Multimedia Unit 7 … 483.
Figure: 7.1 Components of Multimedia
Types of Multimedia
Multimedia may be broadly divided into linear and non-linear categories. In linear category, linear active
content progresses without any navigational control for the viewer such as a cinema presentation,
television presentation, listening radio. Non-linear content offers user interactivity to control progress as
used with a computer game or used in self-paced computer based training. Hypermedia is an example of
non-linear content. The web pages are non-linear. We can move from one location to another location or
from one page to another page, forward or backward according to our choice.
Multimedia presentations can be live or recorded. A recorded presentation may allow interactivity via a
navigation system. A live multimedia presentation may allow interactivity via an interaction with the
presenter or performer.
Major Characteristics of Multimedia
Multimedia presentations may be viewed by person on stage, projected, transmitted, or played locally
with a media player. A broadcast may be a live or recorded multimedia presentation. Broadcasts and
recordings can be either analog or digital electronic media technology. Digital online multimedia may be
downloaded or streamed. Streaming multimedia may be live or on-demand.
Multimedia games and simulations may be used in a physical environment with special effects, with
multiple users in an online network, or locally with an offline computer, game system, or simulator.
The various formats of technological or digital multimedia may be intended to enhance the users'
experience, for example to make it easier and faster to convey information or in entertainment or art, to
transcend everyday experience.
To sum up, multimedia is everything we can hear or see: texts, books, pictures, music, sounds, CDs,
videos, DVDs, Records, Films, and more.
Multimedia comes in many different formats. On the Internet we can find many of these elements
embedded in web pages, and today's web browsers have support for a number of multimedia formats.
Approved by Curriculum Development Centre (CDC), Nepal
.484 … Computer Science–I
Advantages of Multimedia
Engrossing – deep involvement
Multi-sensory
Creates knowledge connections
Individualized
Teacher and student creation
Disadvantages of Multimedia
“Lost in cyberspace”
Lack of structure
Non-interactive – if one-way, generally has no feedback
Text intensive content
Complex to create
Time consuming
Cognitive overload
Linear content
IMPORTANCE AND USE OF MULTIMEDIA IN SOME OF THE MAJOR
FIELDS
1. Advertising: Advertising has changed a lot over the past couple of decades, and this is mainly due to
the increased use of the internet in business.
2. Education: Use of text, picture, video using multimedia projector in class room as well as conference
(audio or video) and online class using Google meet, Zoom, and Microsoft Teams.
3. Mass Media: It refers to a diverse array of media technologies that reach a large audience via mass
communication. The technologies through which this communication takes place include a variety of
outlets. Broadcast media transmit information electronically via media such as films, radio, recorded
music, or television.
4. Gaming Industry: Without multimedia gaming is impossible (electronic gaming)
5. Science and Technology: Multimedia had a wide application in the field of science and technology.
It is capable of transferring audio, sending message and formatted multimedia documents. At the
same time it also helps in live interaction through audio messages and it is only possible with the
hypermedia.
6. Pre-Production: In basic terms, multimedia pre-production is any sort of production that uses
imagery and a combination of text, audio, and graphics to tell a story or scripting.
7. Post Production: The post-production phase of creating (editing) a document usually takes longer
time such as several months to complete because it includes the complete editing, color correction,
proofing and the addition of music and sound.
Approved by Curriculum Development Centre (CDC), Nepal
Multimedia Unit 7 … 485.
8. Fine Arts: Multimedia Fine art includes animation, audio, interactivity, still images, text, and video.
Multimedia artists and designers may combine traditional forms of art such as painting or sculpture
with any of the combine mediums mentioned above.
9. Multimedia in Business- Multimedia can be used in many applications in a business. The
multimedia technology along with communication technology has opened the door for information
of global wok groups. Today the team members may be working anywhere and can work for various
companies. Thus the work place will become global. The multimedia network should support the
following facilities:
• Voice Mail
• Electronic Mail
• Multimedia based FAX
• Office Needs
• Employee Training
• Sales and Other types of Group Presentation
• Records Management
10. Multimedia in Entertainment- By using multimedia marketing of new products can be greatly
enhanced. Multimedia boost communication on an affordable cost opened the way for the marketing
and advertising personnel. Presentation that have flying banners, video transitions, animations, and
sound effects are some of the elements used in composing a multimedia based advertisement to
appeal to the consumer in a way never used before and promote the sale of the products.
11. Multimedia in Bank- Bank is another public place where multimedia is finding more and more
application in recent times. People go to bank to open saving/current accounts, deposit funds,
withdraw money, know various financial schemes of the bank, obtain loans etc. Every bank has a lot
of information which it wants to impart to in customers. For this purpose, it can use multimedia in
many ways. Bank also displays information about its various schemes on a PC monitor placed in the
rest area for customers. Today on-line and internet banking have become very popular. These use
multimedia extensively. Multimedia is thus helping banks give service to their customers and also in
educating them about banks attractive finance schemes
12. Multimedia in Hospital- Multimedia best use in hospitals is for real time monitoring of conditions
of patients in critical illness or accident. The conditions are displayed continuously on a computer
screen and can alert the doctor/nurse on duty if any changes are observed on the screen.
Multimedia makes it possible to consult a surgeon or an expert who can watch an ongoing surgery
line on his PC monitor and give online advice at any crucial juncture.
In hospitals multimedia can also be used to diagnose an illness with CD-ROMs/ Cassettes/ DVDs
full of multimedia based information about various diseases and their treatment. Some hospitals
extensively use multimedia presentations in training their junior staff of doctors and nurses.
Multimedia displays are now extensively used during critical surgeries.
Approved by Curriculum Development Centre (CDC), Nepal
.486 … Computer Science–I
13. Communication Technology and Multimedia Services- The advancement of high computing
abilities, communication ways and relevant standards has started the beginning of an era where you
will be provided with multimedia facilities at home. These services may include:
• Basic Television Services
• Interactive entertainment
• Digital Audio
• Video on demand
• Home shopping
• Financial Transactions
• Interactive multiplayer or single player games
• Digital multimedia libraries
• E-Newspapers, e-magazines
SUMMARY
Introduction to Multimedia Multimedia Software Requirements
These software packages can cost anything from being absolutely
Multimedia is usually recorded and played, displayed or accessed free (normally this software is called freeware or shareware) to
by information content processing devices, such as computerized anything.
and electronic devices, but can also be part of a live performance. Here is a summary of just a few of these programs.
Multimedia (as an adjective) also describes electronic media 1. Adobe CS4
devices used to store and experience multimedia content. 2. Adobe Dreamweaver
Multimedia is distinguished from mixed media in fine art; by 3. Adobe Fireworks
including audio, for example, it has a broader scope. The term 4. Gimp
"rich media" is synonymous for interactive multimedia. Hypermedia 5. Google Sketchup
can be considered one particular multimedia application. 6. Microsoft Frontpage
7. Apple Quicktime
Components of Multimedia 8. Photoshop Pro
9. Microsoft PowerPoint.
The components of multimedia may be in terms of computer 10. Adobe Flash Player
system or contents of production (documents). Such as: 11. Adobe Shockwave
12. Picasa
Computer System Components (Hardware) 13. VLC Media Player
14. Windows Movie Maker
Processor: Data processing and transfer needs high speed 15. Google Meet
processor. 16. Zoom
17. Microsoft Teams: Microsoft Teams is a video conference
• Memory: RAM and Hard drive both needs high memory
capacity and access speed. solution with several service plans. Teams are part of
Microsoft Office 365, so to consider if you're already a
• Monitor: With high resolution and screen size. Microsoft customer. There are both free and paid plans. The
free as well as the paid plans allow users to host meetings
• Video Graphic Card: With better graphic quality and memory with up to 250 attendees.
size.
• Audio Card: With high quality sound card is needed.
• Media Player
• High graphic supporting mother board is needed.
