Your SlideShare is downloading. ×
Info 442 chpt 1
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Info 442 chpt 1

51
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
51
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. INFO 442: INFORMATION POLICY AND INTELLECTUAL PROPERTY Senait.s (Bsc,Msc) 04/12/14 1
  • 2. Chapter One Information Policy Government information Freedom of Information Public Information Information privacy Information policy and the stakeholders Information security or Data Protection 04/12/14 2
  • 3. Information policy Information policy Information • The importance of information in our society can hardly be over estimated. • As we increasingly recognize the critical nature of information policies that affect information creation, organization, use and dissemination become equally, critical. • Information is essential to our participation in deciding how to vote, where to live, how to find a job, organizing life long learning and planning our retirement and all depend on timely access to information. 04/12/14 3
  • 4. Information policy Cont” Policy • defined as a plan or course of action used by an organization to convey instructions from its senior most management to those who make decisions, take actions, and perform other duties on behalf of the organization. • Polices are organizational laws in that they dictate acceptable and unacceptable behavior within the context of the organization's culture. • Like laws, policies must define what is right, and what is wrong, what the penalties are for violating policy, and what the appeal process is. 04/12/14 4
  • 5. Information policy Cont • A policy defer from standards, Standards are more detailed statements of what must be done to comply with policy. • Policies are considered as the basis for all information security planning, design, and deployment. • Policies do not specify the proper operation of equipment or software. This information should be placed in the standards, procedures and practices of users' manuals and systems documentation. • Policy can be an individual matter or an official enactment. 04/12/14 5
  • 6. Information policy Cont Public policy • Public policy on the other hand is a form of law made by the governing bodies of organizations: – to govern, – direct, – control, and – regulates members of the organization. • It can take the form of laws passed by the legislature, decisions of government or boards of directors of public corporations, private companies, or even instructions or directives issued by departments. • Public policy is usually a product of a bureaucracy to regulate government actions and programs. 04/12/14 6
  • 7. Policy making • Policy making refers to the process of making important organizational decisions, including the identification of different alternatives such as programs or spending priorities, and choosing among them on the basis of the impact they will have. • It could be understood as a political, management, financial, and administrative mechanisms arranged to reach explicit goals. 04/12/14 7
  • 8. Policy content • Policies are typically promulgated through official written documents. • Policy documents often come with the endorsement or signature of the executive powers within an organization to legitimize the policy and demonstrate that it is considered in force. • Such documents often have standard formats that are particular to the organization issuing the policy. 04/12/14 8
  • 9. Policy content (cont.) • While such formats differ in form, policy documents usually contain certain standard components including: – A purpose statement, outlining why the organization is issuing the policy, and what its desired effect or outcome of the policy should be. – An applicability and scope statement, describing who the policy affects and which actions are impacted by the policy. The applicability and scope may expressly exclude certain people, organizations, or actions from the policy requirements. Applicability and scope is used to focus the policy on only the desired targets, and avoid unintended consequences where possible. 04/12/14 9
  • 10. Policy content (cont.) – An effective date which indicates when the policy comes into force. Retroactive policies are rare, but can be found. – A responsibilities section, indicating which parties and organizations are responsible for carrying out individual policy statements. Many policies may require the establishment of some ongoing function or action. For example, a purchasing policy might specify that a purchasing office be created to process purchase requests, and that this office would be responsible for ongoing actions. Responsibilities often include identification of any relevant oversight and/or governance structures. 04/12/14 10
  • 11. Policy content (cont.) Policy statements indicating the specific regulations, requirements, or modifications to organizational behavior that the policy is creating. Policy statements are extremely diverse depending on the organization and intent, and may take almost any form. Some policies may contain additional sections, including: Background, indicating any reasons, history, and intent that led to the creation of the policy, which may be listed as motivating factors. This information is often quite valuable when policies must be evaluated or used in ambiguous situations, just as the intent of a law can be useful to a court when deciding a case that involves that law. Definitions, providing clear and unambiguous definitions for terms and concepts found in the policy document.04/12/14 11
