dependable expert writers

With experience gained since 2003, EssayPride successfully completes 98% of all incoming orders. Select options, proceed, and consider your paper done!

Assignment type

Deadline (UTC)

Pages

Search our huge database of over 200,000 free example essays and research papers nearly on any topic imaginable!

Advances In Computer Security Law example essay topic

1,938 words

... jet is any active entity that causes information to flow among passive entities called objects. For example, subject could be a person typing commands which transfer information from a keyboard (an object) to memory (another object), or a process running on the central processing unit that is sending information from a file (an object) to a printer a printer (another object). 2 Confidentiality is roughly equivalent to privacy. If a subject circumvents confidentiality measures designed to prevent it's access to an object, the object is said to be 'comprised. ' Confidentiality is the most advanced area of computer security because the U.S. Department of Defense has invested heavily for many years to find way to maintain the confidentiality of classified data in AIS [4].

This investment has produced the Department of Defense trusted computer system evaluation criteria [5], alternatively called the Orange Book after the color of it's cover. The orange book is perhaps the single most authoritative document about protecting the confidentiality of data in classified AIS. Integrity measures are meant to protect data form unauthorized modification. The integrity of an object can be assessed by comparing it's current state to it's original or intended state. An object which has been modified by a subject with out proper authorization is sad to 'corrupted.

' Technology for ensuring integrity has lagged behind that for confidentiality [4]. This is because the integrity problem has until recently been addressed by restricting access to AIS to trustworthy subjects. Today, the integrity threat is no longer tractable exclusively through access control. The desire for wide connectivity through networks and the increased us of commercial off the shelf software has limited the degree to which most AIS's can trust accelerating over the past few years, and will likely become as important a priority as confidentiality in the future. Availability means having an AIS system and it's associated objects accessible and functional when needed by it's user community. Attacks against availability are called denial of service attacks.

For example, a subject may release a virus which absorbs so much processor time that the AIS system becomes overloaded. This is by far the least well developed of the three security properties, largely for technical reasons involving the formal verification of AIS designs [4]. Although such verification is not likely to become a practical reality for many years, techniques such as fault tolerance and software reliability are used to migrate the effects of denial service attacks. C. Computer Security Requirements The three security properties of confidentiality, integrity, and availability are by labeling the subjects and objects in an AIS and regulating the flow of information between them according to a predetermined set of rules called a security policy. The security policy specifies which subject labels can access which object labels.

For example, suppose you went shopping and had to present your drives license to pick up some badges assigned to you at the entrance, each listing a brand name. The policy at some stores is that you can only buy the brand name listed on one of your badges. At the check-out lane, the cashier compares the brand names of each object you want to buy with names on your badges. If there's a match, she rings it up.

But if you choose abr and name that doesn't appear on one of your badges she puts it back on the shelf. You could be sneaky and alter a badge, or pretend to be your neighbor who has more badges than you, or find a clerk who will turn a blind eye. No doubt the store would employ a host of measures to prevent you from cheating. The same situation exists on secure computer systems. Security measure a reemployed to prevent illicit tampering with labels, positively identify subjects, and provide assurance that the security measures are doing the job correctly.

A comprehensive list of minimal requirements to secure an AIS are presented in The Orange Book [5]. The Legal Perspective A. Sources Of Computer Law The three branches of the government, legislative, executive, and judicial, produce quantities of computer law which are inversely proportional to the amount of coordination needed for it's enactment. The legislative branch, consisting of the Congress and fifty state legislators, produce the smallest amount if law which is worded in the most general terms. For example, the Congress may pass a bill mandating that sensitive information in government computers be protected. The executive branch, consisting of the president and numerous agencies, issues regulations which implement the bills passed by legislators. Finally, the judicial branch serves as an avenue of appeal and decides the meaning of the laws and regulations in specific cases.

