Group Assignment On MIS
Group Assignment On MIS
1.AlembanchWondifraw---------------------------------------------------------------------------GSR/624/2011
2.AntehunKelemu-----------------------------------------------------------------------GSR/631/2011
3.AysheshmMeselu----------------------------------------------------------------------GSR/638/2011
4.BereketAsrat---------------------------------------------------------------------------GSR/643/2011
5.Embet Mulu Tewolde----------------------------------------------------------------------------------GSR/651/2011
6.GebremichaelGirma-------------------------------------------------------------------------------------GSR/659/2011
July,2019
Bahir Dar,Ethiopia
0
REAL WORLD CASE STUDY
1
individual private location data. They discovered that both Apple’s iPhone and Google’s
Android phones were collecting personal, private location data, for a variety of reasons. Both
firms are building massive databases that can pinpoint your location, and although Google is
already a leader in search across most platforms, Apple is also trying to establish itself in the
mobile advertising marketplace. Advertising firms will pay Apple and Google for that
information and for distributing their mobile ads.
Apple transmits your location data back to central servers once every 12 hours, and it also stores
a copy of your locations on the iPhone. Android phones transmit your location data continuously.
Apple’s files on the iPhone device can be stored for many months. Both Apple and Google have
denied that they share this information with third parties, as well as that the information can
identify individuals (as opposed to
cell phones), and claim the information is being used only to identify the location of cell phones
for Wi-Fi–connected phones, and to improve the customer experience of location-based services.
Apple’s technology reads the signal strength of nearby Wi-Fi transmitters, identifies and maps
their location, and then calculates the location of the iPhone device. The result is a very large
database of Wi-Fi hotspots in the United States, and a method for locating iPhones that is not
dependent on global positioning system (GPS) signals. Both companies say the location
information is needed for them to improve their services. And location tracking is itself
improving: newer tracking technologies can automatically detect the places you visit, know
when you arrive or leave, track how many times you’ve been to that location, and even know
whether you’ve been sitting, walking, or driving. Several companies, including Alohar Mobile,
Skyhook, Wifarer, and Broadcom, are developing this type of next-generation tracking
technology, which will add even more value to the data you generate by using your smartphone.
Smartphone apps that provide location-based services are also sources of personal, private
location information based on the smartphone GPS capability. Foursquare is a popular mobile
social application that allows users to “check in” to a restaurant or other location, and the app
automatically lets friends on Facebook and other programs learn where you are. If you’re in a
new town, the app transmits your location and sends you popular spots close by, with reviews
from other Foursquare users. After starting up Foursquare on a smartphone, you’ll see a list of
local bars and restaurants based on your cell phone’s GPS position, select a location, and “check
in,” which sends a message to your friends. Foursquare has a widely accepted loyalty program.
2
Each checkin awards users points and badges, which can be used later for discounts at various
venues. Visitors to places compete to become “Mayors”of the venue based on how many times
they have checked in over a month’s time. Mayors receive special offers.
As the popularity of location-based services like Foursquare has grown, so too have concerns
about the privacy of individual subscribers, and their friends on Facebook and Twitter who may
not be members. Many observers fear these services will operate automatically, without user
permission or awareness. The revelation in 2011 that Apple and Google were surreptitiously and
continuously collecting personal, private, and location data spurred privacy groups and Congress
to launch investigations. Most cell phone users are unaware that their locations and travels are
readily available to law enforcement agencies through a simple e-mail request, and without
judicial review, and at the expense of the carriers. In June 2012, a U.S. District Judge in
California ruled that Apple must defend against a lawsuit accusing it of secretly tracking location
data on millions of its iPhone and iPad users, and the Supreme Court ruled that law enforcement
may not use GPS devices planted on a car to track suspects without a warrant.
To date, wireless location-based services remain largely unregulated. In 2011, the Federal
communications Commission in cooperation with the Federal Trade Commission sponsored a
forum to discuss with industry and privacy groups the social impact of location-based services,
both positive and negative. Industry representatives from Facebook, Google, and Foursquare
argued that existing apps as well as corporate policies were adequate to protect personal privacy
because they rely on user permissions to share location data (opt-in services).
The industry argued as well that consumers get real benefits from sharing location data,
otherwise they would not voluntarily share this data. Privacy experts asked if consumers knew
they were sharing their location information and what kind of “informed consent” was obtained.
