Transcript Document

Internet and Higher Education
Shawna Lafreniere
Rex Peason
John Reynolds
A Brief Summary of the
Evolution of the Internet
First Vast
Computer
Network
Silicon Envisioned
Chip
A
1962
Mathematical 1958
Theory of
Communication
Memex
1948
Conceived
Packet
Switching
Invented
1964
Hypertext
Invented
1965
TCP/IP
Created
ARPANET
1972
1969
Mosaic
Created
WWW
Internet Created
1993
Named
1989
and
Goes
TCP/IP
1984
Age of
eCommerce
Begins
1995
1945
1945
1995
Internet Growth Trends
•
•
•
•
•
•
•
•
•
•
•
1977: 111 hosts on Internet
1981: 213 hosts
1983: 562 hosts
1984: 1,000 hosts
1986: 5,000 hosts
1987: 10,000 hosts
1989: 100,000 hosts
1992: 1,000,000 hosts
2001: 150 – 175 million hosts
2002: over 200 million hosts
By 2010, about 80% of the planet will be on the Internet
By September 2002
The Internet Reached Two
Important Milestones:
Netsizer.com – from Telcordia
Growth of Internet Hosts *
Sept. 1969 - Sept. 2002
250,000,000
Sept. 1, 2002
No. of Hosts
200,000,000
150,000,000
100,000,000
Dot-Com Bust Begins
50,000,000
9/
69
01
/7
1
01
/7
3
01
/7
4
01
/7
6
01
/7
9
08
/8
1
08
/8
3
10
/8
5
11
/8
6
07
/8
8
01
/8
9
10
/8
9
01
/9
1
10
/9
1
04
/9
2
10
/9
2
04
/9
3
10
/9
3
07
/9
4
01
/9
5
01
/9
6
01
/9
7
01
/9
8
01
/9
9
01
/0
1
08
/0
2
0
Time Period
Chart by William F. Slater, III
The Internet was not known as "The Internet" until January 1984, at which time
there were 1000 hosts that were all converted over to using TCP/IP.
Statistics from the IITF Report
The Emerging Digital Economy *
• To get a market of 50 Million People Participating:
• Radio took 38 years
• TV took 13 years
• Once it was open to the General Public, The Internet made
to the 50 million person audience mark in just 4 years!!!
• http://www.ecommerce.gov/emerging.htm
– Released on April 15, 1998
* Delivered to the President and the U.S. Public on April 15, 1998 by Bill Daley,
Secretary of Commerce and Chairman of the Information Infrastructure Task Force
What did this mean for Higher
Education?
• No freshman student today has not had
access to the internet in the U.S.A.
• The average age of faculty is now 54 in US
colleges ad universities
• There is no limit to accessing data in text,
image, sound or stream format
• The internet is now the accepted starting
point for all research
Areas for today’s conversation
• The Internet and the student (Shawna)
• Controlling the internet through
legislation (Rex)
• The Internet and the Institution (John)
• Questions
Students and the Internet
Presented by:
Shawna Lafreniere
Internet acceptable use policy
Adopted from APU:
Azusa Pacific University's domain name (APU.EDU) and other
University computer, network, and electronic mail systems
exist for the primary purpose of transmitting and sharing
information for the University's purposes. The use of apu.edu
by any member must be consistent with the mission of Azusa
Pacific University and is subject to control by the University.
Computer, network, communications, and Internet services
exist to promote the purposes of the University. Every attempt
to protect privacy will be maintained, but observation of
traffic flow and content may be necessary at the University's
discretion for security and legal reasons. The end-user who
originates traffic will be responsible if the traffic does not
conform to this policy.
Internet acceptable use policy
User Requirements
•
Respect the privacy of others. For example, users shall not
intentionally seek information on, obtain copies of, or modify files
belonging to other users.
•
Only use your own account and password; never misrepresent
yourself as another user.
•
Respect the legal protection provided by copyright and licenses to
programs and data.
•
Respect the integrity of apu.edu so as not to interfere with or
disrupt network users, services, or equipment. Interference or
disruption includes, but is not limited to, distribution of unsolicited
advertising, propagation of computer viruses, and use of the
network to make unauthorized entry into other computational,
communications, or information devices or resources.
