SlideShare a Scribd company logo

Unit v: Cyber Safety Mechanism

Download as PPTX, PDF
Arnav Chowdhury
Arnav Chowdhury

Cyber Safety Mechanism: Introduction, brief Introduction about Policies involved in cyber safety mechanism and purpose of implementing cyber security model Information Technology Law (Cyber Law): Evolution of the IT Act 2000 and Its amendments: Genesis and Necessity, advantages.

Technology
1 of 29
UNIT V: CYBER SAFETY MECHANISM Cyber Safety Mechanism: Introduction, brief Introduction about Policies involved in cyber safety mechanism and purpose of implementing cyber security model Information Technology Law (Cyber Law): Evolution of the IT Act 2000 and Its amendments: Genesis and Necessity, advantages.
CYBER SAFETY • Cyber safety is the safe and responsible use of information and communication technology. It is about keeping information safe and secure, but also about being responsible with that information, being respectful to other people online, and using good Internet etiquette. It includes body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.
WHAT IS CYBERSAFETY? Cybersafety is the safe and responsible use of Information and Communication Technologies (ICT), approach to cybersafety is founded on: • Maintaining a positive approach about the many benefits brought by technologies • Encouraging the public to identify the risks associated with ICT • Putting in place strategies to minimise and manage risks • Recognising the importance of effective teaching and learning programmes.
CYBERBULLYING Cyberbullying includes sending, posting or sharing negative, harmful, false or mean information and content about someone. It is a serious offence which is punishable under Cyber law. Cyber Bullying includes: • Nasty comments on your posts or posts about you • Someone creating a fake prole in your name and trying to defame you • Threatening or abusive messages online or on the mobile phone • Being excluded from online groups and forums • Embarrassing photographs put online without your permission • Rumours and lies about you on a site • Stealing your account password and sending unwanted/inappropriate messages from your account • Offensive chat • Fake online profiles created with an intent to defame you
DO THE FOLLOWING IF CYBERBULLIED • Do not Respond: If someone is cyber bullying you, do not respond or retaliate by doing the same thing back. Responding or retaliating to cyber bullying may make matter worse or even get you into trouble • Screenshot: Take a screenshot of anything that you think could be cyber bullying and keep a record of it. • Block and Report: Most online platforms have this feature, if someone bothers you, make sure you block and report the offender to the social media platform. • Talk about it: Cyber bullying may affect you in many deferent ways. Do not feel that you are alone. Let your parents and teachers know what is going on. Never keep it to yourself
DO THE FOLLOWING IF CYBERBULLIED • Be Private: Keep your social media privacy settings high and do not connect with anybody who you do not know online. You would not talk to random people on the street, so why do it online? • Be Aware: Remain updated with all the preventive and security measures in the cyber world
COMPUTER SAFETY AND SECURITY • Log off your Computer when not in use & don’t leave them un-attended • Do not plug the computer directly to the wall outlet as power surges may destroy computer. Instead, use a stabilizer to plug a computer • Do not install pirated software • Do not connect unknown devices to your computer as they may contain viruses • Use only verfied open source or licensed software and operating systems • Check that antivirus software in each system is regularly updated • Invest in a robust firewall • Consider blocking of file extension such as .bat, .cmd, .exe, .pif by using content filtering software • Have a password protocol with specific strong password guidelines, frequently change your passwords, prevents reuse of old passwords • Ensure that computer system and labs are assist only by authorized personnel • Discourage use of personal devices on the network, such as personal USBs or hard drives
INTERNET SAFETY AND ETHICS • Respect other people’s privacy • Follow proper protocol in language use while chatting, blogging and emailing • Do not log in to other people’s email accounts • Do not download and use copyrighted material • Enable automatic browser update to ensure detection of malicious sites
SAFE EMAIL PRACTICES • Do not reply to emails from unknown sender even if it looks like a genuine email • Do not provide personal information like name, date of birth, school name, address, parent’s names or any other information • Do not fall for lucrative offers/discounts as they might be coming from unknown source and it may not be reliable. Ignore/delete those mails • Do not open attachments or click on links from unknown senders, since they may contain malicious les that might affect your device. • Only click the links and downloads from websites that you trust • Beware of phishing websites - check the URL to confirm if the website is secure • Do not forward spam or suspicious emails to others
CYBER SECURITY MECHANISM
CYBER SECURITY MECHANISM Types of Security Mechanism are : • Encipherment : This security mechanism deals with hiding and covering of data which helps data to become confidential. It is achieved by applying mathematical calculations or algorithms which reconstruct information into not readable form. It is achieved by two famous techniques named Cryptography and Encipherment. Level of data encryption is dependent on the algorithm used for encipherment. • Access Control : This mechanism is used to stop unattended access to data which you are sending. It can be achieved by various techniques such as applying passwords, using firewall, or just by adding PIN to data.
CYBER SECURITY MECHANISM Notarization : This security mechanism involves use of trusted third party in communication. It acts as mediator between sender and receiver so that if any chance of conflict is reduced. This mediator keeps record of requests made by sender to receiver for later denied. Data Integrity : This security mechanism is used by appending value to data to which is created by data itself. It is similar to sending packet of information known to both sending and receiving parties and checked before and after data is received. When this packet or data which is appended is checked and is the same while sending and receiving data integrity is maintained.
CYBER SECURITY MECHANISM • Authentication exchange : This security mechanism deals with identity to be known in communication. This is achieved at the TCP/IP layer where two-way handshaking mechanism is used to ensure data is sent or not • Bit stuffing :This security mechanism is used to add some extra bits into data which is being transmitted. It helps data to be checked at the receiving end and is achieved by Even parity or Odd Parity. • Digital Signature :This security mechanism is achieved by adding digital data that is not visible to eyes. It is form of electronic signature which is added by sender which is checked by receiver electronically. This mechanism is used to preserve data which is not more confidential but sender’s identity is to be notified.
INTRODUCTION TO CLASSIC SECURITY MODELS These models are used for maintaining goals of security, i.e. Confidentiality, Integrity, and Availability. In simple words, it deals with CIA Triad maintenance. There are 3 main types of Classic Security Models. • Bell-LaPadula • Biba • Clarke Wilson Security Model