Better to use branded computer for better performance of the
system.
Approved by Curriculum Development Centre (CDC), Nepal
Content Components of Multimedia Multimedia Unit 7 … 487.
• Text Disadvantages of Multimedia
“Lost in cyberspace”
• Audio Lack of structure
Non-interactive – if one-way, generally has no feedback
• Video Text intensive content
Complex to create
• Picture/still images and graphics Time consuming
Cognitive overload
• Animation Linear content
Types of Multimedia
Multimedia may be broadly divided into linear and non-linear Importance and Use Of Multimedia in Some of The
categories. In linear category, linear active content progresses Major Fields
without any navigational control for the viewer such as a cinema
presentation, television presentation, listening radio. Non-linear 1. Advertising
content offers user interactivity to control progress as used with a 2. Education
computer game or used in self-paced computer based training. 3. Mass Media
Hypermedia is an example of non-linear content. The web pages 4. Gaming Industry
are non-linear. We can move from one location to another location 5. Science and Technology
or from one page to another page, forward or backward according 6. Pre-Production
to our choice. 7. Post Production
Advantages of Multimedia 8. Fine Arts
Engrossing – deep involvement 9. Multimedia in Business
Multi-sensory 10. Multimedia in Entertainment
Creates knowledge connections 11. Multimedia in Bank
Individualized 12. Multimedia in Hospital
Teacher and student creation 13. Communication Technology and Multimedia Services
EXERCISE
Short Answer Questions
1. Define multimedia.
2. For what VGA is needed in the computer?
3. Why multimedia software is required?
4. Define linear multimedia.
5. Define non-linear multimedia.
6. Define pre-production in multimedia.
7. Define post production in multimedia.
8. What is a fine art in multimedia?
9. How in science and technology used multimedia?
10. How in mass media used multimedia?
Approved by Curriculum Development Centre (CDC), Nepal
.488 … Computer Science–I
LONG ANSWER QUESTIONS
1. Explain the components of multimedia.
2. Briefly explain some of the multimedia software.
3. Define and explain contents components of multimedia.
4. What are the characteristics of multimedia? Mention it.
5. Mention advantages of multimedia.
6. Mention disadvantages of multimedia.
7. Briefly explain the major application area of multimedia.
Activities
1. Used any photo editing software to edit your image, picture as per your need.
2. Capture image, resize, crop, add layers, and save in different formats.
3. Use any multimedia software to record audio, video, editing, splitting and save in different
format.
■■■
Approved by Curriculum Development Centre (CDC), Nepal
Information Security
and Cyber Law
LEARNING OBJECTIVES
After studying this chapter, the students will be able to understand to:
The information is important and value when we use appropriately at right time, place, and
contents. It is age of information technology, those who use and utilize move ahead.
........ Information are in web, it can be unsecure, crime, may be infected by malicious software and ..........
..
spam, has property right, authenticate with signature, use with ethics and law, ICT policy in
Nepal, basically covered in this unit will make aware the learners about the use and live with
digital world in spite of having much more challenges at the end of this unit.
Approved by Curriculum Development Centre (CDC), Nepal
.490 … Computer Science–I
DIGITAL SOCIETY AND COMPUTER ETHICS
Digital Society
Digital technologies have permeated our everyday tasks and interactions in the 21st century. They have
changed the way we learn, work and socialize. This reliance on the use of technology in the modern world
has led to much consideration of the consequences for society regarding how we engage and interact with
each other and how we make use of these digital tools and communications channels.
The digital computer is a key technology of the modern era and has been central and essential to key
operations in modern industrial society, including manufacturing, transport and distribution, government,
the military, health services, education and research. And their impact will most likely increase over the
next century.
Due to their malfunction and misuse, creating problems such as computer crime, software theft, hacking,
viruses, and invasions of privacy, an over- reliance on intelligent machines and workplace stress, each of
which has created one or more ethical dilemmas for the computer profession.
Digital innovations are reshaping our society, economy, culture and lifestyle. Their ability to impact and
potentially advance in all aspects of our society cannot be overstated, resulting in a need for vigorous
interdisciplinary research, from the application of digital innovations to benefit our daily life to a thorough
understanding of the relationship between digital advancement and society.
In summarize, no one can detached with the device and getting more own social community rather than
their relation and family broadly they are making their own space around the world.
Computer Ethics
Ethics deals with placing a “value” on acts according to whether they are “good” or “bad”. Every society
has its rules about whether certain acts are ethical or not. These rules have been established as a result of
consensus in society and are often written into laws. These laws are seen as ethics. So, ethics is a set of
moral principles that govern the behavior of a group or individual.
Similarly, in the parley of computer and internet, the users should act rationally and follow certain
procedures while using the computer and internet. Therefore, computer ethics can also be defined as a set
of moral principles that regulate the use of computers. Some common issues of computer ethics include
intellectual property rights such as copyrighted electronic content, privacy confidentiality concerns,
downloading music or artistic works, plagiarism, software piracy, and how computers affect society. In
most countries of the world, the “information revolution” has altered many aspects like commerce,
employment, medicine, security, transportation, entertainment, and so on, of life significantly.
Consequently, information and communication technology (ICT) has affected, in both good ways and bad
ways, the community life, family life, human relationships, education, careers, freedom, and democracy
etc. “Computer and information ethics”, in the broadest sense, can be understood as that branch of applied
ethics which studies and analyzes such social and ethical impacts of ICT.
“Computer ethics” also has been used to refer to a kind of professional ethics in which computer
professionals apply codes of ethics and standards of good practice within their profession. In addition,
other more specific names, like “cyber-ethics” and “Internet-ethics”, have been used to refer to aspects of
computer ethics associated with the Internet. For example, duplicating copyrighted electronic digital
content, computer ethics would suggest that it is wrong to do so without the author's approval. Someone
Approved by Curriculum Development Centre (CDC), Nepal
Information Security and Cyber Law Unit 8 … 491.
may get access to others' personal information on a computer system; computer ethics would advise that
such an action is unethical.
As technology advances, computers continue to have a greater impact on society. Therefore, computer
ethics promotes the concerns about how much influence computers should have in areas such as artificial
intelligence and human communication. As the world of computers evolves, computer ethics continues to
create ethical standards that address new issues raised by new technologies.
Commandments of Computer Ethics
The Ten Commandments of computer ethics have been defined by the Computer Ethics Institute. They
are;
1. Thou shalt not use a computer to harm other people.
2. Thou shalt not interfere with other people's computer work
3. Thou shalt not snoop around in other people's files
4. Thou shalt not use a computer to steal
5. Thou shalt not use a computer to bear false witness
6. Thou shalt not use or copy software for which you have not paid
7. Thou shalt not use other people's computer resources without authorization:
8. Thou shalt not appropriate other people's intellectual output
9. Thou shalt think about the social consequences of the program you write
10. Thou shalt use a computer in ways that show consideration and respect
Similarly, following seven essential components of a personal code of computer ethics have been
identified. They are Honesty, Respect, Confidentiality, Professionalism, Responsibility,
Communication, and obeying the law.
DIGITAL DIVIDE
The digital divide is one of the burning issues of 21st century brought about by Information and
Communication Technologies (ICTs). It is observed that ICTs are creating differences in the development
opportunities of peoples, and that a wide gap is being established between those with access to these
technologies and those without. Digital divide is a problem created by ICT, between haves and have not's,
that means between those having an access to ICT and those without. Therefore, digital divide refers to a
perceived inequality in access to, distribution, and use of information technology between two or more
population. The digital divide caused by inequalities in access to and utilization of information and
communication technologies is immense.
