Computer Security And The Law :: essays research papers

I. Introduction     You are a calculator administrator for a large manufacturing company. Inthe middle of a production run, all the mainframes on a crucial network grind toa halt. Production is slow costing your company millions of dollars. Uponinvestigating, you find that a virus was released into the network through with(predicate) aspecific account. When you confront the owner of the account, he claims he uncomplete wrote nor released the virus, but he admits that he has distributed hispassword to "friends" who need ready entry to his info files. Is he liable forthe loss suffered by your company? In whole or in part? And if in part, for howmuch? These and colligate questions are the subject of calculating machine police. The answersmay very depending in which give tongue to the crime was committed and the judge whopresides at the trial. Computer pledge impartiality is new field, and the legal defecatement has yet to reach broad understanding on may key issues.     Advances in computer security law have been impeded by the reluctance onthe part of lawyers and adjudicate to grapple with the technical side of computersecurity issues1. This problem could be mitigated by involving technicalcomputer security professional in the development of computer security law andpublic policy. This paper is meant to second bridge to gap between technical andlegal computer security communities.II. THE TECHNOLOGICAL PERSPECTIVEA. The Objectives of Computer Security     The principal objective of computer security is to protect and assurethe confidentiality, integrity, and availability of automated entropysystems and the info they contain. Each of these terms has a precise meaningwhich is grounded in introductory technical ideas about the flow of information inautomated information systems.B. Basic Concepts     There is a broad, top-level consensus regarding the meaning of mo sttechnical computer security concepts. This is partly because of governmentinvolvement in proposing, coordinating, and publishing the definitions of underlyingterms2. The meanings of the terms used in government directives andregulations are generally make to be consistent with past usage. This is not tosay that there is no unlikeness over the definitions in the technicalcommunity. Rather, the range of such disagreement is much narrower than in thelegal community. For example there is presently no legal consensus on exactlywhat constitutes a computer3.     The term used to establish the scope of computer security is "automatedinformation system," often truncate "AIS." An Ais is an assembly ofelectronic equipment, hardware, software, and firmware configured to collect,create, communicate, disseminate, process, store and control data or information.This includes numerous items beyond the central processing unit and associated