Terms and Conditions of the University Computer Centre at the TU Chemnitz

Regulation for Rooms

In order to guarantee an undisturbed operational procedure, the following regulations have to be met:

1. Being in URZ rooms is only allowed for beneficiaries in connection with working on the installed equipment technology.
   If demanded by an URZ employee, beneficiaries have to identify with a valid user or student document.
2. It is not allowed to eat, dring or smoke within the rooms.
   It is not allowed to bring in pets. Devices and other equipment must not be diverted from its intended use (e. g. by sitting ob the table or putting clothes on the devices).
3. It is prohibited to intervene the equipment technology, to use devices declared to be defect, or to install or remove defect labels. Every malfunction has to be reported to the IT service desk immediately. In any case of hazard, the user is bound to inform the IT service desk and to take adequate actions to limit defects if possible.
4. Access to the pool rooms is possible by using the TU card. Every kind of misuse is prohibited.
5. A considerate behaviour and the maintaining of order and cleanliness is preconditioned for every user.
6. The URZ employees are authorised officers.
7. Using the installed equipment depends on the opening/access hours at the different campus parts. Most of the computer labs are accessible from 6:00 till 2:00 on weekdays and from 6.00 till 22:00 on saturdays. Detailed information is available online or at the IT Service Desk.

Please, consider further notes in the rooms!

Regulations for the Use of Software

Based on the treaties between the TU Chemnitz and the different lincencers the following liabilities arise for all users:

1. According to the copyright law, also programmes for data processing and documentation are explicitly proprietary. An acquirement of installed programmes and data contradicts the copyright law and licence treaties, which are concluded by the university. Copying the available software is prohibited by copyright law. Copies may only be produced in an amount that serves the protection of the software (backup copies). Making such copies is reserved to software and system administrators.
2. Dissemination of the software and documentations to third (sale, surrender, leasing, loan) is not allowed.
3. Copying software from the ftp server and demontration software from the software server of the URZ is allowed. The usage of this software is also possible outside the TU Chemnitz, if licence conditions are considered.
4. All members of the University are permitted to copy free, licensed software from the software server of the URZ; the use of such software is possible in compliance with the respective licence conditions.
5. Only explicitly authorised members of the university are permitted to copy and use chargeable, licensed software available on the software server, subject to the respective licence conditions.
6. Express reference is made to the legal consequences resulting from a violation of the aforementioned regulations. A violation of these regulations makes the user liable for damages and will be prosecuted. In addition, charges of theft, embezzlement and breach of trust may be considered if the software stored on data carriers is stolen.
7. Any copying of third-party software on the university's computer systems is also prohibited. The making of unauthorised copies and the subsequent distribution of such copies will result in the legal consequences mentioned in the previous point.
8. The development and use of software that falsifies data files, slows down the work of computer technology and triggers other functions that impede normal work has legal consequences. Even the intention to develop and use such software is punishable.
9. The operating and application software of all computers of the university may only be operated on the associated computer systems and may only be used to solve official tasks within the scope of education, training and research.

Dipl.-Ing. Lothar Kempe
Administrator of Business of the URZ

Chemnitz, 16. May 2002

Regulation of Operation for Security within the Campus Network
(Network Security Policy)

1. Concern

This document contains specifications for the use and operation of computers in the campus network of Chemnitz University of Technology. The central importance of the campus network for the fulfilment of tasks in teaching, research and administration require a stable and secure operation of the network. Ensuring high quality operation requires the cooperation of all users.

In the foreground are

• the concerns of data protection
• the protection of privacy,
• preserving the integrity of the data and
• the use of resources for the intended purpose.

2. Purpose of the Campus Network

The campus network of Chemnitz University of Technology is one of the most important components of the communication infrastructure within the university. In addition, it enables access to national and international information sources via the science network and supports communication with partners on the internet.

The operation of the campus network exclusively serves research and teaching as well as related administrative tasks. It is available to all members of the TU Chemnitz for these purposes. Any other use – including commercial use – is prohibited.

