SlideShare uma empresa Scribd logo

Legal and ethical aspects

Transferir como PPTX, PDF
CAS
CAS

Cyber crime and Computer Crime Intellectual Property Privacy and Ethical Issues

Direito
1 de 26
1 LEGAL AND ETHICAL ASPECTS ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects Mr. RAJASEKAR RAMALINGAM Department of IT, College of Applied Sciences, Sur. Sultanate of Oman. http://vrrsekar.wixsite.com/raja Based on William Stallings, Lawrie Brown, Computer Security: Principles and Practice, Third Edition
CONTENT 13.1 Cybercrime and Computer Crime 13.2 Intellectual Property 13.3 Privacy and Ethical Issues ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 2
13.1.1 Cybercrime / Computer Crime • “Computer crime, or cybercrime, is a term used broadly to describe criminal activity in which computers or computer networks are a tool, a target, or a place of criminal activity.” • From the New York Law School Course on Cybercrime, Cyberterrorism, and Digital Law Enforcement. ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 3 13.1 Cybercrime and Computer Crime
13.1.2 Types of Computer Crime • The U.S. Department of Justice categorizes computer crime based on the role that the computer plays in the criminal activity: Computers as targets Involves an attack on data integrity, system integrity, data confidentiality, privacy, or availability Computers as storage devices Using the computer to store stolen password lists, credit card or calling card numbers, proprietary corporate information, pornographic image files, or pirated commercial software Computers as communications tools Crimes that are committed online, such as fraud, gambling, child pornography, and the illegal sale of prescription drugs, controlled substances, alcohol, or guns ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 4
13.1.3 Law Enforcement Challenges ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 5
13.1.4 Cybercriminals • The lack of success in bringing them to justice has led to an increase in their numbers, boldness, and the global scale of their operations • Are difficult to profile • Tend to be young and very computer-savvy • Range of behavioral characteristics is wide • No cybercriminal databases exist that can point to likely suspects ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 6
13.1.5 Cybercrime Victims • Are influenced by the success of cybercriminals and the lack of success of law enforcement • Many of these organizations have not invested sufficiently in technical, physical, and human-factor resources to prevent attacks • Reporting rates tend to be low because of a lack of confidence in law enforcement, concern about corporate reputation, and a concern about civil liability ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 7
13.1.6 Cybercrime Incidents In Oman • Almost 280 million cyberattacks against government networks were prevented by Oman’s technology agency in 2016. • The Information Technology Authority has revealed in its annual report that 279,151,002 cyberattacks were prevented by the ITA against government networks in 2016. • The ITA had also prevented over 1.7 million cyberattacks against government websites, though 6,416 spyware and 7,824 viruses and malware were discovered. The agency also said that more than 150 government networks’ security level were boosted, and 18 government sites were secured with their work. 8NETW4005 – SPRING 2017 - LECTURE 1 - COMPUTER SECURITY OVERVIEW
• Similarly, 16,118 real & serious cyberattacks were discovered and handled by Oman CERT (Computer Emergency Readiness Team), and 96.5 per cent of all security incidents were handled within five days. In 2015, the ITA’s Information Security Division had prevented more than 4.8 million attacks against government networks and more than 398,000 attacks against government portals in Oman. In 2016, the ITA also saved 682,000 OMR for government entities in consultancy services, and 1.2 million OMR in government man hours for their work. ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 9
10 Summary of Security incidents – 2016 (Source: ITAAnnual report 2016) NETW4005 – SPRING 2017 - LECTURE 1 - COMPUTER SECURITY OVERVIEW
ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 11 Summary of Security incidents – 2016 (Source: ITAAnnual report 2016)
ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 12 Technical Achievements of Oman National CERT – 2016 (Source: ITAAnnual report 2016)
13.2.1 Intellectual Property ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 13 13.2 Intellectual Property
13.2.2 Copyright • protects tangible or fixed expression of an idea but not the idea itself – is automatically assigned when created – may need to be registered in some countries • exists when: – proposed work is original – creator has put original idea in concrete form – e.g. literary works, musical works, dramatic works, pantomimes and choreographic works, pictorial, graphic, and sculptural works, motion pictures and other audiovisual works, sound recordings, architectural works, software-related works. ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 14
13.2.3 Copyright Rights • Copyright owner has these exclusive rights, protected against infringement: – Reproduction right: lets the owner make copies of a work – Modification right: (the derivative-works right), concerns modifying a work to create a new or derivative work – Distribution right: lets the owner publicly sell, rent, lease, or lend copies of the work – Public-performance right: applies mainly to live performances – Public-display right: lets the owner publicly show a copy of the work directly or by means of a film, slide, or television image ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 15
13.2.4 Patents • grant a property right to the inventor – to exclude others from making, using, offering for sale, or selling the invention • types: – utility - any new and useful process, machine, article of manufacture, or composition of matter – design - new, original, and ornamental design for an article of manufacture – plant - discovers and asexually reproduces any distinct and new variety of plant ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 16
13.2.5 Trademarks • a word, name, symbol, or device – used in trade with goods – indicate source of goods – to distinguish them from goods of others • trademark rights may be used to: – prevent others from using a confusingly similar mark – but not to prevent others from making the same goods or from selling the same goods or services under a clearly different mark ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 17
13.2.6 Intellectual Property Issues • software programs – protect using copyright, • perhaps patent • algorithms – may be able to protect by patenting • databases – protect using copyright • digital content (audio/video/media/web) – protect using copyright ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 18
13.2.7 Digital Rights Management (DRM) • systems and procedures ensuring digital rights holders are clearly identified and receive stipulated payment for their works – may impose further restrictions on their use • no single DRM standard or architecture • objective is to provide mechanisms for the complete content management lifecycle • provide persistent content protection for a variety of digital content types/platforms/media ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 19
DRM Components ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 20
DRM System Architecture ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 21
13.3.1 Privacy • overlaps with computer security • have dramatic increase in scale of info collected and stored – motivated by law enforcement, national security, economic incentives • Individuals have become increasingly aware of – access and use of personal information and private details about their lives • Concerns about extent of privacy compromise have – led to a variety of legal and technical approaches to reinforcing privacy rights ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 22 13.3 Privacy and Ethical Issues
13.3.2 Common Criteria Privacy Class ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 23
13.3.3 Privacy Protection ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 24
13.3.4 Professional/Ethical Responsibilities • Concern with balancing professional responsibilities with ethical or moral responsibilities. • Types of ethical areas a computing/IS professional may face: – Ethical duty as a professional may come into conflict with loyalty to employer – “Blowing the whistle” – Expose a situation that can harm the public or a company’s customers – Potential conflict of interest • Organizations have a duty to provide alternative, less extreme opportunities for the employee – In-house ombudsperson coupled with a commitment not to penalize employees for exposing problems • Professional societies should provide a mechanism whereby society members can get advice on how to proceed ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 25
13.3.5 Codes of Conduct • ethics not precise laws or sets of facts • many areas may present ethical ambiguity • many professional societies have ethical codes of conduct which can: – be a positive stimulus and instill confidence – be educational – provide a measure of support – be a means of deterrence and discipline – enhance the profession's public image ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 26

