Trends and Issues
(c) Sr. Jonathan Santiago
Artificial Intelligence - the science and engineering of making intelligent machines,
especially intelligent computer
programs.
Specific Applications
• game playing
• speech recognition
• understanding natural language
• computer vision
• expert systems
• heuristic classification
Turing Test • is designed to satisfactorily identify if the machine is intelligent
• to pass the test, the machine should possess the following:
o natural language processing to enable it to communicate successfully
o knowledge representation to store information provided before or during the interrogation
o machine learning to adapt to new circumstances and to detect and
extrapolate patterns
o computer vision to perceive objects
o robotics to move about
Web Technology
Internet • refers to a collection of computers and cables forming a communications network
• is intended to carry computer data, similar to telephone network which is intended to carry conversations
• carries a various data, including e-mail, videoconferences, instant messages, and contents of Web pages
Intranet • is a private network contained in an enterprise that includes connections through one or more gateway computers to the outside internet
Extranet
• is a private network that uses Internet technology and the public telecommunication system to securely share part of a business’ information or operations with suppliers, vendors, partners, customers, or other businesses
Web browser • is an application software allowing users to access and view web pages
Web page
• is a page consisting of HTML documents stored on a web server
Web site
• is a collection of connected web pages stored on a web server
Hypertext is a computer system that could store literary documents, link them according to logical relationships, and permit readers to comment and annotate what they read
HTML (Hypertext Markup Language)
• refers to plain text, or ASCII, document with embedded HTML tags
Other Internet Services • Electronic Mail
• File Transfer Protocol (FTP)
• Newsgroup and Message Boards
• Mailing Lists
• Chat Rooms
• Instant Messaging
• Internet Telephony
Types of Web sites
• Portal
• News
• Informational
• Business/Marketing
• Educational
• Entertainment
• Advocacy
• Blog (weB Log)
• Personal
Search Engine • is a program that finds web sites and pages
• helps the user find particular information about certain topics or locate particular web pages for which they do not know the exact web address
• is a search text box is available where you will enter your topic or subject to research
Popular Search Engine • Google
o is the largest search engine in the web whose purpose is to organize the world’s information and make it universally accessible and useful
• Yahoo! (Yet Another Hierarchical Officious Oracle)
o is the first navigational portal to the web by Jerry Yang and David Fib
E-commerce is an emerging concept that describes the process of buying and selling or exchanging of products, services, and information via computer networks including the Internet
can be defined from different perspectives
• communications perspective
• business process perspective
• service perspective
• online perspective
Origins and Growth of E-commerce • Electronic Fund Transfers (EFT)
o refers to the electronic transmissions of account exchange information over
private networks
• Electronic Data Interchange (EDI)
o occurs when one business transmits computer-readable data in a standard format to another business
Features of E-commerce Technology • ubiquitous
• global reach
• universal standards
• richness
• interactivity
• information density
• personalization
Advantages of E-commerce Benefits to Merchants
o increases sales opportunities for the seller
o reduces operational costs
o increases purchasing opportunities for the buyer
o provides wide range of choices
o use the web to target their offers to a niche market
o 11The store is always open! 11
o establishes better relationships with customers
o low cost information distribution
o increases speed to market
o expanded delivery channels
o global exposure and reach
Benefits to Consumers o convenience
o informative
o value presented upfront: demo and free download
o no long wait times
o easy flow and navigation
o search capabilities
o engaging presentation
o constant updates
o easy to buy
Disadvantages of E-commerce • Cost and Justification
• Security and Privacy
• Lack of trust and user resistance
• Others limiting factors
Major Types • Market Relationships
o Business-to-Consumers (B2C)
o Business-to-Business (B2B)
o Consumer-to-Consumer (C2C)
• Technology-based
o Peer-to-Peer (P2P)
o Mobile Commerce (M-Commerce)
Security
Computer Crimes
• could reasonably include a wide variety of criminal offenses, activities, or issues
• can be separated into two (2) categories
o crimes facilitated by a computer
o crimes where the computer is the target
Computer Security Issues
1. Bugs or mis-configuration problems.
2. browser-side risks.
3. interception of network data sent from browser to server or vice versa via network eavesdropping.
Aspects of Computer Security
• physical security
• viruses
• malicious logic
• hacking
• internal misuse
• spoofing
Two Categories of Electronic Crime Types
• crimes in which the computer is the target of the attack
• incidents in which the computer is a means of perpetrating a criminal act
Security Incidents
• The Morris Worm (November, 1988)
• Citibank and Vladimir Levin (June- October, 1994)
• Kevin Mitnick (February, 1995)
• Omega Engineering and Timothy Lloyd (July, 1996)
• Jester and the Worcester Airport (March, 1997)
• Solar Sunrise (February, 1998)
• The Melissa Virus (March, 1999)
• The Love Letter Worm (May, 2000)
• The Code-Red Worm (2001)
• Adil Yahya Zakaria Shakour (August, 2001-May, 2002)
• The Slammer Worm (2003)
• July 2009 cyber attacks
• Shamoon (2012)
Threats to Security
• viruses and worms
• intruders
• insiders
• criminal organizations
• terrorists and information warfare
Security Basics
Computer vs. Network Security
o Computer security focuses on security aspects of systems in isolation.