Internet acceptable use policy
Acceptable Uses:
•
•
•
•
Use as a vehicle for scholarly or University-related
communications
Use in applying for or administering grants or
contracts for research or instruction.
Use in activities of research or direct support for
instruction.
Use must be consistent with University standards
as defined in its publications.
Internet acceptable use policy
Unacceptable Uses:
•
Use of apu.edu or any other University computing resources
for illegal purposes.
•
Use of apu.edu or any other University computing resources
to transmit or receive threatening, obscene, or harassing
materials.
•
Sending unsolicited advertising.
•
Use for personal for-profit business is not permitted.
•
Use of the network by employees for recreational games is
not acceptable during working hours.
Internet acceptable use policy
Enforcement and Violations
Action may be taken by system management, subject to the
guidance and authority of the Internet Policy Committee, to
prevent possible unauthorized activity by temporarily
deactivating any member. Reasonable efforts will be made to
inform the member prior to disconnection and to re-establish
the connection as soon as an acceptable understanding has
been reached. Any disciplinary action deemed necessary will
be handled through the normal channels as explained and set
forth in the student catalogue, student handbook or other
materials published by the office of the Dean of Students.
Peer to Peer Policy (P2P)
While the definition itself is controversial, generally a peer-topeer (often referred to as P2P) computer network refers to any
network that does not have fixed clients and servers, but a
number of peer nodes that function as both clients and servers
to the other nodes on the network. This model of network
arrangement is contrasted with the client-server model. Any
node is able to initiate or complete any supported transaction.
Peer nodes may differ in local configuration, processing speed,
network bandwidth, and storage quantity. Put simply, peer-topeer computing is the sharing of computer resources and
services by direct exchange between systems. Many
researchers are looking into the practical uses of this
technology.
Peer to Peer Policy (P2P)
This policy intends to make it clear that P2P architecture, itself,
is not in question. What is a concern, however, is one of the
most prevalent uses of this technology, P2P File Sharing
applications used for the distribution of copyrighted
content. Morpheus, KaZaA, Aimster, Madster, AudioGalaxy and
Gnutella, are examples of the kinds of P2P File Sharing
software which can be used inappropriately to share
copyrighted content. Note, that some of these applications
are not pure peer-too-peer architectures, further reinforcing
that the issues with File Sharing applications have more to do
with risk of abuses, than in the technology itself. Along with
copyright infringement, other concerns of P2P File Sharing
applications include network resource utilization, security, and
inappropriate content.
Peer to Peer Policy (P2P)
For the purposes of this policy, a Peer-topeer file sharing application is any
application that transforms a personal
computer into a server that distributes
data simultaneously to other
computers.
Peer to Peer Policy (P2P)
Issues:
Copyright Infringement
Downloading or distributing copyrighted material, e.g.
documents, music, movies, videos, text, etc., without
permission from the rightful owner violates the United States
Copyright Act and several university policies. While it is true
that a number of artists have allowed their creative works to
be freely copied, those artists remain very much the
exception. It is best to assume that all works are copyrightprotected except those that explicitly state otherwise.
Peer to Peer Policy (P2P)
Impact to APU's network
A user's computer acting as a server can place an enormous
burden on APU's network(s). If the computer/server is popular
and does excessive, high-volume transfers of files, this single
computer/server can severely impact the performance of APU's
network. Imagine the impact if there are several
computers/servers functioning in the same manner. For
example, music files (MP3) are usually very large files,
between 2 and 10 MB in size, and movie files (DivX) can be
enormous, averaging 600 MB in size. Some Peer-to-Peer
applications let you choose NOT to be a server, but others,
such as Gnutella, don't. If users simply install the software and
don't take the time to read the documentation, they may not
realize that their computer is acting like a server. Make sure
you understand what the software does.