The relationship between technology and development has frequently been perceived as a linear
relationship. Those countries with advanced technology in place are progressing rapidly than those
without. Information gives knowledge. Because the information has emerged as one of the vital resources
of every development activity, information rich people or countries are considered as powerful. Moreover,
the rapid growth in the activities like Information generation, processing, transmission, and development
of hardware and software required to perform all these activities has turned the industrial era into
knowledge based era. ICT has been used as one of the major source of employment generation, and
economic and social transformation. Hence, the societies without the knowledge of and access to ICT
infrastructure are seen as poor. Therefore, the gap between the countries having strong ICT infrastructure
Approved by Curriculum Development Centre (CDC), Nepal
.492 … Computer Science–I
are becoming more powerful and stronger, while the countries like Nepal are lagging behind. The same
situation exists between the urban and rural people within the country. This gap between the countries or
between the citizens within the country is called Digital Divide.
The Three Aspects of The Digital Divide
Digital divide is mainly based on access to the use ICTs. However, based on access, knowledge and skill of
the user about the ICT and its uses, digital divide can be divided into three types. They are;
1. Digital divide caused by access to ICT: It is based on the difference between individuals or countries
with access ICT and those without access to ICTs.
2. Digital divide caused by usage of ICT: It is based on individuals who know how to use these
technologies and those who do not.
3. Digital divide caused by usage quality: It is based on the differences between those same users or the
users of the same category, but with different level of knowledge and skill on ICT and its uses.
Since its' beginning, the concept of digital divide has changed. Initially, the divide was seen as the problem
of connectivity. Once the networks and hardware become somehow accessible, the problem shifted to the
development of capacities and skills required to use ICTs, i.e. capacity building and education. Now,
many people are aware of the ICT, the concern has started shifting towards the use of integrated resources
in the technology in a qualitative manner. It is not just a means of communication and resource sharing,
but is a tool for employment and income generation, and economic and social transformation and
progress. Thus, the concept of the digital divide basically incorporates the focus on infrastructure, focus
on capacity-building, focus on resource usage.
The most important measurements of the digital divide is e-readiness. e-readiness is related to the degree
of mass usage of ICTs among countries, regions, groups, or individuals, and measured by variables such
as availability of computer, telephone density, availability of network bandwidth, ICT literacy, access to
internet, and access speed by person and so on.
We can define digital divide as the gap between those who have access to technology and those who
do not. So, it is a term used to describe the discrepancy between people who have access to and the
resources to use new information and communication tools, such as the Internet, and people who do
not have the resources and access to the technology. The term also describes the discrepancy between
those who have the skills, knowledge and abilities to use the technologies and those who do not. The
digital divide can exist between those living in rural areas and those living in urban areas, between the
educated and uneducated, between economic and social classes, and on a global scale between more
and less industrially developed nations.
INFORMATION SECURITY (INFOSEC)
Information security is a set of strategies for managing the processes, tools and policies necessary to
prevent, detect, document and counter threats to digital and non-digital information. Infosec
responsibilities include establishing a set of business processes that will protect information
assets regardless of how the information is formatted or whether it is in transit, is being processed or is at
rest in storage.
Approved by Curriculum Development Centre (CDC), Nepal
Information Security and Cyber Law Unit 8 … 493.
Protection of assets, resources, data, life, or anything that has value is the primary goal of information
security. Knowledge of the following some key basic principles, definitions, features, and concepts is
helpful to all actors involved in cyber security.
It is part of information risk management. There are some basic components of information security which
are discussed below.
CIA Triad
The core principles of cyber security are Confidentiality, Integrity, and Availability (CIA Triad). Look at
everything through these CIA glasses is a way to go in cyber security. Protection of CIA of assets,
resources, data, information etc., is critical part of information security.
Confidentiality
Maintaining confidentiality is nondisclosure of objects to the unauthorized subjects. Protection of
confidentiality is important part of cyber security program. Some examples are bank accounts, personal
information, health records, financial records etc.
Some examples of controls that provide confidentiality are access control, encryption etc.
Integrity
Maintaining integrity is stopping unauthorized modification or alteration of objects by unauthorized
subjects. Protection of integrity of objects is very important part of information security program. For
example, unauthorized change of bank account data, database data, email, resources etc.
Some examples of controls that provide integrity are hashing and change control.
Availability
Maintaining availability is timely availability of objects to the authorized subjects. Availability of objects is
critical component of cyber security program.
For example, the timely availability of cash at ATM to the authorized account holder.
Some examples of controls that provide availability are clustering and RAID (Redundant Array of
Independent Disks).
Identity and Access Management
The purpose of the Identity and access management is to enable the authorized subjects (user, process,
robot etc.) to access the right objects (document, system, database etc.) and deny access to unauthorized
subjects. Identification, Authentication, Authorization and Accountability (called AAA) are part of this
process. Identification is not in this term, but Identification is the important first step.
Identification
Identification is the process or step in which the subject, for example, user has to identify with some
identification i.e. username, SSN, email etc.
Authentication
Authentication is a verification of identity of the subject. Subject need to provide more information like
password, pin etc. Compare this information to pre-existing data for this subject. Once matching end up in
successful authentication, then Authorization step begins.
Approved by Curriculum Development Centre (CDC), Nepal
.494 … Computer Science–I
Authorization
Subject need permission or authorization to access resources like files, database. Also need authorization
to create and change resources. Rights and privileges play important role in authorization.
Accountability
Subject is accountable for his movements and actions. Monitoring and logging provide accountability for
the movements and actions of the subject. Accountability is important for successful implementation of
Security Policy.
Risk Management Concepts
Threat
Threat is loss or destruction due to action or inaction of a subject. Some examples of threats are natural
disasters, humans, malware, systems, accidents, social engineering.
Vulnerability
Vulnerability is susceptibility or weakness of an object to a threat.
Risk
Risk is possible exploitation of vulnerability of an object.
Risk depends upon existence of both Threat and Vulnerability. If the object is not vulnerable to the threat,
then there is no risk.
The formula is:
Risk = Vulnerability * Threat
COMPUTER (CYBER) CRIME
Computer crime is also a kind of illegal act performed on or through the use of computer. Computer crime
is committed in order to steal others files, documents, data, confidential information, identity or to harm
the computer and its owner. Computer crime and cyber crime are usually used interchangeably. Cyber-
crimes include Internet-related forgery, embezzlement, fraud, vandalism, and the disposal of stolen goods.
Most of the computer related crimes result from insider attacks, sometimes perpetrated by recently laid-off
employees with still-active computer accounts. Fraud and forensic experts reported that organized crime
and terrorist groups recruit telecommunications workers to use telephone networks to commit fraud,
piracy, and money laundering. Computer crime includes traditional criminal acts committed with a
computer, as well as new offenses that lack any parallels with non-computer crimes.
Dictionaries define Cybercrime as "a criminal activity committed on the internet. This is a broad term that
describes everything from electronic cracking to denial of service attacks that cause electronic commerce
sites to lose money".
Approved by Curriculum Development Centre (CDC), Nepal
Information Security and Cyber Law Unit 8 … 495.
Gale Encyclopedia of Small Business describes Computer crimes as an unauthorized or illegal
activities perpetrated via computer as well as the theft of computers and other technological
hardware.
According to the U.S. Department of Justice (DOJ) computer crimes can be broadly defined as "any
violations of criminal law that involve knowledge of computer technology for their perpetration,
investigation, or prosecution."
For example; some of the most notorious computer crimes have involved computer viruses, such as the
Melissa virus that appeared on the Internet in March 1999 and infected systems in the United States and
Europe, and the February 2000 distributed denial of service (DDS) attacks on several leading commercial
Web sites including Yahoo, E*Trade, Amazon.com, and eBay.
Cyber-crimes are frequently grouped into three categories. They are:
1. Computer as an "object" of a crime and the perpetrator targets the computer itself. This includes theft
of computer processor time and computerized services.
2. Computer as the "subject" of a crime, either as the physical site of the offense or as the source of some
form of loss or damage. This category includes viruses and related attacks.