  • 12. Types of library and information center policies Aside from collection development policies, libraries and information centers need policies that address issues such as types of resources to support the organization, licensing issues, and user access. Other policy topics include how and which resources should be cataloged, placed in a content management system or subject guide, or added to an EDRM system. The development and use of policies is critical in electronic resource management and for communicating a library or information center’s goals. 04/12/14 12
  • 13. Types of library and information center policies (cont.) • Examples of policies in libraries and information centers: – Collection development policy – Communication and information policy – Staff training and development policy – Health policy – Housing policy – Human resource policies, etc. 04/12/14 13
  • 14. Collection Development Policy (CDP) • For the purpose of this lecture, the Collection Development Policy shall be used as an example. • A collection development policy in a library or information center is defined as a guide for the acquisition librarian on what should be bought, for who and how the materials are to be acquired. • The policy statement of the Collection Management Policy is to provide a planning document to organize and guide the process of acquiring and providing access to print and electronic information resources and to manage their growth, maintenance, preservation, withdrawal and cancellation. 04/12/14 14
  • 15. CDP (cont.) • It will be reviewed and revised periodically, as needed. • A policy statement in a library or information center environment is defined as a kind of framework and set of parameters within which staff and users work. It serves many functions beyond being merely a tool for selection of materials: – It provides a theoretical overview that explains the educational, social, and cultural rationale for the development of the collection. – It also states directions, guidelines, controls, and standards for the overall management of the collection. 04/12/14 15
  • 16. CDP (cont.) – In addition to describing current collections, it forces the staff involved to (re)consider the aims and objectives of the organization, both long and short term, and the priorities to be attached to different activities. – It assists with budgeting, – Serves as communication channel within a library and between the library and outside constituents, – Supports cooperative collection development, – Prevents censorship, and – Assists in overall collection management activities, including the handling of gifts, de-selection of materials and serial cancellations. 04/12/14 16
  • 17. CDP (cont.) Gardner (1981) suggested that there should be a written collection development policy statement that is intended to: 1. Force staff to think through library goals and commit themselves to these goals helps them to identify long- and short- range needs of users and to establish priorities for allocating funds. 2. Help assure that the library will commit itself to serving all parts of the community, both present and future. 3. Help set standards for the selection and weeding of materials. 4. Inform users, administrators, and other libraries of collection scope and facilitate coordination of collection development among institutions. 04/12/14 17
  • 18. CDP (cont.) 5. Help minimize personal bias by selectors and to highlight imbalances in selection criteria. 6. Serve as an in-service training tool for new staff. 7. Help assure continuity in collections of any size and provide a pattern and framework to ease transition from one librarian to the next. 8. Provide a means of staff self-evaluation, or for evaluation by outsiders. 9. Help demonstrate that the library is running a business-like operation. 10. Provide information to assist in budget allocations. 11. Contribute to operational efficiency in terms of routine decisions. 12. Serve as a tool of complaint handling with regard to inclusions or exclusions. 04/12/14 18
  • 19. Reasons for a written collection development policy (RWCDP) The library or information center’s primary task is to: select, maintain, and provide access to relevant and representative information resources. Due to technological developments, libraries or information centers are, in the main, moving from holdings (‘just in case’) to access (‘just in time’) strategies. This implies that collecting policies are significantly changing and that libraries and information centers need to disseminate widely information on their collecting policies. 04/12/14 19
  • 20. RWCDP (cont.) • The main reasons for having a written collection development policy can be put under four broad headings: 1. Selection: The primary function of a written collection development policy is to provide guidance to staff when selecting and deselecting (printed and non-print) resources for the collection. The document serves as a guideline for each stage of materials handling. It might cover the selection, acquisition, processing, housing, weeding, retention, preservation (archiving in case of electronic and digital resources), relegation and discard of all types of library material in the relevant subjects, with reference to specified levels of collection depth and breadth. 04/12/14 20
  • 21. RWCDP (cont.) • This reduces personal bias by setting individual selection decisions in the context of the aims of collection building practice, and identifies gaps in collection development responsibilities. It ensures continuity and consistency in selection and revision. Moreover, it clarifies the purpose and scope of the collections, and allows selection decisions to be evaluated by, for example, identifying what proportion of in-scope published material has been acquired. Such a reference guide reduces the need of selectors to raise recurrent questions, and assists in the training of new staff. It also provides useful information to other library staff whose work is collection based. 04/12/14 21
