Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Chapter 4 Computer Ethics and Security

Computer Ethics and Security

  • Login to see the comments

Chapter 4 Computer Ethics and Security

  1. 1. 4.0 Computer Ethics And Security Chapter Four 4.1 Computer Ethics 4.1.1 Netiquette 4.1.2 Areas of computer ethics 4.2 Computer Security 4.2.1 Computer Security Risks 4.2.2 Security Measures
  2. 2. 4.1 Computer Ethics 4.1.1 Netiquette Chapter Four At the end of this topic, students should be able to: a) Identify the rules of netiquette
  3. 3. – Netiquette, which is short for Internet etiquette. • Netiquette is the code of acceptable behaviors users should follow while on the Internet; that is, it is the conduct expected of individuals while online. – Good netiquette involves respecting other’s privacy and not doing anything online that will annoy or frustrate other people Define Netiquette 3
  4. 4. Netiquette includes rules for all aspects of the Internet ,including; • World Wide Web • E-mail • Instant Messaging • Chat Rooms • File Transfer Protocol • Newsgroups and Message boards. 4
  5. 5. 1. In e-mail, chat rooms, and newsgroups: NETIQUETTE - Golden Rule: Treat others as you would like them to treat you.  Keep messages brief. Use proper grammar, spelling, and punctuation.  Be careful when using sarcasm and humor, as it might be misinterpreted.  Be polite. Avoid offensive language.  Read the message before you send it.  Be clear. Make sure subject lines (e-mail) or page title (web page) reflects your content  Avoid sending or posting flames, which are abusive or insulting messages.  Do not participate in flame wars, which are exchanges of flames. 5
  6. 6.  Avoid sending spam, which is the Internet’s version of junk mail. Spam is an unsolicited e-mail message or newsgroup posting sent to many recipients or newsgroups at once.  Do not use all capital letters, which is the equivalent of SHOUTING!  Clearly identify a spoiler , which is a message that reveals a solution to a game or ending to a movie or program  Use emoticons to express emotion. Popular emoticons include; :) Smile :| Indifference :o Surprised :( Frown : Undecided  Use abbreviations and acronyms for phrases: btw - by the way imho - in my humble opinion fyi - for your information ttfn - ta ta for now fwiw - for what it’s worth tyvm - thank you very much 6
  7. 7. 2. Read the FAQ (frequently asked questions), if one exists. Many newsgroups and Web pages have an FAQ. 3. Do not assume material is accurate or up- to-date. Be forgiving of other’s mistakes. 4. Never read someone’s private e-mail. 7
  8. 8. At the end of this topic, students should be able to: b) Define computer ethics c) Describe areas of computer ethics Chapter Four 4.1 Computer Ethics 4.1.2 Areas of computer ethics
  9. 9. What to cover? 1. 2. 3. 4. 5. Information accuracy Green computing Codes of conduct Information privacy Intellectual property 9
  10. 10. Define computer ethics • Computer ethics are the moral guidelines that govern the use of computers and information systems Pages 581 – 582 Figure 11-28 Discovering Computers : Chapter 11 310
  11. 11. Areas of computer ethics 1. 2. 3. 4. 5. Information accuracy Green computing Codes of conduct Information privacy Intellectual property 411
  12. 12. Areas of computer ethics 1. Information accuracy Information Accuracy Concerned with assuring the authenticity and *fidelity of information, and identifying those responsible for informational errors that harm people Information Systems Today (©2006 Prentice Hall) Not all information on the web is correct *Fidelity: accuracy; exactness Pages 581 – 582 Figure 11-28 Discovering Computers : Chapter 11 512
  13. 13. 2. Green Computing • Green computing involves reducing the electricity and environmental waste while using a computer Pages 583 – 584 Figure 11-30 6Discovering Computers : Chapter 11 13
  14. 14. 3. Code of conduct • An IT code of conduct is a written guideline that helps determine unethical whether a specific computer action is ethical or Page 583 Figure 11-29 7Discovering Computers : Chapter 11 14
  15. 15. 4. Information privacy • Information privacy refers to the right of individuals and companies to deny or restrict the collection and use of information about them Huge databases store data online• • It is important to safeguard your information Page 584 8Discovering Computers : Chapter 11 15