Privacy advocates pointed out that 22 of the top 30 paid apps have no privacy policy, that most
of the popular apps transmit location data to their developers after which the information is not
well controlled, and that these service are creating a situation where government agencies,
marketers, creditors, and telecommunications firms will end up knowing nearly everything about
citizens including their whereabouts. The biggest danger they described are services that locate
people automatically and persistently without users having a chance to go off the grid, and
without being able to turn off the location features of their phones.
INTRODUCTION
New technologies today have advanced companies such as phone manufactures like Sprint, Verizon and
Apple and helped to create better products like the IPhone. Your phone can "access the Internet, visit your
Facebook page, get Twitter feeds, watch video, and listen to music al with the Sam communication and
media device. Less well known is that living on the grid means near continuous tracking of your
whereabouts, locations, habits, and friends"(Laudon & Laudon, 2014). This less known information
brings up very interesting questions regarding the tracking software in the phones, especially whether or
not it is a violation of a person's privacy.
The popularity of the new location-based services have grown exponentially but so too have concerns
about the privacy of the individual subscribers. "Many observers fear these services will operate
automatically, without user permission or awareness"(Laudon & Laudon, 2014). The big time mobile
phone manufactures are responding to the concerns of subscribers and they made it a point to respond to
members of Congress who brought up the question of a person’s privacy regarding the location services.
"The four national wireless carriers and six manufacturers of mobile operating systems say they take a
number of steps to ensure they protect location information of consumers, including by not collecting the
information without consent" (academic). The reason behind the collection of tracking information is for
the cell phone manufactures creation of advertisements and marketing purposes. There is no malicious
intent behind this and manufacturers are making sure that fact is known and emphasized.
1. Why do cell phone manufacturers (Apple, Google, and BlackBerry) want to track where their
customers go?
4
Manufacturers and their customers can use this information to trend consumer buying habits
and pinpoint poorly selling or defective products.
Enables carriers and retailers to cull important information about a phone through its
lifecycle, pinpointing when a unit is shipped, received, returned, and refurbished.
Both Apple and Google claim the information is being used only to identify the location of
cell phones for Wi-Fi-connected phones, and to improve the customer experience of location-
based services.
Apple’s technology reads the signal strength of nearby Wi-Fi transmitters, identifies and
maps their location, and calculates the location of the iPhone device.
Advertising firms will pay Apple and Google for that information and for distributing their
mobile ads, manufacturing firms will earn money from there.
Enable advertising companies send us advertisements, coupons, and flash bargains, based on
where we are located.
If our cell phone is lost, then the manufacturers can help us to track the location of our cell
phone.
2. Do you think cell phone customers should be able to turn tracking off? Should customers be informed
when they are being tracked? Why or why not?
Yes, I think that there should be a feature to turn such features off. Customers should be informed even
though most apps do display that GPS and network access is a requirement for the application. By doing
so, the privacy of customer will be protected. Sometimes customers might don’t want others to know
where they are and what are they doing so it is better to turn tracking off. For example, if we don't want
our location to be tracked on our cellphone by police, just turn the GPS off, otherwise we've got no
expectation of privacy.
Watch for signs your phones is being tracked. Does your battery drain faster than it should, is
your phone interfering with your radio even when turned off, or is your phone still warm after
hours of being idle. You may also have difficulty turning your phone off, your phone may light
up when not performing any of its normal functions, or you hear strange background noises
during your calls. While none of these alone indicate your phone is being monitored, several
together can be cause for worry.
5
Take your phone to your service provider. Ask them to wipe your phone's memory and restore it
to its factory presets. While this will erase all data, it should also remove any tracking and/or
eavesdropping software on your phone.
Keep your phone turned off when not in use. While this will do little to circumvent
eavesdropping, it will prevent the GPS in your phone from broadcasting your position. Tracking
devices can only find your location when you make or receive a call and/or text.
Call your wireless service provider's customer service. If they are tracking your phone, they are
charging your account for this service. As it is illegal in most countries for a private citizen to
track another phone, your service provider will inform you whether they are tracking your
particular phone. If they are, you can have this service removed from your cell phone.
