computer security
DESCRIPTION
TRANSCRIPT
04/10/23 1
Computer SecuritySocial Legal and Ethical issues.
04/10/23 2
Social Legal and Ethical issues
Sara Base, A Gift of Fire, Prentice Hall, 2003
04/10/23 3
Social Legal and Ethical issues
The impact of computers and computer systems
The ATM example
• Unemployment• Alienation and customer service• Crime• Loss of privacy• Errors
04/10/23 4
Social Legal and Ethical issuesGeneral Themes
• Globalization of cyberspace• Tradeoffs of convenience vs privacy & security• Personal choices, Business policies and law• Negative rights or liberties and positive rights or claim rights
– Conflict of negative and positive rights: the claim rights of some may diminish the liberties of others
– Privacy protection regulations vs universal access to information services
04/10/23 5
Social Legal and Ethical issues
Main issues
1. Privacy & personal information2. Freedom if speech3. Can we trust computers4. Intellectual property5. Computer Crime6. General social issues7. Ethics
04/10/23 6
1. Privacy & personal information
Key aspects
• Freedom from intrusion• Control information about oneself• Freedom from surveillance
04/10/23 7
1. Privacy & personal information
“Big brother is watching you”
• Database security
04/10/23 8
Database securityProvisions of Privacy Act of 1974
• Restricts data in federal government records to what is “relevant and necessary” to the legal purpose for which it is collected.
• Requires federal agencies to publish a notice of their record systems in the Federal Register
• Allows people to access their records & correct inaccurate information
• Requires procedures to protect the security of the information in the databases
• Prohibits disclosure of information about a person without their consent.
04/10/23 9
The fourth Amendment, US Constitution
The right of the people to be secure in their persons, houses, paper and effects against unreasonable searches and seizures shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
04/10/23 10
Privacy & personal information
• Satellite surveillance and thermal imaging• Automated toll collection and itemized
purchase records• Search and surveillance tools• Fighting terrorism
04/10/23 11
Databases and marketing
• Credit bureaus• Principles for data collection & use
– Collect only data needed– Inform people when data about them are
collected, what is collected …– Offer a way for people to opt out– Provide stronger protection for sensitive data– Keep data only as long as it is needed– Maintain accuracy and security of data– Provide a means for people to access and
correct data stored about them.
04/10/23 12
Databases and marketing
• Social Security Numbers and National ID systems
• Personal health and medical records• Public records: access vs privacy
04/10/23 13
Privacy & personal information
Protecting Privacy: law & regulation
• Is their a right to privacy• The free market view vs the consumer
protection view• Contract and regulations• Conflicts with freedom of speech
04/10/23 14
2. Freedom of speechEncryption and interception of communications
Wiretapping
– Telephone– New technologies
USA Patriot Act 2001:– Lets the government collect info from
financial institutions on any transactions that differs from a customer’s usual pattern, and allows access to the government to many other kinds of personal information without a court order.
04/10/23 15
Freedom if speechCarnivore
FBIs system for intercepting email• FBI must first get a court order to
intercept someone’s email• The Carnivore system is used at the
Suspects Internet Service provider and filters all e-mails from that ISP, examining headers to find suspect email.
04/10/23 16
Freedom if speechNSA’s Echelon
Echelon is similar to Carnivor, but on an international scale. Involves a partnership with intelligence agencies of Canada, Britain, Australia and New Zealand, and operates a huge system of
listening stations to intercepts satellite communication.
– Targets terrorist and military activities
04/10/23 17
Freedom if speechCryptography and its uses
• Use of encryption – Criminal abuse: “ … unfortunately the same
technology can be used by terrorists, drug dealers, … “
White House Press, 1994– Secrecy and export controls
• Steganography
04/10/23 18
Freedom if speechSecrecy
• Clipper – Trust in government– How much does technology matter
04/10/23 19
3. Can we trust computers ?
• What can go wrong!– Billing errors– database accuracy– failures…
• Increasing Reliability and Safety– Overconfidence– Redundancy – Good design
04/10/23 20
4. Intellectual PropertyDigital Rights Management
• Problems with new technologies• Copyright Law• The fair use doctrine• Copying Music, Movies, Software
Books– From floppies to the web– The Napster case– Beyond Napster
• Software Piracy
04/10/23 21
4. Intellectual property
Ethical issues• Fuzziness about the ethics Arguments used include:
– I cant afford to buy– The company is a wealthy corporation– Too expensive anyway– Making a copy from a friend is an act of
generosity
04/10/23 22
4. Intellectual property
The future of copyright
• Doomsday approach: copyright law will disintegrate.
• Balanced solutions will be found by using a new approach and new technologies– Free software– Copyright or patent?
04/10/23 23
5. Computer Crime• What is hacking• The Law
– Catching hackers– Penalties appropriate to the crime– Discouraging and punishing “amateur” hackers
• Design secure “hack-free” systems• Online scams
– Chain letters, sale of counterfeit goods, phony investments– Collecting credit card numbers, ID and password details
• Fraud, embezzlement, Sabotage• Identity theft
04/10/23 24
6. General Social Issues
Impact on our society• Information Have’s and Have-Nots
– The digital divide– Trends in computer access– Abdicating responsibility
• Does the Technology create the need for itself? “… The Web is alive and filled with life, nearly as complex and natural as the primordial
swamp…”• Who benefits most• Prohibiting bad technologies
04/10/23 25
7. EthicsWhat is Ethics?
• The study of what it means to do the “right” thing– And what is the “right” thing?
• A variety of ethical views– Deontological theories
• emphasize duty and rules to be followed whether they lead to good or ill consequence
– Utalitarialism• An example of a consequentialist theory: to increase happiness or
“utility”
– Natural rights• Treat people as ends rather than means, and increase people’s
happiness
– No simple answers• No mathematical solution
04/10/23 26
7. EthicsWhat is Ethics?
– Some important distinctions• Right, Wrong and OK• Negative and positive rights, or liberties and claim-rights• Distinguishing wrong and harmful
• Separating goals from constraints• Personal Preference and Ethics• Law and Ethics
– Professional codes and Ethics• Professional organizations have codes for professional conduct• ACM, IEEE