Question

* The course name Ethics in information Technology*

1-Using your research skills, find the meaning of the following terms, which constitute important parts of trustworthy software:

-Security

-Reliability

-Privacy

2-List your references. (You should have at least 3 references)

Answer 1

Security:

• The security of a software is depended upon both the physical as well as the software security of an organization which will help us in keeping the software safe and secure for any further use.
• The system must implement a firewall with honeypots for advanced security. In the firewall, there must be both the hardware and software version installed as both the version have some disadvantages over each other.
• Hence, it will nullify each of the disadvantages and can be used for different calibers in the system. As the software firewall can be used for adding rules and all the administrator stuff.
• And, the hardware firewall can be used to gain security for the packets that are entering the network and exiting the network. The honeypots will come in action before the firewall.
• What honeypots actually do in such conditions, the honeypots acts as a real system faking the attacker as, if, his attack has been a success. Honeypots can be considered as a mirage to our actual system.
• Hence, the attacks information can be later on used for upgrading the actual system and securing it from the discovered vulnerabilities or loopholes.

Reliability:

• The reliability of the software defines the software as a failure free product which can be used for a specific period of time and for a specific period of time.
• The reliability of the software completely depends on the process of developing the software and the maintenence of the software which will eventually reflect the perfection of the software and also define the design durability.
• There are few steps that we can ensure while developing the software so that it turns out to be fully reliable. They are as follows:
  • Preparing:
    • One must always prepare for the risks and also keep the systems checked for the vulnerabilities.
    • The best approach is to plan and make changes to the system as soon as the updates are launched to a particular system.
    • The planning must work accordingly so that the risks are being minified at the user's end.
  • Verifying & Eliciting:
    • Verifying each & every potential risk in the system and if found critical then eliciting the risk will ensure that the risks are eliminated properly.
    • The elimination of the risks is also being done on a certain level so that there are no further risks remaining in the system to check.
  • Analyzing gaps & Evaluating:
    • Analyzing for risks is the major activities that must be taken on the developing end because if a risk is analyzed in the earlier stage it is less destructive for the system.
    • Evaluating the level of the risks also become important for the users so as to make the risks less effective on the systems.

Privacy:

• The privacy of the software completely depends on the developing process and how one has kept in mind about the security policy while developing the software which is the most important part here.
• For privacy also there are some points that must be kept in mind while developing the software. They are as follows:
  • Knowing The Risks:
    • It is the most important part while creating security policies to know what risks are there in the system.
    • How the information is been manipulated at the client as well as the server end. Hence, making the process more secure as data is the part for which security is always compromised.
  • Knowing The Wrongs Done By Others:
    • Knowing that the organizations who have been gone through the certain risks which reside in your system. Learning from the mistakes made by others is always the most effective way of setting guidelines.
    • The guidelines to the security policy consist of the most probable wrong things that each and every organization with similar risks are been doing.
  • Keeping Legal requirements in mind:
    • Many times organizations completely forget about the legal requirements that are been required by the officials.
    • Hence, keeping the legal jurisdictions, data holdings and the location in which you reside is also most important.
    • Recently, this has been the case with Facebook's most controversial data theft.
  • Setting the level of security:
    • The level of the security that is been planned must always be kept in mind with the level of risks that are been residing in the system.
    • Excessive security in the system can also cause hindrance to the smooth business operations and hence, overprotecting oneself can also be a cause to the problem.
  • Training Employees Accordingly:
    • The training of the employees in a certain part of the security is also a major part of the security policy as the employees are the one who makes mistake.
    • So, if one trains their employee in such an order that they minimize the mistakes that are been made it will become great for the system.

Hence, these are the three pillars of the security in software and how must they be maintained within the development process.

Reference:

• Nap.edu
• Guide2research
• Bluestatedigital