The impact of information and

computer security on society

 The impact of information and computer
security on society.
 Computers have changed the way people relate to one another
and their living environment, as well as how humans organize
their work, their communities, and their time. Society, in turn,
has influenced the development of computers through the
needs people have for processing information.
When a threat does use a vulnerability to inflict harm, it has
an impact.
In the context of information security, the impact is a loss of
availability, integrity, and confidentiality, and possibly other losses
or damage to computer hardware, software, confidential
information, and data integrity as well as network and Internet
availability.
 Hackers can do a number of things, from stealing your passwords
to controlling your computer through remote access.
 Remember that violation of information and computer security
is punishable.
 Viruses can also open security breaches on a computer
that allows yet another threat, hackers, into computer
system.
 Computer hackers are unauthorized users who break
into computer systems in order to steal, change or
destroy information, often by installing dangerous
malware without your knowledge .
 computer security
 Computer security, also known as cyber security or
IT security, is the protection of information systems from
theft or damage to the hardware, the software, and to the
information on them, as well as from disruption or
misdirection of the services they provide.
 Information and computer security risks arise from the
intentional or unintentional misuse of computers, network
resources as well as the Internet.
 Computer Security: The protection afforded to an
automated information system in order to attain the
applicable objectives of preserving the integrity, availability,
and confidentiality of information system resources
(includes hardware, software, firmware, information/data,
and telecommunications).
 This definition introduces three key objectives that are at the
heart of computer security:
1. Confidentiality: This term covers two related concepts: —
Data confidentiality: Assures that private or confidential
information is not made available or disclosed to unauthorized
individuals.
Privacy: Assures that individuals control or influence
what information related to them may be collected and stored and
by whom and to whom that information may be disclosed.