3. Users, Administrators, and Network Operators

Users of the campus network are all persons who use computers on the campus network. Access can take place directly at computers in rooms of the TU, via other networks or via direct dial-in options.

Administrators of computers on the campus network are members of the TU who have received an IP address from the URZ for the operation of a computer on the campus network. It is irrelevant whether the computers are connected to socket ports in the rooms of the Chemnitz University of Technology or receive access via cable-based dial-up procedures or wireless networks. The decisive factor is the use of an IP address of the Chemnitz University of Technology.

The campus network is operated by the University Computer Centre. In particular, the URZ manages the connection to the academic network, all active components in the network (e.g. routers) and the allocation of IP addresses of the TU Chemnitz. The administration of individual parts of the campus network can be handed over to other members of the TU (administration network, CSN, …).

4. Responsibility of the Users

The use of the campus network must be in accordance with the purpose of the campus network. Secure and stable operation depends on the cooperation of all users. General rules of conduct apply:

1. Please, inform yourself about network connections, services, regulations and responsibilities and keep yourself up to date!
2. Note the local rules of operation and conduct! Respect the rules that differ in other parts of the data networks!
3. Please consider, that you are part of solidarity community and that your actions must not do harm to the community!
4. Report deficiencies such as technical defects, unintentionally obtained information or recognised security vulnerabilities to the administrator (or to the URZ when in doubt)
5. Speak to a person responsible for network before using new network services. On the one hand, innovative users can contribute to the further development of the networks. On the other hand, misconduct is not a trivial offence.
6. Protect yourself and your resources by monitoring the using of your account, encryption of confidential data and a careful storage of your passwords.
7. Passing on account and password information is generally prohibitted.
8. Consider the proportionality of your actions with regard to the purpose to be achieved.

5. Responsibility of Administrators

The administration of computers within the campus network has to be done cooperative, appropriate and purposeful. In case of multi user systems a coordinated user management is required. Anonymous using of computers within the campus network is inadmissible (exception: freely accessible information computers).

The administrator is responsible for the security of a computer within the campus network. Administrators are obliged to follow sources of information on security problems and to react to tips on how to eliminate security gaps. The URZ passes on information about security problems to the administrators. Failure to follow such advice may result in the computers being disconnected from the campus network. The administrator must then prove that appropriate measures have been taken according to the in accordance with the information provided.

Furthermore, the URZ is entitled to demand proof from administrators of their ability to responsibly operate computers in the campus network. The organisation of data backup measures is the responsibility of the administrators.

6. Responsibility of the Network Operators

As the operator of the campus network, the URZ works closely with the DFN as the operator of the science network. It undertakes measures to protect the entire campus network or individual subnetworks (firewall functions) and thus creates the framework conditions for secure communication in the campus network.

Computers that disrupt or hinder regular operations can be disconnected from the campus network by the URZ or their data traffic can be suitably prevented. In such cases the administrators and users of these computers will be informed and obliged to restore the proper operating status of the computer.

The tasks of the network operators also include the instruction, support and further training of administrators in questions of security in the campus network. For this purpose, the URZ can also use automated procedures to check the security status of computers in the campus network. If support by the administrators is required for this, they are obliged to comply with corresponding requests from the URZ.

For the purpose of analysing malfunctions and recognising abuses the network operators are entitled to record data in the network in accordance with the stipulations in § 5 of the URZ usage regulations.

7. Procedures and Methods

To enforce this policy, processes and procedures are defined and published. These specify current measures and rules for the behaviour of users, administrators and network operators. This can also include standards that prescribe certain configuration settings in the operating system and the use of certain software (e.g. anti-virus software).

The data collected for the purpose of this operating regulation will be deleted as soon as they are no longer necessary to ensure network security in accordance with § 20 para. 1 no. 2 Sächs. Data Protection Act.

8. Additional and further Notes

• Current protective measures in the network
• Rules of Use of the DFN Association

Status from: 17. Juni 2004

Chemnitz University of Technology
University Computer Centre
– Adminitstrator of Business –