1. BELL-LAPADULA • This Model was invented by Scientists David Elliot Bell and Leonard .J. LaPadula. Thus this model is called the Bell-LaPadula Model. This is used to maintain the Confidentiality of Security. Here, the classification of Subjects(Users) and Objects(Files) are organized in a non-discretionary fashion, with respect to different layers of secrecy.
1. BELL-LAPADULA It has mainly 3 Rules • SIMPLE CONFIDENTIALITY RULE: Simple Confidentiality Rule states that the Subject can only Read the files on the Same Layer of Secrecy and the Lower Layer of Secrecy but not the Upper Layer of Secrecy, due to which we call this rule as NO READ- UP • STAR CONFIDENTIALITY RULE: Star Confidentiality Rule states that the Subject can only Write the files on the Same Layer of Secrecy and the Upper Layer of Secrecy but not the Lower Layer of Secrecy, due to which we call this rule as NO WRITE-DOWN • STRONG STAR CONFIDENTIALITY RULE: Stong Star Confidentiality Rule is highly secured and strongest which states that the Subject can Read and Write the files on the Same Layer of Secrecy only and not the Upper Layer of Secrecy or the Lower Layer of Secrecy, due to which we call this rule as NO READ WRITE UP DOWN
2. BIBA • This Model was invented by Scientist Kenneth .J. Biba. Thus this model is called Biba Model. This is used to maintain the Integrity of Security. Here, the classification of Subjects(Users) and Objects(Files) are organized in a non- discretionary fashion, with respect to different layers of secrecy. This works the exact reverse of the Bell-LaPadula Model.
2. BIBA It has mainly 3 Rules: • SIMPLE INTEGRITY RULE: Simple Integrity Rule states that the Subject can only Read the files on the Same Layer of Secrecy and the Upper Layer of Secrecy but not the Lower Layer of Secrecy, due to which we call this rule as NO READ DOWN • STAR INTEGRITY RULE: Star Integrity Rule states that the Subject can only Write the files on the Same Layer of Secrecy and the Lower Layer of Secrecy but not the Upper Layer of Secrecy, due to which we call this rule as NO WRITE-UP • STRONG STAR INTEGRITY RULE
3. CLARKE WILSON SECURITY MODEL • SUBJECT: It is any user who is requesting for Data Items. • CONSTRAINED DATA ITEMS:It cannot be accessed directly by the Subject. These need to be accessed via Clarke Wilson Security Model • UNCONSTRAINED DATA ITEMS: It can be accessed directly by the Subject.
3. CLARKE WILSON SECURITY MODEL • The Components of Clarke Wilson Security Model • TRANSFORMATION PROCESS: Here, the Subject’s request to access the Constrained Data Items is handled by the Transformation process which then converts it into permissions and then forwards it to Integration Verification Process • INTEGRATION VERIFICATION PROCESS: The Integration Verification Process will perform Authentication and Authorization. If that is successful, then the Subject is given access to Constrained Data Items.
THE INFORMATION TECHNOLOGY ACT, 2000 • The Information Technology Act, 2000 also Known as an IT Act is an act proposed by the Indian Parliament reported on 17th October 2000. This Information Technology Act is based on the United Nations Model law on Electronic Commerce 1996 (UNCITRAL Model) which was suggested by the General Assembly of United Nations by a resolution dated on 30th January, 1997. It is the most important law in India dealing with Cybercrime and E-Commerce. • The main objective of this act is to carry lawful and trustworthy electronic, digital and online transactions and alleviate or reduce cybercrimes. The IT Act has 13 chapters and 90 sections. The last four sections that starts from ‘section 91 – section 94’, deals with the revisions to the Indian Penal Code 1860.
THE INFORMATION TECHNOLOGY ACT, 2000 • The IT Act, 2000 has two schedules: • First Schedule – Deals with documents to which the Act shall not apply. • Second Schedule – Deals with electronic signature or electronic authentication method.
THE INFORMATION TECHNOLOGY ACT, 2000 The offences and the punishments in IT Act 2000 : • Tampering with the computer source documents. • Directions of Controller to a subscriber to extend facilities to decrypt information. • Publishing of information which is obscene in electronic form. • Penalty for breach of confidentiality and privacy. • Hacking for malicious purposes. • Penalty for publishing Digital Signature Certificate false in certain particulars.
THE INFORMATION TECHNOLOGY ACT, 2000 • Penalty for misrepresentation. • Confiscation. • Power to investigate offences. • Protected System. • Penalties for confiscation not to interfere with other punishments. • Act to apply for offence or contravention committed outside India. • Publication for fraud purposes. • Power of Controller to give directions.
THE INFORMATION TECHNOLOGY ACT, 2000 Sections and Punishments under Information Technology Act, 2000 are as follows : • Section 43 This section of IT Act, 2000 states that any act of destroying, altering or stealing computer system/network or deleting data with malicious intentions without authorization from owner of the computer is liable for the payment to be made to owner as compensation for damages. • Section 43A This section of IT Act, 2000 states that any corporate body dealing with sensitive information that fails to implement reasonable security practices causing loss of other person will also liable as convict for compensation to the affected party. • Section 66 Hacking of a Computer System with malicious intentions like fraud will be punished with 3 years imprisonment or the fine of Rs.5,00,000 or both.
THE INFORMATION TECHNOLOGY ACT, 2000 Section 66 B, C, D Fraud or dishonesty using or transmitting information or identity theft is punishable with 3 years imprisonment or Rs. 1,00,000 fine or both. Section 66 E This Section is for Violation of privacy by transmitting image or private area is punishable with 3 years imprisonment or 2,00,000 fine or both. Section 66 F This Section is on Cyber Terrorism affecting unity, integrity, security, sovereignty of India through digital medium is liable for life imprisonment. Section 67 This section states publishing obscene information or pornography or transmission of obscene content in public is liable for imprisonment up to 5 years or fine or Rs. 10,00,000 or both.
THE INFORMATION TECHNOLOGY (AMENDMENT) ACT 2008 • The Information Technology (Amendment) Act 2008, an act to amend the IT Act 2000 received the President’s permission on 5th February 2009. Several legal & security experts are analyzing the contents and possible impacts of the amendments. • The IT(A) Act 2008 has introduced two sections that address data protection aspects. The sections under consideration are: • Section 43A: Compensation for failure to protect data • Section 72A: Punishment for disclosure of information in breach of lawful contract
THE INFORMATION TECHNOLOGY (AMENDMENT) ACT 2008 • Description of Section 43A • Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation, to the person so affected.
THE INFORMATION TECHNOLOGY (AMENDMENT) ACT 2008 • Description of Section 72A • Under this section, disclosure without consent exposes a person, including an “intermediary,” to three years imprisonment or a fine up to Rs. Five lacs or both. • This section uses the term “personal information” and not “sensitive personal information” as in section 43A. Hence, it could apply to any information obtained to deliver services and, therefore, broaden the definition of information.

