- PhD Candidates
- Lugano Campus
October 20th 2006
The university IT network represents an important work tool for all the users at the USI. It comprises all the IT infrastructures and appliances made available to the University. In order to guarantee its operation, all users must follow the following rules:
1. Categories of users
The users of the university IT network are:
a) Staff: the members of the accademic sphere (professors, assistant professors, researchers) and the administrative, librarian, technical and auxiliary personnel;
b) Students: the students who are enroled at the USI or who are in mobility programmes;
c) External: people who are not part of the USI but who have obtained special access authorisation to the resources and the central IT services.
2. Purposes of use
The computers and IT appliances are made available to users to carry out activities pertaining to their study plans or to their job descriptions. The use of these materials for other purposes, e.g. personal, is tollerated when:
a) only negligible cost impact is implied (depending therefore on the quantity of information intaken);
b) there is no evident contrast to the interests and the image of the owners of the network (University and State authorities);
c) the access to other authorised users is not hindered;
d) it is not intended for lucrative activities, except where expressly authorised;
e) [for staff] it does not compromise their current duties.
Access to the IT infrastructure and appliances may be discontinued typically in the case of termination of a collaboration agreement (staff), definitive de-enrolment or termination of a mobility programme (students), or the non-renewal of a special authorisation (external personnel).
Access may be discontinued also in case of violation of the present rules.
4. Particular obligations
Codes and passwords
When the appliances are accessed with codes and passwords, the user must not communicate them to other people and must protect them appropriately. For security reasons, it is recommended to change them on a regular basis. It is forbidden to use passwords that are not ones own.
The user must abide to the declared network rules, especially those of the SWITCH, as well as the general usage recommendations for the Internet.
All activities involved in the by-passing of security systems (of software and materials) are forbidden.
Copyright, data protection
Users must abide to copyright regulations, especially in the case of copying and transmission of licenced programs, in respect of Cantonal and Federal copyright and personal data protection laws, as well as the USI rules.
Communication of violations
The user must inform the staff responsible for the maintenance of all IT appliances of any violations to these rules that should occur in reference to the appliances themselves. The simple possession of means that could violate these rules could be considered a violation in itself, if the user cannot prove that the afore mentioned possession is justified by necessity of regular usage or by given mandate.
The user is responsible for respecting the intellectual property of the software programs used, for the use of the network and for the content of the information disseminated. Furthermore, the content of exchanged messages must be decent, respectful of others and of the University and its members.
In particular, it is forbidden to:
a) use, save (except for safety backups) and disseminate software or related documents, without prior authorisation of the author or the copyright owner;
b) illegally procure protected data, introduce oneself into protected systems, damage third party data, as well as circulate software for that purpose;
c) disseminate pornography, incite racial hatred, felony, defamation, insult, etc.
d) the connection of personal appliances to the IT network is forbidden except when specifically authorised.
Alongside with the rules of the Swiss Penal and Civil codes, of the Federal copyright and patent protection laws, and of the Federal and Cantonal data protection legislation, also the disciplinary rules of the institution to which the user belongs are valid.
The connection of private computers with the IT infrastructure is not allowed unless explicit authorization.
The user is responsible for his/her data (backup, secrecy, content).
The USI will not be held liable for the occurrence of any direct or indirect damages, or any consequent damages of the use of central IT services by the user.
7. SWITCH authentication and authorisation structure (IAA)
Clause on data protection
The user is hereby informed that the personal data that concerns him or her are collected from available sources and by communications obtained by the user or by other universities, and/or by external sources to the site. This data will be typically used to authenticate, authorise the access and the use of resources between the USI and other sites (“Authorised transmissions”). The user accepts the collection, the handling, the use and the dissemination of this data as reasonably requested by the Authorised transmissions. This agreement typically implies the communication of personal data to other institutions by means of cookies, the exchange, memorizing and depositing in electronic format of personal authorisation attributes.
Limitation of responsibility
Within the given legal limits, the user will renounce in advance to seek damages, both casual or consequential (including, among these, non-usage and loss of earnings), contractual or for illicit acts, derived from the use of authentication and authorisation services that enable the user to access the resources. The renouncement to the seeking of any form of damage is extended to all the benificiaries of authorisation and authentication services, especially to the provider of the IAA service and its branches and staff members.
8. Monitoring and consequences
The managers of the IT infrastructure and appliances may monitor, even unknowingly, the activities of the users whenever indications that presume violation of the rules should occur, in order to detect the relevant authors. The user who does not abide to the present rules shall be reported to the accademic and administrative authorities to take further disciplinary actions.
The violation of the rules may involve, besides disciplinary or penal consequences, the revoking of the access authorisation and the obligation to pay damages as the result of abusive use, of its identification and of other possible giudicial procedures.
The present rules have been approved by the Administrative Management of the USI on October 20 th, 2006. They replace any previous text currently in force, among which the USI users’ guide to IT infrastructure and appliances of October 7 th, 2004.