“breach of privacy” npresented by sumit yadav. computer science and engineering computer...
TRANSCRIPT
“Breach of Privacy”
Presented bySumit Yadav
Computer Science and Engineering
Computer security Aspects
Privacy (confidentiality )
integrity
availability
Computer Science and Engineering
What is privacy?
For citizens and consumers, freedom from unauthorized intrusion. For organizations, privacy involves the policies that determine what information is gathered, how it is used, and how customers are informed and involved in this process. Privacy is a legal issue, but it's also an information security issue .
Computer Science and Engineering
How your privacy can be breached?
Cookies
Keylooger
spyware (adware)
Computer Science and Engineering
Cookies
Data files can be store and fetch by remote server
What they can store ?
How you can prevent?
Setting the Privacy level to High in the browser
Zonealarm with new privacy protection feature
Computer Science and Engineering
Key logger
surveillance tool that records every keystroke
What it is used for ? Employer monitoring their employees. Monitoring kids activity
What if it is abused? Remotely installing key logger
Prevention Installing anti spy software
Computer Science and Engineering
Spy ware
Spy ware modules are created by marketers who want to monitor your customer’s browsing habits.
What is ad ware?
Indication of spy ware Web sites never seen before are suddenly visible. Strange toolbar
How to protect yourself from spy ware Installing Spybot and Ad-Aware.
Computer Science and Engineering
What to do to improve privacy?
Keep your windows up to date by installing critical updates
Back up regularly Keep security programs up to date Surf safely Be vary of attachments Don’t swallow the spam: go to http://
hoaxbusters.ciac.org for list of internet scams. Check start-up processes-Launch
Msconfig(startup) check with www.answerthatwork.com for unfamiliar entries.
Computer Science and Engineering
What to do to improve privacy?
TOR(Open Source Project)
An open-source project, Tor seeks to provide anonymity through a technique called onion routing .Onion routing basically works by implementing numerous routers through which communications will pass.
For more info: (www.freehaven. net/tor)
Computer Science and Engineering
What if everybody get privacy?
Positive impact People will be able to surf the web without being traced. Agents can more easily carry out research and
investigations without reveling their identity.
Negative impact Hacker steal credit card without being caught. Virus can spread with no knowledge of its origin. Negative effect on law enforcement making possible for
criminals and terrorists to elude the law.
Computer Science and Engineering
Case Study -Google
Google’s email service (gmail) Google scan thought your emails and look for keywords Google target adds on your system according to the
keywords it has collected
Google desktop software Now you can Google your pc Google desktop can search your Outlook / Outlook
Express ,websites and other documents Risk of privacy if it’s a public computer
Computer Science and Engineering
Gramm Leach Bliley Act (GLBA),
Financial institution must provide customers clear and conspicuous notice about its privacy policies
Institution must provide annual notices of its privacy policies and practices
Financial institution must provide customers with an opportunity to opt out of disclosures of their non-public personal information
Computer Science and Engineering
HIPPA (Health Care Portability andAccountability Act)
patients’ access to their own medical records
Notice of privacy practices
Limitations on use of personal medical information
Restrictions on marketing medical information
Confidentiality of doctor patient communications
Computer Science and Engineering
U.S. Privacy Act
Protects the privacy of personal data collected by the government
Allow individuals to determine what data collected and for what purpose
To whom information has been disseminated
Computer Science and Engineering
U.S. Electronic Communications Privacy Act
Protects against wiretapping
Allows law enforcement agencies to access communicating or records of them
ISP need to install equipments to allow access to agencies
ISP can read content of communicating in order to improve security and integrity
Computer Science and Engineering
USA Patriot Act
Knowingly causing the transmission of code resulting in damage to a protected computer is an offence
Recklessly causing damage to a computer system as a consequence of unauthorized access is also an offence
Causing damage (even unintentionally) as a consequence of unauthorized access to a protected computer is a crime
Computer Science and Engineering
Reference
Pfleeger, Charles and Pfleeger, Shari. “Security in Computing.”
http://search.epnet.com/login.aspx?direct=true&AuthType=cookie,ip,url,uid&db=cph&an=14332860
http://search.epnet.com/login.aspx?direct=true&AuthType=cookie,ip,url,uid&db=cph&an=13669005
http://search.epnet.com/login.aspx?direct=true&AuthType=cookie,ip,url,uid&db=cph&an=11070935
http://search.epnet.com/login.aspx?
direct=true&AuthType=cookie,ip,url,uid&db=cph&an=4110997