Recommended

E-Commerce Security
E-Commerce SecurityE-Commerce Security
E-Commerce SecuritySyed Maniruzzaman Pabel
 
Information technology act 2000.avi
Information technology act 2000.aviInformation technology act 2000.avi
Information technology act 2000.aviavinashmsy
 
Security in e commerce
Security in e commerceSecurity in e commerce
Security in e commerceakhand Akhandenator
 
Cyber contract
Cyber contractCyber contract
Cyber contractRavi Foods Pvt. Ltd. (DUKES)
 
Electronic contracts
Electronic contractsElectronic contracts
Electronic contractskailash choudhary
 
protection & security of e-commerce ...
protection & security of e-commerce ...protection & security of e-commerce ...
protection & security of e-commerce ...Rishav Gupta
 
Client Server Network Security
Client Server Network SecurityClient Server Network Security
Client Server Network SecurityMithilDoshi1
 
E insurance and its benefit
E insurance and its benefitE insurance and its benefit
E insurance and its benefitAnand Gaire
 

Recommended

E-Commerce Security
E-Commerce SecurityE-Commerce Security
E-Commerce SecuritySyed Maniruzzaman Pabel
 
Information technology act 2000.avi
Information technology act 2000.aviInformation technology act 2000.avi
Information technology act 2000.aviavinashmsy
 
Security in e commerce
Security in e commerceSecurity in e commerce
Security in e commerceakhand Akhandenator
 
Cyber contract
Cyber contractCyber contract
Cyber contractRavi Foods Pvt. Ltd. (DUKES)
 
Electronic contracts
Electronic contractsElectronic contracts
Electronic contractskailash choudhary
 
protection & security of e-commerce ...
protection & security of e-commerce ...protection & security of e-commerce ...
protection & security of e-commerce ...Rishav Gupta
 
Client Server Network Security
Client Server Network SecurityClient Server Network Security
Client Server Network SecurityMithilDoshi1
 
E insurance and its benefit
E insurance and its benefitE insurance and its benefit
E insurance and its benefitAnand Gaire
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesatuljaybhaye
 
Information technology act 2000
Information technology act 2000Information technology act 2000
Information technology act 2000Akash Varaiya
 
Web security for e-commerce
Web security for e-commerceWeb security for e-commerce
Web security for e-commerceNishant Pahad
 
Security issues in E-commerce
Security issues in E-commerceSecurity issues in E-commerce
Security issues in E-commercenikitaTahilyani1
 
IT ACT, 2000 (Information Technology Act, 2000)
IT ACT, 2000 (Information Technology Act, 2000)IT ACT, 2000 (Information Technology Act, 2000)
IT ACT, 2000 (Information Technology Act, 2000)Ms. Parasmani Jangid
 
Regulatory Framework of E-Commerce
Regulatory Framework of E-CommerceRegulatory Framework of E-Commerce
Regulatory Framework of E-CommerceMamta Bhola
 
Legal aspects of e-payments in india
Legal aspects of e-payments in indiaLegal aspects of e-payments in india
Legal aspects of e-payments in indiaPresidencyUniversity
 
Rights and duties of agent, Principal and Delegation of authority
Rights and duties of agent, Principal and Delegation of authorityRights and duties of agent, Principal and Delegation of authority
Rights and duties of agent, Principal and Delegation of authorityRajaKrishnan M
 
Paying banker and its duties
Paying banker and its dutiesPaying banker and its duties
Paying banker and its dutiesL.Prakash Kannan
 
e payment system ppt
e payment system ppte payment system ppt
e payment system pptminisharma35
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
Cheque meaning crossing and types
Cheque meaning crossing and typesCheque meaning crossing and types
Cheque meaning crossing and typesaduadu
 