3. Do you think cell phone tracking is a violation of a person’s privacy? Why or Why not?
Yes. Smartphones contain a treasure trove of personal information, including banking information, travel
plans and family photos. However, while use of advanced security software is commonplace on our
computers, many of us are not safeguarding the personal information stored on and transmitted through
our smartphones. While there is security software for smartphones including anti-virus and encryption
software, it is not available for all models of cell phones and has not been widely adopted.
Apple iPhones and Google Android smartphones are regularly tracking people locations and recording
this information in a hidden file stored on our phones. Anyone able to access our phones can use the
stored locational information to reconstruct our daily travels and routine.
Verizon Wireless is selling all our app usage and location information to marketers. Verizon is not only
tracking consumers, it is sharing that information with other companies, and possibly linking it to
databases with more of your personal information.
Cell phone tracking is a violation of a person’s privacy. Cell phone tracking enables someone to track
other person location without the consent of that person. It will cause disturbance for that person or cause
many problem, such as the enemies of that person can track that person location and plan to murder that
person. Moreover, bank information or other private and confidential information flow to other people
means it violate a person’s life.
6
Strict ethics and security measures are strongly recommended for services that employ positioning, and
the user must give an informed, explicit consent to a service provider before the service provider can
compute positioning data from the user's mobile phone.
Officially, the authorities like police can obtain permission to position phones in emergency cases where
people including criminals are missing. So, the cell phone tracking should give to some specific people,
not to all the people. That specific people make sure the information not flow to other people.
7
o Bottom line: Whether it comes from the Internet or from a magazine, adult
material has no place in the office. So Smith could certainly sue the company for
allowing a sexually hostile environment. The best defense is for the company to
have an Internet usage policy that prohibits visits to adult sites. Of course, you
have to follow through. If someone is looking at adult material in the office, you
must at least send the offending employee a written reprimand. If the company
lacks a strict Internet policy, though, Smith could prevail in court.
Questions to be answered based on the case provided above
a. Do you agree with the advice of attorney Mark Grossman in each of the
scenarios? Why or why not?
b. What would your advice be? Explain your positions.
c. Identify any ethical principles you may be using to explain your position in each
of the scenarios.
a. Do you agree with the advice of attorney Mark Grossman in each of the scenarios? Why
or why not?
Yes, we are agreeing with his advice. In all three he is offering little advice, but stating the law. The
advice he does give is one mostly of a cautious nature. By ensuring you have a policy in effect, that
everyone knows the policy, or that you adhere to the policy everything should remain copasetic.
According to Scenario one employee should have known better and focused his or her time on productive
activities. Whether or not one would consider keeping a job this circumstances “luky” per Grossmans
thoughts is a matter for debate.
Agree also on scenario two, however internet access isn’t privilege it is a tool to do a job.
Scenario three, we disagree; Jane Smith has no grounds for a suit unless her complaints to management
went unanswered.
8
We would add to scenario 2 by advising the employer to address the situation both firmly and head on.
There may be growing pains especially if this behavior has been going on for a while. So try not to
muddy the waters and play nice, just let them know plainly that this use will not be tolerated. In scenario
three we would advise that John Doe be fired immediately. When you go before the court you may be
shown some leniency if you can demonstrate that you took this incident as seriously as the court does.
c. Identify any ethical principles you may be using to explain your position in each of the
scenarios.
As a manager you are responsible to ensure that you act with integrity, increase your professional
competence, set high standards of personal performance, accept responsibility for your work, and advance
the health, privacy, and general welfare of the public.
You are applying the principle of informed consent during all three scenarios. By formally advising your
employees of the IT policies in writing there will be less miscommunication. In scenario 3 the ethical
principle of justice is definitely in play. Nobody that does not utilize the technology should suffer for the
mistakes of those that do.
9
Users may write down their passwords. However, this leaves passwords subject to
discovery and theft.
Users often pick the same password for many different accounts, which means that
someone who discovers one of these passwords then has the “keys” to all the accounts.
Users may pick an easy-to-remember password, which is easy to anticipate and
therefore easy to guess. Password-cracking programs cycle through entire dictionaries
of English language words and common word/number combinations such as “smart1”
or “2smart4U.”
Users may give away their passwords over the phone (social engineering) or via e-mail
(phishing, a type of social engineering) to individuals representing themselves as a
system administrator. Perhaps you have already received e-mails purportedly from a
financial institution claiming identity or account difficulties and asking you to
“reconfirm” your account information on their authentic-looking Web site.