  16. 16. 4. Information privacy Page 584 Figure 11-31 Discovering Computers : Chapter 11 916
  17. 17. 4. Information privacy • When you fill out a form, the merchant that receives the form usually enters it into a database Many companies today allow people to specify whether they want their personal information distributed • Page 585 Figure 11-32 Discovering Computers : Chapter 11 17
  18. 18. 4. Information privacy • A cookie is a small text file that a Web server stores on your Web computer • sites use cookies for a variety of reasons: online advertisements Pages 585 – 586 11Discovering Computers : Chapter 11 TargetTrack how often users visit a site Assist with shopping Store users’ passwords Allow for personalization 18
  19. 19. 4. Information privacy Page 586 Figure 11-33 12Discovering Computers : Chapter 11 19
  20. 20. 4. Information privacy • Spam is an unsolicited e-mail message or newsgroup posting E-mail filtering blocks e-mail messages from designated sources Anti-spam programs • • attempt to remove spam before it reaches your inbox Page 587 Figure 11-34 Discovering Computers : Chapter 11 1320
  21. 21. 4. Information privacy • Phishing is a scam in which a perpetrator sends an official looking e-mail message that attempts to obtain your personal and financial information Pharming is a scam where a perpetrator attempts to obtain your personal and financial information via spoofing • Pages 587 - 588 Figure 11-35 Discovering Computers : Chapter 11 1421
  22. 22. 5. Intellectual Property • Intellectual Property (IP) - unique and original works (i.e ideas,inventions,art,writing,product,logos) • Intellectual property rights are the rights to which creators are entitled for their work Page 582 15Discovering Computers : Chapter 11 22
  23. 23. Importance of Intellectual Property The importance of Intellectual Property ; ● ● to protect the original creation from individuals. to preserve features and process that make thing work ( inventor will therefore benefits - get a profit , from their work) previous CS015 Computer Security Risk slideshow 23
  24. 24. Type of Intellectual Property A patent is an exclusive right granted for an invention, which is a product or a process that provides a new way of doing something, or offers a new technical solution to a problem. A trade mark is a sign which distinguishesthe goods and services of one trader from those of another. A mark includes words, logos, pictures, names, letters, numbers or a combination of these. A copyright exclusive rights given to author/artist for their materials (literary works; musical works; artistic works; films; sound recordings; broadcasts; and derivative works) http://www.myipo.gov.my/home 24
  25. 25. At the end of this topic, students should be able to: a) Define computer security risks c) Identify types computer security risks Chapter Four 4.2 Computer Security 4.2.1 Computer Security Risks
  26. 26. What to cover? 1. 2. 3. 4. 5. 6. Malicious code (virus, worm, Trojan horse) Unauthorized access Hardware theft Software theft Information theft System failure and use 1926
  27. 27. Computer Security Risks • A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability • A cybercrime is an online or Internet-based illegal act Hackers Crackers Script Kiddies Corporate Spies Unethical Employees Cyberextortionists Cyberterrorists Pages 556 - 557 20Discovering Computers : Chapter 11 27
  28. 28. Types of Computer Security Risks 1. 2. 3. 4. 5. 6. Malicious code (virus, worm, Trojan horse) Unauthorized access Hardware theft Software theft Information theft System failure and use 2128
  29. 29. 1. Malicious code • Every unprotected computer is susceptible to the first type computer security risk Computer viruses, worms, Trojan horses, and rootkits are classified as malware (short for malicious software). of • • Malware - program that act without user's knowledge and deliberately alter the computer's operation. 2229
  30. 30. 1. Malicious code Type of Malicious code Computer Virus Affects a computer negatively by altering the way the computer works Worm Trojan Horse Rootkit • • Copies itself repeatedly, using up resources and possibly shutting down the • A malicious program that hides within or looks like a legitimate program • Program that hides in a computer and allows someone from a remote computer network or location take full control to Page 558 23Discovering Computers : Chapter 11 30