Recomendados

Information security
Information securityInformation security
Information securityLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamMohammed Adam
 
The need for security
The need for securityThe need for security
The need for securityDhani Ahmad
 
Information security
Information securityInformation security
Information securityavinashbalakrishnan2
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Securitysappingtonkr
 
Ethics in IT Security
Ethics in IT SecurityEthics in IT Security
Ethics in IT Securitymtvvvv
 
Security policies
Security policiesSecurity policies
Security policiesNishant Pahad
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 

Recomendados

Information security
Information securityInformation security
Information securityLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamMohammed Adam
 
The need for security
The need for securityThe need for security
The need for securityDhani Ahmad
 
Information security
Information securityInformation security
Information securityavinashbalakrishnan2
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Securitysappingtonkr
 
Ethics in IT Security
Ethics in IT SecurityEthics in IT Security
Ethics in IT Securitymtvvvv
 
Security policies
Security policiesSecurity policies
Security policiesNishant Pahad
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
Law and Ethics in Information Security.pptx
Law and Ethics in Information Security.pptxLaw and Ethics in Information Security.pptx
Law and Ethics in Information Security.pptxEdFeranil
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)Santosh Khadsare
 
Asset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & ControlAsset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & ControlMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 
Web security
Web securityWeb security
Web securityrakesh bandaru
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityAdri Jovin
 
Hackers and cyber crimes
Hackers and cyber crimesHackers and cyber crimes
Hackers and cyber crimesSweta Kumari Barnwal
 
