Cyber Security and laws
IPv4 - TCP/IP
Model
A majority of the
internet uses a protocol suite called the Internet Protocol Suite also known as
the TCP/IP protocol suite. This suite is a combination of protocols which
encompasses a number of different protocols for different purpose and need.
Because the two major protocols in this suites are TCP (Transmission Control
Protocol) and IP (Internet Protocol), this is commonly termed as TCP/IP
Protocol suite. This protocol suite has its own reference model which it
follows over the internet. In contrast with the OSI model, this model of
protocols contains less layers.
Figure: Comparative depiction of OSI and TCP/IP Reference Models
This model is
indifferent to the actual hardware implementation, i.e. the physical layer of
OSI Model. This is why this model can be implemented on almost all underlying
technologies. Transport and Internet layers correspond to the same peer layers.
All three top layers of OSI Model are compressed together in single Application
layer of TCP/IP Model.
Internet Protocol
Version 4 (IPv4)
Internet Protocol is one
of the major protocols in the TCP/IP protocols suite. This protocol works at
the network layer of the OSI model and at the Internet layer of the TCP/IP
model. Thus this protocol has the responsibility of identifying hosts based
upon their logical addresses and to route data among them over the underlying
network.
IP provides a mechanism
to uniquely identify hosts by an IP addressing scheme. IP uses best effort
delivery, i.e. it does not guarantee that packets would be delivered to the
destined host, but it will do its best to reach the destination. Internet
Protocol version 4 uses 32-bit logical address.
TCP/IP Reference Model
TCP/IP
Reference Model is a four-layered suite of communication protocols. It was
developed by the DoD (Department of Defence) in the 1960s. It is named after
the two main protocols that are used in the model, namely, TCP and IP. TCP
stands for Transmission Control Protocol and IP stands for Internet Protocol.
The four layers
in the TCP/IP protocol suite are:
1.
Host-to-
Network Layer: It is the lowest layer that is
concerned with the physical transmission of data. TCP/IP does not specifically
define any protocol here but supports all the standard protocols.
2.
Internet
Layer: It defines the protocols for logical
transmission of data over the network. The main protocol in this layer is
Internet Protocol (IP) and it is supported by the protocols ICMP, IGMP, RARP,
and ARP.
3.
Transport
Layer: It is responsible for
error-free end-to-end delivery of data. The protocols defined here are
Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
4.
Application
Layer: This is the topmost layer and
defines the interface of host programs with the transport layer services. This
layer includes all high-level protocols like Telnet, DNS, HTTP, FTP, SMTP, etc.
The following
diagram shows the layers and the protocols in each of the layers:
Internet Protocol being a layer-3 protocol (OSI) takes data
Segments from layer-4 (Transport) and divides it into packets. IP packet encapsulates
data unit received from above layer and add to its own header information.
The encapsulated data is referred to as IP Payload. IP header
contains all the necessary information to deliver the packet at the other end.
IP header includes many relevant information including Version
Number, which, in this context, is 4. Other details are as follows:
·
Version: Version no. of
Internet Protocol used (e.g. IPv4).
·
IHL: Internet Header
Length; Length of entire IP header.
·
DSCP: Differentiated
Services Code Point; this is Type of Service.
·
ECN: Explicit Congestion
Notification; It carries information about the congestion seen in the route.
·
Total Length: Length of entire IP
Packet (including IP header and IP Payload).
·
Identification: If
IP packet is fragmented during the transmission, all the fragments contain same
identification number. to identify original IP packet they belong to.
·
Flags: As required by the
network resources, if IP Packet is too large to handle, these ‘flags’ tells if
they can be fragmented or not. In this 3-bit flag, the MSB is always set to
‘0’.
·
Fragment Offset: This
offset tells the exact position of the fragment in the original IP Packet.
·
Time to Live: To avoid looping in
the network, every packet is sent with some TTL value set, which tells the
network how many routers (hops) this packet can cross. At each hop, its value
is decremented by one and when the value reaches zero, the packet is discarded.
·
Protocol: Tells the Network
layer at the destination host, to which Protocol this packet belongs to, i.e.
the next level Protocol. For example protocol number of ICMP is 1, TCP is 6 and
UDP is 17.