Peer to Peer Policy (P2P)
Security
Another serious problem with setting up your computer as a
server is that faculty/staff and students could be reducing the
security of their system, allowing a cracker (computer
criminal) to more easily compromise their entire computer and
gain access to private and/or University data. Furthermore,
any compromised computer on the University network
increases the potential risk to all other devices and systems
within that same security context of that network. Peer-topeer file sharing applications differ in how much security they
provide. Be cautious.
Peer to Peer Policy (P2P)
Pornography
Lastly, new reports indicate that Peerto-Peer applications are being used to
disseminate pornography. It is not
known at this time if this is done with
the authorization or knowledge of
computers/servers participating with
Peer-to-Peer applications.
Peer to Peer Policy (P2P)
Policy
It is the policy of APU that the
university's network connections may
not be used to violate copyright
laws. The unauthorized reproduction
of copyrighted materials is a serious
violation of APU's Internet Acceptable
Use Policy, as well as the U.S.
Copyright Laws.
Peer to Peer Policy (P2P)
Background Discussion of Copyright Law
and Potential Liability for Students
Engaged in P2P File Sharing on
University Networks
http://www.acenet.edu/washington/leg
alupdate/2003/P2P.pdf
Peer to Peer Policy (P2P)
Electronic Privacy Information Center
http://www.epic.org/privacy/student/p
2pletter.html
Peer to Peer Policy (P2P)
Joint Committee of the Higher Education
and Entertainment Communities
Technology Task Force
http://www.educause.edu/issues/rfi/
Peer to Peer Policy (P2P)
What Is Higher Education Doing About
P2P?
http://www.educause.edu/asp/doclib/a
bstract.asp?ID=EDU03156
Peer to Peer Policy (P2P)
Higher Education & Entertainment p2p
report:
http://www.p2pnet.net/article/7408
Spam
The first federal anti-spam legislation, the CAN-SPAM
Act of 2003, was signed into law by President
George W. Bush on December 15, 2003. The Act is
effective January 1, 2004. The Act sets rules for
commercial e-mail, although it makes no distinction
between solicited and unsolicited commercial email. Commercial e-mail is defined as "any
electronic mail message the primary purpose of
which is the commercial advertisement or
promotion of a commercial product or service
(including content on an Internet website operated
for a commercial purpose". Several states have
passed similar anti-spam legislation.
Spam
Six years after spam legislation was first introduced, the first
federal spam law was signed by President Bush on December
15, 2003. Despite this milestone, the CAN-SPAM bill remains a
"work in progress." While it includes popular provisions from
several bills, including making spamming a criminal offense, it
also calls for at least five follow-up reports to be submitted to
Congress over the next 24 months. These reports call for
continued work on such things as defining the "primary purpose
of an electronic mail message," what constitutes a
"transactional or relationship message," and what is a suitable
identifier for mail that contains sexually oriented material.
The law also calls for the Federal Trade Commission (FTC) to
submit a plan and timetable for a "do not spam" registry.
Spam laws by state
http://www.spamlaws.com/state/summ
ary.html
Virus and Spam
Microsoft's plan to improve computer
security could set off fight over use
of online materials
http://chronicle.com/free/v49/i24/24a0
2701.htm
Great Site for Free!
Keep up to date on law issues and other
hot higher education topics:
www.universitybusiness.com
The Gramm-Leach-Bliley Act
• Took effect May 23, 2003, with an
extra
year to conform third-party service
provider contracts entered into prior
to
June 24, 2002.
Standard for Safeguards
• Each financial institution must develop, implement
and
maintain a comprehensive information security
program that is written in readily accessible part(s);
• The program must contain administrative, technical
and physical safeguards that are appropriate to:
1. the size and complexity of the financial institution;
2. the nature and scope of its activities; and
3. the sensitivity its customer information.
Required Elements – Each financial
institution must:
• Designate one or more employees to
coordinate its program;
• Assess risks to the security of customer
information;
• Design and implement safeguards to address
risks, and test and monitor their effectiveness
over time;
• Oversee service providers; and
• Institute a training program.
• Adjust the program to address developments.
Azusa Pacific Universities
plan to comply with the GLB
• John Reynolds CIO is designated as APU
administrator charged to coordinate
the university information security
program.
• Mark Dickerson, General Council, as
alternate.
