Sunday, 27 August 2017
Lesson No. 2 Cyber Law and Ethics - Short-Long Question Answers
1. Define the term Moral, Ethics and Law
Moral refers to generally accepted standards of right and wrong in a society. In cyber world, there are also such standards. e.g Do not make use of pirated software CDs, Do not use computers for wrong and illegal hacking, stealing of passwords etc. A set of moral Principles which systematically link moral beliefs to each other is called as moral theory.
The determination of right and wrong, and following the right behaviour, using morals is called as ethics.
Law includes any act of parliament or of state legislature, ordinance promulgated by the President or a Governor, as the case may be; Bills enacted as President’s Act and includes rules, regulations, bye-laws and order issued there under. Laws are rules in written format and governed by sovereign authority.
2. Discuss ethics for computer users.
· All computer users have the responsibility to use computer system with an effective, efficient, ethical and lawful manner.
· Responsibility of computer user towards the profession, organization and society is discussed by considering following points:
· Computer users should purchase only legitimate license software products.
· Users must install the software upon the terms and conditions stated by the software company.
· Users should not install more number of copies of the software than authorize number of license copies available.
· Should not download software illegally from peer-to-peer network, internet auction or blogs.
· Computer users should not perform unauthorized access.
3. Explain Software Piracy.
Software Piracy is nothing but copyright violation of software created originally by individual or institution. In includes stealing of codes / programs and other information illegally and creating the imitated copy by unauthorized means and utilizing this data either for own benefit or for profit making is violation of copyright act. Piracy is possible in many forms and few most common are: duplication of original license copy, distribution and usage of the same.
Types of software piracy include:
· Borrowing and installing a copy of a software application from a person
· Installing more number of copies of the software than authorized number of licenses copies available.
· Installing and selling unauthorized copies of software while purchasing new computers.
· Duplicating and selling copyrighted programs. 0 Downloading software illegally from peer-to-peer network, Internet auction or blogs,
· Unauthorized written CDs / DVDs for music, various software and utilities etc. are the most commonly observed examples of piracy.
4. Write a note on Unauthorized Access.
Gaining access without user permission is known as Unauthorized Access.
Attempting to get information (like e-mails, bank account, intellectual or any other personal and confidential information) from unauthorized person is known as accessing the machine illegally.
Examples of Unauthorized Access are:
· Hacking financial I bank account related information. 0 Stealing organizational I intellectual information.
· Illegal monitoring of information owned by other users including mails and messaging.
· Illegal use / break of login and password of other users
· Causing intentional irritation to other users by means of damaging software and important information etc.
5. What are the ethics that computer professional should follow? List and explain.
· Computer professional is obligated to perform assigned tasks competently, according to professional standards.
· These professional standards include technical excellence and concern for the social effects of computers on operators, users and the public.
· Computer professionals should ensure that their technical knowledge and efforts to create desired output are getting utilized in the development of society.
· Computer professionals are bound to operate on ethical grounds and with legal functions.
Key factors and responsibilities of Computer Professional
· Before processing on defined activities, computer professional must ensure availability of authentic and legal version of purchased software products. User must avoid usage of pirated copy, thereby respecting legality of the product.
· Privacy is individual’s right Hence Computer professionals should ensure that they design the product with high security and avoid any attempt of unauthorized access to specific site / server.
· Confidentiality of the data should be ensured so that it could be accessed by only intended user.
· Data storage should be ensured at well protected servers.
· All defects must be rectified before launching the product of that version.
· All applicable cyber laws should be taken into consideration while developing or launching any software product.
6. Write a note on Ethics in Business.
Internet has been proven as boon to individuals as well as various organizations and business. E-commerce is becoming very popular among businessmen as it is helping to reach consumers faster than any other means. Every consumer will expect that business deals should be carried out in the most legal and efficient way and he should be benefited with service and product obtained through internet.
· Business should have ethical policies and guidance on the proper use of business computers.
· Business should have authenticity and quality of product.
· Business should have Branding and quality services.
· Business should have proper data security procedures
7. What is code of ethics?
Following are few key points which user should follow as guidelines.
· Honesty : As a part of decent behavior (netiquette), user shall always demonstrate the truth while using internet.
· Respect : User should respect the privacy of the other users.
· Confidentiality : User should keep confidentiality while using internet and not share any information to anybody which will be breach and user should not try to get confidential data of other users.
· Professionalism : User should maintain professional conduct and well-mannered approach
· Responsibility : User should take ownership and responsibility of own data on internet and also ensure that it contains authenticity and truth.
· Communication : User should ensure decent and polite communication with others.
· Obeying the law : User should strictly ensure to obey the law and demonstrate decent internet usage.
8. List Do's and Don’ts for the ethics culture of Computer professionals.
· Use the Internet to help the work required for knowledge base.
· Use the Internet to communicate the messages.
· Respect the privacy of other users on the Internet
· Download legitimate and authentic programs from the Internet.