  • 22. RWCDP (cont.) 2. Planning: A policy document provides a sound foundation for future planning, thereby assisting in determining priorities, especially when financial resources are limited. This provides a basis for the fair allocation of resources, and helps to protect library funds by explaining the rationale behind acquisitions bids. Having a formal publication to refer to ensures continuity and avoids confusion. Compilation of a formal document is beneficial in itself, in that it involves acquiring knowledge of existing collection strengths, and obliges staff to reflect on the library's goals. The stated aims help other collection-related activities such as cataloguing, preservation and storage to form a coherent strategy, and support reader services, for example by identifying areas that are ripe for de-selection, or more suitable for inter-library loan, document delivery or Internet access than for acquisition. 04/12/14 22
  • 23. RWCDP (cont.) 3. Public relations: Formal policy statements can be useful in making the case for the library when dealing with both its users, administrators and funding bodies. They support the stated objectives of the organization, demonstrating accountability and commitment to agreed goals. Ideally, the compilation of the document requires the active participation of both users and administrators, thereby improving communication between the library and its clientele. 04/12/14 23
  • 24. RWCDP (cont.) 4. The wider context: As individual libraries or information centers are increasingly unable to provide all their services by themselves, they are banding together into cooperatives, alliances and consortia. For these ventures to work, there must be mutual knowledge and agreement on which library is collecting what. A written collection development policy therefore often serves as a basis for wider cooperation and resource sharing, whether in a locality, region, country, or even internationally. 04/12/14 24
  • 25. . Steps in Formulating the Policy 04/12/14 25
  • 26. Government information ContGovernment information • Government information is those information materials produced by the government of a country and made available to its citizens through legal deposit libraries. Eg, there are more than 1200 "depository libraries" for U. S. government information. • Governments is the largest producers of information in a country. These same governments, (federal, state, local) are also desperately looking for revenue. • Two sources of revenue under consideration are selling government information to the private sector for repackaging and resale or to charge the public directly. 04/12/14 26
  • 27. Freedom of Information Freedom of Information • Freedom of information allows individuals to request a wide range of government information that may not normally be available. • The Federal Government of countries of the world have some version of this legislation although the degree of access varies widely. • Freedom of information legislation is important because it can open the operations of government to public study. • The legislation requires that there is improved access to government information with very limited exemptions to the release of information by government to its citizens. • It is an important component of the internationally guaranteed right to freedom of expression, which includes the right to seek and receive, as well as to impart, information and ideas of all kinds regardless of frontiers. 27
  • 28. Freedom of Information cont’ • The unequivocal importance of freedom of information was recognized during the first session of the United Nations General Assembly in 1946, which adopted Resolution No. 59 (1) stating that: • ‘Freedom of information is a fundamental human right and the touchstone of all the freedoms to which the UN is consecrated.’ • Eg, the Ethiopian Constitution in article 29 of proclamation 178/1999 guarantees right of thought, opinion, freedom of expression and the press in the following terms: • 1. Everyone has the right to hold opinions without interference. • 2. Everyone has the right to freedom of expression without interference. 04/12/14 28
  • 29. Freedom of Information Cont• This right shall include freedom to seek, receive and impart information and ideas of all kinds, regardless of frontiers, either orally, in writing or in print, in the form of art, or through any media of his choice. • 3. Freedom of the press and other mass media and freedom of artistic creativity is guaranteed. Freedom of the press shall specifically include the following elements: • a) Prohibition of any form of censorship • b) Access to information of public interest. 04/12/14 29
  • 30. Freedom of Information cont’ • 4. In the interest of free flow of information, ideas and opinions which are essential to the functioning of a democratic order, the press shall, as an institution, • Proclamation No. 178/1999, published on 29 June 1999 (Federal Negarit Gazeta 5th Year No. 62). • According to Article 19 of Global campaign for free expression on the legal framework for freedom of expression in Ethiopia, there is no law guaranteeing access to information in Ethiopia other than the general principle laid down in the constitution and a brief article in the Press law. 04/12/14 30
  • 31. Information privacy Information privacy • Personal privacy has very much been affected by the internet. • Eg, there is a great deal of information about individuals available on the internet. • Currently, a substantial amount of information can be and is collected on the internet about individuals, often without the knowledge of the individual. • Perhaps some of it is advantageous, e.g. when a favorite shopping site presents items probably of interest, but what about insurance companies discovering that you visit certain sites providing information on particular diseases in order to affect your insurance coverage or rates? 04/12/14 31