As you can see, using passwords to identify a person is fraught with problems. Here are some
alternatives to explore. Look up each authentication approach listed below on the Internet,
describe the method in your own words (be sure to cite your sources), and briefly list the
advantages and disadvantages.
A. Biometrics (biological measuring)
B. Smart cards
C. Biochips
Authentication is the process of determining whether a person is who he or she claims to be.
This process can occur in one of two ways. Verification asks “Is this the person who he or she
claims?” and consists of a single comparison. Identification makes a one-to-N comparison and
tries to determine if the person is one of the N people. Several factors, such as what you know,
what you have, or what you are can be used for authentication, with all three options having
strengths and weaknesses. For improved security, it is advisable to use more than one factor, if
possible.
10
The Secure Shell protocol contains numerous features to avoid some of the vulnerabilities with
password authentication. Passwords are sent as encrypted over the network, thus making it
impossible to obtain the password by capturing network traffic. Also, passwords are never stored
on the client. Empty passwords are not permitted by default (and they are strongly discouraged).
On the server side, the Secure Shell protocol relies on the operating system to provide
confidentiality of the user passwords. SSH Tectia Server also supports limiting the number of
password retries, thereby making brute-force and dictionary attacks difficult.
However, Secure Shell does not protect against weak passwords. If a malicious user is able to
guess or obtain the password of a legitimate user, the malicious user can authenticate and pose as
the legitimate user. Weak passwords can also be discovered by dictionary attacks from a remote
machine.
Password authentication can also be used as a generic authentication method. This is the case
with SSH Tectia Connector when all users use the same credentials. In this case only data
encryption and data integrity services are provided. The responsibility for user authentication is
left to the tunneled third-party application.
The following lists sum up the advantages and disadvantages of using password authentication
with SSH Tectia.
Advantages
Simple to use
Simple to deploy—since the operating system provides the user accounts and password,
almost no extra configuration is needed.
Disadvantages
11
Does not provide strong identity check (only based on password).
The biometric authentication process consists of several stages: measurement, signal processing, pattern
matching, and decision making. Measurement involves sensing biometric characteristics and is necessary
both for the creation of the reference model and for each authentication trial. For example, when voice
verification is utilized, this stage involves recording one’s voice through a microphone. Then the digital
data are mathematically modelled. When the user wants to be authenticated, the device compares the
received data to the user model and makes a decision mostly based on a pre-calculated threshold.
Biometric authentication systems are not 100% accurate. There are two types of errors in a typical
biometric system. A false reject (FR) error is the rejection of an authorized person trying to access the
system. A false accept (FA) error is the acceptance of a person who is not in fact who he or she claims to
be. These two types of errors are inversely proportional and in general can be controlled by a confidence
threshold. To increase the security of the system, the threshold can be increased, which decreases FA
errors and increases FR errors.
Improved security
Improved customer experience
Cannot be forgotten or lost
Reduced operational costs
12
B-Smart cards
If you’re a business, chances are you have a credit card reader. Whether that be magnetic card readers or a
smart card reader, you likely have some form of card scanner to conduct transactions. After all, statistics
show that seven in every 10 Americans have at least one credit card. You’d be missing out on a lot of
business if you didn’t have a card reader.
But what’s the difference between a magnetic card scanner and a smart card scanner? Why should you
use one over the other?
A smart card scanner works just as well as any credit card reader but may actually be more secure
compared to it’s competition.
However, they’ve taken a little time to catch on, and there are several reasons for this. So, to help you
figure out if you should have one of these smart credit card scanners, here’s a list of their advantages and
disadvantages.
Advantages
More Secure
Smart card readers are more secure than their counterparts as they use encryption and authentication
technology. This is more secure than previous methods associated with payment cards.
Adaptable
Smart card readers can be plugged into machines using a USB supported system, which can operate
seamlessly with sales and inventory software. They also allow an easier time tracking customer purchases
if you’re interested in starting a loyalty program. Smart credit card readers can be linked to customer
databases to do research on customer purchases and help figure out what items are the most popular in
sales.
Disadvantages
13
Not every store or restaurant has the hardware to use these cards, and the readers are more expensive
due to the added security. Of course, this should change over time as more and more businesses make
the switch.
Security Concerns
Because the smart card is so new, Americans have been slow to trust them. These devices store a vast
amount of sensitive information, which some people see as a security risk. However, as previously
mentioned, evidence has shown that they are more secure than traditional cards.