· Use licensed software on your computer.
· Don’t try to break into computers of others.
· Don’t try to steal any personal, financial data on Internet.
· Don’t make duplication of any copyrighted material like books, magazines, designs, programs, etc. without the permission of the author.
· Don’t give any personal information of yours or anyone on Internet.
· Don’t arrange to meet any unauthorized person met on the Internet.
9. Define the term Cyber Law. Why the need of Cyber law arises? Or What is Cyber Law?
Cyber Law refers to all the legal and regulatory aspects of Internet and the World Wide Web. Cyber-space is governed by a system of law and regulation called cyber law.
Need of Cyber Law:
· Today millions of people are using the Internet all over the world.
· Because of global communication, Internet is misused for criminal an activity which requires regulation.
· Today many disturbing and unethical things are happening in the cyber space called cyber crimes.
· People with intelligence and having bad intention are misusing the aspect of the Internet.
· The criminal activities include various crimes like harassment, e-mail, cyber-stalking, transmission of harmful programs, unauthorized possession of computerized information, software piracy, etc.
· Hence there is need for cyber law.
10. Explain IT Act in brief.
The Information Technology Act, 2000 (also known as ITA-2000, or the IT Act) is an Act of the Indian Parliament (No 21 of 2000) notified on 17 October 2000. It is the primary law in India dealing with cybercrime and electronic commerce. It is based on the United Nations Model Law on Electronic Commerce 1996 (UNCITRAL Model)
IT Act 2000 is an Act to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication i.e. legal recognitions for transactions carried out by E-commerce.
The original Act contained 94 sections, divided in 13 chapters and 4 schedules. The laws apply to the whole of India. Persons of other nationalities can also be indicted under the law, if the crime involves a computer or network located in India.
The Act provides legal framework for electronic governance by giving recognition to electronic records and digital signatures. It also defines cyber crimes and prescribed penalties for them.
11. Define the following terms as mentioned in the IT Act 2000.
1. Access: "Access" with its grammatical variations and cognate expressions means gaining entry into, instructing or communicating with the logical, arithmetical, or memory function resources of a computer, computer system or computer network.
2. Addressee: "Addressee" means a person who is intended by the originator to receive the electronic record but does not include any intermediary.
3.Computer: "Computer" means any electronic magnetic, optical or other high-speed data processing device or system which performs logical, arithmetic, and memory functions by manipulations of electronic, magnetic or optical impulses, and includes all input, output, processing, storage, computer software, or communication facilities which are connected or related to the computer in a computer system or computer network.
4. Computer network: "Computer network" means the interconnection of one or more computers through-
(i) the use of satellite, microwave, terrestrial line or other communication media and
(ii) terminals or a complex consisting of two or more interconnected computers whether or
not the interconnection is continuously maintained.
5. Computer resource: "Computer resource means computer, computer system, computer network, data and computer database software.
6. Computer System: "Computer system" means a device or collection of devices. including output support devices and excluding calculators which are nut programmable and of being used in conjunction with external files, which contain computer programs, instructions, input data and output data, that performs logic, arithmetic, data storage
and retrieval communication control and other functions.
6. Data: "Data" means a representation of information, knowledge, facts, concepts or which are being prepared or have been prepared in a form, deletion, storage and retrieval and communication or telecommunication from or within a computer.
7. Information: "Information" includes data, text, images, sound, voice, codes, computer programs, software and databases or micro film or computer generated micro fiche:
8. Electronic Gazette: The official gazette published in electronic form is called Electronic Gazette.
10. Key pair: "Key pair", in an asymmetric crypto system, means a private key and its mathematically related that the public key, can verify a digital signature created by the private key.
11. License: "License" means a license granted to a Certifying Authority under section 24
12. Private key: "Private key" means the key of a key pair used to create a digital signature.
13. Public key: “Public key" means the key of a key pair used to verify a digital signature and listed in the Digital Signature Certificate.
14. Electronic form: Means any information generated, sent, received or stored in media magnetic, optical computer memory, micro film, computer generated micro fiche or similar device.
12. What is Digital Signature? Where is it used?
· It is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document on Internet
· The digital equivalent of a handwritten signature or stamped seal, but offering far more inherent security.
· A digital signature is intended to solve the problem of tampering and impersonation in digital communications.
· It is unique to the subscriber who affixing it so it is used to identifying such subscriber.
· It is linked to the electronic record to which it relates in such a manner that if the electronic record was altered, the digital signature would be invalidated.
· Digital signature use encryption tool to send the message that is unreadable, until expected recipient uses their private key to decrypt the message.
· The purpose of digital signature is to provide authenticity to user for Information.
· It is a safeguard for information or data.
· Digital signatures secure your data by encoding it.
· Digital signatures can provide the added assurances of evidence to origin, identity and status of an electronic document, transaction or message, as well as acknowledging informed consent by the signer.