US Patriot Act 2001
• In essence the Patriot Act is an
Extension of FERPA
• That allow federal agency to request
information without the consent of the
student.
• Limited liability, not tested, no
precedent.
US Patriot Act 2001
Four primary areas:
1. The privacy of student records
2. Information and Technology
3. Subpoenas and warrants
4. Environmental health and safety
Privacy of Student Records
•
•
•
•
The request must be by a US Assistant
Attorney General or higher ranking official.
It must be through a court order.
There must be a certification that there
are specific and articulable facts
supporting the request.
Institutions do not violate FERPA by
responding to such and order without
student consent.
Privacy of Student Records
•
•
•
APU does not need to make a record of
disclosure (this is an exception to the current
FERPA requirement).
APU should not be liable to any person for
good faith disclosure of educational records in
response to such and order.
There is a monitoring of foreign student
session; John Reynolds analysis is that the
new information requirements through SERVIS
(the students and exchange visitors program
information system) should cover this
information.
Information Technology Requirement
• Permit government officials to seek
stored voicemail messages without
wiretap authorization
• Requires APU communication providers
to respond to a subpoena for, long
distance, local telephone connection
records, times and duration, telephone
numbers, assigned network addresses,
means and source of payment for these
services.
Information Technology Requirement
• To provide URL records, technically
difficult for APU.
• Authorizes the government to install
devices to track internet use.
• Penalties for computer hacking crimes
have been increased and these include
accessing and transmitting or
destructive programs such as viruses.
Threshold $5000.
Subpoenas / Warrants
• A court order for educational records forces
APU, without student consent, but supported
by a court order, to provide officials with
educational records that are relevant to a
terrorism investigation.
• Subpoenas can reach beyond paper
documents and include digital information as
well as voice mail, emails, and Internet
usage.
• Allows law to intercept wire or electronic
communication that relates to terrorism and
computer fraud/abuse.
Subpoenas / Warrants
• Allows the FBI to seize with a court
order business records pursuant to
terrorism investigation.
• The patriot act does restrict APU from
disclosing that these request were ever
made.
Environmental Health and Safety
• Less relevant for APU
• 10 year imprisonment and a large fine
for possessing a biological agent toxin
or delivery system that is not
reasonably justified by research or
other peaceful purposes.
The Internet and the Institution
Concerns
•
•
•
•
•
•
•
•
•
•
•
•
Use of bandwidth for non-academic purposes
Capacity issues
Streaming audio and video
Pornographic and hate sites
Interference with legitimate research and academic
use
Hacking/Security
Cost
Privacy
Web Domain Management
Libraries
License Management
Public Address Lists
Concerns
•
•
•
•
•
•
•
•
•
Sexual harassment
Legal issues related to fair use
Harassment
Downloading of inappropriate or harmful materials
Faculty training
Response time/Availability
Dorm and off-campus access
Chat rooms
Children using parent's password or access by nonstudents
• Virus and Spam attacks
Web Links
Highlighting Issues
• Azusa Pacific University
www.apu.edu/imt
• Chowan College (Murfreesboro, NC)
http://www.chowan.edu/informationtech/p
olicies/default.htm
• Columbus State University (Columbus, GA)
http://cins.colstate.edu/policies/
• Linn-Binton Community College (Albany, OR)
http://www.lbcc.cc.or.us/aup.html
Web Links Highlighting Issues
• Portland Oregon Community College (Portland, OR)
http://www.pcc.edu/lrc/aup.htm
• South Georgia College (Douglas, GA)
http://www.sgc.peachnet.edu/ComputerCenter/policies/com
ppol.htm
• Umpqua Community College (Roseburg, OR)
http://www.umpqua.cc.or.us/library/dlibaup.htm
• University of North Carolina Greensboro (Greensboro, NC
)http://www.uncg.edu/cis/
• University of Southwestern Louisiana (Lafayette, LA)
http://www.usl.edu/InfoTech/Policies/comp_net.html
• Vanderbilt University (Nashville, TN)
http://www.vanderbilt.edu/HomePage/aup.html
Questions?