1. security management practices
1. security management practices1. security management practices
1. security management practices7wounders
 
Network security
Network securityNetwork security
Network securityUjjwal 'Shanu'
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to securityDhani Ahmad
 
Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...
Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...
Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...Avantika University
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Latest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsLatest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsB R SOFTECH PVT LTD
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standardsprimeteacher32
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 
Types of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsTypes of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsLearningwithRayYT
 
Cyber Security Seminar.pptx
Cyber Security Seminar.pptxCyber Security Seminar.pptx
Cyber Security Seminar.pptxDESTROYER39
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber securitySweta Kumari Barnwal
 
Cybersecurity
CybersecurityCybersecurity
Cybersecuritypronab Kurmi
 
IoT PPT Deck
IoT PPT DeckIoT PPT Deck
IoT PPT DeckJohn Yates
 

Mais conteúdo relacionado

Mais procurados

Law and Ethics in Information Security.pptx
Law and Ethics in Information Security.pptxLaw and Ethics in Information Security.pptx
Law and Ethics in Information Security.pptxEdFeranil
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)Santosh Khadsare
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityAdri Jovin
 
1. security management practices
1. security management practices1. security management practices
1. security management practices7wounders
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to securityDhani Ahmad
 
Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...
Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...
Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...Avantika University
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Latest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsLatest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsB R SOFTECH PVT LTD
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standardsprimeteacher32
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 
Types of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsTypes of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsLearningwithRayYT
 
Cyber Security Seminar.pptx
Cyber Security Seminar.pptxCyber Security Seminar.pptx
Cyber Security Seminar.pptxDESTROYER39
 

Mais procurados (20)

Law and Ethics in Information Security.pptx
Law and Ethics in Information Security.pptxLaw and Ethics in Information Security.pptx
Law and Ethics in Information Security.pptx
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
 
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
 
Asset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & ControlAsset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & Control
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Security
 
Web security
Web securityWeb security
Web security
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Hackers and cyber crimes
Hackers and cyber crimesHackers and cyber crimes
Hackers and cyber crimes
 
1. security management practices
1. security management practices1. security management practices
1. security management practices
 
Network security
Network securityNetwork security
Network security
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to security
 
Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...
Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...
Why is Cyber Security Important - Importance of Cyber Security - Avantika Uni...
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 
Latest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsLatest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security Threats
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standards
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
 
Types of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsTypes of Threat Actors and Attack Vectors
Types of Threat Actors and Attack Vectors
 
Cyber Security Seminar.pptx
Cyber Security Seminar.pptxCyber Security Seminar.pptx
Cyber Security Seminar.pptx
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 

Semelhante a Legal and ethical aspects

sunflower_cissp_layout.pdf
sunflower_cissp_layout.pdfsunflower_cissp_layout.pdf
sunflower_cissp_layout.pdfBilal Ahmad
 
Cybersecurity legislation in Singapore (2017)
Cybersecurity legislation in Singapore (2017)Cybersecurity legislation in Singapore (2017)
Cybersecurity legislation in Singapore (2017)Benjamin Ang
 
Legal, ethical & professional issues
Legal, ethical & professional issuesLegal, ethical & professional issues
Legal, ethical & professional issuesDhani Ahmad
 
Cybersecurity Brief: Understanding Risk, Legal Framework, & Insurance
Cybersecurity Brief: Understanding Risk, Legal Framework, & InsuranceCybersecurity Brief: Understanding Risk, Legal Framework, & Insurance
Cybersecurity Brief: Understanding Risk, Legal Framework, & InsuranceSecureDocs
 
3999779.ppt
3999779.ppt3999779.ppt
3999779.pptpixvilx
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxtalhajann43
 
Information Technology and IT act
Information Technology and IT actInformation Technology and IT act
Information Technology and IT actDivesh Mewara
 
Cybersecurity: Connectivity, Collaboration and Security Controls
Cybersecurity: Connectivity, Collaboration and Security ControlsCybersecurity: Connectivity, Collaboration and Security Controls
Cybersecurity: Connectivity, Collaboration and Security ControlsKristian Alisasis Pura
 
Module 5 ig presentation iran 2
Module 5 ig presentation iran 2Module 5 ig presentation iran 2
Module 5 ig presentation iran 2Habib Noroozi
 