Special types of banking customers
Special types of banking customersSpecial types of banking customers
Special types of banking customersHaseena Hameed
 
Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...
Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...
Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...Mamta Bhola
 
Network security for E-Commerce
Network security for E-CommerceNetwork security for E-Commerce
Network security for E-CommerceHem Pokhrel
 
E Cheques
E ChequesE Cheques
E ChequesSumant Diwakar
 
E commerce security
E commerce securityE commerce security
E commerce securityShakti Singh
 
Emarketing ppt
Emarketing pptEmarketing ppt
Emarketing pptAnkitha2404
 
Cyber law/Business law
Cyber law/Business lawCyber law/Business law
Cyber law/Business lawshrinivas kulkarni
 
1 introduction to e commerce
1 introduction to e commerce1 introduction to e commerce
1 introduction to e commercesajid ullah
 
Information security
Information securityInformation security
Information securityVijayananda Mohire
 
8._safety_and_security.pdf
8._safety_and_security.pdf8._safety_and_security.pdf
8._safety_and_security.pdfsula rekah govindan
 

More Related Content

What's hot

Digital signatures
Digital signaturesDigital signatures
Digital signaturesatuljaybhaye
 
Information technology act 2000
Information technology act 2000Information technology act 2000
Information technology act 2000Akash Varaiya
 
Web security for e-commerce
Web security for e-commerceWeb security for e-commerce
Web security for e-commerceNishant Pahad
 
Security issues in E-commerce
Security issues in E-commerceSecurity issues in E-commerce
Security issues in E-commercenikitaTahilyani1
 
IT ACT, 2000 (Information Technology Act, 2000)
IT ACT, 2000 (Information Technology Act, 2000)IT ACT, 2000 (Information Technology Act, 2000)
IT ACT, 2000 (Information Technology Act, 2000)Ms. Parasmani Jangid
 
Regulatory Framework of E-Commerce
Regulatory Framework of E-CommerceRegulatory Framework of E-Commerce
Regulatory Framework of E-CommerceMamta Bhola
 
Legal aspects of e-payments in india
Legal aspects of e-payments in indiaLegal aspects of e-payments in india
Legal aspects of e-payments in indiaPresidencyUniversity
 
Rights and duties of agent, Principal and Delegation of authority
Rights and duties of agent, Principal and Delegation of authorityRights and duties of agent, Principal and Delegation of authority
Rights and duties of agent, Principal and Delegation of authorityRajaKrishnan M
 
Paying banker and its duties
Paying banker and its dutiesPaying banker and its duties
Paying banker and its dutiesL.Prakash Kannan
 
e payment system ppt
e payment system ppte payment system ppt
e payment system pptminisharma35
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
Cheque meaning crossing and types
Cheque meaning crossing and typesCheque meaning crossing and types
Cheque meaning crossing and typesaduadu
 
Special types of banking customers
Special types of banking customersSpecial types of banking customers
Special types of banking customersHaseena Hameed
 
Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...
Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...
Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...Mamta Bhola
 
Network security for E-Commerce
Network security for E-CommerceNetwork security for E-Commerce
Network security for E-CommerceHem Pokhrel
 
E commerce security
E commerce securityE commerce security
E commerce securityShakti Singh
 
1 introduction to e commerce
1 introduction to e commerce1 introduction to e commerce
1 introduction to e commercesajid ullah
 

What's hot (20)

Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
Information technology act 2000
Information technology act 2000Information technology act 2000
Information technology act 2000
 
Web security for e-commerce
Web security for e-commerceWeb security for e-commerce
Web security for e-commerce
 
Security issues in E-commerce
Security issues in E-commerceSecurity issues in E-commerce
Security issues in E-commerce
 
IT ACT, 2000 (Information Technology Act, 2000)
IT ACT, 2000 (Information Technology Act, 2000)IT ACT, 2000 (Information Technology Act, 2000)
IT ACT, 2000 (Information Technology Act, 2000)
 
Regulatory Framework of E-Commerce
Regulatory Framework of E-CommerceRegulatory Framework of E-Commerce
Regulatory Framework of E-Commerce
 
Legal aspects of e-payments in india
Legal aspects of e-payments in indiaLegal aspects of e-payments in india
Legal aspects of e-payments in india
 
Rights and duties of agent, Principal and Delegation of authority
Rights and duties of agent, Principal and Delegation of authorityRights and duties of agent, Principal and Delegation of authority
Rights and duties of agent, Principal and Delegation of authority
 
Paying banker and its duties
Paying banker and its dutiesPaying banker and its duties
Paying banker and its duties
 
e payment system ppt
e payment system ppte payment system ppt
e payment system ppt
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commerce
 
Cheque meaning crossing and types
Cheque meaning crossing and typesCheque meaning crossing and types
Cheque meaning crossing and types
 
Special types of banking customers
Special types of banking customersSpecial types of banking customers
Special types of banking customers
 
Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...
Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...
Impact of e commerce on various sectors (Education, Entertainment, Health, Fi...
 