  • 32. Information privacy Cont• The laws affecting privacy stem both from the federal and state constitutions and statutes and from common law principles. • Computers and telecommunications make it possible for governments and corporations to collect vast amounts of information on individuals. • Protection of personal information is an important concern for most people. • Personal privacy protection legislation ensures that you know what information the government is collecting about you; that it is only collected for specific reasons associated with specific government programs or laws; and that you can correct any inaccurate information. 04/12/14 32
  • 33. Information policy (Cont.) Information policy • Information policy is any law, regulation, rule, or practice (written or unwritten) that affects the creation ,acquisition, organization, designation or evaluation of information. • Most often information policy is discussed in forms of governmental legislation. This legislation usually focuses on areas such as: – information technologies for educational and industrial uses, – telecommunications, – privacy issues, 04/12/14 33
  • 34. Information policy Cont – computer regulations and crimes, – copyright and intellectual property, and – government information systems. • Information policy determines the kind of information: – collected, – created, – organized, – stored, – accessed, – disseminated and retained. – Who can use the information, whether there will be charges for access, and the amount charged, is also covered. 34
  • 35. Information policy Cont • An information policy is usually associated with government information. we see information policy as concerned with 3 major areas. • Governmental creation and dissemination of information. – This includes government funding of research and development efforts, as well as government creation of information such as economic statistics, dissemination of legislation and administrative rulings, cultural materials, and so on. – It is important to observe that government policy towards the creation of information is distinct from government policy towards the dissemination of information once created. • Development, regulation, and usage of information infrastructure. This includes issues such as telephony and broadcast regulation, infrastructure for schools and libraries, security and integrity of the infrastructure, and so on. 35
  • 36. Information policy Cont • Institutional and legal infrastructure. This includes US participation in international treaties and organizations, privacy rules, antitrust policy, standard settings, contract law, encryption and security, and intellectual property policy. • Information policy also establishes the rules within which private information providers and the media operate. • Information policy includes the following areas :  Literacy  privatization and distribution of government information freedom of information access protection of personal privacy intellectual property rights retention of archival copies of material Citizen's Charter of Information Rights 36
  • 37. Is Information Policy only about ICT?
  • 38. Information Sector • Information Policy – Scope • The goal may be building an information society, but Information policy is not just about information technology. • Good policy with regard to the building of the information society must rely not only on sufficient technical and material resources (the networks) and skills, but also be logical with other societal policies.
  • 39. Information policy Cont • Three Hierarchical Levels for national Information Policy (Reynolds)
  • 40. Information policy Cont National Information Policy – hierarchical levels Infrastructural policies • Deal with the development of national (or more recently also regional) infrastructures required to support an information society. – The absence of infrastructural policies and implementation strategies would make it virtually impossible to deliver on any other vertical or horizontal ICT related policies. Vertical Information Policies would include sectoral policies such as education, tourism, manufacturing, health, etc. Horizontal Information Policies refers to those policies that impact on broad aspects of society, e.g. policies relating to freedom of information, tariffs and pricing, and the use of ICTs by government internally and in its relationships with citizens, business, labour, academia, etc.
  • 41. Information policy Cont • Policies for shaping an integrated ICT Structure
  • 42. Information policy Cont • An integrated ICT policy involves a high level of collaboration from all relevant government departments, and from the much larger group of stakeholders impacted by, and impacting on ICT policy. • Failure to provide integrative mechanisms for addressing ICT policy formulation, and implementation, has been one of the major stumbling blocks in many countries. • In the absence of a national ICT policy, the tendency is towards the creation of sector dependent policy that addresses only its own ICT needs. • These policies become firmly entrenched within the sector and later attempts to integrate them into a broad all encompassing ICT policy become difficult.
  • 43. Information policy Cont NIP – Contributions • A National Information Policy framework will contribute to: – Modernizing government – Building a knowledge-driven economy – The best environment in the world for e-commerce – Improving health service effectiveness – Improving educational effectiveness – Avoiding social exclusion – Implementing strategies for regional development – Building an informed democracy – Strengthening our cultural identity – Maximizing investment benefits.
