Presentation is loading. Please wait.

Presentation is loading. Please wait.

1J. M. Kizza - Ethical And Social Issues Module 13: Ethical, Privacy, and Security Issues in the Online Social Network Ecosystems Introduction Introduction.

Published byMarilynn Suzan Bradford Modified over 9 years ago

Similar presentations

Presentation on theme: "1J. M. Kizza - Ethical And Social Issues Module 13: Ethical, Privacy, and Security Issues in the Online Social Network Ecosystems Introduction Introduction."— Presentation transcript:

1 1J. M. Kizza - Ethical And Social Issues Module 13: Ethical, Privacy, and Security Issues in the Online Social Network Ecosystems Introduction Introduction Introduction to Computer Networks Introduction to Computer Networks Social Networks Social Networks Online Social Networks(OSNs) Online Social Networks(OSNs) Ethical and Privacy Issues in Online Social Networks Ethical and Privacy Issues in Online Social Networks Security and Crimes in Online Social Networks Security and Crimes in Online Social Networks Proven Security Protocols and Best Practices in Online Social Networks Proven Security Protocols and Best Practices in Online Social Networks

2 2J. M. Kizza - Ethical And Social Issues Introduction to Computer Networks A computer network is a distributed system consisting of loosely coupled computing elements and other devices A computer network is a distributed system consisting of loosely coupled computing elements and other devices communicate through a wired or wireless medium. communicate through a wired or wireless medium. Communication is based on a set of communicating rules called protocols. Communication is based on a set of communicating rules called protocols. The hardware components of a computer network consist of a collection of nodes that include: The hardware components of a computer network consist of a collection of nodes that include: Hosts – as end systems, Hosts – as end systems, intermediate switching elements like hubs, bridges, routers, and gateways. intermediate switching elements like hubs, bridges, routers, and gateways.

3 3J. M. Kizza - Ethical And Social Issues Two common network configuration models - the centralized and distributed Two common network configuration models - the centralized and distributed Computer networks- centralized or distributed, come in different sizes depending on the number of computers and other devices the network has. Computer networks- centralized or distributed, come in different sizes depending on the number of computers and other devices the network has. The number of devices, computers or otherwise, in a network and the geographical area covered by the network determine the network type: The number of devices, computers or otherwise, in a network and the geographical area covered by the network determine the network type: Local Area Network (LAN) Local Area Network (LAN) Wide Area Networks (WANs) Wide Area Networks (WANs) Metropolitan Area Networks (MANs) Metropolitan Area Networks (MANs)

4 4J. M. Kizza - Ethical And Social Issues Online Crimes An online crime is a crime like any other crime, except it involves a connected computing system either as an object of a crime, an instrument used to commit a crime or a repository of evidence related to a crime. An online crime is a crime like any other crime, except it involves a connected computing system either as an object of a crime, an instrument used to commit a crime or a repository of evidence related to a crime. The International Convention of Cyber Crimes and the European Convention on Cyber Crimes both list the following crimes as online crime [1]: The International Convention of Cyber Crimes and the European Convention on Cyber Crimes both list the following crimes as online crime [1]: Unlawful access to information Unlawful access to information Illegal interception of information Illegal interception of information Unlawful use of telecommunication equipment. Unlawful use of telecommunication equipment. Forgery with use of computer measures Forgery with use of computer measures Intrusions of the Public Switched and Packet Network Intrusions of the Public Switched and Packet Network Network integrity violations Network integrity violations Privacy violations Privacy violations Industrial espionage Industrial espionage Pirated computer software Pirated computer software Fraud using a computing system Fraud using a computing system Internet/email abuse Internet/email abuse Using computers or computer technology to commit murder, terrorism, pornography, and hacking. Using computers or computer technology to commit murder, terrorism, pornography, and hacking.

5 5J. M. Kizza - Ethical And Social Issues Ways to Perpetuate Online Crimes System penetration - a process of gaining unauthorized access to a protected system’s resources, the system may be automated or not. System penetration - a process of gaining unauthorized access to a protected system’s resources, the system may be automated or not. Distributed Denial of Service (DDoS) - an interruption of service of the target system – when it is made either unavailable to users through disabling or destruction of it. Distributed Denial of Service (DDoS) - an interruption of service of the target system – when it is made either unavailable to users through disabling or destruction of it. Category include: Category include: IP-spoofing IP-spoofing SYN-Flooding: SYN-Flooding: Smurf attack Smurf attack Buffer Overflow Buffer Overflow Ping of Death Ping of Death Land.c attack Land.c attack Teardrop.c Teardrop.c Sequence Number Sniffing Sequence Number Sniffing

6 6J. M. Kizza - Ethical And Social Issues Defense Against Online Crimes Prevention – one of the oldest and probably the best defence mechanism against online crimes. Must include the following: Prevention – one of the oldest and probably the best defence mechanism against online crimes. Must include the following: A security policy A security policy Risk management Risk management Vulnerability assessment Vulnerability assessment Use of strong cryptographic algorithms Use of strong cryptographic algorithms Penetration testing Penetration testing Regular audits Regular audits Use of proven security protocols Use of proven security protocols Legislation Legislation Self-regulation Self-regulation Mass education Mass education