·
Header Checksum: This
field is used to keep checksum value of entire header which is then used to
check if the packet is received error-free.
·
Source Address: 32-bit
address of the Sender (or source) of the packet.
·
Destination Address: 32-bit
address of the Receiver (or destination) of the packet.
·
Options: This is optional
field, which is used if the value of IHL is greater than 5. These options may
contain values for options such as Security, Record Route, Time Stamp, etc.
Transmission Control
Protocol (TCP)
TCP is a connection
oriented protocol and offers end-to-end packet delivery. It acts as back bone
for connection.It exhibits the following key features:
·
Transmission Control Protocol (TCP) corresponds to the Transport
Layer of OSI Model.
·
TCP is a reliable and connection oriented protocol.
·
TCP offers:
o Stream
Data Transfer.
o Reliability.
o Efficient
Flow Control
o Full-duplex
operation.
o Multiplexing.
·
TCP offers connection oriented end-to-end packet delivery.
·
TCP ensures reliability by sequencing bytes with a forwarding
acknowledgement number that indicates to the destination the next byte the
source expect to receive.
·
It retransmits the bytes not acknowledged with in specified time
period.
TCP Services
TCP offers following
services to the processes at the application layer:
·
Stream Delivery Service
·
Sending and Receiving Buffers
·
Bytes and Segments
·
Full Duplex Service
·
Connection Oriented Service
·
Reliable Service
STREAM
DELIVER SERVICE
TCP protocol is stream
oriented because it allows the sending process to send data as stream of bytes
and the receiving process to obtain data as stream of bytes.
SENDING
AND RECEIVING BUFFERS
It may not be possible
for sending and receiving process to produce and obtain data at same speed,
therefore, TCP needs buffers for storage at sending and receiving ends.
BYTES
AND SEGMENTS
The Transmission Control
Protocol (TCP), at transport layer groups the bytes into a packet. This packet
is called segment. Before transmission of these packets, these segments are
encapsulated into an IP datagram.
FULL
DUPLEX SERVICE
Transmitting the data in
duplex mode means flow of data in both the directions at the same time.
CONNECTION
ORIENTED SERVICE
TCP offers connection
oriented service in the following manner:
1. TCP of
process-1 informs TCP of process – 2 and gets its approval.
2. TCP of
process – 1 and TCP of process – 2 and exchange data in both the two
directions.
3. After
completing the data exchange, when buffers on both sides are empty, the two
TCP’s destroy their buffers.
RELIABLE
SERVICE
For sake of reliability,
TCP uses acknowledgement mechanism.
Internet Protocol (IP)
Internet Protocol
is connectionless and unreliable protocol. It
ensures no guarantee of successfully transmission of data.
In order to make it
reliable, it must be paired with reliable protocol such as TCP at the transport
layer.
Internet protocol
transmits the data in form of a datagram as shown in the following diagram:
Points to remember:
·
The length of datagram is variable.
·
The Datagram is divided into two parts: header and data.
·
The length of header is 20 to 60 bytes.
·
The header contains information for routing and delivery of the
packet.
User Datagram Protocol
(UDP)
Like IP, UDP is
connectionless and unreliable protocol. It doesn’t require making a connection
with the host to exchange data. Since UDP is unreliable protocol, there is no
mechanism for ensuring that data sent is received.
UDP transmits the data
in form of a datagram. The UDP datagram consists of five parts as shown in the
following diagram:
Points to remember:
·
UDP is used by the application that typically transmit small
amount of data at one time.
·
UDP provides protocol port used i.e. UDP message contains both
source and destination port number, that makes it possible for UDP software at
the destination to deliver the message to correct application program.
File Transfer Protocol
(FTP)
FTP is used to copy
files from one host to another. FTP offers the mechanism for the same in
following manner:
·
FTP creates two processes such as Control Process and Data
Transfer Process at both ends i.e. at client as well as at server.
·
FTP establishes two different connections: one is for data
transfer and other is for control information.
·
Control connection is
made between control processes while Data Connection is
made between<="" b="" style="box-sizing:
border-box;">
·
FTP uses port 21 for the control connection
and Port 20 for the data connection.
