Download presentation
Presentation is loading. Please wait.
Published byAlaina Walker Modified over 9 years ago
1
Chapter 11 Security and Privacy: Computers and the Internet
2
Why are security and privacy issues? n networking has made data and information easier to access n data and information must be protected from –destruction –accidental damage –theft –espionage –unauthorized access
3
Computer Crime n most frequently reported computer crimes –credit card fraud –data communications fraud –unauthorized access to computer files –unlawful copying of copyrighted software
4
People n hackers - people who attempt to gain access to computer systems illegally n electronic pickpockets - people who use computers to illegally transfer money, goods, or other valuables n white-hat hackers - professionals hired to try to break into a system before someone else does
5
“Bad Guy” Tricks n Some methods commonly used by computer criminals –bomb - program designed to trigger damage under certain conditions –data diddling - changing data before or after it is entered –denial of service attacks - bombarding a site with requests for service –piggybacking - accessing a system through someone else, may occur if the authorized user did not exit properly
6
More tricks –salami techniques - embezzlement technique that transfers small “slices” of money –scavenging - looking through garbage for useful information –trapdoor - an unauthorized means of entry into a legitimate program –Trojan horse - potentially harmful instructions hidden inside an otherwise useful program –zapping - software designed to bypass security systems
7
Discovery and Prosecution n discovery of computer crimes is often difficult n many businesses do not report crimes for fear of bad publicity n complexities of computer-related fraud often not fully understood by –law enforcement –prosecutors –judges –juries n Computer Fraud and Abuse Act (1986) –attempt to define computer crime at national level
8
Computer Forensics n computer forensics - uncovering computer-stored information to be used in court –used in both civil and criminal cases –relatively new field –each examination is unique
9
Security measures n authorized access - badges, passwords, biometrics n disaster recovery plan n software security - who do programs belong to? n data security - secure waste, internal controls, audit checks, passwords, etc. n personal computer security - surge protectors n backup files
10
Viruses n virus - program designed to “infect” a computer –damage may include changed or deleted files, bizarre screen effects, sabotage entire computer system n worm - program designed to transfer itself over a network n retrovirus - program designed to attack antivirus software n vaccine (antivirus) - program designed to detect and neutralize or remove viruses
11
Transmitting Viruses n programs downloaded from the Internet n diskettes n attachments to e-mail n program with the virus must be executed to activate the virus
12
Privacy n privacy - the right to control information about oneself n greatly compromised by giant databases and the sharing and sale of information
13
Privacy Legislation n Fair Credit Reporting Act of 1970 –can access and challenge credit records n Freedom of Information Act of 1970 –allows access to information gathered by federal agencies n Federal Privacy Act of 1974 –no secret personal files maintained by federal government agencies and contractors
14
Privacy Legislation n Video Privacy Protection Act of 1988 –prevents retailers from disclosing a person’s video rental records without a court order n Computer Matching and Privacy Protection Act of 1988 –prevents the government from comparing certain records to find a match –much of matching is still unregulated
15
Network Security and Privacy n firewall - software designed to protect a network from unauthorized access from the outside world n encryption - scrambling of messages to protect privacy, can be decrypted by receiver using a “key” –public key encryption allows individuals to provide a public key for encryption then use a private key to decrypt messages
16
Electronic Monitoring n many businesses monitor employee computer use –check current screen display –check e-mail –count keystrokes per minute n many Web sites collect information about about visitors –cookies - files that store information about you, sent to the Web server by browser when a site is visited (browser can be set to refuse them)
17
Junk E-mail n spamming - sending out mass e-mail messages for advertising purposes n flaming - responding in anger to e-mail n filter software - program that screens incoming e-mail
18
Who should access the Internet? n the Internet provides a wide variety of useful resources for adults and children n many sites are designed for an adult audience –blocking software attempts to stop users from accessing inappropriate sites –hard to keep list of sites to avoid up-to-date n Children’s Online Privacy Protection Act (2000) - requires Web sites that target children under the age of 13 to post their privacy policy and obtain parental consent
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.