Network security for E-Commerce
Network security for E-CommerceNetwork security for E-Commerce
Network security for E-Commerce
 
E Cheques
E ChequesE Cheques
E Cheques
 
E commerce security
E commerce securityE commerce security
E commerce security
 
Emarketing ppt
Emarketing pptEmarketing ppt
Emarketing ppt
 
Cyber law/Business law
Cyber law/Business lawCyber law/Business law
Cyber law/Business law
 
1 introduction to e commerce
1 introduction to e commerce1 introduction to e commerce
1 introduction to e commerce
 

Similar to Unit v: Cyber Safety Mechanism

NETIQUgggggggggggggggggggggyyyyETTE.pptx
NETIQUgggggggggggggggggggggyyyyETTE.pptxNETIQUgggggggggggggggggggggyyyyETTE.pptx
NETIQUgggggggggggggggggggggyyyyETTE.pptxCatherineBagaan
 
CYBER SECURITY.pptx
CYBER SECURITY.pptxCYBER SECURITY.pptx
CYBER SECURITY.pptxKAVYAC21
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security ResilienceJoel Aleburu
 
Lecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionLecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionNicholas Davis
 
Data Classification And Loss Prevention
Data Classification And Loss PreventionData Classification And Loss Prevention
Data Classification And Loss PreventionNicholas Davis
 
Lecture data classification_and_data_loss_prevention
Lecture data classification_and_data_loss_preventionLecture data classification_and_data_loss_prevention
Lecture data classification_and_data_loss_preventionNicholas Davis
 
CNS Unit-I_final.ppt
CNS Unit-I_final.pptCNS Unit-I_final.ppt
CNS Unit-I_final.pptSwapnaPavan2
 
Online privacy & security
Online privacy & securityOnline privacy & security
Online privacy & securityPriyab Satoshi
 
INTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxINTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxBHUt6
 
Importance of Cyber_Security_(Shivling).pptx
Importance of Cyber_Security_(Shivling).pptxImportance of Cyber_Security_(Shivling).pptx
Importance of Cyber_Security_(Shivling).pptxShivaduparte
 
Cis326week1lesson1
Cis326week1lesson1Cis326week1lesson1
Cis326week1lesson1Fahad_1
 

Similar to Unit v: Cyber Safety Mechanism (20)

Information security
Information securityInformation security
Information security
 
8._safety_and_security.pdf
8._safety_and_security.pdf8._safety_and_security.pdf
8._safety_and_security.pdf
 
NETIQUgggggggggggggggggggggyyyyETTE.pptx
NETIQUgggggggggggggggggggggyyyyETTE.pptxNETIQUgggggggggggggggggggggyyyyETTE.pptx
NETIQUgggggggggggggggggggggyyyyETTE.pptx
 
CYBER SECURITY.pptx
CYBER SECURITY.pptxCYBER SECURITY.pptx
CYBER SECURITY.pptx
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
CNS - Unit - 1 - Introduction
CNS - Unit - 1 - IntroductionCNS - Unit - 1 - Introduction
CNS - Unit - 1 - Introduction
 
sc.pptx
sc.pptxsc.pptx
sc.pptx
 
Webgraphicorganizerkaur
WebgraphicorganizerkaurWebgraphicorganizerkaur
Webgraphicorganizerkaur
 
Webgraphicorganizerkaur
WebgraphicorganizerkaurWebgraphicorganizerkaur
Webgraphicorganizerkaur
 
Webgraphicorganizerkaur
WebgraphicorganizerkaurWebgraphicorganizerkaur
Webgraphicorganizerkaur
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security Resilience
 
Lecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionLecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss Prevention
 
Data Classification And Loss Prevention
Data Classification And Loss PreventionData Classification And Loss Prevention
Data Classification And Loss Prevention
 
Lecture data classification_and_data_loss_prevention
Lecture data classification_and_data_loss_preventionLecture data classification_and_data_loss_prevention
Lecture data classification_and_data_loss_prevention
 
CNS Unit-I_final.ppt
CNS Unit-I_final.pptCNS Unit-I_final.ppt
CNS Unit-I_final.ppt
 
Online privacy & security
Online privacy & securityOnline privacy & security
Online privacy & security
 
INTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxINTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptx
 
Importance of Cyber_Security_(Shivling).pptx
Importance of Cyber_Security_(Shivling).pptxImportance of Cyber_Security_(Shivling).pptx
Importance of Cyber_Security_(Shivling).pptx
 
Information security
Information securityInformation security
Information security
 
Cis326week1lesson1
Cis326week1lesson1Cis326week1lesson1
Cis326week1lesson1
 

More from Arnav Chowdhury

Startup Funding and Strategies for Future
Startup Funding and Strategies for FutureStartup Funding and Strategies for Future
Startup Funding and Strategies for FutureArnav Chowdhury
 
Marketing Management Introduction.pptx
Marketing Management Introduction.pptxMarketing Management Introduction.pptx
Marketing Management Introduction.pptxArnav Chowdhury
 
Marketing Management Product.pptx
Marketing Management Product.pptxMarketing Management Product.pptx
Marketing Management Product.pptxArnav Chowdhury
 
Institutional Support to Entrepreneurship
Institutional Support to EntrepreneurshipInstitutional Support to Entrepreneurship
Institutional Support to EntrepreneurshipArnav Chowdhury
 
New Venture Expansion and Exit Strategies
New Venture Expansion and Exit StrategiesNew Venture Expansion and Exit Strategies
New Venture Expansion and Exit StrategiesArnav Chowdhury
 
Creating a Business Plan
Creating a Business PlanCreating a Business Plan
Creating a Business PlanArnav Chowdhury
 
Business Research Methodology ( Data Collection)
Business Research Methodology ( Data Collection)Business Research Methodology ( Data Collection)
Business Research Methodology ( Data Collection)Arnav Chowdhury
 
Business Research Methods (Introduction)
Business Research Methods (Introduction)Business Research Methods (Introduction)
Business Research Methods (Introduction)Arnav Chowdhury
 