After the decisions are issued, and in some cases appealed, they are taken as the word of the law in legally similar situations. B. Current Views On Computer Crime Currently there is no universal argument in the legal community on what constitutes a computer crime. One reason is the rapidly changing state of computer technology. For example in 1979, the U.S. Department of justice publication [6] partitioned computer crime into three categories: 1) Computer abuse, 'the broad range of international acts involving a computer where one or more perpetrators made or could have made gain and one or victims suffered or could have suffered a loss. ' Computer crime, 'Illegal computer abuse the implies direct involvement of computers in committing a crime.

3) Computer related crimes 'Any illegal act for which a knowledge of computer technology is essential for successful prosecution. ' These definitions have become blurred by the vast proliferation of computers and computer related products over the last decade. For example, does altering an inventory bar code at a store constitute computer abuse? Should a person caught in such an act be prosecuted both under theft and computer abuse laws?

Clearly, advances in computer technology should be mirrored by parallel changes in computer laws. Another attempt to describe the essential features of computer crimes has been made by work and Luddy [1]. They claim that the majority of crimes committed against or which the use of a computer can be classified. These crimes a reclassified as follows: 1) sabotage, 'involves an attack against the entire computer system, or against it's sub components, and may be the product of foreign involvement or penetration by a competitor. ' 2) Theft of services,' using a computer at someone else's expense.

3) Property crime involving the " theft of property by and through the use of a computer. A good definition of computer crime should capture all acts which are criminal and involve computers and only those acts. Assessing the completeness of a definition seems problematic, tractable using technical computer security concepts. IV.

Conclusion The development of effective computer security law and public policy cannot be accomplished without cooperation between the technical and legal communities. The inherently abstruse nature of computer technology and the importance of social issues it generates demands the combined talents of both. At stake is not only a fair and just interpretation of the law as it pertains to computers, but more basic issues involving the protection of civil rights. Technological developments have challenged these rights in the past and have been met with laws and public policies which have regulated their use. For example the use of the telegraph and telephone gave rise to privacy laws pertaining to wire communications. We need to meet advances in automated information technology with legislation that preserves civil liberties and establishes legal boundaries for protecting confidentiality, integrity, and assured service.

Legal and computer professionals have a vital role in meeting this challenge together. REFERENCES [1] Stuart R. Work and William J. Luddy Jr., 'Legal Aspects of Computer Use " Prentice Hall, 1986, pg. 129 [2] National Computer Security Center,' Glossary of Computer Security Terms' October 21, 1988 [3] Thomas R. Mylott, 'Computer Law for the Computer Professional,' Prentice Hall, 1984, p. g. 131. e [4] Gasser, Morrie, 'Building a Secure Computer System' Van Nostrand, 1988. [5] Department of Defense, 'Department of Defense Trusted Computer System Evaluation Criteria,' December 1985 [6] United States Department of Justice, 'Computer Crime, Criminal Justice Resource Manual,' 1979 COMPUTER SECURITY AND THE LAW. Introduction You are a computer administrator for a large manufacturing company. Inthe middle of a production run, all the mainframes on a crucial network grind to halt.

Production is delayed costing your company millions of dollars. Upon investigating, you find that a virus was released into the network through a specific account. When you confront the owner of the account, he claims he neither wrote nor released the virus, but he admits that he has distributed his password to 'friends' who need ready access to his data files. Is he liable for the loss suffered by your company? In whole or in part?

And if in part, for how much? These and related questions are the subject of computer law. The answers may very depending in which state the crime was committed and the judge who presides at the trial. Computer security law is new field, and the legal establishment has yet to reach broad agreement on may key issues. Advances in computer security law have been impeded by the reluctance on the part of lawyers and judges to grapple with the technical side of computer security issues [1]. This problem could be mitigated by involving technical computer security professional in the development of computer security law and public policy.

This paper is meant to help bridge to gap between technical and legal computer security communities. II. THE TECHNOLOGICAL PERSPECTIVE A. The Objectives of Computer Security The principal objective of computer security is to protect and assure the confidentiality, integrity, and availability of automated information systems and the data they contain. Each of these terms has a precise meaning which is grounded in basic technical ideas about the flow of information in automated information systems. B. Basic Concepts There is a broad, top-level consensus regarding the meaning of most technical computer security concepts. This is partly because of government involvement in proposing, coordinating, and publishing the definitions of basic terms [2]. The meanings of the terms used in government directives and regulations are generally made to be consistent with past usage.

