Presentation is loading. Please wait.

Presentation is loading. Please wait.

Week 13 LBSC 690 Information Technology Social Issues.

Published byJemimah Thomas Modified over 9 years ago

Similar presentations

Presentation on theme: "Week 13 LBSC 690 Information Technology Social Issues."— Presentation transcript:

1 Week 13 LBSC 690 Information Technology Social Issues

2 Agenda Questions Equitable access Appropriate use Project demonstrations

3 Equitable Access Computing facilities –Hardware, software Networks –Speed, continuity Information sources –Fee-based, language Skills –System, access strategies, information use

4 Computing as a Social Process Ownership Identity Privacy Integrity

5 Ownership Who has the right to use a computer? Who establishes this policy? How? –What equity considerations are raised? Can someone else deny access? –Denial of service attacks How can denial of service be prevented? –Who can gain access and what can they do?

6 Identity Establishing identity permits access control What is identity in cyberspace? –Attribution When is it desirable? –Impersonation How can it be prevented? Forgery is really easy –Just set up your mailer with bogus name and email

7 Anonymity Serves several purposes –Sensitive issues on discussion groups –Brainstorming –Whistleblowers –Marketing (“Spam”) Common techniques –Anonymous remailers –Pseudonyms

8 Privacy What privacy rights do computer users have? –On email? –When using computers at work? At school? –What about your home computer? What about data about you? –In government computers? –Collected by companies and organizations? Does obscurity offer any privacy?

9 Privacy Protection Privacy Act of 1974 –Applies only to government records TrustE certification guidelines –Site-specific privacy policies –Federal Trade Commission enforcement Organizational monitoring

10 Integrity How do you know what’s there is correct? –Attribution is invalid if the contents can change Access control would be one solution –No system with people has perfect access control Risks digest provides plenty of examples! Encryption offers an alternative

11 Denial of Service Attacks Viruses –Platform dependent –Typically binary Virus checkers –Need frequent updates Flooding –The Internet worm –Chain letters

12 Justifications for Limiting Use Parental control –Web browsing software, time limits Intellectual property protection –Copyright, trade secrets National security –Classified material Censorship

13 Acceptable Use Policies Establish policies Authenticate Authorize Audit Supervise

14 Techniques for Limiting Use Access control –Effective multilevel security is hard to achieve Copy protection –Hardware and software Licensing –Shrinkwrap, Shareware, GNU Public license Digital watermarks –Provide a basis for prosecution

15 Authentication Used to establish identity Two types –Physical (Keys, badges, cardkeys, thumbprints) –Electronic (Passwords, digital signatures) Protected with social structures –Report lost keys –Don’t tell anyone your password Password sniffers will eventually find it

16 Good Passwords Long enough not to be guessed –Programs can try every combination of 4 letters Not in the dictionary –Programs can try every word in a dictionary –And every date, and every proper name,... –And even every pair of words Mix upper case, lower case, numbers, etc. Change it often and use one for each account

17 Access Control Issues Protect system administrator access –Greater potential for damaging acts –What about nefarious system administrators? Trojan horses –Intentionally undocumented access techniques Firewalls –Prevent unfamiliar packets from passing through –Makes it harder for hackers to hurt your system

18 Fair Use Doctrine Balance two desirable characteristics –Financial incentives to produce content –Desirable uses of existing information Safe harbor agreement (1976 legislative history) –Book chapter, magazine article, picture, … Developed in an era of physical documents –Perfect copies/instant delivery alter the balance

19 Recent Copyright Laws Copyright Term Extension Act (CTEA) –Ruled constitutional (Jan 2003, Supreme Court) Digital Millennium Copyright Act (DMCA) –Prohibits circumvention of technical measures –Implements WIPO treaty database protection

20 The Pornography Debate Communications Decency Act (CDA) –Ruled unconstitutional (1997, Supreme Court) Child Online Protection Act (COPA) –Enforcement blocked (March 2003, 3 rd Circuit) Children’s Internet Protection Act (CIPA) –Ruled constitutional (June 2003, Supreme Court)

21 Filtering Technology Any individual approach is imperfect Term-based techniques –Recall/precision tradeoff –Not very useful for images and audio Whitelists and blacklists –Expensive to create manually –Differing opinions, time lag

22 Surveillance Law USA PATRIOT Act –Access to business records (with a court order) –Internet traffic analysis (with a court order) Foreign Intelligence Surveillance Act (FISA) –Secret court for monitoring foreign communications –Special protections for citizens/permanent residents

23 Real-Time Local Surveillance Built-in features of standard software –Browser history, outgoing email folders, etc. “Parental control” logging software –ChatNANNY, Cyber Snoop, FamilyCAM, … Personal firewall software –ZoneAlarm, BlackIce, …

24 Real-Time Centralized Surveillance Proxy server –Set up a Web server and enable proxy function –Configure all browsers to use the proxy server –Store and analyze Web server log files Firewall –Can monitor all applications, not just the Web

25 Forensic Examination Scan for files in obscure locations –Find by content for text, ACDSee for pictures Examine “deleted” disk files –Norton DiskDoctor, … Decode encrypted files –Possible for many older schemes

26 External Monitoring Web tracking –Browser data, clickthrough, cookies, … Packet sniffers –Detect passwords, reconstruct packets, … Law enforcement –Carnivore (US), RIP (UK), … National security –Echelon (US), SORM (Russia), …

27 Mailing List “Nettiquite” Send private replies unless a public one is needed Don’t send unsubscribe requests to the list Read the FAQ before asking one Avoid things that start flames, unless you intend to

28 Project Demonstrations Scheduled in advance Targeted for 30 minutes Web pages in my office Databases anywhere you need to be Some time on Dec 9, 10, 11 –Get your reservations in early! At least one person from a team must come –But everyone is welcome!

29 Project Demonstrations Starts with a brief structured test –I’ll pick a spec requirement and use the test plan Then you can show me around –You guide, I’ll drive I’ll run off the road a lot, though, to see what happens For web pages, I may try another browser or two I’ll award the group’s grade on the spot –Perfection is not required, only greatness!

Download ppt "Week 13 LBSC 690 Information Technology Social Issues."

Similar presentations

Privacy & Other Issues. Acceptable Use Policies When you sign up for an account at school or from an Internet Service Provider, you agree to their rules.

Privacy & Other Issues. Acceptable Use Policies When you sign up for an account at school or from an Internet Service Provider, you agree to their rules.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
James Tam Computer Security Concepts covered Malicious computer programs Malicious computer use Security measures.

James Tam Computer Security Concepts covered Malicious computer programs Malicious computer use Security measures.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Class 7 LBSC 690 Information Technology Social Issues & Control of Information.

Class 7 LBSC 690 Information Technology Social Issues & Control of Information.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.

1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Class 7 LBSC 690 Information Technology Security.

Class 7 LBSC 690 Information Technology Security.
1010 CHAPTER PRIVACY AND SECURITY. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved. 10-2 Competencies Describe concerns associated with computer.

1010 CHAPTER PRIVACY AND SECURITY. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved Competencies Describe concerns associated with computer.
Instructions for Weds. Jan. 10 1.Get your Century 21 Jr. textbook 2.Log in to the computers 3.On page 80, read the Objectives listed under “Lesson 13:

Instructions for Weds. Jan Get your Century 21 Jr. textbook 2.Log in to the computers 3.On page 80, read the Objectives listed under “Lesson 13:
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Similar presentations

Ads by Google