CSC 379: Ethics in Computing  
  Summer II 2006  
 
 
 
  CSC 379  
 
HOME
  
 
Announcements
  
 
Homework & Grading
 
 
TEXTBOOK
  
  COURSE OVERVIEW  
  This course is a survey of the ethical issues involved in computing. It discusses the way that computers and software pose new ethical questions or pose new versions of standard moral problems and dilemmas. It stresses case studies that relate to ethical theory.  
     
  INSTRUCTOR  
  Edward F. Gehringer
Office: 2301 Partners I
(919) 515-2066
Office hours:
MW 2:45-3:45
efg@ncsu.edu		  
     
  TEACHING ASSISTANT  
  Ahmed Bakir
abakir@ncsu.edu
919-641-6642		  
     
  Lesson 12: Database and Web privacy - online assignments  
     
  Lecture  
 

Database privacy. Maureen Mitchell and her husband discovered the hard way how un-private databases can be. In March 2000, their identities were stolen over the Internet, and the thieves made large purchases, procured bank loans, and opened credit accounts in their name. Although they had never conducted financial transactions on the Web and always carefully guarded their credit data, their data was available online. »

 
     
  Reading  
  Related readings (not mandatory) can be found on the Database Privacy and Web Privacy pages on the Ethics in Computing Web site.  
     
  Quiz  
  Take the quiz using WebAssign  
     
 
Discussion
  
  SSNs and Identity Theft (Only Group D has an online discussion for this lesson.)

Identity theft is the top consumer fraud complaint in America. One of the most common ways that identity theft is committed is through the theft of an individual's Social Security number. Failing to safeguard your SSN is a good way to become a victim of identity theft.

  • How does possession of someone's Social Security number facilitate identity theft?

One problem is that SSNs are widely used as keys for databases. Another problem is that the financial-services industry frequently uses SSNs as PINs for account access.
  1. If you were a database administrator, what key would you use in a database, say, for student records?
  2. An approach that works well for choosing database keys might not work well for assigning PINs for account access. Why not?
  3. With respect to account PINs, the other side of the coin is that forgetting one's PIN shouldn't deny someone access to their bank account, mutual fund, or life insurance. Can you design a scheme for granting access that is resistant to identity theft but not cumbersome for a customer to use?
You might want to read "Proposal to reduce identity theft with personal identification numbers" and "Why SSNs make bad keys in databases" for help in answering the questions above. »
     
     
  The deadline for taking the quiz and participating in the discussion is Monday, July 31 at 11 PM.