Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.
-
Upload
ethel-ball -
Category
Documents
-
view
221 -
download
1
Transcript of Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.
![Page 1: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/1.jpg)
Chapter 8: Laws, Ethics, and Safeties
in Information Technology Usage
![Page 2: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/2.jpg)
Contents
Information Technology Laws
Ethics in IT Usage
Computer Crimes
Safety Protections in IT Usage
Future Trends in Safety Protections
![Page 3: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/3.jpg)
Act on Computer Crime B.E.2550
4 sections (Generalization and Definitions)
The act consists of 30 sections and divided into 3 major parts
Part 1 Crime involved with Computers (13 sections)
Part 2 Competent Official (13 sections)
![Page 4: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/4.jpg)
Generalization and Definitions
Section 1 This act is called the “Act on Computer Crime B.E.2550”
Section 2 Enforcement: within thirty days from publication in the Government GazetteSection 3 Definitions: “Computer system”, “Computer data”, “Traffic data”, “Service provider”, “User”, “Competent official”, and “Minister”
Section 4 The execution of the act by the Ministry of Information and Communication Technology
![Page 5: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/5.jpg)
Part 1 Crime involved with
computersIllegally access computer system/
computer data
Illegally disclose another person data
Illegally intercept and transmit in computer system
Damages, destroys, alters, modifies, or adds to whole or part of computer data of another person with authorization
![Page 6: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/6.jpg)
Part 1 Crime involved with computers
(cont.)
The action without authorization causes suspension, deceleration, obstruction, or interference with computer system of another person
Forging or altering its sources, sends computer data or electronic mail to interfere normal usage
Disposes or disseminate specific designed program for the commission of the offence
![Page 7: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/7.jpg)
Part 1 Crime involved with computers
(cont.)
Input, into computer system, forged computer data cause injury to another person or the public/ nation security or public panic/ terrorism
Any service provider intentionally supports or consents to commit the offence under his control
![Page 8: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/8.jpg)
Part 1 Crime involved with computers
(cont.)
Inputs to which the public can access photograph of another person in a manner likely to impair reputation, to expose, or to shame of other person
Covering the committing an offence outside the Kingdom by Thai people, or an alien
![Page 9: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/9.jpg)
Part 2 Competent Official
Authority of an official
Investigate the authorization
Exercising an official power
Responsibility of service provider
Performance of the duties under the Act
![Page 10: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/10.jpg)
Electronic Transactions Act B.E.2544
The Act shall apply to all civil and commercial transactions performed by using data message, except the transactions prescribed by a Royal Decree to be excluded from this Act wholly or partly.
![Page 11: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/11.jpg)
Electronic Transactions Act B.E.2544
Definitions “transaction” “electronics” “electronics transaction” “information” “data message” “electronic signature” “information system” “electronic data interchange” “originator”
“addressee” “intermediary” “information” “certificate” “signatory” “relying party” “State agency” “Commission” “Minister”
![Page 12: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/12.jpg)
Electronic Transactions Act B.E.2544
Chapter 1 Electronic Transactions
Chapter 2 Electronic Signature
Chapter 3 Service Business Relating to Electronic Transactions
Chapter 4 Electronic Transactions in the Public Sector
Chapter 5 Electronic Transactions Commission
Chapter 6 Penalties
![Page 13: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/13.jpg)
Intellectual Property
Intellectual Property (IP) refers to creations of the mind which includes literary, artistic and scientific works performances of performing artists,
phonograms and broadcasts inventions in all fields of human endeavor scientific discoveries industrial designs trademarks, service marks, commercial
names and designation
![Page 14: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/14.jpg)
Intellectual Property
Intellectual Property Law in Thailand Thai law provides protection for various
types of intellectual property. The protection against unfair
competition and all other rights resulting from intellectual activity in the industrial, scientific, literary or artistic fields.
IP: Patents, Trade marks, Designs, Copyright
![Page 15: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/15.jpg)
COPYRIGHT ACT B.E. 2537
Definitions “author” “copyright” “literary work” “computer program” “dramatic work” “artistic work” “musical work” “audiovisual work” “cinematographic work”
“sound recording” “performer” “broadcasting
work” “reproduction” “adaptation” “communication to
public” “publication”
![Page 16: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/16.jpg)
COPYRIGHT ACT B.E. 2537
The Copyright work by virtue of this Act means a work of authorship in the form of literary, dramatic, artistic, musical, audiovisual, cinematographic, sound recording, sound and video broadcasting work or any other work in the literary, scientific or artistic domain whatever may be the mode or form of its expression. Copyright protection shall not extend to ideas or procedures, processes or systems or methods of use or operation or concept, principles, discoveries or scientific or mathematical theories.