This is not to say that there is no disagreement over the definitions in the technical community. Rather, the range of such disagreement is much narrower than in the legal community. For example there is presently no legal consensus on exactly what constitutes a computer [3]. The term used to establish the scope of computer security is 'automated information system,' often abbreviated 'AIS. ' An Ais is an assembly of electronic equipment, hardware, software, and firmware configured to collect, create, communicate, disseminate, process, store and control data or information. This includes numerous items beyond the central processing unit and associated random access memory, such as input / output devises (keyboards, printers, etc.) Every AIS is used by subjects to act on objects.

A subject is any active entity that causes information to flow among passive entities called objects. The security policy specifies which subject la.

Things every student should keep in mind

Free example essays found anywhere online are available to anyone, which makes them used, re-used, paraphrased, and abused millions of times.
Watch out, some are poorly written!
We strongly discourage you to submit free essays or any of their parts for credit at your school -- they are easily detected by PLAGIARISM CHECKERS.
Get a brand-new, 100% original paper that will be written especially for you following YOUR EXACT instructions.

100% money back, no questions asked if you paper is plagiarized (this won't happen anyway).

We use a simple but effective principle: one satisfied customer will come back for more, but one who was cheated and misled will tell 10 others too.

Our clients are treated with the highest level of respect that a legitimate student deserves. You, as a customer, will feel this attitude starting from your first contact with our essay service and all the way through.

A significant percentage of cheap essay writing services have also been the source of complaints from students for selling cut and pasted work off the net -- this is a world away from the personalized essay service that EssayPride offers. All our guarantees are always kept -- we are nothing without quality, affordable prices, and the high degree of customer satisfaction!

What our customers say

Piotr S.
Toronto, Canada

I am an ESL student and I am only learning how to write good papers in English. Thanks to EssayPride I am mastering this skill much faster. They help me because they always respond any questions and explain me things I do not understand. They also strictly follow the deadlines and I am never late with my assignments. Thank you very much, guys, your hard work is appreciated. I will surely be ordering more.

Lindsay M.
Winston Salem, NC

Oh my Gosh! My life has become sooo much easier after I've come across this website. I am a working student, so sometimes I am too overwhelmed with so many things and I really need a hand with my papers. I am glad I have found a company I can trust. I have confidence in these guys, because they proved to be good quite a few times.

Kirk N.
Austin, TX

I never leave reviews for products or services because I am quite particular and picky. Surprisingly enough, EssayPride has managed to satisfy all of my requirements, even though I asked for several alterations to the paper they've sent initially. My assignments are quite complicated and it is essential to possess a certain level of knowledge in order to write a decent paper. These guys have managed, so I give them four stars.

Emma Ch.
Birmingham, UK

Customer service is very responsive to your queries, they answer any question within an hour. Even if you have a problem with an order, you can contact them and they will fix it promptly. The quality of writing is very good, writer knows what he is talking about. I had a very positive experience using this website, I will be a returning customer.

Travis J.
Perth, Australia

I used this website more than once and every time my experience turned out to be extremely positive. I think their price-quality ratio is very good, because I couldn't find anyone writing better than these guys, who would work for this money. Thank you!

Myung O.
Seoul, South Korea

I am a Korean student studying in the US. I would like to thank essaypride staff, especially writer Jeff P., for helping me out so much. My grades are good with all your help and I keep calm about the results of my year.

Boyi Zh.
St. Louis, MO

As probably any student, I was quite hesitant about asking somebody else to do my assignments at first. However, after EssayPride has sent me my first paper and I've read it, I understood that I could actually learn a lot from them. The research they've done was impressive and I understood the topic even better than after going to class and reading my textbook. I am not using this website to "cheat", I am using it as a tutoring service, they help me to understand the material better.

Order ANY essay at an affordable price!

Samples of professionally written essays produced by our company. Feel the difference!

Free example essays, top 50

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X-Z

Our website uses cookies. By continuing, you agree to their use. Learn more, including how to control cookies.