PRIVACY AND SECURITY MORAL IMPERATIVE OF PROFESSIONAL ETHICS.

Slides:



Advertisements
Similar presentations
Operating System Security
Advertisements

Let’s Talk About Cyber Security
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
Criteria For Approval 45 CFR CFR Minimized risks Reasonable risk/benefit ratio Equitable subject selection Informed consent process Informed.
AUP Acceptable Use Policy Summarized by Mr. Kirsch from the Sioux Falls School District Technology Plan.
COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
Ethical and Social...J.M.Kizza 1 Module 5: Anonymity, Security, Privacy and Civil Liberties IntroductionAnonymitySecurityPrivacy Ethical and Social Issues.
Breaking Trust On The Internet
What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.
Security, Privacy, and Ethics Online Computer Crimes.
Security+ Guide to Network Security Fundamentals
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Data Retention LIS 550 Winter 2010 Unsworth Tuesday, March 02, 2010.
1 An Overview of Computer Security computer security.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Introducing Computer and Network Security
1 The Engineer as a Professional Privacy. 2 After reading the articles please answer the following questions. 1) Is privacy a concern that engineers have.
Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
INTERNET and CODE OF CONDUCT
Per Anders Eriksson
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
General Awareness Training
BUS1MIS Management Information Systems Semester 1, 2012 Week 7 Lecture 1.
PART THREE E-commerce in Action Norton University E-commerce in Action.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
C4- Social, Legal, and Ethical Issues in the Digital Firm
Anonymity, Security, Privacy and Civil Liberties
Ethical Issues in Information Technology First Annual Conference on Ethics and Technology Chicago, 1996 Mary Malliaris.
Information Systems Security Computer System Life Cycle Security.
What does “secure” mean? Protecting Valuables
1 Freedom of Information (Scotland) Act 2002 A strategic view.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Viruses, Computer Security & Ethical Issues Digital Communication Systems Ms. Powers.
Information Systems Security Operational Control for Information Security.
Chapter 5: General Computer Topics Department of Computer Science Foundation Year Program Umm Alqura University, Makkah Computer Skills /1436.
ETHICAL ISSUES SURROUND ELECTRONIC COMMUNICATIONS Unit 3.
IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.
Chapter 01: Introduction to Network Security. Network  A Network is the inter-connection of communications media, connectivity equipment, and electronic.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
history, hardware, software, safety, and computer ethics
1 Ethical Issues in Computer Science CSCI 328, Fall 2013 Session 15 Privacy as a Value.
Chap1: Is there a Security Problem in Computing?.
PROTECTION OF PERSONAL DATA. OECD GUIDELINES: BASIC PRINCIPLES OF NATIONAL APPLICATION Collection Limitation Principle There should be limits to the collection.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
Ethical and Legal Issues Information Systems 337 Prof. Harry Plantinga.
The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
CONTROLLING INFORMATION SYSTEMS
Understand Malware LESSON Security Fundamentals.
ICT and the Law Mr Conti. Did you see anything wrong with that? Most people wouldn’t want that sort of information posted in a public place. Why? Because.
Matt Broman Kodiac Gamble Devin Nichol SECTION 4.2 INFORMATION SECURITY.
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
APEC Privacy Framework “The lack of consumer trust and confidence in the privacy and security of online transactions and information networks is one element.
By: Matthew Newsome.  The Internet was created so the US Department of Defense can share information between each other, which took place in the 1960’s.
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
A properly constructed virus can disrupt productivity causing billions of dollars in damage A virus is a small piece of software that piggybacks on real.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Chapter 29: Program Security Dr. Wayne Summers Department of Computer Science Columbus State University
Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Information Security and Privacy in HRIS
Managing Windows Security
CYBER SECURITY...
Lecture 8. Cyber Security, Ethics and Trust
Ethical questions on the use of big data in official statistics
Faculty of Science IT Department By Raz Dara MA.
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
Presentation transcript:

PRIVACY AND SECURITY MORAL IMPERATIVE OF PROFESSIONAL ETHICS

MANAGEMENT ISSUES Security is a matter that has to be decided upon and dealt with by managers. The management of an organization must take an active role in setting policies and creating standards and procedures to be followed by the users and the administrators of the systems. Security is a matter that has to be decided upon and dealt with by managers. The management of an organization must take an active role in setting policies and creating standards and procedures to be followed by the users and the administrators of the systems. The managers must divide the tasks of maintaining the system among several people in order to prevent one person from having too much power and control over the system. The managers must divide the tasks of maintaining the system among several people in order to prevent one person from having too much power and control over the system. In developing ‘in house’ systems the management must take steps to create security standards to which all software developed internally must comply. In developing ‘in house’ systems the management must take steps to create security standards to which all software developed internally must comply.

