified from those data, or from those and other data in possession of the data user. The use of personal data is governed by law (e.g. the UK Data Protection Act 1998). The act lays out the following principles of data protection: • Personal data shall be processed fairly and lawfully and such processing must comply with at least one of a set of specified conditions. • Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be processed in any manner incompatible with that purpose or those purposes. • Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed. • Personal data shall be accurate and, where necessary, up to date. • Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. • Personal data shall be processed in accordance with the rights of data subjects under the Act. • Appropriate technical and organizational measures shall be taken against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. • Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. The rules concerning the processing of personal data are complex. If in any doubt as to their interpretation, users should consult legal advice. 6. E-mail and SMS All electronic messages created and stored on the network are the property of the company and are not private. The company retains the right to access any user’s E-mail if it has reasonable grounds to do so. 5.10. COMPUTER USAGE POLICY 189 The company E-mail system may be used for reasonable personal use, provided it does not interfere with normal business activities or work, and does not breach any company policy. Users should be aware that: • E-mail is a popular and successful vehicle for the distribution of com- puter viruses. • Normal E-mail carries the same level of privacy as a postcard. • E-mail is legally recognized as publishing and is easily recirculated. • Users should take care to ensure that they are not breaching any copyright or compromising confidentiality of either the company or its clients or suppliers by sending, forwarding or copying an E-mail or attachment. • Nothing libelous, harassing, discriminatory or unlawful should be writ- ten as part of any message. E-mail is often written informally. Users should apply the same care and attention as in writing a conventional business correspondence, including ensuring accurate addressing. Users must not participate in chain or junk E-mail activities (spam); mass E-mailing should be avoided whenever possible. E-mail attachments provide a useful means of delivering files to other users. However, careful consideration should be paid to ensure that the recipient can read and make use of the data. • Not all file types are readable by all computers. • Many sites have a maximum acceptable file size for E-mail. • The recipient must have suitable software installed in order to display a file. In order to prevent the spread of viruses, users should not attempt to open any attachment from an unknown or unexpected source. Certain file types may be blocked by mail-filtering software. Users must not disguise themselves or falsify their identity in any message. Where provided, users must ensure that company disclaimers are included when sending E-mail. 7. The World Wide Web Access to the World Wide Web is provided for business purposes. The World Wide Web may be accessed for limited personal use provided that such use does not interfere with normal business practice or work, and that personal use complies with all aspects of this policy. The company may monitor individual use, including visits to specific web sites. 190 CHAPTER 5. USER MANAGEMENT Access may only be sought using an approved browser, which is installed on the user’s computer by the system administrator. The World Wide Web is uncontrolled and unregulated. Users should therefore be aware that there is no guarantee that any information found there is accurate, legal or factual. Software may only be downloaded by an authorized system administrator. 8. Transactions Any commercial transaction made electronically must adhere to standard ordering policy. The company will not accept liability for any commercial transaction which has not been subject to the appropriate approval. The company will not accept liability for any personal transaction. 9. Hardware and software The company provides computer, telecommunications equipment and soft- ware for business purposes. It is the responsibility of the system administra- tor to select, provide and maintain computer equipment in accordance with the work required. Users must not connect unauthorized equipment to the network, use software that has not been provided or installed by the company, or attempt to alter the settings of any software that compromise security or reliability. No attempt should be made to alter the software or hardware, copy or distribute software, or download software, including screen-savers. Installations and upgrades may only be performed by an authorized system administrator. 10. Surveillance Digital cameras or audio input devices must not be connected to any com- puter that is not specifically authorized to have one. Users must not bring any possible surveillance device into an area where the company’s private assets, intellectual or otherwise, are developed or stored. Employees must not disclose any such information to persons or transmit it to any machine or information storage device not authorized to receive it. 11. Usage The company reserves the right to view any data stored on the network. Users may not store personal files on the network. Any personal files can be deleted at any time. The network is provided to enable • Authorized users to store and retrieve work • Authorized users to share/exchange assets • Backup and recovery • Security and confidentiality of work. [...]... One example of this is the introduction of mobile devices and humans Mobility and partial connectivity of hosts and users is an increasingly important issue in system administration and it needs to be built into models of administration An ‘ad hoc’ network (AHN) is defined to be a networked collection of mobile objects, each of which has the possibility to transmit information The union of those hosts... to make the best of it This also requires ingenuity and careful planning 6.2.1 Team work and communication The process of communication is essential in any information system System administration is no different; we see essential bi-directional communications 202 CHAPTER 6 MODELS OF NETWORK AND SYSTEM ADMINISTRATION taking place in a variety of forms: • Between computer programs and their data, •... human–computer systems requires an ability to see relationships between seemingly distinct parts of a system Many failures and security violations result from the neglect of interrelationships within such systems To model the management of a complete system, we need to understand the complete causal web Principle 27 (System interaction) Systems involve layers of interacting (cooperating and competing)... information in directories • The deployment of services for managing structural information • The construction of basic computing and management infrastructure • The scalability of management models • Handling inter-operability between the parts of a system • The division of resources between the parts of the system 6.1 Information models and directory services One way of binding together an organization is... short-sighted in anticipating the magnitude 196 CHAPTER 6 MODELS OF NETWORK AND SYSTEM ADMINISTRATION and complexity of the tasks facing system administrators and are largely oriented on device monitoring Typically, they have followed the singular paradigm of placing humans in the driving seat over the increasingly vast arrays of computing machinery This kind of micro-management is not a scalable or flexible strategy... Principle 29 (System management’s role) The role of management is to secure conditions necessary for a system s components to be able to carry out their function It is not to direct and monitor (control) every detail of a system This principle applies both to the machines in a network, and to the organization of people using them and maintaining them If a system is fundamentally flawed, no amount of management... discussion of decentralized network management using mobile agents [333], the problem of mobile nodes (and so strongly timevarying topology) has received little attention However, we will argue below that ad 206 CHAPTER 6 MODELS OF NETWORK AND SYSTEM ADMINISTRATION hoc networks provide a useful framework for discussing the problems surrounding configuration management in all network types, both fixed and mobile... attempts to rectify some of these issues [86] What we find then is that there is another kind of networking going on: a social network, superimposed onto the technological one The needs of small clusters of users override the broader strokes painted by wide-area management This is the need for a scaled approach to system management [47 ] 6.3 NETWORK ADMINISTRATION MODELS 207 6.3 Network administration models... MODELS OF NETWORK AND SYSTEM ADMINISTRATION constant state; their state changes dynamically in response to user interaction, and in response to the services they perform The SNMP management philosophy, i.e of communicating with an agent for reading and writing, is only effective when the rate of change of state of a device is slow, i.e when the device changes only at about the same rate as the rate of. .. confused with the notion of ‘ad hoc management’ [2 04] , which concerns randomly motivated and scheduled checks of the hosts 6.2.5 Peer-to-peer services Another phenomenon that has received attention in recent years is the idea of peered networks, i.e not hierarchical structures in which there are levels of authority, but networks in which each user has equal authority The emergence of network file sharing . dismissal and legal action. 2. The network Forthepurposeofthispolicy,wedefine‘thenetwork’tomeanthecompany computer and telephone network, including all of its hardware and software. The use of the network. 6 Models of network and system administration Understanding human–computer systems requires an ability to see relationships between seemingly distinct parts of a system. Many failures and security. anticipating the magnitude 196 CHAPTER 6. MODELS OF NETWORK AND SYSTEM ADMINISTRATION and complexity of the tasks facing system administrators and are largely oriented on device monitoring. Typically,