Trivial File Transfer
Protocol (TFTP)
Trivial File Transfer
Protocol is
also used to transfer the files but it transfers the files without
authentication. Unlike FTP, TFTP does not separate control and data
information. Since there is no authentication exists, TFTP lacks in security
features therefore it is not recommended to use TFTP.
Key points
·
TFTP makes use of UDP for data transport. Each TFTP message is
carried in separate UDP datagram.
·
The first two bytes of a TFTP message specify the type of message.
·
The TFTP session is initiated when a TFTP client sends a request
to upload or download a file.
·
The request is sent from an ephemeral UDP port to the UDP
port 69 of an TFTP server.
Difference between FTP
and TFTP
|
S.N.
|
Parameter
|
FTP
|
TFTP
|
|
1
|
Operation
|
Transferring
Files
|
Transferring
Files
|
|
2
|
Authentication
|
Yes
|
No
|
|
3
|
Protocol
|
TCP
|
UDP
|
|
4
|
Ports
|
21 –
Control, 20 – Data
|
Port 3214,
69, 4012
|
|
5
|
Control
and Data
|
Separated
|
Separated
|
|
6
|
Data
Transfer
|
Reliable
|
Unreliable
|
Telnet
Telnet is a protocol
used to log in to remote computer on the internet. There are a number of Telnet
clients having user friendly user interface. The following diagram shows a
person is logged in to computer A, and from there, he remote logged into
computer B.
Hyper Text Transfer
Protocol (HTTP)
HTTP is a communication
protocol. It defines mechanism for communication between browser and the web
server. It is also called request and response protocol because the
communication between browser and server takes place in request and response
pairs.
HTTP Request
HTTP request comprises
of lines which contains:
·
Request line
·
Header Fields
·
Message body
Key Points
·
The first line i.e. the Request line specifies
the request method i.e. Get or Post.
·
The second line specifies the header which indicates the domain
name of the server from where index.htm is retrieved.
HTTP Response
Like HTTP request, HTTP
response also has certain structure. HTTP response contains:
·
Status line
·
Headers
·
Message body
Cyber Crime & Cyber Security
The crime that involves
and uses computer devices and Internet, is known as cybercrime.
Cybercrime can be
committed against an individual or a group; it can also be committed against
government and private organizations. It may be intended to harm someone’s
reputation, physical harm, or even mental harm.
Cybercrime can cause
direct harm or indirect harm to whoever the victim is.
However, the largest
threat of cybercrime is on the financial security of an individual as well as
the government.
Cybercrime causes loss
of billions of USD every year.
Types of Cybercrime
Let us now discuss the
major types of cybercrime −
Hacking
It is an illegal
practice by which a hacker breaches the computer’s security system of someone
for personal interest.
Unwarranted mass-surveillance
Mass surveillance means
surveillance of a substantial fraction of a group of people by the authority
especially for the security purpose, but if someone does it for personal
interest, it is considered as cybercrime.
Child pornography
It is one of the most
heinous crimes that is brazenly practiced across the world. Children are
sexually abused and videos are being made and uploaded on the Internet.
Child grooming
It is the practice of
establishing an emotional connection with a child especially for the purpose of
child-trafficking and child prostitution.
Copyright infringement
If someone infringes
someone’s protected copyright without permission and publishes that with his
own name, is known as copyright infringement.
Money laundering
Illegal possession of
money by an individual or an organization is known as money laundering. It
typically involves transfers of money through foreign banks and/or legitimate
business. In other words, it is the practice of transforming illegitimately
earned money into the legitimate financial system.
Cyber-extortion
When a hacker hacks
someone’s email server, or computer system and demands money to reinstate the
system, it is known as cyber-extortion.
Cyber-terrorism
Normally, when someone
hacks government’s security system or intimidates government or such a big
organization to advance his political or social objectives by invading the
security system through computer networks, it is known as cyber-terrorism.
Cyber Security
Cyber security is a
potential activity by which information and other communication systems are
protected from and/or defended against the unauthorized use or modification or
exploitation or even theft.
Likewise, cyber security
is a well-designed technique to protect computers, networks, different
programs, personal data, etc., from unauthorized access.
