Information Systems Ethics, Computer Crime, and Security

1
Information Systems Ethics, Computer Crime, and
Security
2
Information Systems Ethics

• Tofflers three waves of change
• Agriculture
• Industrial Revolution
• Information Age

3
Information Systems Ethics

• Computer Literacy
• Knowing how to use a computer
• Digital Divide
• That gap between those with computer access and
  those who dont have it
• Computer Ethics
• Standards of conduct as they pertain to the use
  of information systems

4
Information Systems Ethics

• Information Privacy
• Protecting ones personal information
• Information accuracy
• Deals with authentication and fidelity of
  information
• Information property
• Deals with who owns information about individuals
  and how information can be sold and exchanged
• Information accessibility
• Deals with what information a person has the
  right to obtain about others and how the
  information can be used

5
(No Transcript)
6
Information Systems Ethics

• Issues in information accessibilityhe need for a
  code of ethical conduct
• Carnivore
• Electronic Communications Privacy Act (ECPA)
• Monitoring e-mail
• The need for a code of ethical conduct
• Business ethics
• Plagiarism
• Cybersquatting

7
Computer Crime

• Definition the act of using a computer to commit
  an illegal act
• Authorized and unauthorized computer access
• Examples
• Stealing time on company computers
• Breaking into government Web sites
• Stealing credit card information

8
Computer Crime

• Federal and State Laws
• Stealing or compromising data
• Gaining unauthorized computer access
• Violating data belonging to banks
• Intercepting communications
• Threatening to damage computer systems
• Disseminating viruses
• Hacking and Cracking
• Hacker one who gains unauthorized computer
  access, but without doing damage
• Cracker one who breaks into computer systems
  for the purpose of doing damage

9
Computer Crime

• Who commits computer crime?

10
Computer Crime

• Types of computer crime
• Data diddling modifying data
• Salami slicing skimming small amounts of money
• Phreaking making free long distance calls
• Cloning cellular phone fraud using scanners
• Carding stealing credit card numbers online
• Piggybacking stealing credit card numbers by
  spying
• Social engineering tricking employees to gain
  access
• Dumpster diving finding private info in garbage
  cans
• Spoofing stealing passwords through a false
  login page

11
Computer Crime

• Computer viruses and destructive code
• Virus a destructive program that disrupts the
  normal functioning of computer systems
• Types
• Worm usually does not destroy files copies
  itself
• Trojan horses Activates without being detected
  does not copy itself
• Logic or time bombs A type of Trojan horse that
  stays dormant for a period of time before
  activating

12
Computer Security

• Computer Security precautions taken to keep
  computers and the information they contain safe
  from unauthorized access
• Recommended Safeguards
• Implement a security plan to prevent break-ins
• Have a plan if break-ins do occur
• Make backups!
• Only allow access to key employees
• Change passwords frequently
• Keep stored information secure
• Use antivirus software
• Use biometrics for access to computing resources
• Hire trustworthy employees

13
Computer Security

• Encryption
• The process of encoding messages before they
  enter the network or airwaves, then decoding them
  at the receiving end of the transfer
• How encryption works
• Symmetric secret key system
• Both sender and recipient use the same key
• Key management can be a problem
• Public key technology
• A private key and a public key
• Certificate authority
• A trusted middleman verifies that a Web site is a
  trusted site (provides public keys to trusted
  partners)
• Secure socket layers (SSL)

14
Symmetric secret key system

• A symmetric secret key algorithm is a
  cryptographic algorithm that uses the same key to
  encrypt and decrypt data. The best known
  algorithm is the U.S. Department of Defense's
  Data Encryption Standard (DES). DES, which was
  developed at IBM in 1977, was thought to be so
  difficult to break that the U.S. government
  restricted its exportation.

15
Public key technology

• Two large prime numbers
• Very hard to solve (intractable solution)

16
Public key technology Security and Key Length

• Key Size Possible Key Combinations
• 2-bit 22 2x2 4
• 3-bit 23 2x2x2 8
• 4-bit 24 2x2x2x2 16
• 5-bit 25 2x2x2x2x2 32
• 6-bit 26 2x2x2x2x2x2 64
• 7-bit 27 2x2x2x2x2x2x2 128
• 8-bit 28 2x2x2x2x2x2x2x2 256
• 9-bit 29 2x2x2x2x2x2x2x2x2 512
• 10-bit 210 2x2x2x2x2x2x2x2x2x2 1024
• 11-bit 211 2x2x2x2x2x2x2x2x2x2... 2048
• 12-bit 212 2x2x2x2x2x2x2x2x2x2... 4096
• 16-bit 216 2x2x2x2x2x2x2x2x2x2... 65536
• 24-bit 224 2x2x2x2x2x2x2x2x2x2... 16.7 million
• 30-bit 230 2x2x2x2x2x2x2x2x2x2... 1 billion
  (1,073,741,800)
• 40-bit 240 2x2x2x2x2x2x2x2x2x2... 1 trillion
  (1,097,728,000,000)
• 56-bit 256 2x2x2x2x2x2x2x2x2x2.... 72 thousand
  quadrillion (71,892,000,000,000,000)
• 128-bit 2128 2 multiplied by 2 128 times over
  339,000,000,000,000,000,000,000,000,000,000,000
     (give or take a couple trillion...)

17
Computer Security

• Other encryption approaches
• Pretty good privacy (PGP)
• Phil Zimmerman
• Clipper Chip
• Internet Security
• Firewall hardware and software designed to keep
  unauthorized users out of network systems

18
Computer Security

• Virus prevention
• Install antivirus software
• Make backups
• Avoid unknown sources of shareware
• Delete e-mails from unknown sources
• If your computer gets a virus
• How to maintain your privacy online
• Choose Web sites monitored by privacy advocates
• Avoid cookies
• Visit sites anonymously
• Use caution when requesting confirming e-mail

19
Computer Security

• Avoid getting conned in cyberspace
• Internet auctions
• Internet access
• International modem dialing
• Web cramming
• Multilevel marketing (pyramid schemes)
• Travel/vacations
• Business opportunities
• Investments
• Health-care products