Post on 22-Oct-2014
transcript
Information Technology Act 2000
Presented by
Samira Baptista - 01
Minelli Coelho - 03
Delina D’souza - 05
Nitin D’souza - 07
Lowell John - 09
Jenny Fernandes - 11
Alisha Henriques - 13
Tejas Kadam - 15
Usage & Importance of IT
• Access to variety of resources
• Immediacy to information
• Authentic and up to date information
• Access to online libraries
• Access to the source of information
• Multiple communication channels
• Reduces time on many routine tasks
• Paper work eliminated
Need for Legal Framework
IT Act 2000The Model
Law on Electronic Commerce
Legal Recognition
for Transactions
Efficient Delivery of Government
Services
Electronic Filing of
Documents
Give legal Recognition to
Digital Signature
Electronic Book of
Accounts
Protect Privacy of Internet
Users
Stop Computer Crime
Important Definitions
Access
Addressee means a person who is intended by the originator to receive the electronic record but does not include any intermediary.
It means gaining entry into, instructing or communicating with the logical, arithmetical, or memory function resources of a computer, computer system or computer network
Addressee
Data and Information
• Data is a representation of a fact, number, word, image, or sound such as time, date, prices, name, numbers of items sold etc• Information is processed data that is meaningful or useful to someone such as Salary slip of an employee, evaluation report of a student etc.
Characteristics of information:• Timeliness: It should be available at the correct time.• Completeness: It should be sufficient for the purpose.• Accuracy: It should be correct and reliable.• Understandability: It should be clear in meaning, practical and simple.
Public key
A value provided by some designated authority as an encryption key that, combined with a private key derived from the public key, can be used to effectively encrypt messages and digital signatures
Private key
A private or secret key is an encryption/decryption key known only to the party or parties that exchange secret messages.
Crypto
• Cryptology is the art and science of making and breaking “secret codes”• Cryptography is making of “secret codes”• Cryptoanalysis is breaking of “secret codes”• Crypto is a synonym for all of the above
Encryption is the process of transforming information (referred to as plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The reverse process to make the encrypted information readable again is referred to as decryption.
Encryption & Decryption
Digital Signature
Cybercrime
Internet
Pros Cons
Cyber Crime
Criminal Activity in which Computers or Computer
Networks are a Tool
Narrow and
Broad
Cybercrime in India
Karnata
kaKeral
a
Mah
arash
tra
Andhra Prad
esh
Rajasth
an
Punjab
Chhattisga
rh
153 148 142
105
52 52
0
104
6646
Report of National Crime Records Bureau 2010
Cyber Crime Cases Hacking
Classification of Cybercrime
Cybercrime
Against Person Against Property
Against Government
Types of Cyber Crime
• Hacking• Cyber Stalking• Denial Of Service Attack• Virus Dissemination• Software Piracy• Spoofing• Salami attack• Cyber terrorism• Sale of narcotics• Child Pornography
Hacking• Illegal intrusion into computer system and/or
network.• Motive behind crime
– Greed– Power– Publicity– Revenge– Adventure– Desire to access forbidden information– Destructive mindset– Wants to sell n/w security service
Denial of Service
A denial-of-service attack (DoS attack) or distributed
denial-of-service attack (DDoS attack) is an attempt to
make a computer or network resource unavailable to its
Intended users.
Cyber stalking• Stalking is following someone around in a way that makes them
feel hunted or not safe in some other way• Cyber stalking is when the stalker uses the Internet to contact or
follow that person• Stalker may make direct contact with that person, they may send
nasty messages to that person or spread lies about them to others• Phishing
PhishingFrom: *****Bank [mailto:support@****Bank.com]
Sent: 08 January 2011 03:25
To: India
Subject: Official information from ***** Bank
Dear valued ***** Bank Customer!
For security purposes your account has been randomly chosen for verification. To verify your account information we are asking you to provide us with all the data we are requesting. Otherwise we will not be able to verify your identity and access to your account will be denied. Please click on the link below to get to the bank secure page and verify your account details. Thank you.
http://infinity.*****bank.co.in/Verify.jsp
Impact on Banking Sector
Barter system
Coin
NotesPlastic money
Impact on Banking Sector
ATM fraud
Money Laundering
Credit Card fraud
• Tampering• Hacking• Publishing obscene
information• Publication for fraudulent
purpose
Offences & Penalties
• Misrepresentation• Breach of confidentiality
and privacy• Publishing false digital
signature certificate• Confiscation
NASSCOM
4 E framework for trusted sourcing
Engage
Educate
Enact
Enforcement
Engage• Global & National Advisory board• Meet all stakeholders in India and key markets
Educate• Seminars• Create Intellectual capital
Enact• Examine areas to strengthen legal framework in India• Work with regulators to identify relevant provisions
Enforcement• To train policemen to effectively deal with the
emerging crimes scene
IT System Control and Audit
• Knowledge of internal control practices and the control philosophy
• Methodologies for successful design and implementation of systems
• Supports the auditor’s judgment on the quality of the information processed
• Examination and verification of the organization’s compliance with any IT-related legal issues
• Assessment of information security and privacy issues
Amendments2008
Digital Signature Electronic Signature
Communicative Device
Damage to Computer
Damage to Person
Corporate Misuse of Personal Information
Amendments
2011
Maintain Certain Specified Security Standards
Register Cyber Cafe
Survey Analysis
Knowledge of IT
Act
Impac
t on Busin
ess
Prevention of C
C
Identity Lo
g
Personal
Control o
f Illega
l Site
Restrict
Sites
Authentic S
oftware
Victim of C
C0%
20%
40%
60%
80%
100%
NoYes
Source: Primary data from 5 cyber cafes around Mumbai