Download security_6

Law, Ethical Impacts, and
Internet Security
1
Legal Issues vs. Ethical
Issues

Ethics—the branch of philosophy that
deals with what is considered to be
right and wrong

What is unethical in one culture may be
perfectly acceptable in another
2
Legal Issues vs. Ethical
Issues

The Major Ethical and Legal Issues
Discussed in this lecture





Privacy
Intellectual property rights and online piracy
Unsolicited electronic ads and spamming
Free speech versus censorship
Consumer and merchant protection against
fraud
3
Privacy

Privacy—the right to be left alone and
the right to be free of unreasonable
personal intrusions

Two rules have been followed closely in
court decisions:
•
•
The right of privacy is not absolute. Privacy
must be balanced against the needs of
society
The public ’s right to know is superior to the
individual’s right of privacy
4
Collecting Information about
Individuals

Web Site Registration

Cookies

Spyware and Similar Methods

Privacy of Employees

Privacy of Patients
5
Cookies

Allows a web site to store data on the
user's PC. When the customer returns
to the website, the cookies can be
used to find what the customer did in
the past.
6
What is Spyware?



Software that gathers user's information without the
user's knowledge.
Originally designed to allow freeware authors to make
money on their products
Spyware stays on the user's hard drive and continually
tracks the user's actions, periodically sending information
on the user's activities to the owner of the spyware and
then used for advertising purposes.
7
Intellectual Property Rights

Intellectual property (IP)—creations
of the mind, such as inventions,
literary and artistic works, and
symbols, names, images, and designs
used in commerce
©
®
8
Unsolicited Electronic Ads:
Problems and Solutions

E-Mail Spamming
unsolicited commercial e-mail (UCE)
The use of e-mail to send unwanted ads
9
Free Speech Versus Censorship
and Other Legal Issues

On the Internet, censorship refers to
government’s attempt to control, in one
way or another, the material that is
presented.
10
EC Fraud -Identity Theft

A criminal act in which someone
presents himself (herself) as
another person and uses that
person’s social security number,
bank account numbers, and so
on, to obtain loans, purchase
items, sell stocks, etc.
11
EC Fraud-Phishing

It refers to a person or a group of
cyber-criminals who use email, popup messages or an imitation or copy
of an existing legitimate webpage to
trick users into providing sensitive
personal information such as credit
card numbers, bank account
numbers, and passwords.
12
Security Issues

Hacker


Firewall


It is a computer program that protects a computer or network from
unauthorized access by hackers.
Computer Virus


He is a person who accesses networks and the computers on the
network without authorization.
It is a computer program that damages your computer system.
Antivirus

It is a computer program that protects a computer from viruses.

Transactional risks

Data can be stolen when exchanged, encryption can be used to
protect data while it is transferred
Encryption is changing readable data to unreadable data to prevent steal

13
Types of Technical Attacks

Denial-of-Service attacks


an attack on a web site in which an attacker uses specialized
software to send a flood of data packets to the target computer
with the aim of overloading its resources.
Malicious Code:


Virus
Trojan Horses: a program that appears to have a useful
function but that contains a hidden function that presents a
security risk.
14
Other Security and Privacy
Concerns in EC
Some of the methods used in market research
and for tracking customers:
 Cookies
 Spyware
 Transaction logs: created by a log file and
records the used activities at the company's
web site (where visitors are coming from, how
often they return, how they navigate through a
site and data from shopping cart)
15