Planning and organizing Entrepreneurial Venture
Planning and organizing Entrepreneurial VenturePlanning and organizing Entrepreneurial Venture
Planning and organizing Entrepreneurial VentureArnav Chowdhury
 
Fundamentals of Entrepreneurship
Fundamentals of EntrepreneurshipFundamentals of Entrepreneurship
Fundamentals of EntrepreneurshipArnav Chowdhury
 
UNIT IV:Security Measurement Strategies
UNIT IV:Security Measurement StrategiesUNIT IV:Security Measurement Strategies
UNIT IV:Security Measurement StrategiesArnav Chowdhury
 
Unit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesUnit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesArnav Chowdhury
 
Information Technology and Modern Gadgets
Information Technology and Modern GadgetsInformation Technology and Modern Gadgets
Information Technology and Modern GadgetsArnav Chowdhury
 
Unit v: Device Management
Unit v: Device ManagementUnit v: Device Management
Unit v: Device ManagementArnav Chowdhury
 

More from Arnav Chowdhury (20)

Startup Funding and Strategies for Future
Startup Funding and Strategies for FutureStartup Funding and Strategies for Future
Startup Funding and Strategies for Future
 
Marketing Management Introduction.pptx
Marketing Management Introduction.pptxMarketing Management Introduction.pptx
Marketing Management Introduction.pptx
 
Marketing Management Product.pptx
Marketing Management Product.pptxMarketing Management Product.pptx
Marketing Management Product.pptx
 
Institutional Support to Entrepreneurship
Institutional Support to EntrepreneurshipInstitutional Support to Entrepreneurship
Institutional Support to Entrepreneurship
 
New Venture Expansion and Exit Strategies
New Venture Expansion and Exit StrategiesNew Venture Expansion and Exit Strategies
New Venture Expansion and Exit Strategies
 
Creating a Business Plan
Creating a Business PlanCreating a Business Plan
Creating a Business Plan
 
Business Research Methodology ( Data Collection)
Business Research Methodology ( Data Collection)Business Research Methodology ( Data Collection)
Business Research Methodology ( Data Collection)
 
Business Research Methods (Introduction)
Business Research Methods (Introduction)Business Research Methods (Introduction)
Business Research Methods (Introduction)
 
Planning and organizing Entrepreneurial Venture
Planning and organizing Entrepreneurial VenturePlanning and organizing Entrepreneurial Venture
Planning and organizing Entrepreneurial Venture
 
Fundamentals of Entrepreneurship
Fundamentals of EntrepreneurshipFundamentals of Entrepreneurship
Fundamentals of Entrepreneurship
 
ICT tools in Education
ICT tools in EducationICT tools in Education
ICT tools in Education
 
UNIT IV:Security Measurement Strategies
UNIT IV:Security Measurement StrategiesUNIT IV:Security Measurement Strategies
UNIT IV:Security Measurement Strategies
 
Unit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesUnit iii: Common Hacking Techniques
Unit iii: Common Hacking Techniques
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Information Technology and Modern Gadgets
Information Technology and Modern GadgetsInformation Technology and Modern Gadgets
Information Technology and Modern Gadgets
 
Unit iv FMIS
Unit iv FMISUnit iv FMIS
Unit iv FMIS
 
Unit iii FMIS
Unit iii FMISUnit iii FMIS
Unit iii FMIS
 
Unit ii FMIS
Unit ii FMISUnit ii FMIS
Unit ii FMIS
 
Unit iv graphics
Unit iv graphicsUnit iv graphics
Unit iv graphics
 
Unit v: Device Management
Unit v: Device ManagementUnit v: Device Management
Unit v: Device Management
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 