  • 44. Issues to Consider in the Development of Information Policy • In developing countries the emphasis is often on infrastructure policy development, while neglecting dimensions of human resource development and information content issues. • The move towards globalization in the Telecommunications Sector – Deregulation and liberalization – Governments are under pressure from global forces, specifically the World Trade Organization (WTO)
  • 45. Issues to Consider in the Development of Information Policy cont” – The global telecommunications sector has experienced a severe shift from transnational regulatory institutions to the operation of the WTO's open market framework – The first global shift has been one from closed domestic markets to open competition. • This changing environment has to be considered when policies are formulated. • Reform and Regulation of the Telecoms Sector – The swing towards a worldwide liberal ICT regime demanded the shift to a different regulatory regime. – During the 1990s a telecoms reform wave arose, seeing many countries creating independent and transparent regulators, and regimes to manage transitions to a competitive market.
  • 46. Issues to Consider in the Development of Information Policy cont” African Telecommunication Union (ATU) – The vision of ATU is to make Africa an equal and active participant in the Global Information Society. – The mission is to promote the rapid development of info- communications in Africa in order to achieve universal service and access, in addition to full inter-country connectivity, in the most effective manner. – The restructured African Telecoms Union is placing increased emphasis on public/ private-sector partnerships for telecommunications infrastructure development The telecoms sector with entertainment houses, software companies, cellular companies and Internet service providers creating new techniques for distributing a multitude of services and content over varied ICT infrastructure
  • 47. WTO(World Trade Organization ) WTO, which has become the most important institution within the global telecoms mark, has set rules for telecommunications that extend across 140 countries. – Underlying the WTO agreements is the move towards global liberalized trade, including liberalized telecommunications markets. • Global influences shape policy: – GATT - General Agreement of Tariffs and Trade – WTO – World Trade Organization (1995) – GATS – General Agreement on Trades and Services – WTA – Information Technology Agreement (1997) – WIPO – World Intellectual Property Organization – WTO Basic Telecommunications Agreement - domestic and foreign carriers treated equally, no restrictions on foreign capital,
  • 48. Trans-border Data Flow (TDF) • What is TDF? – The flow of digital information across borders for storage or processing in foreign computers. What type of Data ? • Personal Data • Business Data • Technical Data • Organizational Data
  • 49. Trans-border Data Flow (TDF) cont”• TDF – Types of Data Flows • One-way flows – Consolidation Flows » subsidiary reporting to head office – Distribution Flows » Head office distributing data to subsidiaries • Two-way flows – Trans-National or Multi-national Data flows – Users connect to host computer(s) in one or many different countries
  • 50. Trans-border Data Flow (TDF) cont” • TDF – If data from country , flows through country without storage or usage then no TDF has occurred –Reasons for Regulation of Data flows • National Security • National Sovereignty • National Economic welfare • Protectionism • Personal privacy
  • 51. IP and STAKEHOLDERS Cont INFORMATION POLICY AND THE STAKEHOLDERS • There are a variety of stake holders in the information policy process, stake holders who are deeply concerned about information from a legal and political perspective. • These stake holders include business, government, Information producers, disseminators and the public. Business and Industry • Because information is critical to competition, business and industry are very active in influencing policies that will affect the dissemination and restriction of information. 04/12/14 51
  • 52. IP and STAKEHOLDERS Cont • Business and industry have special interests in both the discovery of new knowledge and the organization of current knowledge. • There are policies affecting the discovery and exploitation of new knowledge to improve productivity and profit. • Business and industry have a strong need to control knowledge and to protect proprietary information; as well as laws that permit the restriction of an employee's use of protected knowledge even after separation from employment. • Organizations need access to information to prosper. 04/12/14 52
  • 53. IP and STAKEHOLDERS Cont • The extent to which government policies permit easy and inexpensive access to information can have a substantial effect on an organization's ability to function effectively in competitive national and international environment. Government • Political bodies are well aware that information is essential for decision making and action. • Local state and federal governments are obligated to collect, organize and evaluate information. • Government is also in the business of disseminating and controlling information; to this end. 04/12/14 53
  • 54. IP and STAKEHOLDERS Cont • The government promulgation of regulations to restrict information such as: – information affecting national security, and – playing a role in selecting what information is published and made available to the public (or the press) and what information is not. • Laws such as the freedom of information Act and the national security Act form part of the process that defines the role of government in the dissemination and control of information. • Government use of such structures as libraries, museums and archives to make available to its citizens the information that is meant for their consumption. • 04/12/14 54
