Information Systems Ethics, Computer Crime, and Security

Information Systems Ethics Toffler’s three waves of change Agriculture Industrial Revolution Information Age Alvin Toffler’s book, "The Third Wave" in which he articulates three waves of societal change corresponding to the development and rise of the agricultural, industrial and information societies.

Information Systems Ethics Computer Literacy Knowing how to use a computer Digital Divide That gap between those with computer access and those who don’t have it Computer Ethics Standards of conduct as they pertain to the use of information systems

Information Systems Ethics Information Privacy Protecting one’s personal information Information accuracy Deals with authentication and fidelity of information Information property Deals with who owns information about individuals and how information can be sold and exchanged Information accessibility Deals with what information a person has the right to obtain about others and how the information can be used

Information Systems Ethics Issues in information accessibilityhe need for a code of ethical conduct Carnivore Electronic Communications Privacy Act (ECPA) Monitoring e-mail The need for a code of ethical conduct Business ethics Plagiarism Cybersquatting

Computer Crime Definition: the act of using a computer to commit an illegal act Authorized and unauthorized computer access Examples Stealing time on company computers Breaking into government Web sites Stealing credit card information

Computer Crime Federal and State Laws Hacking and Cracking Stealing or compromising data Gaining unauthorized computer access Violating data belonging to banks Intercepting communications Threatening to damage computer systems Disseminating viruses Hacking and Cracking Hacker – one who gains unauthorized computer access, but without doing damage Cracker – one who breaks into computer systems for the purpose of doing damage

Computer Crime Who commits computer crime?

Computer Crime Types of computer crime Data diddling: modifying data Salami slicing: skimming small amounts of money Phreaking: making free long distance calls Cloning: cellular phone fraud using scanners Carding: stealing credit card numbers online Piggybacking: stealing credit card numbers by spying Social engineering: tricking employees to gain access Dumpster diving: finding private info in garbage cans Spoofing: stealing passwords through a false login page

Computer Crime Computer viruses and destructive code Virus – a destructive program that disrupts the normal functioning of computer systems Types: Worm: usually does not destroy files; copies itself Trojan horses: Activates without being detected; does not copy itself Logic or time bombs: A type of Trojan horse that stays dormant for a period of time before activating

Computer Security Computer Security – precautions taken to keep computers and the information they contain safe from unauthorized access Recommended Safeguards Implement a security plan to prevent break-ins Have a plan if break-ins do occur Make backups! Only allow access to key employees Change passwords frequently Keep stored information secure Use antivirus software Use biometrics for access to computing resources Hire trustworthy employees

Computer Security Encryption How encryption works The process of encoding messages before they enter the network or airwaves, then decoding them at the receiving end of the transfer How encryption works Symmetric secret key system Both sender and recipient use the same key Key management can be a problem Public key technology A private key and a public key Certificate authority A trusted middleman verifies that a Web site is a trusted site (provides public keys to trusted partners) Secure socket layers (SSL)

Symmetric secret key system A symmetric secret key algorithm is a cryptographic algorithm that uses the same key to encrypt and decrypt data. The best known algorithm is the U.S. Department of Defense's Data Encryption Standard (DES). DES, which was developed at IBM in 1977, was thought to be so difficult to break that the U.S. government restricted its exportation.

Public key technology Two large prime numbers Very hard to solve (intractable solution)

Public key technology – Security and Key Length Key Size Possible Key Combinations 2-bit 2^2 2x2= 4 3-bit 2^3 2x2x2= 8 4-bit 2^4 2x2x2x2= 16 5-bit 2^5 2x2x2x2x2= 32 6-bit 2^6 2x2x2x2x2x2= 64 7-bit 2^7 2x2x2x2x2x2x2= 128 8-bit 2^8 2x2x2x2x2x2x2x2= 256 9-bit 2^9 2x2x2x2x2x2x2x2x2= 512 10-bit 2^10 2x2x2x2x2x2x2x2x2x2= 1024 11-bit 2^11 2x2x2x2x2x2x2x2x2x2...= 2048 12-bit 2^12 2x2x2x2x2x2x2x2x2x2...= 4096 16-bit 2^16 2x2x2x2x2x2x2x2x2x2...= 65536 24-bit 2^24 2x2x2x2x2x2x2x2x2x2...= 16.7 million 30-bit 2^30 2x2x2x2x2x2x2x2x2x2...= 1 billion (1,073,741,800) 40-bit 2^40 2x2x2x2x2x2x2x2x2x2...= 1 trillion (1,097,728,000,000) 56-bit 2^56 2x2x2x2x2x2x2x2x2x2....= 72 thousand quadrillion (71,892,000,000,000,000) 128-bit 2^128 2 multiplied by 2 128 times over = 339,000,000,000,000,000,000,000,000,000,000,000    (give or take a couple trillion...)

Computer Security Other encryption approaches Internet Security Pretty good privacy (PGP) Phil Zimmerman Clipper Chip Internet Security Firewall – hardware and software designed to keep unauthorized users out of network systems

Computer Security Virus prevention How to maintain your privacy online Install antivirus software Make backups Avoid unknown sources of shareware Delete e-mails from unknown sources If your computer gets a virus… How to maintain your privacy online Choose Web sites monitored by privacy advocates Avoid “cookies” Visit sites anonymously Use caution when requesting confirming e-mail

Computer Security Avoid getting conned in cyberspace Internet auctions Internet access International modem dialing Web cramming Multilevel marketing (pyramid schemes) Travel/vacations Business opportunities Investments Health-care products