1. Information Systems Ethics, Computer Crime, and Security

2. Information Systems Ethics
Toffler’s three waves of change
Agriculture
Industrial Revolution
Information Age
Alvin Toffler’s book, "The Third Wave" in which he articulates three waves of societal change corresponding to the development and rise of the agricultural, industrial and information societies.

3. Information Systems Ethics
Computer Literacy
Knowing how to use a computer
Digital Divide
That gap between those with computer access and those who don’t have it
Computer Ethics
Standards of conduct as they pertain to the use of information systems

4. Information Systems Ethics
Information Privacy
Protecting one’s personal information
Information accuracy
Deals with authentication and fidelity of information
Information property
Deals with who owns information about individuals and how information can be sold and exchanged
Information accessibility
Deals with what information a person has the right to obtain about others and how the information can be used

6. Information Systems Ethics
Issues in information accessibilityhe need for a code of ethical conduct
Carnivore
Electronic Communications Privacy Act (ECPA)
Monitoring
The need for a code of ethical conduct
Business ethics
Plagiarism
Cybersquatting

7. Computer Crime
Definition: the act of using a computer to commit an illegal act
Authorized and unauthorized computer access
Examples
Stealing time on company computers
Breaking into government Web sites
Stealing credit card information

8. Computer Crime Federal and State Laws Hacking and Cracking
Stealing or compromising data
Gaining unauthorized computer access
Violating data belonging to banks
Intercepting communications
Threatening to damage computer systems
Disseminating viruses
Hacking and Cracking
Hacker – one who gains unauthorized computer access, but without doing damage
Cracker – one who breaks into computer systems for the purpose of doing damage

9. Computer Crime
Who commits computer crime?

10. Computer Crime Types of computer crime Data diddling: modifying data
Salami slicing: skimming small amounts of money
Phreaking: making free long distance calls
Cloning: cellular phone fraud using scanners
Carding: stealing credit card numbers online
Piggybacking: stealing credit card numbers by spying
Social engineering: tricking employees to gain access
Dumpster diving: finding private info in garbage cans
Spoofing: stealing passwords through a false login page

11. Computer Crime Computer viruses and destructive code
Virus – a destructive program that disrupts the normal functioning of computer systems
Types:
Worm: usually does not destroy files; copies itself
Trojan horses: Activates without being detected; does not copy itself
Logic or time bombs: A type of Trojan horse that stays dormant for a period of time before activating

12. Computer Security
Computer Security – precautions taken to keep computers and the information they contain safe from unauthorized access
Recommended Safeguards
Implement a security plan to prevent break-ins
Have a plan if break-ins do occur
Make backups!
Only allow access to key employees
Change passwords frequently
Keep stored information secure
Use antivirus software
Use biometrics for access to computing resources
Hire trustworthy employees

13. Computer Security Encryption How encryption works
The process of encoding messages before they enter the network or airwaves, then decoding them at the receiving end of the transfer
How encryption works
Symmetric secret key system
Both sender and recipient use the same key
Key management can be a problem
Public key technology
A private key and a public key
Certificate authority
A trusted middleman verifies that a Web site is a trusted site (provides public keys to trusted partners)
Secure socket layers (SSL)

14. Symmetric secret key system
A symmetric secret key algorithm is a cryptographic algorithm that uses the same key to encrypt and decrypt data. The best known algorithm is the U.S. Department of Defense's Data Encryption Standard (DES). DES, which was developed at IBM in 1977, was thought to be so difficult to break that the U.S. government restricted its exportation.

15. Public key technology Two large prime numbers
Very hard to solve (intractable solution)

16. Public key technology – Security and Key Length
Key Size Possible Key Combinations
2-bit 2^2 2x2= 4
3-bit 2^3 2x2x2= 8
4-bit 2^4 2x2x2x2= 16
5-bit 2^5 2x2x2x2x2= 32
6-bit 2^6 2x2x2x2x2x2= 64
7-bit 2^7 2x2x2x2x2x2x2= 128
8-bit 2^8 2x2x2x2x2x2x2x2= 256
9-bit 2^9 2x2x2x2x2x2x2x2x2= 512
10-bit 2^10 2x2x2x2x2x2x2x2x2x2= 1024
11-bit 2^11 2x2x2x2x2x2x2x2x2x2...= 2048
12-bit 2^12 2x2x2x2x2x2x2x2x2x2...= 4096
16-bit 2^16 2x2x2x2x2x2x2x2x2x2...= 65536
24-bit 2^24 2x2x2x2x2x2x2x2x2x2...= 16.7 million
30-bit 2^30 2x2x2x2x2x2x2x2x2x2...= 1 billion (1,073,741,800)
40-bit 2^40 2x2x2x2x2x2x2x2x2x2...= 1 trillion (1,097,728,000,000)
56-bit 2^56 2x2x2x2x2x2x2x2x2x2....= 72 thousand quadrillion (71,892,000,000,000,000)
128-bit 2^128 2 multiplied by times over = 339,000,000,000,000,000,000,000,000,000,000,000    (give or take a couple trillion...)

17. Computer Security Other encryption approaches Internet Security
Pretty good privacy (PGP)
Phil Zimmerman
Clipper Chip
Internet Security
Firewall – hardware and software designed to keep unauthorized users out of network systems

18. Computer Security Virus prevention How to maintain your privacy online
Install antivirus software
Make backups
Avoid unknown sources of shareware
Delete s from unknown sources
If your computer gets a virus…
How to maintain your privacy online
Choose Web sites monitored by privacy advocates
Avoid “cookies”
Visit sites anonymously
Use caution when requesting confirming

19. Computer Security Avoid getting conned in cyberspace Internet auctions
Internet access
International modem dialing
Web cramming
Multilevel marketing (pyramid schemes)
Travel/vacations
Business opportunities
Investments
Health-care products