Unit v: Cyber Safety Mechanism

  • 1. UNIT V: CYBER SAFETY MECHANISM Cyber Safety Mechanism: Introduction, brief Introduction about Policies involved in cyber safety mechanism and purpose of implementing cyber security model Information Technology Law (Cyber Law): Evolution of the IT Act 2000 and Its amendments: Genesis and Necessity, advantages.
  • 2. CYBER SAFETY • Cyber safety is the safe and responsible use of information and communication technology. It is about keeping information safe and secure, but also about being responsible with that information, being respectful to other people online, and using good Internet etiquette. It includes body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.
  • 3. WHAT IS CYBERSAFETY? Cybersafety is the safe and responsible use of Information and Communication Technologies (ICT), approach to cybersafety is founded on: • Maintaining a positive approach about the many benefits brought by technologies • Encouraging the public to identify the risks associated with ICT • Putting in place strategies to minimise and manage risks • Recognising the importance of effective teaching and learning programmes.
  • 4. CYBERBULLYING Cyberbullying includes sending, posting or sharing negative, harmful, false or mean information and content about someone. It is a serious offence which is punishable under Cyber law. Cyber Bullying includes: • Nasty comments on your posts or posts about you • Someone creating a fake prole in your name and trying to defame you • Threatening or abusive messages online or on the mobile phone • Being excluded from online groups and forums • Embarrassing photographs put online without your permission • Rumours and lies about you on a site • Stealing your account password and sending unwanted/inappropriate messages from your account • Offensive chat • Fake online profiles created with an intent to defame you
  • 5. DO THE FOLLOWING IF CYBERBULLIED • Do not Respond: If someone is cyber bullying you, do not respond or retaliate by doing the same thing back. Responding or retaliating to cyber bullying may make matter worse or even get you into trouble • Screenshot: Take a screenshot of anything that you think could be cyber bullying and keep a record of it. • Block and Report: Most online platforms have this feature, if someone bothers you, make sure you block and report the offender to the social media platform. • Talk about it: Cyber bullying may affect you in many deferent ways. Do not feel that you are alone. Let your parents and teachers know what is going on. Never keep it to yourself
  • 6. DO THE FOLLOWING IF CYBERBULLIED • Be Private: Keep your social media privacy settings high and do not connect with anybody who you do not know online. You would not talk to random people on the street, so why do it online? • Be Aware: Remain updated with all the preventive and security measures in the cyber world
  • 7. COMPUTER SAFETY AND SECURITY • Log off your Computer when not in use & don’t leave them un-attended • Do not plug the computer directly to the wall outlet as power surges may destroy computer. Instead, use a stabilizer to plug a computer • Do not install pirated software • Do not connect unknown devices to your computer as they may contain viruses • Use only verfied open source or licensed software and operating systems • Check that antivirus software in each system is regularly updated • Invest in a robust firewall • Consider blocking of file extension such as .bat, .cmd, .exe, .pif by using content filtering software • Have a password protocol with specific strong password guidelines, frequently change your passwords, prevents reuse of old passwords • Ensure that computer system and labs are assist only by authorized personnel • Discourage use of personal devices on the network, such as personal USBs or hard drives
  • 8. INTERNET SAFETY AND ETHICS • Respect other people’s privacy • Follow proper protocol in language use while chatting, blogging and emailing • Do not log in to other people’s email accounts • Do not download and use copyrighted material • Enable automatic browser update to ensure detection of malicious sites
  • 9. SAFE EMAIL PRACTICES • Do not reply to emails from unknown sender even if it looks like a genuine email • Do not provide personal information like name, date of birth, school name, address, parent’s names or any other information • Do not fall for lucrative offers/discounts as they might be coming from unknown source and it may not be reliable. Ignore/delete those mails • Do not open attachments or click on links from unknown senders, since they may contain malicious les that might affect your device. • Only click the links and downloads from websites that you trust • Beware of phishing websites - check the URL to confirm if the website is secure • Do not forward spam or suspicious emails to others
  • 11. CYBER SECURITY MECHANISM Types of Security Mechanism are : • Encipherment : This security mechanism deals with hiding and covering of data which helps data to become confidential. It is achieved by applying mathematical calculations or algorithms which reconstruct information into not readable form. It is achieved by two famous techniques named Cryptography and Encipherment. Level of data encryption is dependent on the algorithm used for encipherment. • Access Control : This mechanism is used to stop unattended access to data which you are sending. It can be achieved by various techniques such as applying passwords, using firewall, or just by adding PIN to data.
  • 12. CYBER SECURITY MECHANISM Notarization : This security mechanism involves use of trusted third party in communication. It acts as mediator between sender and receiver so that if any chance of conflict is reduced. This mediator keeps record of requests made by sender to receiver for later denied. Data Integrity : This security mechanism is used by appending value to data to which is created by data itself. It is similar to sending packet of information known to both sending and receiving parties and checked before and after data is received. When this packet or data which is appended is checked and is the same while sending and receiving data integrity is maintained.
  • 13. CYBER SECURITY MECHANISM • Authentication exchange : This security mechanism deals with identity to be known in communication. This is achieved at the TCP/IP layer where two-way handshaking mechanism is used to ensure data is sent or not • Bit stuffing :This security mechanism is used to add some extra bits into data which is being transmitted. It helps data to be checked at the receiving end and is achieved by Even parity or Odd Parity. • Digital Signature :This security mechanism is achieved by adding digital data that is not visible to eyes. It is form of electronic signature which is added by sender which is checked by receiver electronically. This mechanism is used to preserve data which is not more confidential but sender’s identity is to be notified.
  • 14. INTRODUCTION TO CLASSIC SECURITY MODELS These models are used for maintaining goals of security, i.e. Confidentiality, Integrity, and Availability. In simple words, it deals with CIA Triad maintenance. There are 3 main types of Classic Security Models. • Bell-LaPadula • Biba • Clarke Wilson Security Model