All sorts of data
whether it is government, corporate, or personal need high security; however,
some of the data, which belongs to the government defense system, banks,
defense research and development organization, etc. are highly confidential and
even small amount of negligence to these data may cause great damage to the
whole nation. Therefore, such data need security at a very high level.
How to Secure Data?
Let us now discuss how
to secure data. In order to make your security system strong, you need to pay
attention to the following −
- Security
Architecture
- Network Diagram
- Security
Assessment Procedure
- Security
Policies
- Risk Management
Policy
- Backup and
Restore Procedures
- Disaster
Recovery Plan
- Risk Assessment
Procedures
Once you have a complete
blueprint of the points mentioned above, you can put better security system to
your data and can also retrieve your data if something goes wrong.
cyber crime
Cybercrime
is the crime that is done using the internet and a computer or a phone or any
other device as an instrument to cheat people, commit frauds, stealing
intellectual property, violating privacy, stealing identities and diverting
monetary transactions through the internet, female and child trafficking in
pornography etc. Cybercrime has been very prevalent in the world today that
almost everyone in the world is directly or indirectly affected by this. As the
computer has become the gateway to the trade, banking, governance etc. Cybercrime
is increasing by leaps and bounds.
Cybercrime
Cybercrime refers to all the activities
done with criminal intent in cyberspace. Because of the anonymous nature of the
internet, miscreants engage in a variety of criminal activities. The field of
cybercrime is just emerging and new forms of criminal activities in cyberspace
are coming to the forefront with each passing day.
Cyber Law - Introduction
Media
forensics
Media forensics is
scientific study into the collection, analysis, interpretation, and presentation
of audio, video, and image evidence obtained during the course of
investigations and litigious proceedings.
Network forensics
Network forensics is
a sub-branch of digital forensics relating
to the monitoring and analysis of computer network traffic
for the purposes of information gathering, legal evidence, or intrusion
detection. ... Network traffic is
transmitted and then lost, so network forensics is
often a pro-active investigation.
Network forensics is the
capture, recording, and analysis of network events in order to discover the
source of security attacks or other problem incidents. (The term, attributed to
firewall expert Marcus Ranum, is borrowed from the legal and criminology fields
where forensics pertains to the investigation of crimes.)
According to Simson Garfinkel, author of several books on security, network
forensics systems can be one of two kinds:
Virtual machine
Virtual machine is
an emulation of physical computer system. It works as a normal computer and
provides complete functionality of an Operating System to the user. ... This
manuscript focusses on analysis of virtual machine in forensicsand
anti-forensics paradigm.
E-MAIL FORENSIC
E-MAIL FORENSIC INVESTIGATION
TECHNIQUES. E-mail forensics refers to the study of source and
content of e-mail as evidence to identify the. actual sender and recipient of a
message, data/time of transmission, detailed record of e-mail.
e-mail
tracing and investigations
Investigating email crimes is the process of tracing,
collecting, analyzing, andinvestigating digital evidence and cyber
trails. Digital evidence and cyber trails can relate to email spamming, mail bombing/mail storms, email spoofing,
identity fraud/chain letters, phishing attacks, and email hijacking
Emails are increasingly being used for
business communications, Online transactions and Social communications.
Offences whether financial, banking or social committed with the help of an
email can be investigated and traced. There are many type of email offences
exists, and email is an inexpensive and popular method for attacking potential
victims.
The victim's email should be examined
carefully. Sometimes, criminals may use proxy serves to send emails in order to
mislead the investigation. The cooperation of the email service provider is
required to obtain the postal address of the corresponding IP addresses used to
carry out the offence. Sometimes the investigation may lead to a cyber café or
open wifi or other public computer. In this situation conventional
investigation can be used.
UNIT-II:
Cyber Law & IT
Act Overview
Cyberspace
Cyberspace can be
defined as an intricate environment that involves interactions between people, software,
and services. It is maintained by the worldwide distribution of information and
communication technology devices and networks.
With the benefits
carried by the technological advancements, the cyberspace today has become a
common pool used by citizens, businesses, critical information infrastructure,
military and governments in a fashion that makes it hard to induce clear
boundaries among these different groups. The cyberspace is anticipated to
become even more complex in the upcoming years, with the increase in networks
and devices connected to it.
