The presentation of 'Management Information System' subject of TEIT under 'University of Pune' INDIA. Author and Teacher: Tushar B Kute http://www.tusharkute.com tbkute@gmail.com

1. Management information system Third Year Information Technology Part 21 Security and Ethical Challenges Tushar B Kute, Sandip Institute of Technology and Research Centre, Nashik http://www.tusharkute.com

2. Security and Ethical Challenges Privacy Employment Health Crime Security Ethics and Society Working Conditions Individuality

3. Objective of information security Confidentiality Availability Integrity

4. Computer Crime Hacking Cyber Theft Computer Viruses Unauthorized Use at work Piracy

5. Ethics in information society Responsibility Accepting potential costs, duties and obligations for your decisions. Accountability Determining who should take responsibility for decisions and actions. Liability Legally placing responsibility with a person or group.

6. Fair information practices principles There should be no personal record systems whose existence is secret. Individuals have rights of access, inspection, review and amendment to systems that contain information about them. There must be no use of personal information for purpose other than those for which it was gathered without prior consent.

7. Fair information practices principles Managers of the system are responsible and can be held accountable and liable for the damage done by system for their reliability and security. Government have right to intervene in the information relationship among private parties.

8. Property rights: intellectual property It is result of someone’s effort to create a product of value based on their experience, knowledge and education. In short, intellectual property is brain power. E.g. Copyrights, patents and trade secrets. Accountability, liability and control. Data quality and system errors.

9. Quality of life Online technology lost the face-to-face contact. On-line love affairs. Work from home, impact to the family life.

10. Computer Crime Any wrong doing involves computer and internet usage. Often defies detection The amount stolen or diverted can be substantial The crime is “clean” and nonviolent The number of IT-related security incidents is increasing dramatically Computer crime is now global

11. Management actions: a corporate code of ethics The information rights to privacy and freedom. The property rights to individuals ideas and efforts. The accountability, liability and control issues involved in technology. The system quality requirements of businesses and individuals. The quality of life impact of technology.

12. Cyber crime Conventional crime or an offence is a legal wrong that can be followed by criminal proceedings which may result into punishment. Cyber Crime may be said to be those species where computer is an object or subject of the conduct constitutional crime. Unlawful act wherein the computer is either a tool or target or both.

13. Reasons for cyber crime Capacity to store data in comparatively small space. Easy to access. Complex Negligence. Loss of evidence.

14. Cyber criminals Children and adolescents between the age group of 6 – 18 years. Organized hackers. Professional hackers/crackers. Discontinued employees.

15. Mode and manner of committing crime Denial of Service Scans Sniffer Programs Spoofing Trojan Horse Back Doors Malicious Applets War Dialing Logic Bombs Buffer Overflow Password Crackers Social Engineering Dumpster Driving

16. classification Against individuals Against individual property Against organization Against society at large

17. Against individuals Harassment via emails. Cyber stalking Defamation Email spoofing Cheating and fraud

18. Against individual property Computer vandalism Transmitting viruses. Intellectual property crimes Internet time thefts

19. Against organization Unauthorized access / control. Possession of unauthorized information Distribution of pirated software Cyber terrorism

20. Against society at large Trafficking Financial crimes Polluting youth through indecent exposure Sale of illegal articles Online gambling

21. Statutory provisions Information technology act 2000 forced on 17th May 2000. legalizing- Indian penal code 1860 The Indian evidence act 1872 The banker’s book evidence act 1891 The reserve bank of India act 1934. The IT act deals with the various cyber crimes in chapters IX and XI. The important sections are 43, 65, 66, 67. Section 43 deals particularly with unauthorized access, unauthorized downloading, virus attacks or any contaminant, causes damage, disruption, denial of access, interference with the service availed by a person.

22. IT act Section 65- tampering with computer source documents. It provides imprisonment upto 3 years or fine. Section 66- hacking the computer system It provides imprisonment upto 3 years or fine. Section 67- publication of obscene material. It provides imprisonment upto 10 years and fine upto 2 lakhs.

23. Prevention of cyber crime Precaution Prevention Protection Preservation Perseverance

24. Prevention of cyber crime Avoid disclosing any information pertaining oneself. Avoid sending any photographs online, particularly to strangers and chat with strangers. Use latest and updated antivirus. Always keep backup volumes. Never send your credit card number to any site. Always keep watch on the sites that children are accessing. Use security programs for coockies.

25. Prevention of cyber crime Website owners should watch traffic and check any irregularity on the site. Use the firewalls.

26. hacking The process of achieving access to computer or computer network administrator. It is the most common activity amongst teenagers and young adults. It is an offence if hackers steal private information of changes some financial data. All the types of unauthorized access can lead the hacker towards the prison for 20 years.

27. Cyber theft It is the use of computers and communication systems to steal information in electronic format. E.g. bank money transfers. Programs used- worm and trojan horses. Reports- Microsoft platform strategy manager Matthew Hardman said social networking sites like Facebook, are among the most commonly targeted because of their huge communities of user concluding by saying the malicious code may be hidden inside Facebook applications or links under the photographs.

28. Solution of cyber theft Antivirus Anti-spywares Firewalls Cryptography Cyber ethics Cyber laws

29. Software piracy It refers to the unauthorized duplication and use of computer software. According to a survey done jointly by BSA and IDC the highest piracy rate comes from Armenia, with piracy rate of 93%. China and India are at No. 17 and No. 41 respectively, with 82% and 69% of recorded Software Piracy rates. The lowest piracy rate, according to survey, is observed in USA, at 20%. However, the statistics gave rise to a wide criticism citing lack of accuracy.

