Presentation on theme: "Protecting People and Information"— Presentation transcript:
1Protecting People and Information MIS Chapter 8Jack G. ZhengMay 29th 2008
2Intellectual Property refers to creations of the mind (inventions, literary and artistic works, and symbols, names, images, and designs) used in commerceTwo categories2Industrial propertyinventions (patents), trademarks, industrial designs, and geographic indications of sourceCopyrightliterary and artistic works such as novels, poems and plays, films, musical works, drawings, paintings, photographs and sculptures, and architectural designs.1, 2 Source: World Intellectual Property Organization,
3Intellectual Property Fair use doctrinemay use copyrighted material in certain situationsPirated softwarethe unauthorized use, duplication, distribution or sale of copyrighted softwareCounterfeit softwaresoftware that is manufactured to look like the real thing and sold as suchFair use:TV recordingTeaching in class
4IP and Open SourceWhich way (protection vs. open sharing) is best to advance software industry?
5Privacy"… the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.“Dr. Alan Westin, “Privacy and Freedom” (book), 1967
6Privacy and Web Customer database Adware Cookie Profiles Behavior patterns (purchasing, searching and navigation)ClickstreamAdwareExample: 180 search assistantTrojan horseSpywareCookieA small text file containing user information on the local computerShow customer data flash (the Matrix, TIA-total information awareness)Show cookie example
7Privacy andusually are not protected and are left open for potential scanningGmail scans content of s and puts in related ads1July 1st 2004, “Court Limits Privacy Of Messages”2“A company that provides service has the right to copy and read any message bound for its customers”SpamUnsolicited1http://www.privacyrights.org/ar/GmailAGadvisory.htm2http://www.washingtonpost.com/wp-dyn/articles/A Jun30.html
8Internet Fraud Identity theft Phishing (fishing) Forging of identity for the purpose of fraudPhishing (fishing)Deceptively to get people’s informationFaked website to get user informationAdvance Fee FraudNigeria scams…Washington mutual customer data update case/ebay …What are other types? How to identify and deal with it? Topic paper.
9Privacy and Employees Workplace PC monitoring Read the handout and discussLegislation had been approved by the state Senate (California) in May 2004, employers would be required to give written notice explaining what types of electronic activities they monitor, from to the use of GPS locator devices in company cars and phones
11Security Threats In-house security Hacking Computer virus and worm Employee misconductHackingUnauthorized access to, or use of the computer, information and systemsHackerComputer virus and wormVirus is the software with malicious intent to cause damageWorm is a self-propagating virusDoS (Denial-of-Service Attack)floods a server with so many requests for service that it slows down or crashesThreat sources: see more in extended module H
12Security Management Myth Truth Security is about technology: software and hardwareTruthSecurity is also about policy: awareness, alertness and enforcement
13Security Precautions (1) Authentication and authorizationAuthentication is the process to identify a person (who)Authorization is the process to identify privileges (what and how)Authentication methodsWhat you know: PasswordWhat you have (loosely): ID cards, CertificateWhat you have (tightly): BiometricsShow example of certificateAnd
14Security Precautions (2) EncryptionSymmetric encryptionAsymmetric (public key) encryptionSSL (secure socket layer)FirewallSoftware/hardware that can selectively block computer communicationsAnti-virus softwareIntrusion detectionShow example of SSL (https://)
15Good Resources Ethics in computing Napster on CNN Special Privacy Napster on CNN SpecialPrivacyComputer virus information