3. Computer as the "instrument" of crime. The computer is used to commit traditional crimes in
cyberspace. This encompasses offenses like cyber-fraud, online harassment, and child pornography.
Cyber crimes can be basically divided into 3 major categories:
1. Cybercrimes against persons.
2. Cybercrimes against property.
3. Cybercrimes against government.
Cyber crime can be committed by any body to any computer from any where in the world. It encompasses
any criminal act dealing with computers and networks. Hate crimes, telemarketing and Internet fraud,
identity theft, and credit card account thefts are considered to be cyber crimes when the illegal activities
are committed through the use of a computer and the Internet. Cyber crime is committed for various
reasons, such as to fulfill once desire to showcase technical expertise, to exposing vulnerabilities in
computer security systems, retaliating against former employers, to perform fraudulent activities, or
sabotaging government computer systems, etc.
Computer crime or cyber crime is sometimes also known as e-crime, hi-tech crime or electronic crime. It,
generally, refers to criminal activity where a computer or network is the source, tool, target, or place of a
crime. Additionally, although the terms computer crime or cybercrime are more properly restricted to
describing criminal activity in which the computer or network is a necessary part of the crime, these terms
are also sometimes used to include traditional crimes, such as fraud, theft, blackmail, forgery, and
embezzlement, in which computers or networks are used to facilitate the illicit activity.
Therefore, computer crime or cyber crime can broadly be defined as criminal activity involving an
information technology infrastructure, including illegal or unauthorized access, illegal interception by
technical means of non-public transmissions of computer data to, from or within a computer system, data
interference such as unauthorized damaging, deletion, deterioration, alteration or suppression of
computer data, systems interference such as interfering with the functioning of a computer system by
inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data, misuse
of devices, forgery or ID theft, and electronic fraud.
Approved by Curriculum Development Centre (CDC), Nepal
.496 … Computer Science–I
MALICIOUS SOFTWARE AND SPAM
These are the unwanted things that may hamper or simply irritate the users either in the form of malware
or spam. They are discussed below separately:
Spam
Spam may or may not be malware. Spam is defined as unwanted and unsolicited messages sent to an
enormous list of recipients.
Typically, spam is sent in an email form for a commercial purpose (i.e. when a company tries to promote
its products or services). Spam can turn into malware when it contains a malicious program that accesses
your device when you open the email attachments or links.
How is spam harmful?
Commercial spam at most can only irritate you and fill in your inbox. Spam can only be truly dangerous
when they contain malware or scam methods.
Spam as a scam medium works when users enter personal information on a fake website using emails that
forged as if they come from a reliable source, such as PayPal. This sort of scam is known as phishing.
Malicious Software
We are no longer able to imagine a world without modern technology. Nearly everyone uses mobile
devices every day and businesses cannot operate without the Internet. Today’s advances though come
with risks. Are you aware of the cyber security risks of malware to your business? Do you know how it
gets into your devices, systems, and network? How it accesses your data and how you can prevent it?
Everything you need to know about malware and how to protect yourself.
Malicious software, also known as malware, can get into your computer and perform actions without your
permission, giving hackers full access to your data, devices, and systems. You could compare it to a
common cold. You probably can’t remember the exact time you got infected and it may even stay dormant
for a while. However, once it’s active, you will begin to notice the damage it is actually doing. Just like a
cold, malware changes over time. It continues to get smarter and faster, finding new ways to access your
device or network.
Malicious software was initially designed as a form of cyber vandalism, breaking computers or changing
your background and accessing your personal information. It has since been adopted by criminals
launching cyber attacks to hold valuable business and personal data for ransom, hack passwords to access
bank accounts, or track information to steal identities.
Malicious software is a more growing threat to small and medium businesses. It can affect almost any
device such as computer, phone, or tablet to larger systems (servers). It is not limited to devices that are
online either, malware can get into debit card readers, a POS system, ATMs, and other types of devices via
a USB, infected cards, or even loaded on at the factory.
Malware causes damage to your device or software, which might mean your device, will not operate the
way it used to or might even shut down completely. Other types of malware, known as ransomware, lock
or delete files, unless a ransom is paid. Malware can also lead to your personal or business information
falling into the wrong hands. For businesses of any size, this could result in operational downtime, fines,
loss of customers, or reputational damage.
Approved by Curriculum Development Centre (CDC), Nepal
Information Security and Cyber Law Unit 8 … 497.
Types of Malicious Software
Malware comes in all shapes and sizes and each one has different prevention methods and infection
treatments. We will explore the most common types of malware and how to recognize them.
1. Ransomware: It locks your files and demands you pay a ransom to unlock and access them again.
This type of malware is rapidly becoming more advanced. It can immediately start deleting files as
soon as you are infected, pressuring you to pay up. One of the most common ways that ransomware
can access your computer is through phishing. Phishing uses email as a weapon, disguising itself as a
legitimate email and tricking the user into opening the email or attachment.
2. Trojans: It behaves like a Trojan horse in Greek mythology. The soldiers hid inside of the horse to
penetrate the city wall of Troy and waited until nightfall to attack. A Trojan works in a similar way. It
disguises itself as a trusted software program or application to get into your system and attack later.
Trojans offer disguise them as a computer game download from a hijacked website.
3. Worms: They are a type of malware that uses a computer network to replicate itself and spread. They
are self-replicating and unlike viruses, do not need human action to quickly spread through your
computer, or even an entire network. Worms often gain entry to a computer through a security
vulnerability or weakness.
4. Keylogger: Keylogger malware is a dangerous threat to a PC user’s privacy. It will track your
keystrokes and save them in a hidden file on your computer. After a certain amount of time, the file
is sent to the hacker automatically, who will use the keystroke data to get your passwords or
personal and business information. Keylogger malware often enters a computer system as a Trojan,
disguised as a free or useful app or download, and can install itself within a system when a user is
clicking and browsing the Internet or downloading software.
5. Bots: Bots are a type of malicious software that operates as an automated computer program and can
be controlled by one, or many, outside sources. Bots are used to gather information through chats or
similar web-based programs. A botnet is one or more bots that can be used for attacking websites
where a hacker controls multiple bot-infected computers. A hacker can use the botnet to stage
distributed denial-of-service attacks, steal data, send spam, or access a device and its Internet
connection. To stage a boot or botnet attack, the attacker often gains access to a computer using a
virus or other malicious malware.
6. Rootkit: It is malicious malware designed to remotely access or control a computer without being
detected by a user or security software programs. Using rootkits, cyber criminals can execute files,
steal information, modify configurations, alter software, or even install more malware. Rootkits can
be included in software applications and can enter a computer through phishing attacks or through
security vulnerability. A rootkit is very difficult to remove, so prevention is key measure.
7. Spyware: It is a type of malicious software that spies on user activity, from collecting keystrokes to
browser history to data harvesting. However, spyware often has additional capabilities as well,
ranging from modifying your security settings to interfering with network connections. Spyware
enters computers as a virus, or Trojan, or bundling itself with trusted programs.
8. Virus: It acts similar to how viruses spread in people, a computer virus is software that attaches itself
to a program or application in order to be activated and can be passed from computer to computer or
across an entire network. Once attached, each time that application or program is opened or runs, the
virus runs as well and can infect other programs or documents.
Approved by Curriculum Development Centre (CDC), Nepal
.498 … Computer Science–I
9. Prevention: Prevention is the best defense against malicious software. There are key ways to protect
yourself and your business from a malware infection, social engineering or other damaging cyber
attack.
10. Safeguard your data: Whether data is stored in the cloud, on premise, or on devices, it is important
to have the appropriate protection in place so you can secure it and recover it in case of a disaster or
cyber attack. Data protection should include network security, content filtering, email encryption,
server antivirus, data loss prevention, and backup and disaster recovery.
