Transcript security_6
Law, Ethical Impacts, and Internet Security 1 Legal Issues vs. Ethical Issues Ethics—the branch of philosophy that deals with what is considered to be right and wrong What is unethical in one culture may be perfectly acceptable in another 2 Legal Issues vs. Ethical Issues The Major Ethical and Legal Issues Discussed in this lecture Privacy Intellectual property rights and online piracy Unsolicited electronic ads and spamming Free speech versus censorship Consumer and merchant protection against fraud 3 Privacy Privacy—the right to be left alone and the right to be free of unreasonable personal intrusions Two rules have been followed closely in court decisions: • • The right of privacy is not absolute. Privacy must be balanced against the needs of society The public ’s right to know is superior to the individual’s right of privacy 4 Collecting Information about Individuals Web Site Registration Cookies Spyware and Similar Methods Privacy of Employees Privacy of Patients 5 Cookies Allows a web site to store data on the user's PC. When the customer returns to the website, the cookies can be used to find what the customer did in the past. 6 What is Spyware? Software that gathers user's information without the user's knowledge. Originally designed to allow freeware authors to make money on their products Spyware stays on the user's hard drive and continually tracks the user's actions, periodically sending information on the user's activities to the owner of the spyware and then used for advertising purposes. 7 Intellectual Property Rights Intellectual property (IP)—creations of the mind, such as inventions, literary and artistic works, and symbols, names, images, and designs used in commerce © ® 8 Unsolicited Electronic Ads: Problems and Solutions E-Mail Spamming unsolicited commercial e-mail (UCE) The use of e-mail to send unwanted ads 9 Free Speech Versus Censorship and Other Legal Issues On the Internet, censorship refers to government’s attempt to control, in one way or another, the material that is presented. 10 EC Fraud -Identity Theft A criminal act in which someone presents himself (herself) as another person and uses that person’s social security number, bank account numbers, and so on, to obtain loans, purchase items, sell stocks, etc. 11 EC Fraud-Phishing It refers to a person or a group of cyber-criminals who use email, popup messages or an imitation or copy of an existing legitimate webpage to trick users into providing sensitive personal information such as credit card numbers, bank account numbers, and passwords. 12 Security Issues Hacker Firewall It is a computer program that protects a computer or network from unauthorized access by hackers. Computer Virus He is a person who accesses networks and the computers on the network without authorization. It is a computer program that damages your computer system. Antivirus It is a computer program that protects a computer from viruses. Transactional risks Data can be stolen when exchanged, encryption can be used to protect data while it is transferred Encryption is changing readable data to unreadable data to prevent steal 13 Types of Technical Attacks Denial-of-Service attacks an attack on a web site in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources. Malicious Code: Virus Trojan Horses: a program that appears to have a useful function but that contains a hidden function that presents a security risk. 14 Other Security and Privacy Concerns in EC Some of the methods used in market research and for tracking customers: Cookies Spyware Transaction logs: created by a log file and records the used activities at the company's web site (where visitors are coming from, how often they return, how they navigate through a site and data from shopping cart) 15