INSIDE ORGANIZATIONS An organization must assess how sensitive and valuable their information is, and how much security and assurance they are willing to pay for. An organization must assess how sensitive and valuable their information is, and how much security and assurance they are willing to pay for. The systems that are going to be purchased must meet these security standards. It is often possible to install systems with different security features activated or not. The management must decide on activating or not activating these security features. The systems that are going to be purchased must meet these security standards. It is often possible to install systems with different security features activated or not. The management must decide on activating or not activating these security features.

TROJAN HORSES Getting under the skin -- implants code that secretly reads or alters files in an unauthorized way. Getting under the skin -- implants code that secretly reads or alters files in an unauthorized way. actions range from disastrous “rm *” to annoying "I want a cookie" actions range from disastrous “rm *” to annoying "I want a cookie" One good way is to write a popular utility program that everyone will want to use One good way is to write a popular utility program that everyone will want to use Prime targets are utilities that have ultimate privilege (login, passwd, ps, lquota...) Prime targets are utilities that have ultimate privilege (login, passwd, ps, lquota...) Viruses may lurk in compilers: viruses may be planted to detect what program is being compiled and then add code to the object code at the suitable time. Viruses may lurk in compilers: viruses may be planted to detect what program is being compiled and then add code to the object code at the suitable time.

VIRUSES Spreading infection like an epidemic Spreading infection like an epidemic They work by sitting with executable (or macro) files so that the virus part acts before the original purpose of the program. They work by sitting with executable (or macro) files so that the virus part acts before the original purpose of the program. Difficult to detect because cause and effect are impossible to fathom when faced with randomness and long time delays. Difficult to detect because cause and effect are impossible to fathom when faced with randomness and long time delays.

EXORCISING A VIRUS : How do you get rid of it once you found it? : How do you get rid of it once you found it? Recompile all programs that might have been infected, making sure NOT to execute any of them Recompile all programs that might have been infected, making sure NOT to execute any of them Lots of anti-virus programs availiable Lots of anti-virus programs availiable EVIL IS SEDUCTIVE… (Best place to put a virus is in an anti-virus program...) EVIL IS SEDUCTIVE… (Best place to put a virus is in an anti-virus program...) Ha! Ha! (we’re cool, no?) Ha! Ha! (we’re cool, no?) RECALL THE INNER IMPERATIVES OF WHICH THE CODE OF PROFESSIONAL ETHICS REMIND RECALL THE INNER IMPERATIVES OF WHICH THE CODE OF PROFESSIONAL ETHICS REMIND

WORMS Consist of several segments, each is a program running on a separate workstation on the network which is idle. Consist of several segments, each is a program running on a separate workstation on the network which is idle. If a workstation is shut down, the other segments reproduce it on another. If a workstation is shut down, the other segments reproduce it on another. Every workstation must be rebooted simultaneously to eradicate the worm. Every workstation must be rebooted simultaneously to eradicate the worm. HOW TO DEFEND AGAINST SUCH EVIL? HOW TO DEFEND AGAINST SUCH EVIL? Technical mechanisms cannot limit the damage done by infiltrators. Technical mechanisms cannot limit the damage done by infiltrators.

DEFENSES (back to the ethical values…) Mutual trust between users of a system, coupled with physical security Mutual trust between users of a system, coupled with physical security Educate Users (install updated virus-check…) Educate Users (install updated virus-check…) Secrecy -- do not make information available (doesn’t go well with trust…) RESISTANCE BRINGS RESISTANCE (The best defense is not to act defensively…) Secrecy -- do not make information available (doesn’t go well with trust…) RESISTANCE BRINGS RESISTANCE (The best defense is not to act defensively…) BE AWARE OF YOUR POWER and ACT RESPONSIBLE! BE AWARE OF YOUR POWER and ACT RESPONSIBLE! Cultivate a supportive trusting atmosphere! YOU HAVE THE POWER TO MAKE OR BREAK OUR WORLD! Cultivate a supportive trusting atmosphere! YOU HAVE THE POWER TO MAKE OR BREAK OUR WORLD!

PRIVACY "The right to be left alone" "The right to be left alone" "One should have control over his/her own information" "One should have control over his/her own information" MAIN THREATS OF PRIVACY TODAY MAIN THREATS OF PRIVACY TODAY The rapid growth of electronic transactions The rapid growth of electronic transactions The accelerated collection of personal information The accelerated collection of personal information The dramatic increase in the number of communications carriers and service providers. The dramatic increase in the number of communications carriers and service providers. The growing use of technically unsecured channel, such as mobile communication. The growing use of technically unsecured channel, such as mobile communication. LACK OF DIRECTION – LACK OF MORAL AND ETHICAL VALUES! (AWARENESS) LACK OF DIRECTION – LACK OF MORAL AND ETHICAL VALUES! (AWARENESS)

CATHEGORIES Confidentiality: The existence of the communication should be known only by the parties involved, without disclosure to a third party. Confidentiality: The existence of the communication should be known only by the parties involved, without disclosure to a third party. Anonymity: The individual's right to disclose his/her identity in a network. Anonymity: The individual's right to disclose his/her identity in a network. Data protection: The collection and use of personal data. Data protection: The collection and use of personal data.