11. Secure your devices: As the number of devices we use continues to grow, this results in more
gateways for cyber attackers. Security services must be in place to protect devices. Device protection
should include antivirus, patch management, regular vulnerability scans, secure web gateways, and
web server hardening. Reducing your attack surface is an important first step in addressing the
security of your business.
12. Protect your employees: Employees should understand the role they play in the company’s
protection. This can be challenging for IT to control but creating a culture of cyber security is critical.
Best practices should include secure authentication, secure remote working, defining enforceable
processes and policies, and providing security awareness and training.
PRIVACY AND ANONYMITY
According to Webster's New World Dictionary the meanings of privacy is 'Secrecy; or one's private life or
personal affairs'. In practice this means that there is information a person is not willing to share with other
people or institutions or wants to limit the distribution of that information.
Information itself does very seldom have any real value alone, but it's value becomes imminent when it is
used. This applies to bank account numbers, business plans, opinions and knowledge. However, to be able
to use information one needs to communicate it with other partners. So, the concept of privacy, in
connection with information in a networked society, means an ability to store and communicate
information in a secure manner.
Along with the widespread use of computers, networks and internet, privacy and anonymity are emerging
as serious issues related with once personal information, and its communication. Privacy and anonymity
on the Internet are as important as they are difficult to achieve.
Anonymity means "without a name". It means the state of an individual's personal identity, or personally
identifiable information, being publicly unknown. It means the real author of a message is not shown.
Anonymity can be implemented to make it impossible or very difficult to find out the real author of a
message. In many cases, people prefer to hide their identity and become anonymous. There can be many
reasons behind once preference to be anonymous. The reasons can be legal, legitimate and socially
approved on. For example, a person providing donation may prefer to remain anonymous for whatever
reason. Similarly, a person being threatened may obscure his identity, a person disclosing confidential
information also prefers to remain unidentified and so on. But, people committing illegal actions prefer to
hide behind anonymity; such as criminals do not reveal their identity to avoid arrest or to conceal the
truth.
Approved by Curriculum Development Centre (CDC), Nepal
Information Security and Cyber Law Unit 8 … 499.
If we talk about privacy and anonymity in terms of the information and communication technology, and
specially the internet, those people who try to hack websites, access others private documents without
permission, send abusive messages, spread viruses and send spams, involve in frauds, and intrude others
privacy try to remain anonymous.
We frequently receive anonymous messages or emails from internet. Here, anonymous means that does
not carry any information about its sender and its intended recipient. It is therefore unclear if multiple
such messages have been sent by the same sender or if they have the same intended recipient.
INTELLECTUAL PROPERTY RIGHT (IPR)
Before discussing intellectual property right, we must understand the meaning of intellectual property.
Intellectual property (IP) refers to creations of the mind, like inventions, literary and artistic works, and
symbols, names, images, and designs used in commerce. IP is divided into two categories. They
are Industrial Property, and Copy Right and Related Right
Industrial property includes inventions (patents), trademarks, industrial designs, and geographic
indications of source; and Copyright, which includes literary and artistic works such as novels, poems and
plays, films, musical works, artistic works such as drawings, paintings, photographs and sculptures, and
architectural designs. Rights related to copyright include those of performing artists in their
performances, producers of phonograms in their recordings, and those of broadcasters in their radio and
television programs.
The innovations and creative expressions of indigenous and local communities are also considered as IP,
because they are “traditional”. Access to, and equitable benefit-sharing in, genetic resources also raise IP
questions.
The intellectual property right is related with IP. The definition of IPR as defined by World Intellectual
Property Right Organization (WIPO) is given below.
Intellectual Property Rights(IPR) are the rights given to persons over the creations of their minds.
They usually give the creator an exclusive right over the use of his/her creation for a certain period of
time. Intellectual property rights are customarily divided into two main areas:
1. Copyright and rights related to copyright
2. Industrial property
1. Copyright and rights related to copyright: The rights of authors of literary and artistic works (such
as books and other writings, musical compositions, paintings, sculpture, computer programs and
films) are protected by copyright, for a minimum period of 50 years after the death of the author.
Also protected through copyright and related (sometimes referred to as “neighboring”) rights are the
rights of performers (e.g. actors, singers and musicians), producers of phonograms (sound
recordings) and broadcasting organizations. The main social purpose of protection of copyright and
related rights is to encourage and reward creative work.
2. Industrial property: Industrial property can usefully be divided into two main areas:
One area can be characterized as the protection of distinctive signs, in particular trademarks (which
distinguish the goods or services of one undertaking from those of other undertakings) and
geographical indications (which identify a good as originating in a place where a given characteristic
Approved by Curriculum Development Centre (CDC), Nepal
.500 … Computer Science–I
of the good is essentially attributable to its geographical origin).The protection of such distinctive
signs aims to stimulate and ensure fair competition and to protect consumers, by enabling them to
make informed choices between various goods and services. The protection may last indefinitely,
provided the sign in question continues to be distinctive.
Other types of industrial property are protected primarily to stimulate innovation, design and the
creation of technology. In this category, fall inventions that are protected by patents, industrial
designs and trade secrets.
The social purpose of IPR is to provide protection for the results of investment in the development of
new technology, thus giving the incentive and means to finance research and development activities.
A functioning intellectual property regime should also facilitate the transfer of technology in the
form of foreign direct investment, joint ventures and licensing. The protection is usually given for a
finite term (typically 20 years in the case of patents). It should also be noted that the exclusive rights
given are generally subject to a number of limitations and exceptions, aimed at fine-tuning the
balance that has to be found between the legitimate interests of right holders and of users
DIGITAL SIGNATURE
In digital world, data and information having document send through the digital media. It is necessary to
assure the document which is send from one place to another place well protected that means the
document remains authenticate, integrity, and no repudiate. For that, it is the concepts cryptographic
Digital signature is used.
Digital signatures are the public-key primitives of message authentication. In the physical world, it is
common to use handwritten signatures on handwritten or typed messages. They are used to bind
signatory to the message.
A digital signature is a mathematical scheme for verifying the authenticity of digital messages or
documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very strong
reason to believe that the message was created by a known sender (authentication), and that the message
was not altered in transit (integrity).
Similarly, a digital signature is a technique that binds a person/entity to the digital data. This binding can
be independently verified by receiver as well as any third party.
Digital signatures employ asymmetric cryptography (pairs of key-public and private key). Digital
signature is a cryptographic value that is calculated from the data and a secret key known only by the
signer.
In real world, the receiver of message needs assurance that the message belongs to the sender and he
should not be able to repudiate the origination of that message. This requirement is very crucial in
business applications, since likelihood of a dispute over exchanged data is very high.
Digital signatures are very efficient technique in legally binding documents because they are difficult to
imitate and can be time-stamped.
Digital signatures are a standard element of most cryptographic protocol suites, and are commonly used
for software distribution, government security and confidentiality issue, financial transactions, contract
management software, and in other cases where it is very important sensitive data and necessary to detect
forgery or tampering.
Approved by Curriculum Development Centre (CDC), Nepal
Information Security and Cyber Law Unit 8 … 501.
Advantages of digital signature
Saves Time: No longer have to wait for your manager to return from a holiday or conference for that
signature. Digital signatures ensure that businesses save on cost and time with documents and
contracts signed off with a click of a button. There are huge savings in cost and time especially when
the person required to sign is in a geographically different area. Documents can be signed off almost
instantly, from anywhere. Be it a tablet, phone or computer, digital signatures can seamlessly ensure
this otherwise tedious task is wrapped up in minutes.
Cost Savings:Many companies also see significant cost savings, with little or no expense in ink,
paper, printing, scanning, shipping/delivery or travel expenses. There are also savings in other
indirect costs such as filing, rekeying data, archiving, or tracking.
Workflow Efficiency: With lesser delays, digital signatures ensure better efficiency in workflow.
Managing and tracking documents are made easier, with lesser effort and time involved. Many
features of the digital signatures help speed up the work process. For instance, email notifications
help remind the person to sign, while status tracking, help to know at which stage the document is
at.
