CAIDA Privileged Access Usage Agreement

The purpose of this document is to specify a set of guidelines for acceptable use of machines at the Center for Applied Internet Data Analysis (CAIDA). CAIDA senior staff have the authority to disable logins immediately for failure to comply with this agreement. These rules apply to any system managed by CAIDA staff. Please complete and submit the form below to request privileged access on CAIDA machines.

This form is for CAIDA employees and lab visitors only. You must already be an approved CAIDA staff to request access. For access to CAIDA datasets, see CAIDA Data Overview for an updated list of available datasets.

1) Privileged access to any system is to be used only for the purpose it was given. Use of privileged access for any unauthorized purpose is prohibited. You shall not execute any commands as a privileged user to gain unwarranted access to private information. In responding to problems, it IS appropriate to access as much data as necessary to resolve the problem. It IS NOT appropriate to use sudo to read someone's mail, or to browse someone's files.

2) Your password must be changed at least once a year, or immediately if guessed by a password cracker or seen by another person (even if only partially). Be sure you never change your password across an unencrypted network connection. You must choose a password that is sufficiently difficult to guess, that is not based on a dictionary word, and that contains mixed case, numbers, and/or punctuation. You must use a different password on non-CAIDA machines (e.g. SDSC, UCSD, Google, etc). Many systems do not require the use of secure login mechanisms such as ssh, and consequently passwords may be intercepted during ordinary use. By using different passwords in separate domains, you prevent an intruder from gaining access to CAIDA machines even if they have already compromised other systems.

3) You must not give your password to anyone under any circumstances. Logging in for a guest and allowing them to use your account temporarily is acceptable provided it is completely supervised by you, or if you completely trust the borrower.

4) Root shells are not appropriate unless absolutely necessary. When a root shell is used, preface each command with sudo so the commands are logged.

5) Information gained through privileged access is privileged and should not be repeated. You are personally responsible for ensuring that any information you may obtain through privileged access is not used by yourself, or anyone else. Just forget you ever saw it.

6) This agreement supplements the agreement governing general use of accounts.

I understand and will abide by the above terms and conditions. If the propriety of any situation is unclear, I will ask for clarification from my supervisor rather than making assumptions. I understand that my sudo privileges may be revoked if the terms and conditions are not adhered to.

Agree to terms and conditions
Applicant Information
Additional Comments
Required fields are indicated by an asterisk (*).

Last Modified