Cyber security
Cybersecurity denotes
the technologies and procedures intended to safeguard computers, networks, and
data from unlawful admittance, weaknesses, and attacks transported through the
Internet by cyber delinquents.
ISO 27001 (ISO27001) is
the international Cybersecurity Standard that delivers a model for creating,
applying, functioning, monitoring, reviewing, preserving, and improving an
Information Security Management System.
The Ministry of Communication
and Information Technology under the government of India provides a strategy
outline called the National Cybersecurity Policy. The purpose of this
government body is to protect the public and private infrastructure from
cyber-attacks.
Cybersecurity Policy
The cybersecurity policy
is a developing mission that caters to the entire field of Information and
Communication Technology (ICT) users and providers. It includes −
- Home users
- Small, medium,
and large Enterprises
- Government and
non-government entities
It serves as an
authority framework that defines and guides the activities associated with the
security of cyberspace. It allows all sectors and organizations in designing
suitable cybersecurity policies to meet their requirements. The policy provides
an outline to effectively protect information, information systems and
networks.
It gives an
understanding into the Government’s approach and strategy for security of cyber
space in the country. It also sketches some pointers to allow collaborative working
across the public and private sectors to safeguard information and information
systems. Therefore, the aim of this policy is to create a cybersecurity
framework, which leads to detailed actions and programs to increase the
security carriage of cyberspace.
Cyber Crime
The Information
Technology Act 2000 or any legislation in the Country does not
describe or mention the term Cyber Crime. It can be globally
considered as the gloomier face of technology. The only difference between a
traditional crime and a cyber-crime is that the cyber-crime involves in a crime
related to computers. Let us see the following example to understand it better
−
Traditional Theft − A thief breaks into
Ram’s house and stealsan object kept in the house.
Hacking − A Cyber Criminal/Hacker sitting in his own house, through
his computer, hacks the computer of Ram and steals the data
saved in Ram’s computer without physically touching the computer or entering in
Ram’s house.
The I.T. Act, 2000
defines the terms −
·
access in computer network in section 2(a)
·
computer in section 2(i)
·
computer network in section (2j)
·
data in section 2(0)
·
information in section 2(v).
To understand the
concept of Cyber Crime, you should know these laws. The object of offence or
target in a cyber-crime are either the computer or the data stored in the
computer.
Nature of Threat
Among the most serious
challenges of the 21st century are the prevailing and possible threats in the
sphere of cybersecurity. Threats originate from all kinds of sources, and mark
themselves in disruptive activities that target individuals, businesses,
national infrastructures, and governments alike. The effects of these threats
transmit significant risk for the following −
- public safety
- security of
nations
- stability of
the globally linked international community
Malicious use of
information technology can easily be concealed. It is difficult to determine
the origin or the identity of the criminal. Even the motivation for the
disruption is not an easy task to find out. Criminals of these activities can
only be worked out from the target, the effect, or other circumstantial
evidence. Threat actors can operate with considerable freedom from virtually
anywhere. The motives for disruption can be anything such as −
- simply
demonstrating technical prowess
- theft of money
or information
- extension of
state conflict, etc.
Criminals, terrorists,
and sometimes the State themselves act as the source of these threats.
Criminals and hackers use different kinds of malicious tools and approaches.
With the criminal activities taking new shapes every day, the possibility for
harmful actions propagates.
Enabling People
The lack of information
security awareness among users, who could be a simple school going kid, a
system administrator, a developer, or even a CEO of a company, leads to a
variety of cyber vulnerabilities. The awareness policy classifies the following
actions and initiatives for the purpose of user awareness, education, and
training −
·
A complete awareness program to be promoted on a national level.
·
A comprehensive training program that can cater to the needs of
the national information security (Programs on IT security in schools,
colleges, and universities).
·
Enhance the effectiveness of the prevailing information security
training programs. Plan domain-specific training programs (e.g., Law
Enforcement, Judiciary, E-Governance, etc.)
·
Endorse private-sector support for professional information
security certifications.
