Book a Appointment for Free consultation
OVERVIEW OF ETHICAL ISSUES
such as Security, Confidentiality and Hacking in Software Engineering
Research work by Sana & Nayab
Keywords: Ethical issues, Security, Confidentiality, Hacking.
Methodology and Techniques Available
We are using back study approach in our paper. Firstly we will quickly look at the need of ethics in engineering then will describe the ethical issues including security, confidentiality and hacking and how they become ethical issues for software engineers. Finally we will discuss ways and techniques to mitigate these ethical issues.
Security is a condition of protection against danger or loss. In general, Security is a concept similar to safety. In the case of networks, security is also called information security and it points to the protection of data assets in case of breach of confidentiality. Information security means protecting information and information systems from unauthorized access, usage of data, discloser, interruption, alteration or destruction.
The Internet has increased the digitalization of various processes, such as online banking, online transaction, and transferring money over the internet, sending and receiving various forms of data over the internet which is increasing the security risks of data. Poorly quality developed software increases the chances of systems hacking. System security is a relevant topic for software engineer’s practice. It is the responsibility of the software engineer to make the system secure which is not easily exploitable. It becomes a moral problem for a software engineer when he cannot protect the security of the system. The software can only be hacked if it has loopholes in the system that lead to unauthorized access to data, applications, networks, or computer devices. In addition, information is accessed without permission.
Sometimes technical and technological measures are not sufficient to protect the origins of information. Additional measures should be used because there are many parameters when it comes to information security. One of these parameters is people. These people can be responsible for the system such as security professionals, employees, and users. These are the people who interact with the information system. To ensure that people are educated in the information system, a procedure that uses moral judgment must be entered. Computer and information ethics is studied by many researchers, academics, and professionals .
Including an ethical layer in information, security is very important because it can fill the gap which was created by those people. According to Kowalski, there are four significant explanations behind moral issues that appear in system or software security. To start with, there is a growing control gap in business data frameworks. The control gap can be additionally partitioned into three classes: Technological gap, socio-specialized gap, and social gap. What the truth and desires for the abilities of security implementing capacities is basically the technological gap. The socio-technical gap is the irregularity between socially-expected standards and security strategies while social gap points to people not acting as indicated by anticipated accepted practices Second, morals might be the regular language for the pros of various fields, and can be seen likewise by bunches outside the registering network. Third, current information systems are huge to the point that there are no verifiable mechanical control structures to oversee them. Rather, most frameworks are overseen by people’s understood control structures that are based on the system of ethical standards. Fourth, there is the requirement for top-down methodology, as to ISSI (Information
Systems Secure Interconnection) – model. As indicated by ISSI, five nontechnical layers are included as head of OSI conventions. The highest of these is the ethical layer that is a decent beginning stage to agree among clients and frameworks. Confidentiality refers to protecting information so that unauthorized people cannot access it. In other words, confidentiality data is only accessible to authorized persons. Failure to maintain confidentiality means that the person who should not be provided access has obtained it, through intentional behavior or by accident. In general, this breach of confidentiality, generally known as a breach that cannot be addressed. When the system is given access to an unauthorized parts, there is no way to detect it. Almost all of the major security accidents reported in the media today involve significant confidentiality losses. Because of the unauthorized access of confidential data to third party, it is ethical problem for the software engineer because he was responsible for maintaining the confidentiality of the data or information.
According to the ways of working or according to their intension, Hackers can be classified into three groups.
- White Hat Hackers
- Black Hat Hackers
- Grey Hat Hackers