Legal Risks of Operating in the World of Connected Technologies (Internet of ...
Legal Risks of Operating in the World of Connected Technologies (Internet of ...Legal Risks of Operating in the World of Connected Technologies (Internet of ...
Legal Risks of Operating in the World of Connected Technologies (Internet of ...Quarles & Brady
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2MLG College of Learning, Inc
 
CYBER Liability and CYBER Security (nov 21, 2014)(final)
CYBER Liability and CYBER Security (nov 21, 2014)(final)CYBER Liability and CYBER Security (nov 21, 2014)(final)
CYBER Liability and CYBER Security (nov 21, 2014)(final)Melanie Kamilah Williams
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy finalIndian Air Force
 

Semelhante a Legal and ethical aspects (20)

Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
IoT PPT Deck
IoT PPT DeckIoT PPT Deck
IoT PPT Deck
 
sunflower_cissp_layout.pdf
sunflower_cissp_layout.pdfsunflower_cissp_layout.pdf
sunflower_cissp_layout.pdf
 
Cybersecurity legislation in Singapore (2017)
Cybersecurity legislation in Singapore (2017)Cybersecurity legislation in Singapore (2017)
Cybersecurity legislation in Singapore (2017)
 
ISC Chapter 3.pdf
ISC Chapter 3.pdfISC Chapter 3.pdf
ISC Chapter 3.pdf
 
Five moral dimensions of information systems pdf
Five moral dimensions of information systems pdfFive moral dimensions of information systems pdf
Five moral dimensions of information systems pdf
 
Legal, ethical & professional issues
Legal, ethical & professional issuesLegal, ethical & professional issues
Legal, ethical & professional issues
 
Cybersecurity Brief: Understanding Risk, Legal Framework, & Insurance
Cybersecurity Brief: Understanding Risk, Legal Framework, & InsuranceCybersecurity Brief: Understanding Risk, Legal Framework, & Insurance
Cybersecurity Brief: Understanding Risk, Legal Framework, & Insurance
 
3999779.ppt
3999779.ppt3999779.ppt
3999779.ppt
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptx
 
Information Technology and IT act
Information Technology and IT actInformation Technology and IT act
Information Technology and IT act
 
needforsecurity
needforsecurityneedforsecurity
needforsecurity
 
Cybersecurity: Connectivity, Collaboration and Security Controls
Cybersecurity: Connectivity, Collaboration and Security ControlsCybersecurity: Connectivity, Collaboration and Security Controls
Cybersecurity: Connectivity, Collaboration and Security Controls
 
Module 5 ig presentation iran 2
Module 5 ig presentation iran 2Module 5 ig presentation iran 2
Module 5 ig presentation iran 2
 
Legal Risks of Operating in the World of Connected Technologies (Internet of ...
Legal Risks of Operating in the World of Connected Technologies (Internet of ...Legal Risks of Operating in the World of Connected Technologies (Internet of ...
Legal Risks of Operating in the World of Connected Technologies (Internet of ...
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
 
CYBER Liability and CYBER Security (nov 21, 2014)(final)
CYBER Liability and CYBER Security (nov 21, 2014)(final)CYBER Liability and CYBER Security (nov 21, 2014)(final)
CYBER Liability and CYBER Security (nov 21, 2014)(final)
 
Drm
DrmDrm
Drm
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy final
 

Mais de CAS

CCNA 200-301 IPv6 addressing and subnetting MCQs Collection
CCNA 200-301 IPv6 addressing and subnetting MCQs CollectionCCNA 200-301 IPv6 addressing and subnetting MCQs Collection
CCNA 200-301 IPv6 addressing and subnetting MCQs CollectionCAS
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
 
RRB JE Stage 2 Computer and Applications Questions Part 4
RRB JE Stage 2 Computer and Applications Questions Part 4RRB JE Stage 2 Computer and Applications Questions Part 4
RRB JE Stage 2 Computer and Applications Questions Part 4CAS
 
RRB JE Stage 2 Computer and Applications Questions part 3
RRB JE Stage 2 Computer and Applications Questions part 3RRB JE Stage 2 Computer and Applications Questions part 3
RRB JE Stage 2 Computer and Applications Questions part 3CAS
 
