E-Commerce Module 5
E-Commerce Module 5
E-Commerce Module 5
Cyber world refers to the world of online computers and communications which
implies today’s fast moving high technology world online. It is an online world
where users have the mechanisms to transact any business or personnel activity as
easily and freely as they can transact them in physical world.
Cyber law governs the legal issue of cyber space, it includes computers,
network, internet, data, software etc. It includes law relating to –
Electronic and digital sign
Computer crimes
Intellectual apply
Data protection and privacy
Telecommunication law
In the modern world, the internet has become essential for working and easy
communication with people, whether in the next room or on the other side of the
world. Some important services provided by the internet have become very
common like e-mail, the WWW and instant access to internet. Following are the
important services of applications
WWW- Many people use the terms internet and www interchange but the
2 terms are not synonymous. The internet is a massive network of
networks. It connects millions of computers together globally. The www,
simply web is a way of accessing info over the medium of internet. It is an
info sharing model, is built on top of the internet. It contains millions of
electronic documents called webpage. A webpage contains info in the form
of text and graphics.
E-mail- Short of electronic mail is perhaps the most common computer-
based technology used for communication. It allows us to send and receive
messages and files specific address unique to the use, and keep records of
communication taking place. The messages are delivered instantly to
people anywhere in the world. E-mail is now an essential communication
tool in business.
E-commerce – The ability to do business without the usual constraints of
time makes e- commerce one of the most important services provided by the
internet. With the single click of a mouse, online customers can purchase
almost anything day or night from the comfort of their own home.
Video conferencing- It allows people in different locations to hold
interactive meetings. In this all the participants can see and hear each other
hence it provides the real feel of a conversation.
Tel-net – It is an internet service for accessing remote computers. Through
telnet, a user can access someone else computer remotely to use telnet, the
user must know the internet add of the remote computer and should have a
valid username and password.
Data transfer – File sharing using file transfer protocol (FTP) is
transferring large amount of data across the internet. A computer file can
be e-mailed to customers, colleges and friends as attachment. It can be
uploaded to a website/ FTP server for easy download by others
BENEFITS IN A CYBER WORLD
Internet had become very popular and it has touched every aspect of our life.
It has changed the concept of communication and entertainment the uses of
internet are explained below.
CYBERSPACE
This refers to the virtual computer world and more specifically is an electronic
medium used to form a global computer network to facilitate online
communication. This allows users to share info, interact, engaging discussions or
social form and conduct business among many other activities.
Cyber space represents the new medium of communication, e-communication
which is fast replacing traditional methods of communication the word cyber
space was coined by William Gibson, when he sorts a name to describe his
vision of a global computers network, linking all people, machines and sources
of into in the world.
CYBER CRIMES
It is one of the fastest growing areas of crime, these includes attacks against
computer data and system, identify theft, distribution of child pornography,
internet fraud, deployment of virus etc. The global nature of the internet has
allowed criminals to commit almost any illegal activity anywhere in the world.
Computer crime/ cybercrime refers to any crime that involves a computer and a
network. This may be defined unlawful and where in the computer is either a tool
or target/ both. Cybercrime encompasses any criminal act dealing with computer
and network.
Types of Cyber Crimes
Hacking
This is a type of crime wherein a person's computer is broken into so that
personal or sensitive information can be accessed. In hacking, the criminal use
variety of software to enter a person's computer and the person may not be aware that
his computer is being accessed from a remote location. A simple definition of
hacking is gaining an unauthorised access to a computer system. Computer hacking
refers to finding out weaknesses in an established system and exploring them.
A Hacker is a person who commits the offence of exploring into other computer
without the knowledge of the other person Hackers may be motivated by variety of
reasons, Such as profit, curiosity, protest, or challenge.
Phishing
Phishing is a type of online identity theft. It uses e-mail and fraudulent websites that
are designed to steal your personal data or information such as credit card numbers,
passwords, account data, or other information Mostly fraudsters send out legitimate
looming e-mail in an attempt to gather personal and financial information from
recipients.
E-mails that appear to have originated from one source while they are actually sent
from another source are termed as e-mail spoofing.
Phishers are constantly improving their technologies and this has resulted in the
appearance of a new trend pharming. It also targets on accessing confidential
information and unlike phishers pharmers obtains identities through official
websites.
Tricking the Shopper
Most common and most profitable attack is tricking the shopper, also known as
social engineering techniques. The target of this attack is the shoppers in online
shopping. These attacks involve surveillance of the shopper's behaviour and
gathering information to use against the shopper.
Another trick is creating sites similar to famous sites. For instance http/www
ibn.com/shop is registered by an attacker. Some shoppers may mistype or click that
site thinking that is ibm. com/shop.
Cyber Warfare
It involves nations using information technology to penetrate into another nation’s
network, to cause damage or disruption. In the US and many other nations cyber
warfare has been acknowledged as the fifth domain of warfare. (Following land, sea,
air, and space)
Cyber Espionage
It is the use of information technology to obtain secret information without the
permission from its owners and holders. It is described as the stealing of secrets
stored in digital formats or on computers and in networks. Cyber espionage is most
often used to gain strategic, economic, political, or militant advantage.
Spam
Spam is the process of flooding the internet with so many copies of the sane
message. Most spam is commercial advertising, often for questionable products and
services. E mail spam is unwanted bulk e mail, junk mail or unwelcome commercial
e-mail. E-mail spamming is the practice of sending unwanted email messages,
frequently from an unidentified source.