Better Customer Experience: Digital signatures provide the convenience of signing important
documents where ever a customer or the person to sign is located. Sales persons do not have to wait
for the customer to come to the bank or office. Documents can be signed off at the door step. This is
ideal, especially in remote areas and smaller townships providing improved and personalized
services. The customer has the freedom to be anywhere, and engage with a company, making
services and businesses far easier, quick and user friendly.
Security: When it comes to signatures, authenticity and security is a priority. Digital signatures
reduce the risk of duplication or alteration of the document itself. Digital signatures ensure that
signatures are verified, authentic and legitimate. Signers are provided with PINs, password and
codes that can authenticate and verify their identity and approve their signatures. Time stamping
provides the date and time of the signature and thus provides a track of the document, minimizing
any risk of tampering or fraud. Security features embedded in digital signatures ensure that
documents have not been altered without authorization.
Legal Validity: The Digital signatures provides authenticity and ensures that the signature is
verified. This can stand in any court of law like any other signed paper document. Time stamping
and ability to track and easily archive documents improve and simplify audit and compliance.
Future Validity: Digital signatures also hold validity into the future. ETSI PDF Advanced Signatures
(PAdES) with its eIDAS requirements have validity well into the future with its long term signature
formats. Should there be far reaching technological changes, digital signatures would still be valid for
the foreseeable future.
Environmental Benefits: As corporate and business become more conscious of their role in
sustainability, digital signatures is a step ahead in their efforts in reducing waste and being
environmental friendly.
Business efficiency: The costs involved in integrating digital signatures into the work processes is
relatively small, compared to its benefits. With quicker contract turnaround time, and reduced the
work flow time, digital signatures are ideal for both small and large organizations.
Approved by Curriculum Development Centre (CDC), Nepal
.502 … Computer Science–I
CYBER LAW
Different types of activities are performed on or through computers and networks in digital form. Almost
all transactions in shares are in demat form. Almost all companies extensively depend upon their
computer networks and keep their valuable data in electronic form. Government forms including income
tax returns, company law forms etc are now filled in electronic form. Consumers are increasingly using
credit cards for shopping. Most people are using email, cell phones and SMS messages for communication.
Digital signatures and e-contracts are fast replacing conventional methods of transacting business. Even in
"non-cyber crime" cases, important evidence is found in computers, cell phones e.g. in cases of divorce,
murder, kidnapping, tax evasion, organized crime, terrorist operations, counterfeit currency etc.
Criminal activities in the cyberspace are on the rise. Along with the expansion of such electronic based
activities, use of ICT in information generation, processing, transmission and communication or any kind
of transactions cyber crime cases are frequently encountered. Cyber crime cases such as online banking
frauds, online share trading fraud, source code theft, credit card fraud, tax evasion, virus attacks, cyber
sabotage, phishing attacks, email hijacking, denial of service, hacking, pornography etc are becoming
common. It is said that "The modern thief can steal more with a computer than with a gun. Tomorrow's
terrorist may be able to do more damage with a keyboard than with a bomb".
So, like the laws in non-cyber world to curb down the crime cases, law is necessary to protect the
computer or cyber world from cyber crimes. These laws are called cyber laws. In today's highly digitalized
world, almost everyone who is connected with the computer technology is affected by cyber law.
Cyber law is the law that provides ways to deal with cyber crimes. We need such laws so that people can
perform purchase transactions over the Net through credit cards without fear of misuse. The law is
intended to offer the legal framework so that information is not denied legal effect, validity or
enforceability, solely on the ground that it is in the form of electronic records. In view of the growth in
transactions and communications carried out through electronic records, the law is also necessary to
empower government departments to accept filing, creating and retention of official documents in the
digital format. The law also provides a legal framework for the authentication and origin of electronic
records and communications through digital signature. Generally, a cyber law or act is expected to
provide the following;
• Provide e-mail as a valid and legal form of communication in the country that can be duly produced
and approved in a court of law.
• Provide legal infrastructure to carry out electronic commerce.
• Give legal validity and sanctions to digital signatures.
• Open the doors for the entry of corporate companies in the business of being Certifying Authorities
for issuing Digital Signatures Certificates.
• Allows Government to issue notification on the web thus heralding e-governance.
Enables the companies to file any form, application or any other document with any office, authority,
body or agency owned or controlled by Government in electronic form.
• Address the important issues of security, which are so critical to the success of electronic
transactions.
• Provide statutory remedy in case if anyone breaks into the computer systems or network and causes
damages or copies data, etc.
Approved by Curriculum Development Centre (CDC), Nepal
Information Security and Cyber Law Unit 8 … 503.
Cyber Law is the law governing computers and the Internet. Cyber law generally provides the legal
infrastructure for E-commerce or e-transactions. It also gives draconian powers to the Police to enter and
search, without any warrant, any public place for the purpose of nabbing cybercriminals and preventing
cybercrime. Cyber law also generally have provision of the arrest of any person who is about to commit a
cybercrime. Cyber law is important because it touches almost all aspects of transactions and activities on
and concerning the Internet, the World Wide Web and Cyberspace. In view of the growth in transactions
and communications carried out through electronic records, the Act seeks to empower government
departments to accept filing, creating and retention of official documents in the digital format.
The cyber act or law defines different cyber crimes. If we talk about the cyber law of India, it defines five
types of cyber crimes. They are; damage to computer source code, hacking, publishing electronic
information which is lascivious or prurient, breach of confidentiality and publishing false digital
signatures.
INFORMATION COMMUNICATION TECHNOLOGY (ICT) POLICY IN
NEPAL
IT was first introduced in 1971, to process the National population census data. National Computer Center
(NCC) was established in 1974 with the objective of providing IT training within Nepal. NCC, developed
software for various government agencies, processed examination results for SLC Board and Tribhuvan
University. It also conducted regular training courses on Computer Literacy and software applications.
NCC was dissolved in 1998 and the Ministry of Science and Technology came into existence. High Level
Commission for Information Technology (HLCIT), and National Information Technology Centre (NITC)
are currently in operation under the MOST. They are working towards creating IT policies, programs,
software, data banks, conducting IT related seminars, workshops and trainings.
Private sector began its activity in early eighties after the introduction of Personal computers. In 1992
Mercantile Communication Pvt. Ltd. (MCPL) started commercial E-mail through Internet and in 1995 it
was formally registered with Government of Nepal as first Internet Service Provider (ISP). Since 1999
Government has liberalized its policy to use own VSAT. Now there are more then 15 ISPs in operation and
around 10,00,000 Internet users (NPC, 2002).
IT can provide enormous opportunities and benefits to all. IT can be developed as a powerful
infrastructure to overcome difficulties posed by the country’s geographical diversity, and minimize the
problem of digital divide. Therefore, we should take advantage of the latest achievements of rapid
development in the sector of information technology (IT). Moreover, it is the need of the time to create an
environment where consumers could get maximum output from public agencies at the minimum expense
of labor, time and resources. Realizing these facts, the government of Nepal declared the IT policy of
Nepal to tap the opportunities brought about by IT, in time. The IT policy declared by the government of
Nepal in 200 AD is called “Information Technology Policy 2057 (2000)”.
The objectives envisaged by the IT policy 2057 of Nepal are;
To make information technology accessible to the general public and increase employment
through this means.
To build a knowledge-based society.
To establish knowledge-based industries.
Approved by Curriculum Development Centre (CDC), Nepal
.504 … Computer Science–I
The vision set up by the IT Policy 2057 is;
“To place Nepal on the Global Map of Information Technology
within the next five years.”
The IT policy has adopted fifteen different strategies of rapid development and expansion of information
technology in a fair and competitive environment to accomplish the three objectives of the policy. The
strategies adopted by the IT Policy 2057 are;
1. The government will act as a promoter, facilitator, and regulator.
2. Carry on research, develop and expand information technology with a high priority to participation
of the private sector.