30. Terms related to piracy Cloning: Ideas can not be copy protected. Crack: modification of software in order to remove encoded copy prevention. Cracker: Undertakes disabling the software protection. Hack: Fix, or bug workaround. Hacker: One, who hacks. Hardware Locking: method of protecting software from duplication by locking the license to specific piece of computer hardware.

31. Terms related to piracy KeyGen or Key Generator: a small program that will generate an unauthorized but working registration key or serial number for the piece of software. Serials: This unique is used to unlock the version of the software. Warez: Another term used for software crack.

32. Software piracy It is illegal to- Use a single licensed version on multiple computer. Preloaded software on computers without providing the appropriate licenses. Use a key generator to generate registration key that turns an evaluation version to licensed version. Use a stolen credit card to fraudulently purchase a software license. Post licensed version of a software product on the Internet and make it available for downloading.

33. Software piracy in India The copyright of computer piracy is protected under the Indian copyright Act of 1957. Copyright protection for software with an individual author lasts for the duration of the author’s life and continues 60 years after the author’s death. According to nasscom, software piracy involves the use of reproduction or distribution without having received the expressed permission of the software author.

34. Forms of software piracy End user piracy. Hard disk loading. Software counterfeiting. Internet piracy.

35. Software copyrights Eligibility: The original software work does not have to be published in order to receive copyright protection. Punishment: Under the Indian copyright act, a software pirate can be tried under both civil and criminal law. The minimum jail term for software copyright infringement is seven days, and maximum is three years. Fine from 50,000 to 2,00,000.

36. copyright It is set of exclusive rights granted by the law of jurisdiction to the author or creator of an original work, including right to copy, distribute and adapt to work. It is applied for specific period of time, after which the work is said to enter in public domain. Copyright infringement is the unauthorized or prohibited use of works under copyright, infringing the copyright owner’s exclusive rights, such as right to reproduce or perform the copyrighted work, or to make derivative work.

37. Copyright acts 1957 India has one of the modern copyright protection laws in the world. "computer programme" means a set of instructions expressed in words, codes, schemes or in any other form, including a machine readable medium, capable of causing a computer to perform a particular task or achieve a particular result;

38. Exclusive rights given in copyright act To reproduce the work in any material form including the storing of it in any medium by electronic means. To issue copies of the work to the public not being copies already in the circulation. To perform the work in the public or communicate it to the public. To make any cinematographic film or sound recording in respect of work. To make any translation of the work. To make any adaptation of the work. To sell or give on commercial rental or offer for sale or for commercial rental any copy of the program.

39. Berne convention

40. WIPO copyright treaty The World Intellectual Property Organization Copyright Treaty, abbreviated as the WIPO Copyright Treaty, is an international treaty on copyright law adopted by the member states of the World Intellectual Property Organization (WIPO) in 1996. It provides additional protections for copyright deemed necessary due to advances in information technology since the formation of previous copyright treaties before it.

41. Universal copyright prevention The UCC was developed by United Nations Educational, Scientific and Cultural Organization as an alternative to the Berne Convention for those states which disagreed with aspects of the Berne Convention, but still wished to participate in some form of multilateral copyright protection. These states included developing countries and the Soviet Union, which thought that the strong copyright protections granted by the Berne Convention overly benefited Western developed copyright-exporting nations, and the United States and most of Latin America.

42. patent A patent is a set of exclusive rights granted by a state (national government) to an inventor or their assignee for a limited period of time in exchange for a public disclosure of an invention. Under the World Trade Organization's (WTO) Agreement on Trade-Related Aspects of Intellectual Property Rights, patents should be available in WTO member states for any inventions, in all fields of technology, and the term of protection available should be the minimum twenty years.

43. patents In many countries, certain subject areas such as business methods and mental acts are excluded from patents. The exclusive rights granted to a patentee in most countries is the right to prevent others from making, using, selling or distributing the patented invention without permission.

44. Patents forced in 2000 US Patent

45. Health issues Eye disease Bad postures Hurting Hands Computer stress injuries

46. Computer ergonomics

47. Real world picture

48. Computer ergonomics

49. Computer ergonomics

50. Computer ergonomics Use a good chair with a dynamic chair back and sit back. The eye-level should be the same as the level of the monitor. You should be able to see the contents in the monitor without bending your neck. No glare on screen, use an optical glass anti-glare filter where needed. Sit at arms length from monitor as a good viewing distance. Feet on floor or stable footrest. Use a document holder, preferably in-line with the computer screen. Wrists flat and straight in relation to forearms to use keyboard/mouse/input device. Arms and elbows relaxed close to body. Top of monitor casing 2-3" (5-8 cm) above eye level. Use a negative tilt keyboard tray with an upper mouse platform or downward tiltable platform adjacent to keyboard. Center monitor and keyboard in front of you. Use a stable work surface and stable (no bounce) keyboard tray.

51. Use of keyboard

52. Use of mouse

53. Use of mouse

54. The ACM Code of Professional Conduct Strive to achieve the highest quality, effectiveness, and dignity in both the process and products of professional work Acquire and maintain professional competence Know and respect existing laws pertaining to professional work Accept and provide appropriate professional review Give comprehensive and thorough evaluations of computer systems and their impacts, including analysis of possible risks

55. The ACM Code of Professional Conduct (continued) Honor contracts, agreements, and assigned responsibilities Improve public understanding of computing and its consequences Access computing and communication resources only when authorized to do so

56. references http://en.wikipedia.org ArpitaGopal, Chandrani Singh, “e-World Emerging Trends in Information Technology” , 1st Edition, Excel Books. http://www.nasscom.in Tushar B Kute, Sandip Institute of Technology and Research Centre, Nashik http://www.tusharkute.com