Information Technology
Act
The Government of India
enacted The Information Technology Act with some major objectives which are as
follows −
·
To deliver lawful recognition for transactions through electronic
data interchange (EDI) and other means of electronic communication, commonly
referred to as electronic commerce or E-Commerce. The aim was
to use replacements of paper-based methods of communication and storage of
information.
·
To facilitate electronic filing of documents with the Government
agencies and further to amend the Indian Penal Code, the Indian Evidence Act,
1872, the Bankers' Books Evidence Act, 1891 and the Reserve Bank of India Act,
1934 and for matters connected therewith or incidental thereto.
The Information
Technology Act, 2000, was thus passed as the Act No.21 of 2000. The I. T. Act
got the President’s assent on June 9, 2000 and it was made effective from
October 17, 2000. By adopting this Cyber Legislation, India became the 12th
nation in the world to adopt a Cyber Law regime.
Mission and Vision
Cybersecurity Program
Mission
The following mission
caters to cybersecurity −
·
To safeguard information and information infrastructure in
cyberspace.
·
To build capabilities to prevent and respond to cyber threats.
·
To reduce vulnerabilities and minimize damage from cyber incidents
through a combination of institutional structures, people, processes,
technology, and cooperation.
Vision
To build a secure and
resilient cyberspace for citizens, businesses, and Government.
Content Copyright
The web
pages, tutorials, code snippets, graphics, diagrams, artwork and study material
(referred to as "contents") are the copyrighted property of Tutorials
Point India Private Limited. It is strictly prohibited to retain, reuse,
reproduce or publish the contents or a portion of contents in any format,
without our written consent.
We use
various third party logos or trademarks in our products like Tutorials Library,
Absolute Classes and Coding Ground. These logos and trademarks have been taken
from various technology inventors GNU, Oracle, Microsoft, SAP, IBM, Google etc.
We strongly state that such logos and trademarks have no relation with
Tutorials Point and they are property of their respective owners and they hold
their copyrights.
Claims of Infringement
If you
find your work has been duplicated in any tutorials, shared tutorials, white
papers or any other part of the website and you believe it constitutes
copyright infringement, or your intellectual property rights are violated,
please bring it to our notice us to claim for copyright or other intellectual
property infringement. Kindly fill a notifying form at Contact
Us Form. You can claim for the infringement by producing valid
and correct proofs of your work.
Intellectual
Property Right
Intellectual property rights
are the legal rights that cover the privileges given to individuals who are the
owners and inventors of a work, and have created something with their
intellectual creativity. Individuals related to areas such as literature,
music, invention, etc., can be granted such rights, which can then be used in
the business practices by them.
The creator/inventor
gets exclusive rights against any misuse or use of work without his/her prior
information. However, the rights are granted for a limited period of time to
maintain equilibrium.
The following list of
activities which are covered by the intellectual property rights are laid down
by the World Intellectual Property Organization (WIPO) −
- Industrial
designs
- Scientific
discoveries
- Protection
against unfair competition
- Literary,
artistic, and scientific works
- Inventions in
all fields of human endeavor
- Performances of
performing artists, phonograms, and broadcasts
- Trademarks,
service marks, commercial names, and designations
- All other
rights resulting from intellectual activity in the industrial, scientific,
literary, or artistic fields
Types of Intellectual
Property Rights
Intellectual Property
Rights can be further classified into the following categories −
- Copyright
- Patent
- Patent
- Trade Secrets,
etc.
Advantages of
Intellectual Property Rights
Intellectual property
rights are advantageous in the following ways −
·
Provides exclusive rights to the creators or inventors.
·
Encourages individuals to distribute and share information and
data instead of keeping it confidential.
·
Provides legal defense and offers the creators the incentive of
their work.
·
Helps in social and financial development.
Intellectual Property
Rights in India
To
protect the intellectual property rights in the Indian territory, India has
defined the formation of constitutional, administrative and jurisdictive
outline whether they imply the copyright, patent, trademark, industrial
designs, or any other parts of the intellectual property rights.
Back in
the year 1999, the government passed an important legislation based on
international practices to safeguard the intellectual property rights. Let us
have a glimpse of the same −
·
The Patents (Amendment) Act, 1999, facilitates
the establishment of the mail box system for filing patents. It offers
exclusive marketing rights for a time period of five years.
