Download Campus Network Usage Policy

China Medical University
Campus Network Usage Policy
Approved at the Administrative Meeting held on March 12, 2003
Amendments approved at the Administrative Meeting held on July 9, 2008
Announced and became effective on July 24, 2008
Article 1 We have established the current policy pursuant to the Ministry of Education's
Campus Network Usage Guidelines in order to maximize the utility of the
University Campus Network ("Network"), to advocate the respect for the rule of
law, and to provide a set of guidelines in which network users can comply, with
the purpose of promoting education and learning.
Article 2 The term "network usage" refers to the use of network equipment (such as
computers, mobile phones and handheld digital devices) to access the Network in
order to communicate with other network equipment via a variety of transmission
media (e.g. wired media such as twisted pair and fiber optic cables; and wireless
media such as radio waves or microwaves).
Article 3 The University's Computer Center is responsible for the following:
(1) Providing assistance to the University in handling network-related legal
issues.
(2) Adopting appropriate measures to ensure the smooth operation and security of
the Network.
(3) Advocating the relevant standards and specifications for network usage and
providing guidance to users of the Network on the appropriate use of information
resources and the importance of complying with relevant network regulations and
etiquette.
(4) Operations and management related to information security.
(5) Other matters related to the Network.
Article 4 Users of the Network should respect intellectual property rights, and peer-to-peer
(P2P) software not intended for official use should not be installed on university
computers nor used to download or share files. In addition, the following actions
involving the infringement of intellectual property rights are strictly prohibited:
(1) Using unlicensed computer programs.
(2) Illegally downloading or copying works protected by copyright laws.
(3) Making copies of works protected by copyright laws available for access on a
website without prior consent of the copyright owner.
(4) Persisting in posting articles originally posted on an electronic bulletin board
system (BBS) or online discussion forums from other websites or systems in
which the authors have indicated that their work is not to be reproduced without
permission.
(5) Setting up a website and allowing the public to download copies of protected
works illegally.
(6) Engaging in any other actions that may involve the infringement of
intellectual property rights.
Article 5 Users of the Network may not engage in the following actions that misuse
network resources or compromise network security, and in the event of such
violations the relevant IP addresses will be disclosed publicly if necessary:
(1) Spreading computer viruses or other computer programs that interfere with or
disrupt the normal operations of computer systems.
(2) Intercepting messages transmitted over the Network without authorization.
(3) Accessing the Network and utilizing its resources by means of cracking,
misappropriating or impersonating another person's account and password, or
disclosing another person's account and password without permission.
(4) Allowing others to access one's account without legitimate reasons.
(5) Anonymously hiding account information or using a false ID. However, users
explicitly authorized to be anonymous are exempt from this rule.
(6) Reading others' e-mail messages or files without permission.
(7) Abusing network resources by any means, including spamming, sending
chain letters or inappropriate information, or engaging in activities that adversely
affect the system's normal operations, such as deliberately overflowing others'
mailboxes or exploiting resources unfairly.
(8) Using e-mail, instant messaging, BBS or similar means to propagate fraud,
defamation, insults, obscenity and harassment as well as conducting trading of
unlicensed software or transmitting illegal messages.
(9) Visiting pornography websites and engaging in other illegal or inappropriate
activities using the University's network resources.
Article 6 To implement this policy, the University shall carry out the following tasks with
respect to network and information security management:
(1) Assisting users of the Network to establish a self-policing mechanism.
(2) Conducting appropriate segmentation and control of network traffic and
volume.
(3) Network usage privileges of users who have violated this network usage
policy or caused adverse impact to Network may be suspended temporarily.
(4) BBS and other websites shall be administered and maintained by dedicated
personnel. Users who have violated website policy may have their articles
removed or user privileges suspended by the system administrator. In the event of
serious violation of University regulations or the law, the University will be
required to take appropriate actions.
(5) Each unit of the University should participate in information security training
courses provided by the Computer Center on a regular basis based on the
different types of requirements of their work--such as management, business and
information--so that all personnel will develop awareness of information security.
(6) All computers accessing the Campus Network should have firewalls activated
and antivirus software installed.
(7) All computer servers located within the University must receive permission
from the Computer Center before they can be set up, and upon approval the
servers will be assigned physical IP addresses and publicly accessible host names
by the Computer Center.
(8) Other matters relevant to the management of the Campus Network.
Users should promptly notify the unit responsible for network administration if
they discover a deficiency in system security.
Article 7 To protect privacy on the Network, the unit responsible for network
administration or any individuals are prohibited from gaining access to users'
personal information without permission or infringing upon their privacy in any
manner. However, this rule does not apply in the event of any of the following
circumstances:
(1) When maintaining or examining system security.
(2) When it is necessary to obtain evidence or investigate inappropriate conduct
based on probable cause in suspected violations of university regulations.
(3) When acting in coordination with investigation by law enforcement agencies.
(4) Other actions taken in accordance with applicable laws and regulations.
Article 8 Users of the Campus Network who have violated the provisions of this policy
shall have their network privileges suspended and shall be held accountable by
University regulations and applicable laws.
Article 9 (1) The term "information security" used in this policy generally refers to the
security of all information technology-related assets owned by the University,
including data, computer software and hardware.
(2) Actions that are in violation of information security include the
misappropriation, leakage, tampering and destruction of a unit's information
technology-related assets due to human error or hazards such as disasters caused
by deliberate acts or natural phenomena.
(3) The Computer Center has been charged with the overall responsibility by the
University with respect to the planning of the Campus Network's usage policy,
measures, standards and code of conduct in order that the objectives set for
information security can be achieved.
Article 10 A user of the Network who has violated this policy and is disciplined accordingly
may file a complaint or request relief in accordance with applicable regulations.
When handling a complaint or request of relief in connection with usage of the
Network, the University shall consult the Computer Center.
Article 11 This policy shall become effective after being passed at the Administrative
Meeting and approved by the University President; the same procedure applies to
all amendments.