Secure Computer Systems I, 5.0 c
Course code:1DT072, Report code:11213, 33%, DAG, NML, week: 44 - 03 Semester: Autumn 2014
Preparation for the panel debate Dec 5
On December 5 we have three invited guests for a panel discussion on societal and ethical aspects of computer security, and legal ramifications.
To prepare, have a look at the following material, and start thinking about the issues. This is not an examination session, but the more you have already thought about the subject the better.
To which interests (such as regular end users, corporations, government agencies etc) are the basic qualities of computer security (e.g. Confidentiality, Integrity, Availability, Tracability) most important? (Think e.g. email, Cloud services, banking, statistics, Netflix, ATMs, forum comments fields, stock trading.)
Who should secure the data or systems? Should e.g. companies protect users' data and ensure the qualities? (Who can achieve what qualities?) What does the regular end user need to do?
Which interests could be at work to manipulate these qualities? What are the consequences for users?
Surveillance, or Security vs privacy
Are security and privacy two opposing interests? If they are, should one be the prevailing one or can there be a balance between them? What level of surveillance is OK for various interests to perform (e.g cameras in private locations, Google or Facebook tracking users, companies reading employees' mail, NSA doing everything, including trying to find terrorists)?
Network operators/ISPs want to avoid monitoring/storing/walling-in network traffic because it is expensive and impopular (why?), but sometimes want to reserve the right to use traffic shaping to create "fast lanes" for paid premium services (e.g. streaming video). What is OK and what is not? What are the consequences and effects for users? (What material will be harder to access, or easier?)
What does the future look like if things continue this way? Do we need to try to change it - and how?
Links to interesting material