- Most ethical and legal issues in computer system are in the area of individual’s right to privacy versus the greater good of a larger entity i.e. a company or a society. For example, tracking how employees use computers, crowd surveillance, managing customer profiles, tracking a person’s travel with passport and so on. A key concept in resolving this issues is to find out, what is a person’s expectation of privacy. Classically, the ethical issues in security system are classified into following 4 categories:
- Privacy: This deals with the right of an individual to control personal information. It is the protection of personal or sensitive information. Privacy is subjective. Different people have different ideas of what privacy is and how much privacy they will trade for safety or convenience.
- Accuracy: This talks about the responsibility for the authenticity, fidelity an accuracy of the information.
- Property: This determines who the owner of the information is and who controls access.
- Accessibility: This deals with the issue of the type of information, an organization has the right to collect. And in that situation, it also expects to know the measures which will safeguard against any unforeseen eventualities.
- When dealing with legal issues, we need to remember that there is hierarchy of regulatory bodies that govern the legality of information security. The hierarchy can be roughly described as follows:
- International: e.g. International Cybercrime Treaty
- Federal: e.g. FERPA, GLB, HIPAA
- State: e.g. UCITA, SB 1386 etc.
- Organization: e.g. Computer Use policy
Related Articles
-
What are the typical phases of operation of a virus?
The first stage is called Pre-trigger stage or the dormant stage. In this stage viruses lie dormant, and does...
-
Authentication in Network Security
Authentication mechanism helps to establish proof of identity. This process ensures that origin of an electronic document or message...
-
Explain Phishing
Phishing has become a big problem in recent times. In 2004, the estimated losses due to phishing were to...
-
Explain Symmetric and Asymmetric key cryptography together
Indeed, in practice, symmetric-key cryptography and asymmetric-key cryptography are combined to have a very efficient security solution. The way...
-
Explain Asymmetric key cryptography
In Asymmetric key cryptography, each person has two keys i.e. Public key& Private key. The public key is known...
-
Explain Pharming. (DNS Spoofing)
DNS spoofing also known as pharming attack. As we know, using the Domain Name System (DNS), people can identify...
-
RC4 Algorithm in Network Security tybscit Semester 5
RC4was designed by Ron Rivest. It is based on stream cipher i.e. the encryption & decryption happens byte by...
-
What are the different types of criminal attacks?
Fraud:- Modern fraud attacks concentrate on manipulating some aspects of electronic currency, credit cards, electronic stock certificates, checks, letters...