CYBER LAW
It is a term that deals with the legal issues relating to the use of internet and
computers. It is the area of law that deals with internet relationship to technological
and electronic elements, including computers, software, hardware.
Cyber law is concerned with every individual these days. There are several
advertisements of cyber law to protect the individual from getting trapped in any
cyber violation. Its provision contains many positive aspects. Organizations are
now able to carry out e- commerce using the legal infrastructure provided by the
Act.
Under the IT Act 2000, it shall now be possible for corporates to have a statutory
remedy in case of anyone breaks into these computers system or network and cost
loss. E-mail would now be a value legal form of communication in our country, that
can be produced and approved in a court of law.
IT ACT 2000
The IT Act has 13 chapters and 94 sec. The primary source of cyber law in India is
the IT act 2000 which came into force on 17th October 2000. The primary purpose
of this act is to provide legal recognition to e-commerce and to facilities films of e-
records with the goal. The IT Act also penalizes various cybercrimes and provides
strict punishments.
The government of India enacted is IT Act 2000 with the objectives
To provide legal recognition for transactions carried out by means of
electronic data interchange and other means of e- communications.
To facilitate e-filling of documents with government agencies. The Act
provides for the legal treatment of users of e- communication and paper
based communication
Being the first legislation in the nature on technology, computers and e-commerce,
the Act was the subject of extreme debate, elaborate reviews and detailed criticism.
There were some missions in the Act. Thus, the need for an amendment- a detailed
one was felt for the IT Act almost from the year 2003 itself. IT Act amendment
was passed in Dec 2008. IT Amendment Act 2008 provide additional focus on
information security. It has added several new sections on offences including cyber
terrorism and data protection. In the 2008 session of the Act, these are 14 chapters
and 124 sessions.
The major provisions are,
1) Penalty for damage to computer
As per the sec 43 of the IT Act 2000, a person committed
a computer crime when he/ she does the following
a) Accesses or secures to such computer, computer system or computer
network without authorization
b) Download copies or extract any data/ info from a computer,
computer system any removable storage medium or computer
network without permission
c) Introduces any computer virus into computer, computer system or
computer network
d) Provide any assistance to any person to facilitate access to a
computer, computer system or computer network in
contravention of the provisions of this Act.
In the above circumstance, he or she shall be liable to pay damage by
way of compensation not exceeding 1cr Rs to the person so affected
CYBER THREATS
Cyber threat refers to the possibility of a malicious attempt to damage or disrupt a
computer network or system. They are potential cyber events that may cause
unwanted outcomes. Threats may originate to externally or internally and may
originate from individuals or organization.
A cyber threat can be unintentional or intentional, targeted or non-targeted, and can
come from a variety of sources, including foreign nations engaged in espionage and
information warfare, criminals, hackers, virus writers, and disgruntled employees
and contractors working within an organization. Unintentional threats can be caused
by inattentive or untrained employees,
software upgrades, maintenance procedures and equipment failures that inadvertently
disrupt computer systems or corrupt data. Intentional threats include both targeted
and non-targeted attacks. A targeted attack is when a group or individual specifically
attacks a critical infrastructure System. A non-targeted attack occurs when the
intended target of the attack is
uncertain, such as when a virus, worm, or malware is released on the internet with no
specific target.
Passive Threats
The monitoring and recording of data while the data are being transmitted over a
communication network, by an unauthorized user is a passive threat. The goal of the
attacker is to obtain information that is being transmitted by other people Two types
of passive threats are there (a) Release of message contents and (b) traffic analysis
Active Threats
Active threat involves the alteration of digital data or generation of spurious data by
an attacker.
PRIVACY ISSUES
The internet has brought new concerns about privacy in an age where computer can
permanently store records of everything. Internet privacy and
security level of personal data published through internet. Your privacy on the
internet depends on your ability to control both the amount of personal information
that you provide and who has access to that information. Internet privacy is also
known as online privacy.
The following guidelines are helpful in protecting your privacy, online.
1. Do not post anything online that you would not want made public
2.Minimize details that identify you or your whereabouts.
3.Keep your account numbers, user names, and passwords secret
4 Enter only required information often marked with an asterisk -on
registration and other forms
You can greatly reduce your risk of online identity theft by taking these four steps to
protect your computer
1. Use an internet firewall
2. Get security updates automatically
3. Subscribe to antivirus software and keep it current
4 Create strong passwords
IPR was divided into 7 main branches under the TRIPS agreement (Trade
Related Aspects of Intellectual Property Rights). These branches are:
1.Patents
2.Copy rights
3.trade mark
4.Geographical indications
5. Designs
6. Integrated Circuits and Design Layouts
7. Confidential Information
Encryption
Encryption is a way of scrambling data so that only authorized parties can
understand the information. In technical terms, it is the process of converting human-
readable plaintext to incomprehensible text, also known as ciphertext. In simpler
terms, encryption takes readable data and alters it so that it appears random.
Encryption requires the use of a cryptographic key: a set of mathematical values that
both the sender and the recipient of an encrypted message agree on.
Decryption
Decryption is a process that transforms encrypted information into its original
format.
firewall
A firewall is a network security device that monitors incoming and outgoing network
traffic and decides whether to allow or block specific traffic based on a defined set of
security rules.
Firewalls have been a first line of defense in network security for over 25 years.
They establish a barrier between secured and controlled internal networks that can be
trusted and untrusted outside networks, such as the Internet.
Cryptography
Cryptography is the process of hiding or coding information so that only the person a
message was intended for can read it. The art of cryptography has been used to code
messages for thousands of years and continues to be used in bank cards, computer
passwords, and ecommerce.