![Page 17: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/17.jpg)
Fair Use
reproduction for use in the library or another library
reasonable reproduction in part of a work for another person for the benefit of research or study
research or study of the computer program use for the benefit of the owner of the copy of the computer program
comment, criticism or introduction of the work with an acknowledgement of the ownership of the copyright in the computer program
![Page 18: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/18.jpg)
Fair Use
reporting of the news through mass media with an acknowledgement of the ownership of copyright in the computer program
making copies of a computer program for a reasonable quantity by a person who has legitimately bought or obtained the program from another person so as to keep them for maintenance or prevention of loss
use of the computer program as part of questions and answer in an examination
![Page 19: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/19.jpg)
Fair Use
reproduction, adaptation, exhibition or display for the benefit of judicial proceedings or administrative proceedings by authorized officials or for reporting the result of such proceedings
adapting the computer program as necessary for use
making copies of the computer program so as to keep them for the reference or research for public interest
![Page 20: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/20.jpg)
Ethics in IT Usage
Information Privacy
Information Accuracy
Information Property
Data Accessibility
![Page 21: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/21.jpg)
Computer Crimes
Illegally access computer system/computer data
Spyware
Sniffer
Phishing/
Spoofing
![Page 22: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/22.jpg)
Spyware is an application that follows or tracks the user’s data.
Advertising pop up window without the user’s request
Track or hack password to simulate the user’s account/login account
Block the user’s account
Spyware
![Page 23: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/23.jpg)
Sniffer is a computer software or hardware that can intercept and log traffic passing over a digital network and stole/hack username/password for access to the system or data.
Sniffer
![Page 24: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/24.jpg)
Phishing/Spoofing
Phishing is the attempt to acquire security information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public.
![Page 25: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/25.jpg)
Phishing emails may contain links to websites (malware).
Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
Phishing/Spoofing
![Page 26: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/26.jpg)
Destroy/Obstruct the computer system/computer data
Malicious code: Virus computer, Worm, Trojan, Exploit, Hoax
Denial of Service (DoS) Virus spreading to interrupt the network
traffic Flooding packet switching/Fault torrent Destroy by delete user account or user
data Shutdown server Brake on the defect of system software
![Page 27: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/27.jpg)
Spam mailHacking toolMalign data postingMalicious editing data/photo
to injure another person or disseminate without permission
Computer Crimes (cont.)
![Page 28: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/28.jpg)
Safety Protections in IT Usage
1 )Spyware protection
Do not click hyperlink or advertising pop up
Beware to download unknown software Unsubscribed the untrusted e-mail
![Page 29: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/29.jpg)
2 )Sniffer protection
Safety Protections in IT Usage
Secure Socket Layer (SSL) Secure Shell (SSH) Virtual Private Network (VPN) Pretty Good Privacy (PGP)
![Page 30: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/30.jpg)
3 )Phishing protection
Safety Protections in IT Usage
Check/Confirm information with the bank when received banking e-mail
Do not open the untrusted e-mail
![Page 31: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/31.jpg)
4 )Virus computer protection
Install scan virus software into computer system
Check and repair the missing of the operating system
Carefully check and open only reliable e-mail
Safety Protections in IT Usage
![Page 32: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/32.jpg)
5 )Denial of Service (DoS) protectionUse filtering packet on router to filter
dataInstall TCP SYN Flooding software for
hacking protectionDo not open unused port, such as FTPUsing Tripwire programInstall Hot spares server Install backup network system
Safety Protections in IT Usage
![Page 33: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/33.jpg)
6 )Spam e-mail or Bomb e-mail protectionDo not subscribe untrusted
newsletter/website Determine the number of maximum
sending e-mails per timeDetermine the maximum size of e-mail
for sending and receivingDetermine keyword for blocking
unwanted e-mail by specify keywords/subjects
Check the existing of an e-mail before sending
Safety Protections in IT Usage
![Page 34: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/34.jpg)
7 )Illegally access protectionUsing firewall Check authorization for login the
systemCheck the permission card Record check in and check out Keep tracking the using behavior in the
systemDetermine the different authorization
level for each user
Safety Protections in IT Usage
![Page 35: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/35.jpg)
Regulate the encryption of notebook computer in the organization
Encryption the data in smartphone as same as doing in notebook computer
Law reform for personal data protection
Protect the exploit program or worms to enter the gap of the smartphone system
Future Trends in Safety Protections
![Page 36: Chapter 8: Laws, Ethics, and Safeties in Information Technology Usage.](https://reader035.fdocuments.net/reader035/viewer/2022062800/56649e175503460f94b026ef/html5/thumbnails/36.jpg)
The increasing of the attack to Voice of IP (VoIP)
The dangerous gap of Zero-Day in operating system or software
Increase the importance of Network Access Control (NAC) in the organization
Future Trends in Safety Protections