Unit 8: Information Security and Cyber law Class 11 Computer Notes | Based On New Syllabus

Chapter 8

Information Security and Cyber law

Digital Society

A modern, progressive society that is formed as a result of the adoption and integration of information and communication technologies (ICT) at home, work, education and recreation, and supported by advanced telecommunications and wireless connectivity systems and solutions.

 

Digital divide

Internet access and computers is now a lifeline for students, but many don't have access. A digital divide is an economic and social inequality with regard to access to, use of, or impact of information and communication technologies (ICT).

The term digital divide describes a gap in terms of access to and usage of information and communication technology. It was traditionally considered to be a question of having or not having access.

The terms also describe the discrepancy between those who do not have the skills, knowledge and abilities to use the technologies and those who do not. The digital divide can exist between living in rural areas those who living in urban areas, between the educated and uneducated, between economic and social classes and on global scale between more and less industrially developed nations.

The three aspect of the digital divide

1.    Digital divide caused by access of ICT: It is based on the difference between individuals or countries with access ICT and those without access to ICTs.

2.    Digital divide caused by usage of ICT: It is based on individuals who know how to use these technologies and those who do not.

3.    Digital divide caused by usage quality: It is based on the differences between those same users or the user of the same category, but with the different level of knowledge and skills on ICT and its use.

 

Computer Ethics

Computer Ethics is a set of moral principles that govern the behavior of an individual or group of people regulate the use of computers. Computer ethics is the application of moral principles to the use of computers and the Internet. Some common issues of computer ethics include intellectual property right such as copy righted electronic content, software piracy, privacy confidentiality concerns, artistic works and how computer affect society.

Computer ethics also has been used to refer to a kind of professional ethics in which computer professional apply codes ethics standard good practice within their profession. It is also called as “Cyber-ethics” or “Internet ethics”.

Commandments of Computer Ethics are:

1.    You shall not use a computer to harm other people.

2.    You shall not interfere with other people's computer work.

3.    You shall not snoop around in other people's computer files.

4.    You shall not use a computer to steal.

5.    You shall not use a computer to bear false witness.

6.    You shall not copy or use proprietary software for which you have not paid (without permission).

7.    You shall not use other people's computer resources without authorization or proper compensation.

8.    You shall not appropriate other people's intellectual output.

9.    You shall think about the social consequences of the program you are writing or the system you are designing.

10. You shall always use a computer in ways that ensure consideration and respect for other humans.

 

Information Security

Information security is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Protection of assets, resource, data, files or anything that has value is the primary goal of information security. It is the part of information risk management. There are some basic components of information security are:

1.   CIA Triad

The core principles of cyber security are Confidentiality, Integrity and Availability. It is a critical part of information security.

2.   Confidentiality

Maintaining confidentiality is nondisclosure of objects to the unauthorized subjects. Protection of confidentiality is important part of cyber security program. Some examples are bank accounts, personal information, financial records, etc.

3.   Integrity

Maintaining integrity is stopping unauthorized modification of objects.

For example, unauthorized change of bank account data, database data, email, etc.

4.   Availability

Maintaining availability means timely available of objects to the authorized subjects.

For example:

The timely availability of cash at ATM to the authorized account holder.

5.   Identification

Identification is the process in which the user has to identify with some identification. i.e. username, email, etc.

6.   Authentication

It is a process of verifying the identity of a user or process. For that user need to provide more information like password, pin etc. Compare this information to pre-existing data for verifying. Once matching end up successful authentication otherwise authorization steps begins.

7.   Authorization

User needs permission or authorization to access resources like files, database. Also need authorization to create and change resources.

8.   Risk Management concept Threat

Threat is loss or destruction due to action of a subject. Some examples of threats are natural disaster, humans, malware, system accident, etc.

9.   Vulnerability

It is susceptibility or weakness of an object to a threat.

     Risk

Risk is possible exploitation of an object. Risk depends upon existence of both threat and vulnerability. 

 

Spam and Malicious Software Spam

Spam may or may not malware. Spam is defined as unwanted message sent to an enormous list of recipients. Typically, spam is sent in an email form for commercial purpose, i.e. promote products or services. Spam can turn into malware when it contains malicious programs.  

Malicious Software 

Malicious software is any software intentionally designed to cause damage to a computer, server, client, or computer network. A wide variety of malware types exist, including computer viruses, worms, Trojan horses, Ransomware, spyware, adware, etc.

Malicious software also known as malware they can get into your computer and performs actions without your permissions and giving hackers full access to data, device and system.