RRB JE Stage 2 Computer and Applications Questions Part 2
RRB JE Stage 2 Computer and Applications Questions Part 2RRB JE Stage 2 Computer and Applications Questions Part 2
RRB JE Stage 2 Computer and Applications Questions Part 2CAS
 
RRB JE Stage 2 Computer and Applications Questions Part 1
RRB JE Stage 2 Computer and Applications Questions Part 1RRB JE Stage 2 Computer and Applications Questions Part 1
RRB JE Stage 2 Computer and Applications Questions Part 1CAS
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
Introduction to research methodology
Introduction to research methodologyIntroduction to research methodology
Introduction to research methodologyCAS
 
Can you solve this
Can you solve thisCan you solve this
Can you solve thisCAS
 
Symmetric encryption and message confidentiality
Symmetric encryption and message confidentialitySymmetric encryption and message confidentiality
Symmetric encryption and message confidentialityCAS
 
Public key cryptography and message authentication
Public key cryptography and message authenticationPublic key cryptography and message authentication
Public key cryptography and message authenticationCAS
 
Malicious software
Malicious softwareMalicious software
Malicious softwareCAS
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
It security controls, plans, and procedures
It security controls, plans, and proceduresIt security controls, plans, and procedures
It security controls, plans, and proceduresCAS
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Human resources security
Human resources securityHuman resources security
Human resources securityCAS
 
Database security
Database securityDatabase security
Database securityCAS
 
Cryptographic tools
Cryptographic toolsCryptographic tools
Cryptographic toolsCAS
 
Internet security association and key management protocol (isakmp)
Internet security association and key management protocol (isakmp)Internet security association and key management protocol (isakmp)
Internet security association and key management protocol (isakmp)CAS
 
IP Security Part 2
IP Security Part 2IP Security Part 2
IP Security Part 2CAS
 

Mais de CAS (20)

CCNA 200-301 IPv6 addressing and subnetting MCQs Collection
CCNA 200-301 IPv6 addressing and subnetting MCQs CollectionCCNA 200-301 IPv6 addressing and subnetting MCQs Collection
CCNA 200-301 IPv6 addressing and subnetting MCQs Collection
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
RRB JE Stage 2 Computer and Applications Questions Part 4
RRB JE Stage 2 Computer and Applications Questions Part 4RRB JE Stage 2 Computer and Applications Questions Part 4
RRB JE Stage 2 Computer and Applications Questions Part 4
 
RRB JE Stage 2 Computer and Applications Questions part 3
RRB JE Stage 2 Computer and Applications Questions part 3RRB JE Stage 2 Computer and Applications Questions part 3
RRB JE Stage 2 Computer and Applications Questions part 3
 
RRB JE Stage 2 Computer and Applications Questions Part 2
RRB JE Stage 2 Computer and Applications Questions Part 2RRB JE Stage 2 Computer and Applications Questions Part 2
RRB JE Stage 2 Computer and Applications Questions Part 2
 
RRB JE Stage 2 Computer and Applications Questions Part 1
RRB JE Stage 2 Computer and Applications Questions Part 1RRB JE Stage 2 Computer and Applications Questions Part 1
RRB JE Stage 2 Computer and Applications Questions Part 1
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT Security
 
Introduction to research methodology
Introduction to research methodologyIntroduction to research methodology
Introduction to research methodology
 
Can you solve this
Can you solve thisCan you solve this
Can you solve this
 
Symmetric encryption and message confidentiality
Symmetric encryption and message confidentialitySymmetric encryption and message confidentiality
Symmetric encryption and message confidentiality
 
Public key cryptography and message authentication
Public key cryptography and message authenticationPublic key cryptography and message authentication
Public key cryptography and message authentication
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
 
It security controls, plans, and procedures
It security controls, plans, and proceduresIt security controls, plans, and procedures
It security controls, plans, and procedures
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Human resources security
Human resources securityHuman resources security
Human resources security
 
Database security
Database securityDatabase security
Database security
 
Cryptographic tools
Cryptographic toolsCryptographic tools
Cryptographic tools
 
Internet security association and key management protocol (isakmp)
Internet security association and key management protocol (isakmp)Internet security association and key management protocol (isakmp)
Internet security association and key management protocol (isakmp)
 
IP Security Part 2
IP Security Part 2IP Security Part 2
IP Security Part 2
 

Último

Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxfilippoluciani9
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfKelechi48
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsAurora Consulting
 