  31. 31. 1. Malicious code • An infected computer following symptoms: has one or more of the Operating system runs much slower than usual Available memory is less than expected Screen displays unusual message or image Files become corrupted Unknown programs or files mysteriously appear Music or unusual sound plays randomly Programs or files do not work properly Existing programs and files disappear Operating system shuts down unexpectedly System properties change Operating system does not start up Pages 558 - 559 24Discovering Computers : Chapter 11 31
  32. 32. 1. Malicious code Page 559 Figure 11-3 25Discovering Computers : Chapter 11 32
  33. 33. 1. Malicious code • Users can take several precautions to protect their home and work computers and mobile devices from these malicious infections Page 560 – 561 Figure 11-7 Discovering Computers : Chapter 11 2633
  34. 34. 1. Malicious code Other Types of Malicious code • A botnet is a group of compromised computers connected to a network – A compromised computer is known as a zombie A denial of service attack (DoS attack) disrupts computer access Internet services – Distributed DoS (DDoS) A back door is a program or set of instructions in a program that allow users to bypass security controls Spoofing is a technique intruders use to make their network or • to • • Internet transmission appear legitimate Pages 562 - 563 27Discovering Computers : Chapter 11 34
  35. 35. 2. Unauthorized Access and Use Unauthorized access is Unauthorized use is the the use of a computer network without permission or use of a computer or its data for unapproved or possibly illegal activities Page 564 28Discovering Computers : Chapter 11 35
  36. 36. 2. Unauthorized Access and Use • Organizations take several measures to help prevent unauthorized access and use – – Acceptable use policy Disable file and printer sharing Firewalls– – Intrusion software detection Page 565 Figure 11-10 Discovering Computers : Chapter 11 2936
  37. 37. 2. Unauthorized Access and Use • Access controls define who can access a computer, when they can access it, and what actions they can take – Two-phase processes authentication User name Password Passphrase CAPTCHA called identification and – – – – Pages 565 – 567 Figure 11-11 30Discovering Computers : Chapter 11 37
  38. 38. 2. Unauthorized Access and Use • •A possessed object is any item that you must carry to gain access to a computer A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital or – computer facility Often are used in combination with a personal identification number (PIN) code in a computer Page 568 Figure 11-14 Discovering Computers : Chapter 11 3138
  39. 39. 2. Unauthorized Access and Use • Digital forensics is the discovery, collection, and analysis of evidence found on computers networks and • Many areas use Law enforcement digital forensics Criminal prosecutors Military intelligence Information security departments Insurance agencies Page 569 32Discovering Computers :Chapter 11 39
  40. 40. 3. Hardware Theft and Vandalism Hardware vandalism is the act of defacing or destroying computer equipment Hardware theft is the act of stealing computer equipment Page 570 33Discovering Computers : Chapter 11 40
  41. 41. 3. Hardware Theft and Vandalism • To help reduce the of chances of theft, companies and schools use a variety of security measures Cables to lock equipment Physical access controls Alarm systems Real time location system Passwords, possessed Objects (i.e: Matric cards) , and biometrics Page 570 Figure 11-15 34Discovering Computers : Chapter 11 41
  42. 42. 4. Software Theft • Software theft occurs when someone: Steals software media Intentionally erases programs Illegally registers and/or activates a program Illegally copies a program Page 571 35Discovering Computers : Chapter 11 42
  43. 43. 4. Software Theft • A single-user license agreement following conditions: typically contains the Permitted to • • • Install the software on one computer Make one copy of the software Remove the software from your computer before giving it away or selling it Not permitted to • • • • Install the software on a network Give copies to friends or colleagues while continuing to use the software Export the software Rent or lease the software Page 571 36Discovering Computers : Chapter 11 43