Types of malicious software

1.   Viruses

A computer virus is a malicious software program loaded onto a user’s computer without the user’s knowledge and attaches to the programs or application in order to be activated and can pass from one computer to another or across an entire network.

2.   Trojans

A Trojan horse program has the appearance of having a useful and desired function. A Trojan horse neither replicates nor copies itself but cause damage or compromises the security of the computer. It disguises itself as a trusted software program or application to get into your system and attack later.

3.   Ransomware

It locks your files and demands you pay a ransom to unlock and access them again. This type of malware is rapidly becoming more advanced. It can immediately start deleting files as soon as you are infected and pressuring you to pay up.

4.   Worms

A computer worm is a type of malware that spreads copies of itself from computer to computer. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.

5.   Spyware

It is a type of malicious software that spies on user activity, from collecting keystrokes to browser history to data harvesting. Spyware enters in computer as a virus, Trojans or building with trusted programs.

 

Computer Crime/ Cyber Crime

Cyber Crime is illegal activities done using computers and Internet. Computer crime is committed in order to steal others files, data, documents, confidential information or to harm computer and its user. Computer Crime and cyber Crime are usually used interchangeably. Cyber Crimes include Internet-related forgery, fraud, vandalism, software piracy, hacking, cracking, plagiarism, etc.

Dictionaries define Cyber Crime as “a criminal activity committed on the internet. This is a broad term that describes everything from electronic cracking to denial of service attacks that cause electronic commerce sites to lose money”.

Cyber Crimes can be basically divided into three major categories:

1.    Cyber Crime against persons

2.    Cyber Crime against property

3.    Cyber Crime against government

 

Cyber Law

Cyber law is a term that deals with the Internet's relationship to technological and electronic elements, including computers, software, hardware and information system. Simply, the cyber law is the law which is used for stopping computer crime and abuse.

It is the area of law that deals with the use of internet and computers and the exchange of communications and information, which includes the issues concerning with the protection of intellectual property rights, freedom of speech and public access to information.

In simple words, cyber law is the law that deals with the legal issues which is related to the access, usage and privacy of information. Cyber law is made for controlling the crimes like theft of information, fraud, forgery, etc.

The areas covered by cyber law are: Digital Signature Law, Copyright Law, Trademark Law, Telecommunication Law and Data protection and privacy law.

 

Privacy and Anonymity (IMP)

·       Privacy

Privacy is the ability of an individual or group to keep private themselves or information about themselves, and thereby express themselves selectively. When something is private to a person, it usually means that something is sensitive to them.

·       Anonymity

Anonymity means “without name”. It means the state of an individual’s identity or personally identifiable information, being publicly unknown. It means real author of a message is not shown. Anonymity can be implemented to make it impossible or very difficult to find the real author of a message.

 

Intellectual Property Right (IPR)

Intellectual Property Right (IPR) is the rights given to persons over the creations of their minds, like inventions, literary, artistic works, etc. They usually give the creator an exclusive right over the use of his/her creation for a certain period of time. Intellectual property rights are divided into two main areas:

Industrial Property

Industrial property is one of two subsets of intellectual property (the other being copyright), it takes a range of forms, including patents for inventions, industrial designs, trademarks, service marks, layout-designs of integrated circuits, commercial names and designations, geographical indications and protection against unfair competition. The object of industrial property consists of signs conveying information, in particular to consumers, regarding products and services offered on the market. Protection is directed against unauthorized use of such signs that could mislead consumers, and against misleading practices in general.

 

Copyright and Rights related to copyright

The rights of authors of literary and artistic works such as books and other writings, musical compositions, painting, computer program and films are protected by copyright, for a minimum period of 50 years after the death of the author. The main purpose of copyright and related right is to encourage and reward creative work.

 

Digital Signature 

A digital signature is the security mechanism system in the cyber space. It is a digital identity of the sender that uniquely identifies particular sender electronically. Digital signature is used in the Internet for the secure transaction. Digital signature uses two different keys for authentication, one for creating a digital signature and another key is used for verifying a digital signature.

A digital signature is a mathematical scheme for verifying the authenticity of digital message or documents. A valid digital signature, where prerequisites are satisfied, gives a recipient very strong reason to believe that the message was created by a known sender and that the message was not altered in transit.  

Advantage of Digital Signature:

1.     Faster Transactions and Better Customer Service

2.     Built Into Your Digital Workflows

3.     Fewer Errors Than Paper-Based Systems

4.     Fewer Errors Than Paper-Based Systems

5.     Maintain Compliance & Security

Getting Info...

Post a Comment

Please do not enter any spam link in the comment box.
Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.