2. Integrity: This term covers two related concepts:

 Data integrity: Assures that information and programs are changed only in a
specified and authorized manner.
 System integrity: Assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized
manipulation of the system.
3. Availability: Assures that systems work promptly and service is
not denied to authorized users.
 These three concepts form what is often referred to as the CIA
triad.
 The three concepts embody the fundamental security objectives
for both data and for information and computing services
 Although the use of the CIA triad to define security objectives is
well established, some in the security field feel that additional
concepts are needed to present a complete picture.
Two of the most commonly mentioned are as follows: •
Authenticity: The property of being genuine and being able to be
verified and trusted; confidence in the validity of a transmission, a
message, or message originator.
 This means verifying that users are who they say they are and
that each input arriving at the system came from a trusted
source.
 Accountability: The security goal that generates the
requirement for actions of an entity to be traced uniquely to
that entity. This supports non - repudiation, deterrence,
fault isolation, intrusion detection and prevention, and
after-action recovery and legal action. Because truly secure
systems are not yet an achievable goal, we must be able to
trace a security breach to a responsible party. Systems must
keep records of their activities to permit later forensic
analysis to trace security breaches or to aid in transaction
disputes.
Software Copyright
What is copyright?
 Copyright is the exclusive legal right that prohibits the
copying of intellectual property without the
permission of the copyright holder.
 Copyright relates to ownership of an original work. An
original work can be in various forms: text, image,
audio recording, video recording, computer software,
website, etc.
 Copyright automatically belongs to the author(s) or
creator(s)— but it may also be assigned to a third
party, for example, a publishing house.
 The copyright owner(s) has/have the exclusive rights to prevent any third party
from doing any of the following without permission:
1. Copy the work: It includes photocopying (e.g.,
copying a book), scanning of texts or images and
reproducing them in electronic format, and duplicating
audio and video recordings.
2. Communicate copies of the work to the public: It
includes making a copy available on a public website
and the intranet.
3. Perform a drama or play, a piece of music or a song
before the public: It includes making recordings of
such performances and uploading them to a public
website and the intranet.
4. Make derivative works: It includes making
modifications, adaptations or other new uses of a
work, or translating the work to another media.
Remember that unless a work is clearly stated to be copyright-free or out of
copyright by virtue of its age, it is illegal to download, scan or otherwise copy it
for onward dissemination, even if no financial gain is there.
 Software Copyright
 Computer software is considered a literary work, i.e., books,
computer programs, e-mails, and databases etc. It is
protected by copyright laws. Unauthorized copying of
computer software is not allowed.
 This applies regardless of whether the original copies of the
software have been purchased on a medium such as a CD-
ROM or DVD or downloaded from the Web.
 Neither the networking of software without the proper
permission from the copyright holder is allowed, nor is the
copying of software onto several stand-alone computers.
 If the software is to be networked for simultaneous access by
a number of users, proper permission has to be taken from
the publisher.
 The software user must check the terms and conditions on
the packaging of the software or in accompanying
documentation—which may be in printed or electronic
format.
 Software can easily be copied, so it is very important that an
educational institution possesses only legitimate copies of all
the software it uses.
 To summarize, it is illegal for the software users to do the
following:
1. Lend software so that a copy can be made or to copy software
while it is on loan.
2. Run a software program on two or more computers
simultaneously unless the agreement permits it.
3. Copy or distribute the software or accompanying
documentation without a licence or permission from the
copyright owner.
4. Compel, allow, encourage or request that
students/employees make, use or distribute illegal copies of
software.
Copyright Issues for Software Developers
 Software developers must ensure that they have a written
agreement with the software users. In other words they must
protect their software using copyright
 The written agreement protects them with the copyright issues.
Some important issues are:
1. An adequate description of the software and associated
documentation.
2. Usage terms and conditions.
3. The right for the user to copy the software and/or associated
documentation.
4. Permission to modify or alter the software.
5. The requirement that the user reports to the developer any
infringement of copyright.
6. Sub-licences.
7. Maintenance/Warranty.
Dangers of Copying Others’ Work
Plagiarism is copying others’ work and presenting it as your own.
Some dangers of copying others’ work are:
1. It does not show that you understand the topic you have
presented.
2. It just shows you can cut and paste.
3. It makes the software ineligible for free maintenance updates in
some cases.
4. There is always the risk of installing malicious code on your
computer.
5. It affects the rights of others.
6. It affects the social and economical development of all countries.
You must recognize that the use of others’ property is not proper.
National and International Laws
on Copyright
 Copyright law aims to prevent people from taking credit for
and profiting from other peoples’ work.
 It is not uncommon for a person or business to face civil or
even criminal proceedings for software copyright
infringement.
 At present, it is a complex area of law that is not widely
understood in some countries.
 Ethiopia has not signed up the Berne Convention
yet. However, the creative works may be copyright
protected locally and directly in the Intellectual Property
Department.
National Laws
 In Ethiopia, copyright is a critical issue which requires serious
attention and collective responsibility.
 The problem is now very big and forces the artists, the
government and the society to realize its impacts and find its
solutions
 The copyright law provides protection for the following:
1. Written works
2. Phonographs and cinematographic films
3. Theatre and musical pieces
4. Television and radio works for publication
5. Paintings
6. Sculpture and architecture
7. Maps
8. Speeches and
9. Literary work
International Laws
 Many countries have agreed to international rules for
protecting intellectual property from copyright
infringement, piracy and counterfeiting.
Some international laws are given below:
1. Berne Convention for the Protection of Literary and Artistic
Works: The Berne Convention requires its signatories to
recognize the copyright of works of authors from other
signatory countries in the same way as it recognizes the
copyright of its own nationals.
2. EU Copyright and Neighboring Rights: Copyright and
related rights provide an incentive for the creation and
investment in new works and other protected matter (music,
films, print media, software, performances, broadcasts, etc.)
and their exploitation.
3. International Copyright Law: Creators and users of
copyrighted works should be aware of the differences in
intellectual property law between nations.
4. WIPO Copyright Treaty: The World Intellectual Property
Organization (WIPO) Copyright Treaty is an international
treaty on copyright law adopted by the member states of
WIPO in 1996.
It provides additional protections for copyright which are
necessary due to advances in ICT since the formation of
previous copyright treaties before it.
Unauthorized Intrusion
 One type of information and computer security risk is
unauthorized access and use.
 Unauthorized intrusion is the use of a computer or network
without permission.
 Hackers typically break into a computer by connecting to it
and then logging in as a legitimate user.
 Some intruders do no damage but they merely access data,
valuable information or programs on the computer.
 Unauthorized intrusion is the use of a computer or its data
for unapproved or illegal activities.
 It includes a variety of activities such as gaining access to a
bank computer and performing an unauthorized money
transfer for financial gains, etc.
Some examples of unauthorized intrusion are:
1. Illegally accessing another person’s data or private system
files.
2. Corrupting, destroying, manipulating or deleting others’
data with malicious intent.
3. Creating, storing, sending or viewing pornographic material.
4. Downloading, uploading and/or executing viruses, malware,
scripts.
5. Using e-mail user IDs other than yours own ID.
6. Violating safety and/or security measures when using e-
mail, chat rooms and other forms of direct electronic
communications.
7. Hacking or any other unlawful online activities.
8. Providing unauthorized persons with passwords and access
to computers or networks.
 For preventing unauthorized
intrusion:
1. Have a written acceptable user policy that specifies the computer activities for which the
computer and the network may and may not be used.
2. Use firewall
3. Access controls
4. Use intrusion detection software
For protecting your materials do the following:
1. Include a prominently displayed statement of ownership with the material that you have
posted on a Website or posted to someone else (for example, “This image is property of
Senya Ali and may not be used or reproduced without prior permission”).
2. Include your e-mail address with the statement so that people can contact you for
permission to use your material.
3. Add the “Terms and Conditions of Use” or “Legal Information” on the Web page
explaining your policy on the use of your material. For example, you may wish to allow
reproduction for any personal use as long as the material remains unaltered or for social
welfare.
4. Consider registering with the Copyright Office to explicitly protect certain materials.
Include prominently displayed copyright notices with any copyrighted material.
Password
 A secret word or phrase that must be used to gain
admission to a place.
 Your online accounts, computer files, and personal
information are more secure when you use strong
passwords.
 Short, easy-to-remember passwords can be easily
cracked using simple techniques, and may
compromise the security of your website or client data.
What is a strong password?
 The strength of a password depends on the different types of
characters (both upper-case and lower-case letters, numbers
and symbols) that you use, the overall length of the password,
and whether the password can be found in a dictionary.
 It should be at least 14 characters long.
 If the website or service allows long passwords, you could
consider using pass-phrases instead of passwords.
 Online password generators are available and can give you
completely random passwords of any level of complexity.
 Never use the same password for your e-mail, your computer,
or your accounts.
 If you find it hard to remember a long list of strong passwords
(as most people do!), you could consider using a password
manager.