The University will begin issuing identification numbers and passwords to users of the University-wide computer network PennNet, in an effort to improve its access security, according to Data Communications and Computing Services officials. The new passwords and IDs will be a part of a user verification system, which will track and record users' actions while logged-on to the system, according to Daniel Updegrove, assistant vice provost for data administration and information resource planning. Updegrove said that the network has been victim to some security breaches, but they have not been serious. "We have had some break-ins," he said. "We have no evidence that any damage was done [to the network]." "Penn has no audit trail indicating who called," he said this week. "We have no clean way of identifying who dialed in." He said he doesn't expect the new system to threaten freedom of access among legitimate users, or create a "big brother" environment of monitoring a user's every action. "There is no intention to keep elaborate records of who is doing what and where on the computer network," he said. "All of these are in the interest of open access and scholarly research." William McGill, an operations manager for DCCS, said that the violations are a problem that the University must address. "The basic problem is the non-Penn people using our dial-up modems," he said. "It's a nuisance from the point of view that when non-Penn people use the facilites, it prevents Penn students and faculty from using them." McGill also said that unauthorized system usage is illegal in Pennsylvania, which has some of the strictest laws in the United States governing access to networks. "Anyone who accesses a computer network without authorization is breaking the law," he said. The administrators of PennNet, which is linked to a larger international "network of networks" known as InterNet, currently have no way of determining who logged at particular times, in case breaches are discovered in the system. Updegrove said break-ins on the University's system not only threaten its integrity, but that of the all of the thousands of networks to which it is connected, through InterNet. "We need this password protection to be a good citizen of InterNet," he said. "We will lose our good standing on the InterNet if we have no way of authenticating our users." Updegrove recommended that to prevent violations, current users not adopt common passwords, like their names, out of respect for the damage which could be done by "unscrupulous people" both to the University, and to other schools as well. "People who use computers on PennNet need to be aware that PennNet is on an international network," he said. "They need to maintain some password hygiene."Comments powered by Disqus
Please note All comments are eligible for publication in The Daily Pennsylvanian.