Presentation on theme: "Security, Ethical and Societal Challenges of E-Business Based on James OBriens MIS Managing Information Technology in the E-Business Enterprise 5 th Edition."— Presentation transcript:
Security, Ethical and Societal Challenges of E-Business Based on James OBriens MIS Managing Information Technology in the E-Business Enterprise 5 th Edition 2002 Prepared by M. Pineda for Competh 3 rd Term SY 2003-2004
Aspects of Security, Ethical & Societal Dimensions of E-Business EmploymentPrivacy Health Individuality Working Conditions Crime E-Business Security Ethics & Society
Computer Crime, defined by the Assoc. of IT Professionals (AITP) Unauthorized use, access, modification, and destruction of hardware, software, data or network resources Unauthorized release of information Unauthorized copying of software Denying an end-user access to his or her own hardware, software, data or network resources Using or conspiring to use computer or network resources to illegally obtain information or tangible property.
Hacking (illegal hackers, also called crackers) The obsessive use of computers Or the unauthorized access and use of networked computer systems. Can monitor e-mail, web server access, or file transfers to access to extract passwords or steal network files or to plant data that will cause a system to welcome intruders.
Hacking issue What to do with a hacker who commits only electronic breaking and entering, i.e. gets access to a computer system, reads some files, but neither steals nor damages anything.
Common Hacking Tactics Denial of service Scans Sniffer programs Spoofing Trojan Horse Back Doors Malicious Applets War Dialing Logic Bombs Buffer Overflow Password Crackers Social Engineering Dumpster Diving
Cyber Theft Computer crimes that involve the unauthorized network entry, fraudulent alteration of computer databases and the theft of money Example: http://www.geocities.com/vienna/4345/vladimir.htm
Unauthorized Use at Work Also called as Time & Resource Theft Unauthorized use of company-owned computer networks by employees– private consulting, personal finances, playing video games, unauthorized use of the Internet on company networks,
Online activities specifically discouraged by corporate policies Pornography Gambling Chat Shopping Sports Stock trading Job hunting Source: Net managers Battle Online Trading Boom, Computerworld, July 5, 1999, p. 24. Copyright 1999 by Computerworld, Inc.
Software Piracy Unauthorized copying of software is a major form of software theft. Unauthorized copying is illegal because SOFTWARE is intellectual property i.e. protected by copyright law and user licensing agreements.
Piracy of Intellectual Property Other forms of copyrighted materials ---music, video, images, articles, books and other written works are especially vulnerable to copyright infringement. Example: P2P networking technologies like Napster, Gnutella and Kazaa have made digital versions of copyrighted materials more vulnerable to unauthorized use.
Computer Viruses (or worms) A program code that cannot work without being inserted into another program Copy annoying or destructive routines into the networked computer systems of anyone who accesses computers infected with the virus or who uses copies of magnetic disks taken from infected computers.
I. Description The Melissa macro virus propagates in the form of an email message containing an infected Word document as an attachment. The transport message has most frequently been reported to contain the following Subject header Subject: Important Message From II. Impact Users who open an infected document in Word97 or Word2000 with macros enabled will infect the Normal.dot template causing any documents referencing this template to be infected with this macro virus. If the infected document is opened by another user, the document, including the macro virus, will propagate. Note that this could cause the user's document to be propagated instead of the original document, and thereby leak sensitive information. Indirectly, this virus could cause a denial of service on mail servers. Many large sites have reported performance problems with their mail servers as a result of the propagation of this virus. III. Solutions Block messages with the signature of this virus at your mail transfer agents or other central point of control.
CIH/Chernobyl Virus The CIH virus infects executable files and is spread by executing an infected file. Since many files are executed during normal use of a computer, the CIH virus can infect many files quickly. There are several variants of the CIH virus. Some activate every month on the 26th, while other variants activate just on April 26th or June 26th. Once the CIH virus activates, the virus attempts to erase the entire hard drive and to overwrite the system BIOS. Some machines may require a new BIOS chip to recover if overwritten by the CIH virus. CIH only affects Win95/98 machines. Description The CIH virus infects executable files and is spread by executing an infected file. Since many files are executed during normal use of a computer, the CIH virus can infect many files quickly. There are several variants of the CIH virus. Some activate every month on the 26th, while other variants activate just on April 26th or June 26th. Once the CIH virus activates, the virus attempts to erase the entire hard drive and to overwrite the system BIOS. Some machines may require a new BIOS chip to recover if overwritten by the CIH virus. CIH only affects Win95/98 machines.
Impt. Privacy Issues Accessing individuals private e-mail conversations and computer records Collecting and sharing information about individuals gained from their visits to Internet websites and newsgroups
Impt. Privacy Issues Always knowing where a person is, esp. as mobile and paging services become more closely associated with people rather than places Using computer info gained from many sources to market additional business services Collecting telephone numbers, e-mail addresses, credit card numbers & other personal info to build individual customer profiles.
Spamming The indiscriminate sending of unsolicited e-mail messages (spam) to many Internet users. Also used to spread computer viruses.
Flaming Practice of sending extremely critical, derogatory and often vulgar e-mail messages, or newsgroup postings to other users on the internet or online services.
Challenges in the Working Conditions Employment issue Computer monitoring Individuality of employees /people Health issues Human factors engineering
Ethical Responsibilities Digital artwork by Kiran Budhrani
Ethical Philosophies EGOISM. What is best for a given individual is right. NATURAL LAW. Humans should promote their own health and life, propagate, pursue knowledge of the world and God, pursue close relationships with other people, and submit to legitimate authority.
Ethical Philosophies UTILITARIANISM. Those actions are right that produce the greatest good for the greatest number of people. RESPECT FOR PERSONS. People should be treated as an end and not as a means to an end; and actions are right if everyone adopts the moral rule presupposed by the action.
Western & Non-Western Values Non-WesternWesternCommon Values Kyosei (Japanese): living & working together for the common good. Dharma (Hindu): the fulfillment of inherited duty. Satuthi (Buddhist): the importance of limited desires. Zakat (Muslim): the duty to give alms to the Muslim poor. Individual liberty Egalitarianism Political participation Human rights Respect for human dignity Respect for basic rights Good citizenship
Business Ethics The stockholder theory The social contract theory The stakeholder theory
Ethical Guidelines Be a responsible end user by Acting with integrity, Increasing your professional competence, Setting high standards of personal performance, Accepting responsibility for your work, and Advancing the health, privacy and general welfare of the public.
FOLLOW THE CODE OF ETHICS! The Association of Information Technology Professionals Code of Ethics http://www.aitp.org/organization/about/ethics/ethi cs.jsp http://www.aitp.org/organization/about/ethics/ethi cs.jsp Computing and Information Systems (Code of Ethics Online) http://www.iit.edu/departments/csep/PublicWWW /codes/computer.html http://www.iit.edu/departments/csep/PublicWWW /codes/computer.html