  44. 44. 4. Software Theft • Copying, loaning, borrowing, renting, or distributing software can be a violation of copyright law Some software requires product activation to function fully • Pages 571 – 572 Figure 11-16 Discovering Computers : Chapter 11 3744
  45. 45. 5. Information Theft • Information theft occurs when someone steals personal or confidential information Encryption is a process of converting readable data into unreadable characters to prevent unauthorized access • • Decryption is a process of converting from unreadable characters into readable form of data Pages 572 - 573 Figure 11-17 38Discovering Computers : Chapter 11 45
  46. 46. 5. Information Theft Page 573 Figure 11-18 39Discovering Computers : Chapter 11 46
  47. 47. 5. Information Theft • A digital signature is an encrypted code that a person, Web site, or organization attaches to an electronic message to verify the identity of the sender – Often used to ensure that an impostor is not participating in an Internet transaction • Web browsers techniques and Web sites use encryption Page 574 40Discovering Computers : Chapter 11 47
  48. 48. 5. Information Theft • Popular security techniques include Digital Certificates Transport Layer Security (TLS) Secure HTTP VPN Pages 574 - 575 41Discovering Computers : Chapter 11 48
  49. 49. 5. Information Theft Pages 574 - 575 Figures 11-19 – 11-20 42Discovering Computers : Chapter 11 49
  50. 50. 6. System Failure • A system failure is the prolonged malfunction computer of a • A variety of factors can lead including: to system failure, – – – Aging hardware Natural disasters Electrical power problems • Noise, undervoltages, and overvoltages – Page 575 Errors in computer programs Discovering Computers : Chapter 11 4350
  51. 51. 6. System Failure • Two ways to protect from system failures caused by electrical power variations include surge protectors (UPS) and uninterruptable power supplies Page 576 Figures 11-21 – 11-22 51Discovering Computers : Chapter 11 51
  52. 52. At the end of this topic, students should be able to: Identify different ways to overcome security risks Chapter Four 4.2 Computer Security 4.2.2 Security Measures
  53. 53. What to cover? 1. 2. 3. 4. 5. 6. 7. 8. Data backup Cryptography Anti-virus Anti-spyware Firewall Physical access control Human aspects : awareness, Related security risks with its measure 4653
  54. 54. How to safeguards a computer ALL OF THE ABOVE ? Common Security Risk ; #1 Internet & Network Attacks #2 Unauthorized Access & Use #3 Theft (Hardware/Software/Information) #4 System Failure from .. Chapter 11 - Manage Computing Securely. Safely and Ethically page 577 54
  55. 55. 1. Data backup • A backup is a duplicate of a file, program, or disk that can be used if the original is lost, damaged, or destroyed – To back up a file means to make a copy of it separate• Offsite backups are stored site in a location from the computer Cloud Storage Page 577 48Discovering Computers : Chapter 11 55
  56. 56. How to safeguards from a computer system failure? Chapter 11 - Manage Computing Securely. Safely and Ethically page 570 56
  57. 57. ● to protect against electrical power variations, use ■ surge protector (also called surge- protector) ● uses special electrical components to ; ○ stabilize current flow, and keep out overvoltage from reaching computer/electronic equipment. ■ uninterruptable power supply (UPS) ● a device that contains surge protection circuit and a batteries - that provide temporary power during loss of power. Chapter 11 - Manage Computing Securely. Safely and Ethically page 571 57
  58. 58. How to safeguards a computer from .. Hardware, Theft Software, Information Chapter 11 - Manage Computing Securely. Safely and Ethically page 570 58
  59. 59. 2. Cryptography ● to protect information on the Internet and networks, organizations and individuals use a variety of encryption techniques. ○ encryption - converting readable data (plaintext) into unreadable characters (ciphertext), preventing unauthorized access. ○ decryption - converting unreadable data (ciphertext) to its original state/data (plaintext) ○ the study of encryption and decryption process (to promote a secure communication) is often known as a cryptography. 5259