3. Prepare capable manpower with the involvement of both public and private sectors for sustainable
development and expansion of information technology.
4. Encourage native and foreign investment for the development of information technology and
infrastructure pertaining to information technology.
5. Place Nepal on the global map through information technology.
6. Legalize and promote e-commerce.
7. Assist in e-governance by using information technology.
8. Utilize information technology in the development of rural areas.
9. Promote information technology industries.
10. Create a healthy, competitive environment for information technology service providers and provide
them speedy and qualitative service at a reasonable cost.
11. Include computer education in curriculum from the school level.
12. Enhance professional efficiency through the use of information technology.
13. Expand the information technology network to the rural areas.
14. Establish Nepal in the international market in information technology.
15. Increase export of services related to information technology (software and hardware) to 10 billion
rupees within the next five years.
Similarly, in order to implement the above strategies, the IT policy has adopted seventeen different
implementation policies. They are;
1. To declare information technology sectors a prioritized sector.
2. To follow a single-door system for the development of information technology.
3. To prioritize research and development of information technology.
4. To create a conducive environment that will attract investment in the private sector, keeping in view
the private sector's role in the development of information technology.
5. To provide internet facilities to all Village Development committees of the country in phases.
6. To render assistance to educational institutions and encourage native and foreign training as a
necessity of fulfilling the requirement of qualified manpower in various fields pertaining to
information technology.
Approved by Curriculum Development Centre (CDC), Nepal
Information Security and Cyber Law Unit 8 … 505.
7. To computerize the records of each governmental office and build websites for them for the flow of
information.
8. To increase the use of computers in the private sector.
9. To develop physical and virtual information technology park in various places with the private
sector's participation for the development of information technology.
10. To use information technology to promote e-commerce, e-education, e-health, among others, and to
transfer technology in rural areas.
11. To establish National Information Technology Centre.
12. To establish a national level fund by mobilizing the resources obtained from His Majesty's
Government, donor agencies, and private sectors so as to contribute to research and development of
information technology and other activities pertaining to it.
13. To establish venture capital funds with the joint participation of public and private sectors.
14. To include computer education in the curriculum from the school level and broaden its scope.
15. To establish Nepal in the global market through the use of information technology.
16. To draft necessary laws that provides legal sanctions to the use of information technology.
17. To gradually use information technology in all types of governmental activities and provide legal
sanctions to its uses in such activities.
The IT policy has set up action plan as well for it’s successful implementation, and fulfill the set objectives.
The major components of the action plan are;
1. Participation of private sector in infrastructure development: This component of action plan is
intended to attract private and foreign investment in the areas like Information, Technology Park,
research and development, technology transfer, and human resource development.
2. Infrastructure development: This component envisages to establish IT park in Banepa, development
of an info-super highway and north-south info-highway, linking Nepal with other parts of the world
through a broadband information network, establishing internet nodes at regional and district
headquarters, and providing telecommunication and electricity services to IT entrepreneurs.
3. Human Resource Development: Improvement of quality of education through IT, introducing
computer science and engineering subjects at graduate and post-graduate level in universities,
providing computer education at high school level as subject, providing computer education to all by
2010 AD, providing scholarships for higher study, preparing middle level manpower in collaboration
with private sector, making knowledge of computer compulsory to newly recruited teachers, and
providing computer education to in-service teachers is included under human resource development
action plan.
4. Dissemination of Information Technology: Different measures has been devised for the extensive
dissemination of information technology. Some of the measures pursued are; encouraging
educational institutions and hospitals to use IT services, and development of IT through solar power,
formulating and launching of three year plan to computerize government offices and linking them
with internet, developing web sites of ministries and departments, introducing distance education
through internet and intranet, development of Nepali content for internet Developing Networking
systems like school-net, research-net. Commerce-net and multilingual computing systems, etc.
Approved by Curriculum Development Centre (CDC), Nepal
.506 … Computer Science–I
5. Promotion of E-commerce and so forth: This component aims to promote e-business, tele-medicine,
tele-processing, distant learning etc by means of legal infrastructure development, support,
encouragement, and conducive environment. Provisions for protecting intellectual property right in
IT, and exporting software export has also been included.
6. Facilities: The facilities sought for the development of the IT are – establishing venture capital fund
under the concept of public private participation, levying one percent custom duty on all kinds of
computer spare parts imported by training institutions, operating twenty four hour software
development services, giving domestic preferences for the IT products, encouraging Non Resident
Nepali to invest in IT in Nepal etc.
The provision of eighteen member institutional framework has also been made as National
Information Technology Development Council (NITDC) under the chairmanship of the prime
minister.
IT Policy, 2000, had, for the first time, provided specific legal and institutional framework for the
development of IT in the country. In this pretext, golden opportunities have emerged for the
development of various sectors including education, health, agriculture, tourism and trade, through
the development of IT. Legal and institutional systems are gradually being established for the
development and use of IT in Nepal. Electronic Transaction Act and Regulation have been
implemented. High-Level Commission on IT under the chair of Prime Minister has been formed and
is in operation. In comparative terms, achievements of the policy have not been as expected in the
development of IT. Even then, information network, National Information Super-Highway,
expansion of accessibility to IT, and e-government, have become a matter of national necessities.
Though the policy has envisioned many interesting, and practical strategies and policies, our
experiences show that almost non of the strategies, policies or programmes has been implemented
successfully. No significant progress has been made in either sector. So, we can say that, although the
government has declared IT policy in 2000, it couldn’t be implemented as expected and couldn’t
meet it’s objectives due to lack of infrastructure, commitment, dedication and honesty. The authority
was unable to realize the power of IT in the development of the country. The policy turned out to be
ambitious, was unable to realize and address IT
problems from the grass root level.
Approved by Curriculum Development Centre (CDC), Nepal
Information Security and Cyber Law Unit 8 … 507.
SUMMARY
Digital Society Digital Divide
Digital technologies have permeated our everyday tasks and The relationship between technology and development has
interactions in the 21st century. They have changed the way we frequently been perceived as a linear relationship. Those countries
learn, work and socialize. This reliance on the use of technology in with advanced technology in place are progressing rapidly than
the modern world has led to much consideration of the those without. Information gives knowledge. Because the
consequences for society regarding how we engage and interact information has emerged as one of the vital resources of every
with each other and how we make use of these digital tools and development activity, information rich people or countries are
communications channels. considered as powerful. Moreover, the rapid growth in the activities
like Information generation, processing, transmission, and
The digital computer is a key technology of the modern era and development of hardware and software required to perform all
has been central and essential to key operations in modern these activities has turned the industrial era into knowledge based
industrial society, including manufacturing, transport and era. ICT has been used as one of the major source of employment
distribution, government, the military, health services, education generation, and economic and social transformation. Hence, the
and research. And their impact will most likely increase over the societies without the knowledge of and access to ICT infrastructure
next century. are seen as poor. Therefore, the gap between the countries having
strong ICT infrastructure are becoming more powerful and
Computer Ethics stronger, while the countries like Nepal are lagging behind. The
same situation exists between the urban and rural people within
Ethics deals with placing a “value” on acts according to whether the country. This gap between the countries or between the
they are “good” or “bad”. Every society has its rules about whether citizens within the country is called Digital Divide.
certain acts are ethical or not. These rules have been established
as a result of consensus in society and are often written into laws. The Three Aspects of The Digital Divide
These laws are seen as ethics. So, ethics is a set of moral
principles that govern the behavior of a group or individual. Digital divide is mainly based on access to the use ICTs. However,
based on access, knowledge and skill of the user about the ICT
Commandments of Computer Ethics and its uses, digital divide can be divided into three types. They
are;
The Ten Commandments of computer ethics have been defined by
the Computer Ethics Institute. They are; 1. Digital divide caused by access to ICT: It is based on the
difference between individuals or countries with access ICT
1. Thou shalt not use a computer to harm other people. and those without access to ICTs.
2. Thou shalt not interfere with other people's computer work 2. Digital divide caused by usage of ICT: It is based on
individuals who know how to use these technologies and
3. Thou shalt not snoop around in other people's files those who do not.
4. Thou shalt not use a computer to steal 3. Digital divide caused by usage quality: It is based on the
differences between those same users or the users of the
5. Thou shalt not use a computer to bear false witness same category, but with different level of knowledge and skill
on ICT and its uses.