·
The Trade Marks Bill, 1999, replaced the Trade
and Merchandise Marks Act, 1958
·
The Copyright (Amendment) Act, 1999, was signed
by the President of India.
·
The sui generis legislation was approved
and named as the Geographical Indications of Goods (Registration and
Protection) Bill, 1999.
·
The Industrial Designs Bill, 1999, replaced the
Designs Act, 1911.
·
The Patents (Second Amendment) Bill, 1999, for
further amending the Patents Act of 1970 in compliance with the TRIPS.
Intellectual Property
in Cyber Space
Every
new invention in the field of technology experiences a variety of threats.
Internet is one such threat, which has captured the physical marketplace and
have converted it into a virtual marketplace.
To
safeguard the business interest, it is vital to create an effective property
management and protection mechanism keeping in mind the considerable amount of
business and commerce taking place in the Cyber Space.
Today it
is critical for every business to develop an effective and collaborative IP
management mechanism and protection strategy. The ever-looming threats in the
cybernetic world can thus be monitored and confined.
Various
approaches and legislations have been designed by the law-makers to up the ante
in delivering a secure configuration against such cyber-threats. However it is
the duty of the intellectual property right (IPR) owner to invalidate and
reduce such mala fide acts of criminals by taking proactive
measures.
Offences &
Penalties
The
faster world-wide connectivity has developed numerous online crimes and these
increased offences led to the need of laws for protection. In order to keep in
stride with the changing generation, the Indian Parliament passed the
Information Technology Act 2000 that has been conceptualized on the United
Nations Commissions on International Trade Law (UNCITRAL) Model Law.
The law
defines the offenses in a detailed manner along with the penalties for each
category of offence.
Offences
Cyber
offences are the illegitimate actions, which are carried out in a classy manner
where either the computer is the tool or target or both.
Cyber-crime
usually includes the following −
- Unauthorized
access of the computers
- Data diddling
- Virus/worms
attack
- Theft of
computer system
- Hacking
- Denial of
attacks
- Logic bombs
- Trojan attacks
First Amendments
As
discussed in the first chapter, the
Government of India enacted the Information Technology ... The first schedule
contains the amendments in
the Penal Code.
About Copyright
By
using tutorialspoint.com you agree to the following:
Copyright
Information
All
pages and graphics on this Web site are the property of tutorialspoint.com.
Pages,
code or other content from tutorialspoint may not be redistributed or
reproduced in any way, shape, or form without the written permission of
tutorialspoint.
Failure
to do so is a violation of copyright laws.
All the logos, and trademarks on this site
are property of their respective owners.
What is Risk
Management?
Risk management is the
process of identifying, assessing, and prioritizing the risks to minimize,
monitor, and control the probability of unfortunate events.
Risk Management
Process:
Risk Management process
can be easily understood with use of the following workflow:
Risk Management
Practices:
·
Software Risk Evaluation (SRE)
·
Continuous Risk Management (CRM)
·
Team Risk Management (TRM)
Trademarks
A trademark, trade mark, or trade-mark is a recognizable
sign, design, or expression which identifies products or services of a
particular source from those of others, although trademarks used to identify
services are usually called service mark
Defamation
Defamation,
calumny, vilification, or traducement is the communication of a false statement
that harms the reputation of, depending on the law of the country, ..
Defamation is
the making of a false statement concerning a person or business that damages
that person's or business's reputation. ... If a defamatory statement
is made verbally, it's called slander. If a defamatory statement
is published in writing, it's called libel.
federal statute
A federal statute is a law enacted by
Congress. It is the written will of Congress as expressed formally by an Act of
Congress. Thus, when a bill is passed by Congress and signed by the president,
it becomes a federal statute.
UNIT-IV:
Procedural
Issues
Duty of Care
A director must show
care and dedication towards the work he has been assigned although he should
not be too much obsessive towards his work. Any provision in agreement with the
articles that excludes the liability of the directors for default, negligence,
breach of duty, breach of trust, or misfeasance is considered to be void. The directors
cannot be even indemnified by the company against such liabilities.
No comments:
Post a Comment