Chp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .pptChp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .pptzainabbkhaleeq123
 
一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书E LSS
 
The doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteThe doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteDeepikaK245113
 
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual serviceanilsa9823
 
一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书E LSS
 
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top Boutique
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top BoutiqueAndrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top Boutique
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top BoutiqueSkyLaw Professional Corporation
 
一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书 一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书SS A
 
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxIBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxRRR Chambers
 
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxMunicipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxSHIVAMGUPTA671167
 
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdfBPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdflaysamaeguardiano
 
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxMOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxRRR Chambers
 
Introduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionIntroduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionAnuragMishra811030
 
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptxKEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptxRRR Chambers
 
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubham Wadhonkar
 

Último (20)

Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptx
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdf
 
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction Fails
 
Chp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .pptChp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .ppt
 
Rohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书
 
The doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteThe doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statute
 
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
 
一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书
 
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top Boutique
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top BoutiqueAndrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top Boutique
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top Boutique
 
一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书 一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书
 
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxIBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
 
Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
 
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxMunicipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
 
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdfBPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
 
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxMOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
 
Introduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionIntroduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusion
 
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptxKEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
 
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptx
 

Legal and ethical aspects

  • 1. 1 LEGAL AND ETHICAL ASPECTS ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects Mr. RAJASEKAR RAMALINGAM Department of IT, College of Applied Sciences, Sur. Sultanate of Oman. http://vrrsekar.wixsite.com/raja Based on William Stallings, Lawrie Brown, Computer Security: Principles and Practice, Third Edition
  • 2. CONTENT 13.1 Cybercrime and Computer Crime 13.2 Intellectual Property 13.3 Privacy and Ethical Issues ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 2
  • 3. 13.1.1 Cybercrime / Computer Crime • “Computer crime, or cybercrime, is a term used broadly to describe criminal activity in which computers or computer networks are a tool, a target, or a place of criminal activity.” • From the New York Law School Course on Cybercrime, Cyberterrorism, and Digital Law Enforcement. ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 3 13.1 Cybercrime and Computer Crime
  • 4. 13.1.2 Types of Computer Crime • The U.S. Department of Justice categorizes computer crime based on the role that the computer plays in the criminal activity: Computers as targets Involves an attack on data integrity, system integrity, data confidentiality, privacy, or availability Computers as storage devices Using the computer to store stolen password lists, credit card or calling card numbers, proprietary corporate information, pornographic image files, or pirated commercial software Computers as communications tools Crimes that are committed online, such as fraud, gambling, child pornography, and the illegal sale of prescription drugs, controlled substances, alcohol, or guns ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 4
  • 5. 13.1.3 Law Enforcement Challenges ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 5
  • 6. 13.1.4 Cybercriminals • The lack of success in bringing them to justice has led to an increase in their numbers, boldness, and the global scale of their operations • Are difficult to profile • Tend to be young and very computer-savvy • Range of behavioral characteristics is wide • No cybercriminal databases exist that can point to likely suspects ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 6
  • 7. 13.1.5 Cybercrime Victims • Are influenced by the success of cybercriminals and the lack of success of law enforcement • Many of these organizations have not invested sufficiently in technical, physical, and human-factor resources to prevent attacks • Reporting rates tend to be low because of a lack of confidence in law enforcement, concern about corporate reputation, and a concern about civil liability ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 7