- e.g. viruses, secure data storage, OS sec u r i ty
o Network security focuses on security of data as it is transmitted between
networked systems.
— e.g. authentication protocols, encryption of transmitted data, firewalls
The CIA of Security
• Confidentiality
• Integrity
• Availability
o Authentication
o Nonrepudiation
Three Ways an Organization can choose to address the Protection of its Network
• Ignore security issues
• Provide host security
o takes a granular view of security by focusing on protecting each computer and device individually instead of addressing protection of the network as a whole
• Approach security at a network level
o emphasis is placed on controlling access to internal computers from external
entities
Least Privilege
• means that a subject (which may be a user, application, or process) should have only the necessary rights and privileges to perform its task with no additional permissions
• this concept applies to more network security issues than just providing users with specific rights and permissions
• another issue with this concept is the security context in which an application runs
Layered Security
Network security
Network security
Host security
Host security
Audit logs
(Detection)
Access controls
Intrusion detection systems (Detection) Firewall (Prevention)
Diversity of Defense
• is a concept that complements the idea of various layers of security
• involves making different layers of security dissimilar so that even if
attackers know how to get through a system making up one layer, they may not know how to get through a different type of layer that employs a different system for security
Access Control
Discretionary Access Control
o is an access control mechanism in which the owner of an object (such as a file) can decide which other subjects (such as other users) may have access to the object, and what access (read, write, execute) these subjects may have
Mandatory Access Control
o is an access control mechanism in which the security mechanism controls access to all objects (files), and individual subjects (processes or users) cannot change that access
Role-Based Access Control
o is an access control mechanism in which, instead of the users being assigned specific access permissions for the objects associated with the computer system or network, a set of roles that the user may perform will be assigned to each user
Health Issues
Ergonomics
• is the study of designing and positioning computer equipment
• is an approach which puts human needs and capabilities at the focus of designing technological systems
Objectives of Ergonomics
• to ensure that humans and technology work in complete harmony, with the equipment and tasks aligned to human characteristics
• to have “no pain” computing
Essential Implications for Productivity, Efficiency, Safety, and Health in Work Setting
• designing equipment and work
arrangements to improve working posture and ease the load on the body • information design, to make the
interpretation and use of handbooks, signs, and displays easier and less error- prone
• designing equipment and systems including computers, so that they are easier to use and less likely to lead to errors in operation
• designing working environments,
including lighting and heating, to suit the needs of the users and the tasks
performed
• design of training arrangements to cover all significant aspects of the job
concerned and to take account of human learning requirements
• the design of military and space
equipment and systems - an extreme case of demands on the human being
• designing tasks and jobs so that they are effective and take account of human needs such as rest breaks and sensible shift patterns
Origins of Ergonomics
• a relatively new branch of science, celebrated its 50th anniversary in 1999
• relies on research carried out in many other older, established scientific areas, such as physiology, psychology and engineering
• originated in World War 2, when
scientists designed advanced new and potentially improved systems without fully considering the people who would be using them
• it gradually became clear that systems and products would have to be designed to take account of many human and environmental factors if they are to be used safely and effectively
• this awareness of people’s requirements resulted in the discipline of ergonomics
Checklist for a User-friendly Workstation v’ Top of screen at eye level; lower for bifotal wear&s
V Screen distance l arm’s length
(15-32)
‘ Document adjutbIe to screen [eight
Chair backrest pwvides firm lower back uppi1
V Chair bac:k and seat easily adjustable for heht and tilt by user
V Kel/hoard height promotes relaxed
arms with forearms parallel to floor
V Wrists straight (neutral)
A User-Friendly Workstation
Equipment Checklist
Buying Tips
o ask for equipment that meets American National Standards Institute (ANSI)
standards
o try equipment out before purchasing whenever possible
Computer Terminal
o easy to use brightness and control knobs
o no perceptible screen flicker
o detachable keyboard
o reduced electromagnetic fields (EM F) emissions
o tiltable screen
o character size at least 3/1611
Chair
o back provides firm lower and mid-back support
o adjustable arm rests, if needed to prevent shoulder fatigue
o seat and back easily adjustable for height and tilt from seated position without use of tools
o seat upholstered and padded, curves down at front edge
o 5 casters for stability
Table
o adjustable easily from seated position without use of tools
o bi-level to allow independent adjustment of screen and keyboard
o adequate leg room
o adequate table top space for required tasks
Accessories (as needed)
o foot rest for users whose feet don’t rest flat on the floor