  • 15. 1. BELL-LAPADULA • This Model was invented by Scientists David Elliot Bell and Leonard .J. LaPadula. Thus this model is called the Bell-LaPadula Model. This is used to maintain the Confidentiality of Security. Here, the classification of Subjects(Users) and Objects(Files) are organized in a non-discretionary fashion, with respect to different layers of secrecy.
  • 16. 1. BELL-LAPADULA It has mainly 3 Rules • SIMPLE CONFIDENTIALITY RULE: Simple Confidentiality Rule states that the Subject can only Read the files on the Same Layer of Secrecy and the Lower Layer of Secrecy but not the Upper Layer of Secrecy, due to which we call this rule as NO READ- UP • STAR CONFIDENTIALITY RULE: Star Confidentiality Rule states that the Subject can only Write the files on the Same Layer of Secrecy and the Upper Layer of Secrecy but not the Lower Layer of Secrecy, due to which we call this rule as NO WRITE-DOWN • STRONG STAR CONFIDENTIALITY RULE: Stong Star Confidentiality Rule is highly secured and strongest which states that the Subject can Read and Write the files on the Same Layer of Secrecy only and not the Upper Layer of Secrecy or the Lower Layer of Secrecy, due to which we call this rule as NO READ WRITE UP DOWN
  • 17. 2. BIBA • This Model was invented by Scientist Kenneth .J. Biba. Thus this model is called Biba Model. This is used to maintain the Integrity of Security. Here, the classification of Subjects(Users) and Objects(Files) are organized in a non- discretionary fashion, with respect to different layers of secrecy. This works the exact reverse of the Bell-LaPadula Model.
  • 18. 2. BIBA It has mainly 3 Rules: • SIMPLE INTEGRITY RULE: Simple Integrity Rule states that the Subject can only Read the files on the Same Layer of Secrecy and the Upper Layer of Secrecy but not the Lower Layer of Secrecy, due to which we call this rule as NO READ DOWN • STAR INTEGRITY RULE: Star Integrity Rule states that the Subject can only Write the files on the Same Layer of Secrecy and the Lower Layer of Secrecy but not the Upper Layer of Secrecy, due to which we call this rule as NO WRITE-UP • STRONG STAR INTEGRITY RULE
  • 19. 3. CLARKE WILSON SECURITY MODEL • SUBJECT: It is any user who is requesting for Data Items. • CONSTRAINED DATA ITEMS:It cannot be accessed directly by the Subject. These need to be accessed via Clarke Wilson Security Model • UNCONSTRAINED DATA ITEMS: It can be accessed directly by the Subject.
  • 20. 3. CLARKE WILSON SECURITY MODEL • The Components of Clarke Wilson Security Model • TRANSFORMATION PROCESS: Here, the Subject’s request to access the Constrained Data Items is handled by the Transformation process which then converts it into permissions and then forwards it to Integration Verification Process • INTEGRATION VERIFICATION PROCESS: The Integration Verification Process will perform Authentication and Authorization. If that is successful, then the Subject is given access to Constrained Data Items.
  • 21. THE INFORMATION TECHNOLOGY ACT, 2000 • The Information Technology Act, 2000 also Known as an IT Act is an act proposed by the Indian Parliament reported on 17th October 2000. This Information Technology Act is based on the United Nations Model law on Electronic Commerce 1996 (UNCITRAL Model) which was suggested by the General Assembly of United Nations by a resolution dated on 30th January, 1997. It is the most important law in India dealing with Cybercrime and E-Commerce. • The main objective of this act is to carry lawful and trustworthy electronic, digital and online transactions and alleviate or reduce cybercrimes. The IT Act has 13 chapters and 90 sections. The last four sections that starts from ‘section 91 – section 94’, deals with the revisions to the Indian Penal Code 1860.
  • 22. THE INFORMATION TECHNOLOGY ACT, 2000 • The IT Act, 2000 has two schedules: • First Schedule – Deals with documents to which the Act shall not apply. • Second Schedule – Deals with electronic signature or electronic authentication method.
  • 23. THE INFORMATION TECHNOLOGY ACT, 2000 The offences and the punishments in IT Act 2000 : • Tampering with the computer source documents. • Directions of Controller to a subscriber to extend facilities to decrypt information. • Publishing of information which is obscene in electronic form. • Penalty for breach of confidentiality and privacy. • Hacking for malicious purposes. • Penalty for publishing Digital Signature Certificate false in certain particulars.
  • 24. THE INFORMATION TECHNOLOGY ACT, 2000 • Penalty for misrepresentation. • Confiscation. • Power to investigate offences. • Protected System. • Penalties for confiscation not to interfere with other punishments. • Act to apply for offence or contravention committed outside India. • Publication for fraud purposes. • Power of Controller to give directions.
  • 25. THE INFORMATION TECHNOLOGY ACT, 2000 Sections and Punishments under Information Technology Act, 2000 are as follows : • Section 43 This section of IT Act, 2000 states that any act of destroying, altering or stealing computer system/network or deleting data with malicious intentions without authorization from owner of the computer is liable for the payment to be made to owner as compensation for damages. • Section 43A This section of IT Act, 2000 states that any corporate body dealing with sensitive information that fails to implement reasonable security practices causing loss of other person will also liable as convict for compensation to the affected party. • Section 66 Hacking of a Computer System with malicious intentions like fraud will be punished with 3 years imprisonment or the fine of Rs.5,00,000 or both.
  • 26. THE INFORMATION TECHNOLOGY ACT, 2000 Section 66 B, C, D Fraud or dishonesty using or transmitting information or identity theft is punishable with 3 years imprisonment or Rs. 1,00,000 fine or both. Section 66 E This Section is for Violation of privacy by transmitting image or private area is punishable with 3 years imprisonment or 2,00,000 fine or both. Section 66 F This Section is on Cyber Terrorism affecting unity, integrity, security, sovereignty of India through digital medium is liable for life imprisonment. Section 67 This section states publishing obscene information or pornography or transmission of obscene content in public is liable for imprisonment up to 5 years or fine or Rs. 10,00,000 or both.
  • 27. THE INFORMATION TECHNOLOGY (AMENDMENT) ACT 2008 • The Information Technology (Amendment) Act 2008, an act to amend the IT Act 2000 received the President’s permission on 5th February 2009. Several legal & security experts are analyzing the contents and possible impacts of the amendments. • The IT(A) Act 2008 has introduced two sections that address data protection aspects. The sections under consideration are: • Section 43A: Compensation for failure to protect data • Section 72A: Punishment for disclosure of information in breach of lawful contract
  • 28. THE INFORMATION TECHNOLOGY (AMENDMENT) ACT 2008 • Description of Section 43A • Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation, to the person so affected.
  • 29. THE INFORMATION TECHNOLOGY (AMENDMENT) ACT 2008 • Description of Section 72A • Under this section, disclosure without consent exposes a person, including an “intermediary,” to three years imprisonment or a fine up to Rs. Five lacs or both. • This section uses the term “personal information” and not “sensitive personal information” as in section 43A. Hence, it could apply to any information obtained to deliver services and, therefore, broaden the definition of information.