  60. 60. How to safeguards a computer from viruses? Chapter 11 - Manage Computing Securely. Safely and Ethically page 560 60
  61. 61. 3. Anti virus ● by using any antivirus program, user can safeguards a computer system from viruses and other malware. Antivirus program - a program that protects computer against viruses by identifying and removing any computer ● viruses found in memory, on files. storage media or on incoming ● Popular antivirus program ; ○ ○ ○ ○ ○ Kaspersky Anti-Virus avast! antivirus CA Anti-Virus McAfee VirusScan AVG Anti-Virus Chapter 11 - Manage Computing Securely. Safely and Ethically page 560 61
  62. 62. 4. Firewall • A firewall is hardware and/or software that protects a network’s resources from intrusion Pages 563 - 564 Figure 11-8 Discovering Computers : Chapter 11 62
  63. 63. Intrusion detection software • • • • Analyzes all network traffic Assesses system vulnerabilities Identifies any unauthorized intrusions Notifies network administrators of suspicious patterns or system breaches behavior Honeypot • Vulnerable computer that is set up to entice an intruder to break into it Page 564 56Discovering Computers : Chapter 11 63 4. Firewall
  64. 64. 5. Physical access controls ● using physical access controls such as ; ○ locked doors and windows installing alarm systems for additional security. attach physical security devices such as cables that ○ equipment to desk. ● ● lock ○ mobile computer to a stationary object. 57 Chapter 11 - Manage Computing Securely. Safely and Ethically page 570 64
  65. 65. ● to protect software media from being stolen owners should keep .. ○ original software boxes and media in secure location (i.e media cabinets with lock). to protect from software piracy, software manufacturers should .. ○ issue users license agreement, ● ■ the right to use the software ● (single user license/end-user license agreement) Chapter 11 - Manage Computing Securely. Safely and Ethically page 571 65 5. Physical access controls
  66. 66. 6. Human Aspect : Awareness ● expose employees or staff to computer security through continuously security training, courses. make a systematic routine check to update (security patches, virus definition,other malicious code) a computer system - early preventing a threat/risks. ● ● proper handling of computer and information 59 previous CS015 Computer Security Risk slideshow 66
  67. 67. How to safeguards a computer from Unauthorised access and use Chapter 11 - Manage Computing Securely. Safely and Ethically page 565 67
  68. 68. Safeguards against Unauthorized Access and Use ● organizations should use access control to minimize the chance of a perpetrator intentionally accessing confidential information on a computer. Access control - a security measure that defines who can access computer, what actions they can take while accessing the computer. Two-phases process in implementing access-control is ; ○ identification , ● ● ■ process to verifies the validity of a user. ○ authentication ■ process to verifies the individual is the person he or she claims to be. Chapter 11 - Manage Computing Securely. Safely and Ethically page 565 68
  69. 69. Safeguards against Unauthorized Access and use ● Identification and Authentication Methods ○ user name ○ password User name or user ID (identification), is a unique combination of characters (alphanumeric) that identifies specific user. ● one ● Password, private combination of characters associated the user name that allow access to certain computer resources. with Chapter 11 - Manage Computing Securely. Safely and Ethically page 566 69
  70. 70. Security Risk Recommended Security Measure/ steps Malicious code (Virus, Worm, Trojan) Anti-virus Anti-spyware Firewall Human aspect awareness Unauthorized access and use Physical access control Human aspect awareness Hardware theft Physical access awareness Software theft Physical access awareness Human aspect awareness Information theft Cryptography Physical access control Anti- virus Anti-spyware System failure Data backup Schedule maintenance Summary of recommended security measure for various security risk 70

×