Smart credit card readers may be a little more costly, but they make a great investment in the long term as
technology changes and progresses.
So if you’re ready to make the change from a credit card reader to a smart card reader, you should contact
us. We’ll be glad to answer any questions you may have.
C-Biochips
What is a BioChip?
A biochip is a set of diminished microarrays that are placed on a strong substrate that allows many
experiments to be executed at the same time to obtain a high throughput in less time. This device contains
millions of sensor elements or biosensors. Not like microchips, these are not electronic devices. Each and
every biochip can be considered as a micro reactor that can detect a particular analyte like an enzyme,
protein, DNA, biological molecule or antibody. The main function of this chip is to perform hundreds of
biological reactions in a few seconds like decoding genes (a sequence of DNA).
Components of BioChips
The Biochip comprises two components namely the transponder as well as reader .
14
1) Transponder
Transponders are two types’ namely active transponder and passive transponder. This is a
passive transponder which means that it doesn’t contain any of its own energy or battery whereas
in passive, it is not active until the operator activates it by giving it a low electrical charge. This
transponder consists of four parts such as antenna coil, computer microchip, glass capsule, and a
tuning capacitor.
The computer microchip stores a unique identification (UID) number that ranges from 10 digits
to 15 digits long.
The antenna coil is very small, primitive and this type of antenna is used to send and receive the
signals from the scanner or reader.
The charging of the tuning capacitor can be done with the small signal i.e, 1/1000 of a watt which
is sent by the operator.
The glass capsule holds the antenna coil, capacitor, and microchip, and it is made with a
biocompatible material namely soda lime glass.
2) Reader
The reader comprises of a coil namely “exciter” and it forms an electromagnetic field through
radio signals. It offers the required energy (<1/1000 of a watt) to activate the biochip. The reader
carries a receiving coil for receiving the ID number or transmitted code sent back from the
excited implanted biochip.
15
Types of BioChips
There are three types of Biochips available namely DNA microarray, microfluidic chip, and protein
microarray.
1) DNA Microarray
A DNA microarray or DNA biochip is a set of tiny DNA spots fixed to a strong surface. A researcher
utilizes to calculate the expression levels for a large number of genes. Every DNA mark comprises Pico
moles of particular genes which are termed as probes. These can be a short segment of a genetic material
under high rigidity situations. Usually, probe-target hybridization is noticed and counted by recognition of
fluorophore or chemiluminescence labeled targets to decide the relative quantity of nucleic acid series in
the target. Innovative arrays of nucleic acid were macro arrays about 9 cm X 12 cm and the initially
automated icon based analysis was published in the year 1981.
2) Microfluidic Chip
Microfluidic biochips or lab-on-a-chip are a choice to usual biochemical laboratories and are transforming
several applications like DNA analysis, molecular biology procedures, proteomics which is known as the
study of proteins and diagnostic of diseases (clinical pathology). These chips are becoming more complex
by using 1000’s of components, but those components are designed physically called as bottom-up full-
custom plan, which is a very large workforce.
3) Protein Microarray
A protein microarray or protein chip method is used to follow the actions as well as connections of
proteins, and to find out their function on a large scale. The main advantage of protein microarray is that
we can track a large number of proteins in parallel. This protein chip comprises of a surface for
16
supporting like microtitre plate or bead, nitrocellulose membrane, the glass slide. These are automated,
rapid, economical, very sensitive, consumes less quantity of samples. The first methodology of protein
chips was introduced in antibody microarrays of scientific publication in the year 1983. The technology
behind this chip was quite easy to develop for DNA microarrays, which have turned into the most
generally used microarrays.
17
Reference;
O’Brien, J. A., & Marakas, G. M. (2013). Security and Ethical Challenges. Computer Crime, 16, 573- 586.
New York: McGraw-Hill/Irwin.
https://drive.google.com/file/d/0B7_2oEAOabL3VzgycU41eFU3eGs/view
https://sustainabilitycasestudy.blogspot.com/2013/11/social-media_27.html
https://heimdalsecurity.com/blog/biometric-authentication/
18
http://www.authorstream.com/Presentation/ghosh2013-1725296-biochip/
https://www.elprocus.com/what-is-a-biochip-and-types-of-biochips/
19