o adjustable keyboard tray, if table is too high
o wrist rest that is padded, movable, same height as keyboard home row
o document holder adjustable to screen height
o glare screen with grounding wire
o lumbar support cushion, if chair doesn’t support lower back
o telephone headset
o task lighting
Health Tips
Reduce Glare to Avoid Eyestrain
o lower lighting level to about half of normal office lighting
o avoid placing computer directly under a bank of lights
o avoid light shining directly into your eyes or onto your screen
o use window curtains or blinds if necessary
o position screen at right angle to window
o hold a mirror in front of your screen to identify sources of glare
o use task lighting if necessary
Information Ethics
Ethics
• refers to the rules and standards
governing the conduct of an individual with others
Business Ethics
• is code of morals of a particular
profession
• is the standards of conduct of a given profession
Information Ethics
• is defined as agreement among
information systems professionals to do right and to avoid wrong in their work
Unique Sensitive Attributes of Information Systems
• Location
• Time
• Separation of Act from Consequences
• Individual Power
Privacy
• refers to the right of people not to reveal information about them
• is the right to keep personal information, such as personal e-mail messages, medical histories, student records, and financial information from getting into the wrong hands
• Privacy at Work
o some experts believe that there will be a collision between workers who want their privacy and companies that demand to know more about their employees
o computer-monitoring systems tie directly into computerized workstations;
specialized computer programs can track every keystroke made by user
Email Privacy Issues
o federal law allows employers to monitor email sent and received by employees
o email messages that have been erased from hard disks may be retrieved and used in lawsuits because the laws of discovery demand that companies produce all relevant business documents
o the use of email among public officials may violate “open meeting” laws
Accuracy
Ethical Approach to Information Accuracy
o individuals should be given an opportunity to correct inaccurate information held about them in database
o contents of databases containing data about individuals should be reviewed at frequent intervals, with obsolete data discarded
o system safeguards, such as control audits are necessary to maintain information accuracy
o a professional should not misrepresent his or her qualifications to perform a task
o a professional should indicate to his or her employer the consequences to be expected if his or her judgment is overruled
Accessibility
• access to files, both for online and offline, should be restricted only to those who have a legitimate right to access
• many organizations keep a transaction log that notes all accesses or attempted accesses to data
• most LAN management software includes this function
Property
• many networks have audit controls to track which files opened, which programs and servers were used, and so on
• this creates an audit trail, a record of how a transaction was handled from input through processing and output
Computer Crime
Computer Crime Laws
o Fair Credit Reporting Act of 1970 (FCRA)
o Freedom of Information Act of 1970
o Tax Reform Act of 1976
o Rights to Financial Privacy Act of 1978
o Electronic Funds Transfer Act of 1979
o Computer Matching and Privacy Act of 1988
o Video Privacy Act of 1988
o Telephone Consumer Protection Act of 1991
o Cable Act of 1992
o Computer Abuse Amendments Act of 1994.
o Children’s Online Privacy Protection Act of 1998
o Education Privacy Act
Federal Computer Crime Laws
o Copyrights Law
o Fraud and False Statements Law
o Espionage and Censorship
o Mail Fraud Law
Tips to Help Prevent Crime on the
Internet
o use of stand-alone firewall, including hardware and software with network
monitoring capabilities
o use internet security specialists to perform audits of all internet and network activities
o develop effective internet and security policies for all employees
o monitor managers and employees to make sure they are using the internet for business purposes only
Service Theft
• some people are using their employer’s computer time to play games
• the biggest abuse is probably wasting time with electronic mail and the internet
• one analysis of e-mail logs of three companies (IBM, Apple, At&T) found their employees visited Penthouse magazine website 12,823 times in a single month
• theft of telephone services has increased significantly
Data Alteration/Theft
is the intentional use of illegal and destructive programs to alter or destroy data is as much a crime as destroying tangible goods
o most common of these types of programs are viruses and worms
o there are more than 53,000 known computer viruses today, with more than 6,000 new viruses and worms being discovered each year
Malicious Access
• are crimes involving illegal system access and use of computer services are a concern to both government and
business
• federal, state, and local government computers are sometimes left
unattended over weekends without proper security
• university computers are often used for commercial purposes under the pretense of research or other legitimate academic pursuits
Computer Viruses
• Application Virus
o infects executable application files such as word processing programs
o infects the computer system
o can often be detected by checking the length or size of the file
• System Virus
o typically infects operating system programs or other systems files
o usually infects the system as soon as the computer is started
No comments:
Post a Comment