module 12 ethics and security in computing some social issues in computing –division issues,...
TRANSCRIPT
Module 12Ethics and Security in Computing
• Some social issues in computing
– Division issues, workplace issues, legal issues
– protecting children on the Internet
• Ethics in computing
– Professional ethics
– Intellectual property rights
• Security issues in computing– Security problems
– Protection
– Viruses and worms
2
Division issue: Haves vs. Have-Nots
• Division caused by computing access– Those with access to computers and the Internet take advantage
of personal and economic opportunities– Those without access fall farther behind
• Major divisions within countries– Between urban areas and rural ones– Between rich and poor
• Major divisions among nations– Between industrialized and non-industrialized nations
• Narrowing the Divide
3
Workplace Issues
• Healthy computing– Harmful emissions from monitor, Eyestrain from monitor, Back
pain from position of chair and desk, Repetitive strain injury– Ergonomic equipment, Ergonomic behavior– Ergonomics refers to human factors related to the use of
computers
• Employee monitoring– An employer monitors an employee’s performance– Many companies have policies that notify employees about
monitoring practices
• Environmental concerns– Power consumption. Computer supplies. PC disposal
4
Many other issues
• Jurisdictional issues– International issues
• Applying national laws to a world-wide medium is a difficult process• Issues exist over which country’s court has jurisdiction
– National issues• Issues exist over which locality’s court has jurisdiction• Imposition of sales taxes on Internet transactions
• Protecting Children on the Internet– The Internet offers many opportunities for children– There are also unsavory elements on the Internet– Ways to protect children
• Blocking software. Child monitoring. Laws to protect children
5
Ethics in Computing
• Ethics – standards of moral conduct– Used to help determine the proper course of
action in difficult situations
• Ethics Issues– Computer ethics– Professional ethics– Programmer responsibility– Ethical use of computers
6
Computer EthicsComputer Ethics
Ten Commandments of Ten Commandments of Computer EthicsComputer Ethics
Apply general ethical Apply general ethical principles to principles to computingcomputingDeveloped by the Developed by the Computer Ethics Computer Ethics InstituteInstitute
7
Professional Ethics
• Relates to ethics of those whose work focuses on computer systems
• Code of Ethics and Professional Conduct developed by the Association for Computing Machinery (ACM)
• Divided into sections– General principles– Professional responsibilities– Guidelines for organizational systems
8
Programmer Responsibility
• Bug-free software does not exist– Testing can only show the presence of bugs,
not their absence
• Issues related to software quality– How much testing is enough?– How many minor bugs are acceptable in
software about to be released?
9
Ethical Use of Computers
• Data quality– Users are responsible for the quality of data entered into the
system– Procedures must be in place to detect and correct inaccurate
information• Protecting customers’ personal data
– Particularly relevant to companies doing business over the Internet
– Develop privacy policies stating how data will be used– Two approaches
• Opt-in policy – customers are notified of privacy policy and must agree before their data can be released
• Opt-out policy – customers are assumed to agree to the release of their data unless they specifically request it be kept private
• Digitally altering data
10
Intellectual Property Rights
• Refers to results of intellectual activity in the industrial, scientific, literary, or artistic fields
• U.S. Copyright Act provides protection in three areas– Copyrights– Patents– Trademarks
11
Copyrights
• Provides the creator of a literary or artistic work with control over its use and distribution– Widespread distribution of music and video
over the Internet has created quite a controversy
12
Digital Fair Use Issues
• Copy-protection schemes make it impossible to copy CDs and DVDs– Users claim that violates their fair use rights
• Software– Users may not modify copyrighted software
• Digital images– Images on the Web may be downloaded and used as
screen savers, but they may not be distributed or altered
• Plagiarism– Work taken from the Internet must be cited if it is used
in a paper or other presentation
13
Trademarks
• A word, name, symbol, or device used to distinguish one company and its products from another
• Two issues in the digital arena– Unauthorized use of one company’s
trademarks on another’s Web site– Obtaining a domain name that includes
another company’s trademark, then selling that domain name at a profit
14
Patents
• Designed to protect inventions and encourage inventors– Grant patent holder exclusive rights to the
invention
• Patent Office will grant patent protection to software algorithms and techniques– Will also grant patents for business methods
implemented in software
15
Security and Privacy
• Security – data stored on computer must be kept safe
• Privacy – private data must be kept from prying eyes
16
Computer Crime
• Hacker – someone who attempts to gain access to computer systems illegally
• Cracker – someone who uses the computer to engage in illegal activity
• Most commonly reported categories– Credit card fraud– Data communications fraud– Unauthorized access to computer files– Unlawful copying of copyrighted software
18
Bomb
• Causes a program to trigger damage under certain conditions– Usually set to go off at a later date
• Sometimes planted in commercial software– Shareware is more prone to having a bomb
planted in it
19
Denial of Service Attack
• Hackers bombard a site with more requests than it can possibly handle– Prevents legitimate users from accessing the
site– Hackers can cause attacks to come from
many different sites simultaneously
20
Piggybacking
• An illicit user “rides” into the system on the back of an authorized user– If the user does not exit the system properly,
the intruder can continue where the original user has left off
• Always log out of any system you log into
21
Trapdoor
• An illicit program left within a completed legitimate program– Allows subsequent unauthorized and
unknown entry by the perpetrator to make changes to the program
22
Trojan Horse
• Involves illegal instructions placed in the middle of a legitimate program– Program does something useful, but the
Trojan horse instructions do something destructive in the background
23
White-Hat Hackers
• Hackers that are paid by a company to break into that company’s computer systems– Expose security holes and flaws before
criminals find them– Once exposed, flaws can be fixed
25
Security: Playing It Safe
• Security – a system of safeguards– Protects system and data from deliberate or
accidental damage– Protects system and data from unauthorized
access
26
Controlling Access
• Four means of controlling who has access to the computer– What you have– What you know– What you do– What you are
27
A Disaster Recovery Plan
• A method of restoring computer processing operations and data files in the event of major destruction
• Several approaches– Manual services– Buying time at a service bureau– Consortium
• Plan should include priorities for restoring programs, plans for notifying employees, and procedures for handling data in a different environment
31
Thread from worm and virus
• Worm– A program that transfers itself from computer
to computer• Plants itself as a separate file on the target
computer’s disks
32
Virus
• A set of illicit instructions that passes itself on to other files, which can tremendous damage to computer and data files
• Transmission of virus– Viral instructions inserted into a game or file
• Typically distributed via the Web or e-mail
– Users download the file onto their computers– Every time the user opens that file, virus is loaded into
memory• As other files are loaded into memory, they become infected
33
Virus Prevention
• Antivirus software – Detects virus signature– Scans hard disk every time you boot the computer
• Viruses tend to show up on free software or software downloaded from the Internet– Use antivirus software to scan files before you load
them on your computer • Often distributed as e-mail attachments
– Do not open e-mail attachments without scanning them or if you do not know the person sending the e-mail
34
Security Problems on the Internet
• With so many people on the Internet, how do you keep data secure?
• Several approaches– Using a firewall– Encryption
35
A Firewall
• A combination of hardware and software that sits between an organization’s network and the Internet– All traffic between the two goes
through the firewall– Protects the organization from
unauthorized access– Can prevent internal users from
accessing inappropriate Internet sites
36
Encryption
• Scrambling data so that it can only be read by a computer with the appropriate key– Encryption key converts the message into an
unreadable form– Message can be decrypted only by someone with the
proper key
• Private key encryption – senders and receivers share the same key
• Public key encryption – different keys are used in encryption and decryption