7 7J. M. Kizza - Ethical And Social Issues Proven Security Protocols and Best Practices There are hundreds of security protocols and best practices in use today There are hundreds of security protocols and best practices in use today The problem for security professional is to find the best The problem for security professional is to find the best Major categories are: Major categories are:

8 8J. M. Kizza - Ethical And Social Issues Authentication - a process of validating the identity of someone or something. Authentication - a process of validating the identity of someone or something. uses information provided to the authenticator to determine whether someone or something is in fact who or what it is declared to be. uses information provided to the authenticator to determine whether someone or something is in fact who or what it is declared to be. requires one to present credentials or items of value to the authenticating agent in order to prove the claim of who one really is. requires one to present credentials or items of value to the authenticating agent in order to prove the claim of who one really is. items of value or credential are based on: something you know, something you have, or something you are: items of value or credential are based on: something you know, something you have, or something you are: Something you know: may be something you mentally possess like a password, a secret word known by the user and the authenticator. This technique of authentication is cheap but has weaknesses like memory lapses. Something you know: may be something you mentally possess like a password, a secret word known by the user and the authenticator. This technique of authentication is cheap but has weaknesses like memory lapses.

9 9J. M. Kizza - Ethical And Social Issues Something you have:, may be any form of issued or acquired self identification such as SecurID, Activcard, or any other forms of cards and tags. This authentication technique is slightly safer. Something you have:, may be any form of issued or acquired self identification such as SecurID, Activcard, or any other forms of cards and tags. This authentication technique is slightly safer. Something you are: These are individual physical characteristic such as voice, fingerprint, iris pattern and other biometrics. Biometric authentication as we are going to see in Chapter 14 are the safest form of authentication. Something you are: These are individual physical characteristic such as voice, fingerprint, iris pattern and other biometrics. Biometric authentication as we are going to see in Chapter 14 are the safest form of authentication. Authentication methods include: Authentication methods include: password password public-key public-key anonymous anonymous certificate-based certificate-based

10 10J. M. Kizza - Ethical And Social Issues Access Control - a process of determining how access to the system’s potential resources can be provided to each of the system users. Access Control - a process of determining how access to the system’s potential resources can be provided to each of the system users. Several control techniques and technologies have been developed to deal with this problem; they include: Access Control Matrix, Capability Tables, Access Control Lists, Role-Based Access Control, Rule-Based Access Control, Restricted Interfaces, Content-Dependent Access Control and biometrics. Several control techniques and technologies have been developed to deal with this problem; they include: Access Control Matrix, Capability Tables, Access Control Lists, Role-Based Access Control, Rule-Based Access Control, Restricted Interfaces, Content-Dependent Access Control and biometrics. Legislation - process of enacting laws intended to curb the growth of these crimes. Legislation - process of enacting laws intended to curb the growth of these crimes. Sometimes enforceable laws can be productive. Sometimes enforceable laws can be productive. Self-regulation - individuals finding ways to regulate objectionable material from reaching the children. This has become the cornerstone of efforts to stop the growing rate of online crimes. Self-regulation - individuals finding ways to regulate objectionable material from reaching the children. This has become the cornerstone of efforts to stop the growing rate of online crimes.

11 11J. M. Kizza - Ethical And Social Issues Detection - mechanisms for preventing online crimes through 24-hour monitoring systems that continuously capture, analyze, and report on the daily happenings in and around the network. Detection - mechanisms for preventing online crimes through 24-hour monitoring systems that continuously capture, analyze, and report on the daily happenings in and around the network. Recovery - a process that consists of two sub processes: Recovery - a process that consists of two sub processes: Analysis involving taking as much data as possible gathered during the last intrusion and analysing it for patterns that can be used in future for a response, for detection in future, and for prevention. Analysis involving taking as much data as possible gathered during the last intrusion and analysing it for patterns that can be used in future for a response, for detection in future, and for prevention. Recovery requiring the use of all available resources to mitigate the problem in progress, recover whatever can be recovered and build new data in place of or to replace the destroyed data. Recovery requiring the use of all available resources to mitigate the problem in progress, recover whatever can be recovered and build new data in place of or to replace the destroyed data.

Download ppt "1J. M. Kizza - Ethical And Social Issues Module 13: Ethical, Privacy, and Security Issues in the Online Social Network Ecosystems Introduction Introduction."

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Computer Security Computer Security is defined as:

Computer Security Computer Security is defined as:
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Department Of Computer Engineering

Department Of Computer Engineering
NETWORKING COMPONENTS Zach Avis. Hub A hub is a low cost way to connect two computers. A hub can also act as a repeater. When a signal comes from one.

NETWORKING COMPONENTS Zach Avis. Hub A hub is a low cost way to connect two computers. A hub can also act as a repeater. When a signal comes from one.
Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.

Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.
Chapter 10: Authentication Guide to Computer Network Security.

Chapter 10: Authentication Guide to Computer Network Security.
1 Kyung Hee University Prof. Choong Seon HONG Network Control.

1 Kyung Hee University Prof. Choong Seon HONG Network Control.
NW Security and Firewalls Network Security

NW Security and Firewalls Network Security
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Similar presentations

Ads by Google