  • 55. IP and STAKEHOLDERS Cont Telecommunications, Information Producers, Disseminators, Transmitters, etc., as stakeholders • Although these stake holders could be considered part of business and industry, they form a critical subgroup that takes a special interest in information policy because of the profound effect such policies might have on them. • Information producers and disseminators include the telecommunications businesses such as telephone, television, cable, and radio industry; producers of videos, DVDs and audio tapes; the computer industry, including database producers and vendors; and of course, libraries or information centers. • 04/12/14 55
  • 56. IP and STAKEHOLDERS Cont • A particular subgroup within these information producers and disseminations is known as the "digerati". The digerati form "the bread group of individuals who invent, create, develop, manage, and sell a wide spectrum of information technologies. • They have jobs titles like librarian, information specialist, chief executive officer, chief technology officer, chief information officer, manager of information systems, software developer, soft ware engineer, programmer, vice president of sales, and director of marketing. 04/12/14 56
  • 57. IP and STAKEHOLDERS Cont • Because these individuals have special knowledge and control of technology companies, and research, they can be particularly influential in the policy making area. • One can imagine any number of laws and regulations that can either promote or diminish the effectiveness of information producers and disseminators. • Laws affecting competition, policing of services, the right to tape programs, taxation, postal rates, and royalties and laws concerning libel or invasion of privacy could all have profound implications as information disseminators have a special role and exercise a special interest because they are among the few whose motivations are not profit oriented. 04/12/14 57
  • 58. IP and STAKEHOLDERS Cont Citizens and those organizations that represent their interest • Citizens of a country are major stake holders to information. • The manner by which information flows in the society has a direct effect on our ability to make informed judgments and to take deliberate action. • The softest shift in policy may affect the extent to which we receive accurate, up-to-date and sufficient information and who receives this information is a critical function. • However, citizens have rights to information that would help them deal with their environment, such as information related to their health, safety, careers and their government, including information on political issues and candidates. 04/12/14 58
  • 59. IP and STAKEHOLDERS Cont • A fundamental value that underlies the transfer of the right of individuals to information and with it comes the expectation that information policies affect these rights is a critical consideration. • Individual citizens however, do not always have a significantly strong voice. • Consequently, a variety of organizations try to represent the public's interests on: – information policy issues, – including Associations, – Union, – Civil societies, Professionals, etc.. – with various clash of interest; and this produces a dynamic and sometimes unsettling tension in the society. 59
  • 60. Information security or Data Protection Information security or Data Protection As of January 2008, the internet connected an estimated 541.7 million computers in more than 250 countries on every continent, even Antarctica (Source: www.isc.org/index.p) • The internet is not a single network, but a worldwide collection of loosely connected networks that are accessible by individual computer hosts, in a variety of ways, to anyone with a computer and a network connection. Thus, individuals and organizations can reach any point on the internet without regard to national or geographic boundaries or time of day. • Information security (InfoSec) is the protection of information and its critical elements, including the systems and hardware which use, store and transmit that information. 04/12/14 60
  • 61. Information security or Data Protection cont” However, along with the convenience and easy access to information come risks. Among them are the risks that valuable information will be lost, stolen, changed, or misused. If information is recorded electronically and is available on networked computers, it is more vulnerable than if the same information is printed on paper and locked in a file cabinet. They can steal or tamper with information without touching a piece of paper or a photocopier. They can also create new electronic files, run their own programs, and hide evidence of their unauthorized activity. Three basic security concepts important to information on the internet are confidentiality, integrity, and availability. Concepts relating to the people who use that information are authentication, authorization, and nonrepudiation. 04/12/14 61
  • 62. Information security or Data Protection cont” When information is read or copied by someone not authorized to do so, the result is known as loss of confidentiality. • Introduction to Information Security • Information can be corrupted when it is available on an insecure network. When information is modified in unexpected ways, the result is known as loss of integrity. This means that unauthorized changes are made to information, whether by human error or intentional tampering. • Information can be erased or become inaccessible, resulting in • loss of availability. This means that people who are authorized to get information cannot get what they need. Information security includes the broad areas of: – information security management, – computer and data security management, – computer and data security, and network security. 62
  • 63. Information security or Data Protection cont” • To protect information and its related systems, tools such as: – policy, – awareness, – training and education, and – technologies are of vital importance. • Security is the quality or state of being secured, to be free from danger. • In other words, security can be defined as building protection against adversaries. • The security of information and its systems entails securing all components and protecting them from potential misuse by unauthorized users. 04/12/14 63