· Digital signatures have the same legal significance as the more traditional forms of signed documents
13. Explain Ten Commandments of computing?
1. Thou shalt not use a computer to harm ether people
2. Thou shalt not interfere with other people's computer work
3 Thou shalt not snoop around the other people's computer files.
4. Thou shalt not use a computer for the purpose of steal
5. Thou shalt not use a computer to bear a false witness.
6. Thou shalt not copy or use the software for which Thou has not paid.
7. Thou shalt not use other people's computer resources without authorization or proper compensation.
8. Thou shalt not copy or use or other people's intellectual output
9. Thou shalt think about social consequence of the program on is writing or the system one is designing.
10. Thou shalt always use a computer by means that show due considerations and due respect for one’s fellow humans.
14. What is Security, Privacy and Control?
Security is organizational concerns: business needs safeguards that protect computer systems and data from damage or unlawful use.
Computer security includes policies, procedures, tools and techniques designed to protect a computer assets from accidental, intentional or natural disasters, including theft, breaking physical damage, and illegal access or manipulation.
There are security procedures like passwords, encryption, firewalls, digital signatures, antivirus, SSL (Secure Socket Layers) to protect information.
Privacy is the right of a person. It is concerned with the publication of true account of private life of individual, medical confidentiality, privacy in electronic communication, etc. People need assurance that their personal information, such as employment, financial data, credit history, etc., will be used properly.
Controls are policies, procedure, tools and techniques designed to prevent errors in data, software and systems. Access privileges, input authorization, data validation, documentation, fire alarms, training, effective communication are certain controls.
15. Explain Intellectual Property Rights.
Intellectual Property is any creations of human mind like inventions, music, lyrics, designs, applications, artistic and literary works, etc.
IPR refers to a number of distinct types of creations of the mind for which a set of exclusive rights are recognized and corresponding fields of law. Under Intellectual Property Law, owners are granted certain exclusive rights to their Intellectual property. Common types of IPR incudes copyrights, Fairuse, trademarks, patents, industrial design rights, trade secrets, Copying and distribution limitations, attribution and acknowledgement, etc.
16. Explain Copyright.
Copyright is an intellectual property right attached to original works in which the right exists with originator or creator. Copyright is a form of protection provided by the law to the authors of "original works of authorship".
Copyright law is useful for authorship determination, duration of protection and requirement for transfer of right to others. The copyright act can be applied to original literary work including computer programs, databases, dramatic work, musical work, Artistic work and Cinematograph of films.
Copyright is the exclusive right to do or authorize the others to do the acts like perform the work in public, make any movie film or sound recording, make any translation of the work, to reproduce the work, etc..
It is illegal for anyone to violate any of the rights provided by the Act to the owner of copyright.
If you develop any work originally, then you can place the copyright symbol ©next to your name, work.
17. What is fairuse? Write any 2 advantages.
Fair Use is the exceptional case of copyright which allows copying of a limited amount of materials in certain cases without permission of the copyright owner.
The fair use of a copyrighted work for purposes such as criticism, comment, news reporting, teaching, scholarship or research.
Even for this uses, whether a specific use is fair or not depends on number of factors like, the purpose of the use, nature of the copyrighted work, amount of used work, effect of the use upon the potential market for the value of the copyrighted work.
Advantages of Fair use:
Public would be able to access any copyrighted material without paying any fees or asking permission.
If partial work is to implemented, then fair use is the better choice.
18. Differentiate/Explain between Shareware, Freeware and Public Domain Software.
· Shareware programs can be freely distributed and freely tested.
· This program can be shared with other user with owner's permission.
· A trail period generally 30 days) is given to test those programs. After this trial period, the user who wants to keep using the program has to register or pay a fee.
· The software which are made available with magazines are normally of this type.
· Freeware is termed as free software that allow everyone to copy, redistribute and modify it with free of cost.
· Its copyright is with the authors.
· Freeware is programming that is offered at no cost.
· Linux is an example of freeware.
Public Domain Software
· Public Domain Software is software that is not copyrighted. It implies that the authors have waived copyright over the software.
· Anybody can copy them, modify them or use them in any manner they want.
· Public Domain programs can be freely incorporated into new works without royalties for the original material.
19. Write a note on Firewall.
· Firewall is the barrier between two networks used to control and monitor all traffic between external network and local network.
· It allows full access to insiders for services of the external world, while it grants access to the external network based on log-on name, password, ITP address, etc.
· It examines the incoming and outgoing packets as per the set rules.
20. What is meant by Encryption?
· Encryption is the conversion of data into coded format so that it cannot be read by unauthorized third party users.
· The data is converted into the code by the sender and then decoded by the receiver.
· Only sender and receiver know the rules for encoding and decoding.
· The encryption process consists of an algorithm and a key. Key controls the algorithm.
· Only the sender and receiver of the message know the key.
· Original message refereed to as plain text, it is converted into random text called cipher text.
· It is transmitted to the receiving end and at this end the cipher text can be transformed back to the original plain text b using a decryption algorithm.