6. Thou shalt not use or copy software for which you have not
paid Information Security (INFOSEC)
7. Thou shalt not use other people's computer resources without Information security is a set of strategies for managing the
authorization: processes, tools and policies necessary to prevent, detect,
document and counter threats to digital and non-digital information.
8. Thou shalt not appropriate other people's intellectual output Infosec responsibilities include establishing a set of business
processes that will protect information assets regardless of how
9. Thou shalt think about the social consequences of the the information is formatted or whether it is in transit, is being
program you write processed or is at rest in storage.
10. Thou shalt use a computer in ways that show consideration
and respect
Similarly, following seven essential components of a
personal code of computer ethics have been identified.
They are Honesty, Respect, Confidentiality,
Professionalism, Responsibility, Communication, and
obeying the law.
Approved by Curriculum Development Centre (CDC), Nepal
.508 … Computer Science–I
It is part of information risk management. There are some basic 12. Protect your employees
components of information security which are:
1. CIA Triad Intellectual Property Right (Ipr)
2. Confidentiality
3. Integrity The intellectual property right is related with IP. The definition of
4. Availability IPR as defined by World Intellectual Property Right Organization
5. Identity and Access Management (WIPO) is given below.
6. Identification
7. Authentication Intellectual Property Rights(IPR) are the rights given to persons
8. Authorization over the creations of their minds. They usually give the creator
9. Accountability an exclusive right over the use of his/her creation for a certain
10. Risk Management Concepts period of time. Intellectual property rights are customarily
11. Vulnerability divided into two main areas:
12. Risk
1. Copyright and rights related to copyright
Computer (Cyber) Crime
2. Industrial property
Cyber crimes can be basically divided into 3 major categories:
1. Cybercrimes against persons. 1. Copyright and rights related to copyright: The rights of
2. Cybercrimes against property. authors of literary and artistic works (such as books and other
3. Cybercrimes against government. writings, musical compositions, paintings, sculpture, computer
programs and films) are protected by copyright, for a minimum
Malicious Software and Spam period of 50 years after the death of the author. Also protected
through copyright and related (sometimes referred to as
These are the unwanted things that may hamper or simply irritate “neighboring”) rights are the rights of performers (e.g. actors,
the users either in the form of malware or spam. They are: singers and musicians), producers of phonograms (sound
1. Spam recordings) and broadcasting organizations. The main social
2. Malicious Software purpose of protection of copyright and related rights is to
Types of Malicious Software encourage and reward creative work.
1. Ransomware
2. Trojans 2. Industrial property: One area can be characterized as the
3. Worms protection of distinctive signs, in particular trademarks (which
4. Keylogger distinguish the goods or services of one undertaking from
5. Bots those of other undertakings) and geographical indications
6. Rootkit (which identify a good as originating in a place where a given
7. Spyware characteristic of the good is essentially attributable to its
8. Virus geographical origin).The protection of such distinctive signs
9. Prevention aims to stimulate and ensure fair competition and to protect
10. Safeguard your data consumers, by enabling them to make informed choices
11. Secure your devices between various goods and services. The protection may last
indefinitely, provided the sign in question continues to be
distinctive.
Other types of industrial property are protected primarily to
stimulate innovation, design and the creation of technology. In
this category, fall inventions that are protected by patents,
industrial designs and trade secrets.
Approved by Curriculum Development Centre (CDC), Nepal
Information Security and Cyber Law Unit 8 … 509.
EXERCISE
Short Answer Questions
1. Define Digital divide.
2. Define spam.
3. Define digital signature.
4. Define cyber bullying.
5. Define IT.
Long Answer Questions
1. Explains computer ethics.
2. Explain three aspects of Digital divide.
3. Define and explain information security.
4. What is cyber crime? Explain it.
5. Define and explain malicious software.
6. Explain privacy and anonymity.
7. Define and explain intellectual property right.
8. Explain Digital signature.
9. Explain cyber law.
10. What are protection methods to the cyber crime?
11. Explain ICT policy in Nepal.
12. Explain the social impact of ICT.
■■■
Follow the step by step procedures to solve the problem:
1. Objectives: The problem should be stated clearly so that there will not be the chance
having right solution to the wrong problem.
2. Output requirements: Before we know what should go into the system, we must know
what should come out from the system being developed.
3. Input requirements: To get the above designed output, it is required to define the input
data and source of input data.
4. Processing requirements: It is required to clearly define processing requirements to
convert the given input data to the required output.
5. Evaluating output: Here, it is important to check whether required output is obtained or
not based on objectives.
Approved by Curriculum Development Centre (CDC), Nepal
BIBLIOGRAPHY
Balagurusamy, E. (1993). Programming in Basic. Tata McGraw Hill Publishing Company Limited. New Delhi.
Balagurusamy, E. (4th ed.). Programming in ANSI C. Tata McGraw Hill Publishing Company Limited. New
Delhi.
Basandra, S.K. Computers Today: Updated Edition, Galgotia Publications. India.
Evans, P. (2001). Information and Communication Technology, 2nd, Payne-Gallway Publishers
French, c.S. (1996). Computer Science, 5th, W.M. Print Ltd.
Gookin, Dan and Mullen, robert. The PC Upgrade Guide for Everyone. BPB Publications, India.
Jaiswal, S. (2001). Information Technology Today, 3rd, Galgotia Publication.
Leon Alexis and Mathews. Fundamentals of Information Technology. Leon Vikas, India.
Leon Alexis and Mathews. Internet for Everyone. Leon TECHWorld, India.
Leon, Alexis & Mathews Leon (1996). Fundamentals of Information Technology, Vikash Publication
Malvina, Alber Paul, and Leach, Donald P. (4th ed.). Digital Principles an Applications. Tata McGraw Hill
Publishing company Limited, India.
Mano, M. Morris. Digital Logic and Computer Design. Prentice Hall of India Limited, India.
Norton, Peter, (2006), Introduction to Computers, 6th, Tata McGrw - Hill
Ritchie, C. Operating Systems: Incorporating UNIX and DOS. DP Publications Limited, England.
Sinha, P.K. (2003), Computer Fundamentals, 4th Edition. BPP Publication. INdia.
Sinha, Pradip K. & Priti Sinha, Computer Fundamentals, 4th, BPB Publication
Stallings, William. (4th ed.). Computer Organization and Architecture. Prentice Hall of India Limited, India.
Stephen doyle, (1999). Information Systems For You, 2nd, Stanley Thornes (Publishers) Ltd.
Tanenbaum, Andrw s. (4th ed., 2003). Computer Networks. Pearson Education Inc., India.
Web References
1. http:/ /www.webopedia.com/TeERM/C.computer_system.html
2. http:/ /dragon.ep.usm.edu/∼it365/module/Basics/system.htm
3. http:/ /en.wikipedia.org
4. http:/ / www.google.com.np
5. http:/ / images.google.com.np
6. http://isweb-redwoods.cc.ca.us/Instruct/Calderwoodd/Diglogic/index.htm
7. http://computer.howstuffworks.com
8. http://epanorama.net
9. http:/ /isweb.redwoods.cc.ca.us/Instruct/Calderwoodd/Diglogic/index.htm
10. http:/ /www/it-station.co.uk
■■■
Approved by Curriculum Development Centre (CDC), Nepal