Promulgated for Electronic Transaction on 22 Mangsir,
2063 (Act 27)
Summary:
§
IT Consumers,
their certification, digital copyright, their legal status, control,
authentication and permission are explained.
§
The network
facilities provided by the computer vendors, their duties and responsibilities
are clearly stated.
§
The law has also
explained about the criminal activities such as forged documentation, leakage
of privacy etc.
§
A person or
vendor or supplier acting against law will be responsible for the consequences
of the judiciary and he/she can be fined or jailed or both punishment can be
bailed.
§
The law has also
explained about:
®
Bilateral
contracts, their certification, legal status, authentication, provision etc.
®
The computer
users, rights of computer employees.
§
Also known as
ETDSA
§
Electronic Transaction
and Digital Signature Act was released on 2061, Amended 2063. (2061/05/30)
§
To Support law
and to bring IT Policies HLCIT has been formed and is in action.
§
According to
MOST, the law strongly defines the standard acts to the following.
§
All the transactions
and signatures carried out via electronic means receive a legal recognitions,
thus paving the way for the development of ICT in the country.
§
The act fills
the emptiness in the Cyber Industry.
§
It would bring
about changes in the market of software and hardware industries in Nepal.
§
It would be
implemented in all government offices, its related organisations and local
bodies.
§
It has strong
provisions for punishment against cyber crimes. The cyber criminals can be
fined upto NRS. 5,00,000.00 or liable to imprisonment of upto five years or
both.
§
The act has
provisions for office of the controllers that issue license of certificate to
the IT industries.
Cyber law is necessary due to following reasons:
§
To take
advantage of globalization due in context of IT development.
§
To reduce cyber
crime.
§
To maintain a
norm.
§
To solve the
problems related to E-Business transactions.
Cyber Space:
§
The virtual
environment created by the internet, computers, computer communication and
network data of any organization.
Computer Security Risk
§
An event, action
or situation that could lead to the loss or destruction of computers on the
data they contain.
Computer/Cyber Crime & Criminals
§
Crime carried
out by means of internet.
§
Illegal
activities executed on the internet.
A. Password Guessing
1.
Password
Guessing
2.
Shoulder Surfing
3.
Packet Sniffers
4.
Dumpster Diving
5.
Social
Engineering (Falls call for password)
6.
Super User
Status
B. Salami Saving & Data Diddling
§ Inside Job - Intruders
C. Forgery
§
To make data
appear to come from one place when it is really coming from another.
§
Panksters: can
easily originate forged e-mail message.
§
Spammers:
Marketers who send unsolicited e-mail.
®
To disguise the
origin of their message.
D. Security Loophole Detection Programs (SATAN, Intruders)
E. Computer Viruses
F. Hackers
§
Computer
hobbyists who enjoy pushing computer to their limits.
§
They experiment
with program to try to discover undocumented features, capabilities that are
not mentioned in system's manuals.
§
Try to track
down all the weakness and loopholes in system's security.
§
An outsider who
has penetrated a computer system usually with no criminal record.
Hacking
§
Intentionally
gaining unauthorized access to an information system.
§
Two types of
hacking are:
®
White Hacking: Hackers motivate the information holders to
further secure their data by pointing to their flaws without doing any kind of
offensive destruction.
®
Black Hacking: Hackers break into
other's information system to have an unauthorized access.
§
The terms grey
hackers or brown hackers are often used to describe ones, who lie the
borderline of above two.
§
Hacking
frequently involves people acting in different states.
§
The obsessive
use of computers or the unauthorized access and use of networked computer
system.
No comments:
Post a Comment