EXCEPTIONS (When it is ‘OK’ to trespass privacy) Consent is given by the owner of the information Consent is given by the owner of the information Criminal Investigation (?would this fit in the Code of Ethics…) Criminal Investigation (?would this fit in the Code of Ethics…) For the maintenance of the network (SHOULD CONSENT BE ASKED FOR IN THIS CASE?...) For the maintenance of the network (SHOULD CONSENT BE ASKED FOR IN THIS CASE?...)

PRINCIPLES OF PERSONAL RECORD KEEPING There must be no personal data record-keeping systems whose very existence is secret There must be no personal data record-keeping systems whose very existence is secret There must be a way for an individual to find out what information about him/her is in a record and how it is used There must be a way for an individual to find out what information about him/her is in a record and how it is used There must be a way for an individual to prevent information about him/her that was obtained for one purpose from being used or made available for other purposes without his/her consent There must be a way for an individual to prevent information about him/her that was obtained for one purpose from being used or made available for other purposes without his/her consent There must be a way for an individual to correct or amend record of identifiable information about him/her There must be a way for an individual to correct or amend record of identifiable information about him/her Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take precautions to prevent misuse of the data. Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take precautions to prevent misuse of the data.

DATAVEILLANCE Systematic use of personal data systems in the investigation or monitoring of the actions or communications of one or more persons Systematic use of personal data systems in the investigation or monitoring of the actions or communications of one or more persons SURVEILLANCE SURVEILLANCE Systematic investigation or monitoring of the actions or communications of one or more persons. Its primary purpose is generally to collect information about them, their activities, or their associates. Systematic investigation or monitoring of the actions or communications of one or more persons. Its primary purpose is generally to collect information about them, their activities, or their associates.

SURVEILLANCE… Personal surveillance is the surveillance of an identified person. Personal surveillance is the surveillance of an identified person. In general, a specific reason exists for the investigation or monitoring. In general, a specific reason exists for the investigation or monitoring. Mass surveillance is the surveillance of groups of people, usually large groups. Mass surveillance is the surveillance of groups of people, usually large groups. In general, the reason for investigation or monitoring is to identify individuals who belong to some particular class of interest to the surveillance organization. In general, the reason for investigation or monitoring is to identify individuals who belong to some particular class of interest to the surveillance organization.

THE ETHICS OF SURVEILLANCE… Concern about freedom from tyranny is a trademark of democracy. Surveillance is one of the elements of tyranny. Concern about freedom from tyranny is a trademark of democracy. Surveillance is one of the elements of tyranny. Nevertheless, some classes of people, at least when they undertake some classes of activity, are deemed by society to warrant surveillance. Nevertheless, some classes of people, at least when they undertake some classes of activity, are deemed by society to warrant surveillance. The computer has been accused of harboring a potential for increased surveillance of the citizen by the state, and the consumer by the corporation The computer has been accused of harboring a potential for increased surveillance of the citizen by the state, and the consumer by the corporation ? HOW DOES THIS LOOK IN THE CONTEXT OF THE SHIFT OUR WORLD TOOK AFTER SEPT. 11 ? HOW DOES THIS LOOK IN THE CONTEXT OF THE SHIFT OUR WORLD TOOK AFTER SEPT. 11

MAIN THREATS … Dangers of personal dataveillance Dangers of personal dataveillance Wrong identification Wrong identification Low data quality Low data quality Acontextual use of data Acontextual use of data Low quality decisions Low quality decisions Lack of subject knowledge of data flows Lack of subject knowledge of data flows Lack of subject consent to data flows Lack of subject consent to data flows Blacklisting Blacklisting Denial of redemption Denial of redemption

DANGERS OF MASS DATAVEILLANCE To the individual To the individual Acontextual data merger Acontextual data merger Complexity and incomprehensibility of data Complexity and incomprehensibility of data Witch hunts Witch hunts Selective advertising Selective advertising Unknown accusations and accusers Unknown accusations and accusers

DANGERS OF DATAVEILLANCE… To society To society Prevailing climate of suspicion (threatens TRUST) Prevailing climate of suspicion (threatens TRUST) Adversarial relationships Adversarial relationships Focus of law enforcement on easily detectable offenses Focus of law enforcement on easily detectable offenses Inequitable application of the law Inequitable application of the law Decreased respect for the law (DAMAGES FAITH IN ETHICS) Decreased respect for the law (DAMAGES FAITH IN ETHICS) Reduction in meaningfulness of individual actions Reduction in meaningfulness of individual actions Reduction in self-reliance, self-determination Reduction in self-reliance, self-determination Stultification of originality Stultification of originality Tendency to opt out of the official level of society Tendency to opt out of the official level of society Weakening of society's moral fiber and cohesion Weakening of society's moral fiber and cohesion Destabilization potential for a totalitarian government Destabilization potential for a totalitarian government

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.