  • 8. 13.1.6 Cybercrime Incidents In Oman • Almost 280 million cyberattacks against government networks were prevented by Oman’s technology agency in 2016. • The Information Technology Authority has revealed in its annual report that 279,151,002 cyberattacks were prevented by the ITA against government networks in 2016. • The ITA had also prevented over 1.7 million cyberattacks against government websites, though 6,416 spyware and 7,824 viruses and malware were discovered. The agency also said that more than 150 government networks’ security level were boosted, and 18 government sites were secured with their work. 8NETW4005 – SPRING 2017 - LECTURE 1 - COMPUTER SECURITY OVERVIEW
  • 9. • Similarly, 16,118 real & serious cyberattacks were discovered and handled by Oman CERT (Computer Emergency Readiness Team), and 96.5 per cent of all security incidents were handled within five days. In 2015, the ITA’s Information Security Division had prevented more than 4.8 million attacks against government networks and more than 398,000 attacks against government portals in Oman. In 2016, the ITA also saved 682,000 OMR for government entities in consultancy services, and 1.2 million OMR in government man hours for their work. ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 9
  • 10. 10 Summary of Security incidents – 2016 (Source: ITAAnnual report 2016) NETW4005 – SPRING 2017 - LECTURE 1 - COMPUTER SECURITY OVERVIEW
  • 11. ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 11 Summary of Security incidents – 2016 (Source: ITAAnnual report 2016)
  • 12. ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 12 Technical Achievements of Oman National CERT – 2016 (Source: ITAAnnual report 2016)
  • 13. 13.2.1 Intellectual Property ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 13 13.2 Intellectual Property
  • 14. 13.2.2 Copyright • protects tangible or fixed expression of an idea but not the idea itself – is automatically assigned when created – may need to be registered in some countries • exists when: – proposed work is original – creator has put original idea in concrete form – e.g. literary works, musical works, dramatic works, pantomimes and choreographic works, pictorial, graphic, and sculptural works, motion pictures and other audiovisual works, sound recordings, architectural works, software-related works. ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 14
  • 15. 13.2.3 Copyright Rights • Copyright owner has these exclusive rights, protected against infringement: – Reproduction right: lets the owner make copies of a work – Modification right: (the derivative-works right), concerns modifying a work to create a new or derivative work – Distribution right: lets the owner publicly sell, rent, lease, or lend copies of the work – Public-performance right: applies mainly to live performances – Public-display right: lets the owner publicly show a copy of the work directly or by means of a film, slide, or television image ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 15
  • 16. 13.2.4 Patents • grant a property right to the inventor – to exclude others from making, using, offering for sale, or selling the invention • types: – utility - any new and useful process, machine, article of manufacture, or composition of matter – design - new, original, and ornamental design for an article of manufacture – plant - discovers and asexually reproduces any distinct and new variety of plant ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 16
  • 17. 13.2.5 Trademarks • a word, name, symbol, or device – used in trade with goods – indicate source of goods – to distinguish them from goods of others • trademark rights may be used to: – prevent others from using a confusingly similar mark – but not to prevent others from making the same goods or from selling the same goods or services under a clearly different mark ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 17
  • 18. 13.2.6 Intellectual Property Issues • software programs – protect using copyright, • perhaps patent • algorithms – may be able to protect by patenting • databases – protect using copyright • digital content (audio/video/media/web) – protect using copyright ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 18
  • 19. 13.2.7 Digital Rights Management (DRM) • systems and procedures ensuring digital rights holders are clearly identified and receive stipulated payment for their works – may impose further restrictions on their use • no single DRM standard or architecture • objective is to provide mechanisms for the complete content management lifecycle • provide persistent content protection for a variety of digital content types/platforms/media ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 19
  • 20. DRM Components ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 20
  • 21. DRM System Architecture ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 21
  • 22. 13.3.1 Privacy • overlaps with computer security • have dramatic increase in scale of info collected and stored – motivated by law enforcement, national security, economic incentives • Individuals have become increasingly aware of – access and use of personal information and private details about their lives • Concerns about extent of privacy compromise have – led to a variety of legal and technical approaches to reinforcing privacy rights ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 22 13.3 Privacy and Ethical Issues
  • 23. 13.3.2 Common Criteria Privacy Class ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 23
  • 24. 13.3.3 Privacy Protection ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 24
  • 25. 13.3.4 Professional/Ethical Responsibilities • Concern with balancing professional responsibilities with ethical or moral responsibilities. • Types of ethical areas a computing/IS professional may face: – Ethical duty as a professional may come into conflict with loyalty to employer – “Blowing the whistle” – Expose a situation that can harm the public or a company’s customers – Potential conflict of interest • Organizations have a duty to provide alternative, less extreme opportunities for the employee – In-house ombudsperson coupled with a commitment not to penalize employees for exposing problems • Professional societies should provide a mechanism whereby society members can get advice on how to proceed ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 25
  • 26. 13.3.5 Codes of Conduct • ethics not precise laws or sets of facts • many areas may present ethical ambiguity • many professional societies have ethical codes of conduct which can: – be a positive stimulus and instill confidence – be educational – provide a measure of support – be a means of deterrence and discipline – enhance the profession's public image ITSY3104 COMPUTER SECURITY - A - LECTURE 13 - Legal and Ethical Aspects 26