MIR-011 Cyberspace Technology and Social Issues

Evolution and
UNIT 1 EVOLUTION AND GROWTH Growth of ICT
OF ICT
Structure
1.1 Introduction
1.2 Objectives
1.3 Evolution of ICT
1.4 Meaning of ICT
1.5 Benefits of ICT
1.6 E-readiness Assessment of States/UTs
1.7 The Global Scenario
1.8 ICT and Economic Growth
1.9 Summary
1.10 Terminal Questions
1.11 Answers and Hints
1.12 References and Suggested Readings
1.1 INTRODUCTION
ICT deals with how digital information passes between the devices. The most prolific
example is the Internet, a worldwide network of computers linked together by
telephone lines. There are however, other examples, like mobile phones, interactive
televisions and personal organizers. It is a cross cutting theme in the objective of the
programme because of the recognition by the European Commission and UK
Government that ICT has the potential to have a major impact on the prosperity of
Merseyside. When ICT is applied to business, it can Lower Costs, raise productivity
and improve customer and supplier relationship. In learning, ICT widens participation
and raises attainment. In public services, ICT engages people with services more
effectively and in communities, ICT links people to economic opportunity and brings
together those with common agendas.
1.2 OBJECTIVES
After going through this unit, you should be able to:
• describe the meaning and different forms of ICT;
• explain the evolution of ICT;
• list the advantages of ICT;
• state the E-readiness assessment of States/UTs;
• discuss the global scenario of ICT; and
• discuss the role of ICT in economic growth. 5
Introduction to ICT and
Cyberspace 1.3 EVOLUTION OF ICT
The first major use of Information Technology (IT) could be said to have started
with the introduction of early mainframe computers to respond to the needs of scientific
research and the Government’s statistical data gathering and processing, where the
technology helped to speed up research and forecasting. These techniques were
later applied to the business environment where mainframe computers and robotics
were used to automate business processes and number crunching functions. From
automation of business processes, IT was then applied to higher value-adding,
functions such as design, resource planning, sophisticated manufacturing and
mission critical functions the developments and applications of IT have stretched
beyond imagination. Together with the rapid development and innovation in
telecommunication technology and the Internet, this evolution has ushered in many
new business models and applications.
ICT is robust that it can be harnessed in many ways, but its true potential is limited
only to the human mind. With ICT, the physical boarder dissipates as information
moves freely through the digital medium which is less controlled as compared to
other existing mass media. Globalisation is said to accelerate, and enabled by ICT,
making market bigger and more accessible by business with strong capital,
management and technology. Business or E-commerce has started to be done virtually
and transaction occurs at a click of a mouse anywhere and any time. Scientific
findings churn faster and newer discoveries and inventions through the journal and
reports are made available through ICT. The technology that began life as a faster
way to process data and compute statistics has become pervasive in almost all parts
of our life today. So ICT has become the backbone of Techsavvy Society, having
combined both information technology and communication through digital
environment today.
Please answer the following Self Assessment Question.
Self Assessment Question 1 Spend 2 Min.
i) ICT has become the backbone of __________.

ii) ______________, _________________, interactive televisions are few
examples of ICT.
1.4 MEANING OF ICT

ICT is an acronym that stands for Information Communications Technology
However, apart from explaining an acronym, there is not a universally accepted
definition of ICT Why? Because the concepts, methods and applications involved in
ICT are constantly evolving on an almost daily basis. It is difficult to keep up with
the changes because they happen very fast.
Let us focus on the three words behind ICT:
- INFORMATION,
- COMMUNICATIONS, and
6 - TECHNOLOGY
A good way to think about ICT is to consider all the uses of digital technology that Evolution and
Growth of ICT
already exist to help individuals, businesses and organizations also use information.
ICT covers any product that will store, retrieve, manipulate, transmit or receive
information electronically in a digital form. For example, personal computers, digital
television, email and robots.
ICT is concerned with the storage, retrieval, manipulation, transmission or receipt of
digital data. Importantly, it is also concerned with the way these different uses can
work with each other.
In business, ICT is often categorised into two broad types of product: -
1) The traditional computer-based technologies (things you can typically do on a
personal computer or using computers at home or at work); and
2) The more recent and fast growing range of digital communication technologies
(which allow people and organizations to communicate and share information
digitally)
Let us have a brief look at these two categories to demonstrate the kinds of products
and ideas that are covered by ICT:
Traditional Computer Based Technologies
These types of ICT include:
Application Use
Standard Office Applications - Main Examples are as below:
Word processing, e.g. Microsoft Word: Write letters, reports etc;
Spreadsheets, e.g. Microsoft Excel, Analyse financial information, calculations, create
forecasting models etc.
Database software, e.g. Oracle, Microsoft SQL Server, Access, Managing data in
many forms, from basic lists (e.g. customer contacts to complex material like
catalogue).
Presentation software, e.g. Microsoft PowerPoint, make presentations, either directly
using a computer screen or data projector, publish in digital format via email or over
the Internet
Desktop publishing, e.g. Adobe In design, Quark Express, Microsoft Publisher,
produce newsletters, magazines and other complex documents; and
Graphics software, e.g. Adobe PhotoShop and Illustrator, Macromedia Freehand
and Fireworks, create and edit images such as logos, drawings or pictures for use in
DTP, web sites or other publications
Specialist Applications - Examples
Accounting packages, e.g. Sage, Oracle, manage an organization’s accounts including
revenues/sales, purchases, bank accounts etc. A wide range of systems are available
ranging from basic packages suitable for small businesses to sophisticated ones
aimed at multinational companies.
7
Introduction to ICT and Computer Aided Design (CAD) is the use of computers to assist the design process.
Cyberspace
Specialized CAD programs exist for many types of design like architectural,
engineering, electronics and roadways.
Customer Relations Management (CRM) is a software that allows businesses to
better understand their customers, by collecting and analysing data, such as their
product preferences, buying habits etc. Often linked to software applications that
run call centers and loyalty cards, for example, traditional computer based
technologies.
The C part of ICT refers to the communication of data by electronic means, usually
over some distance. This is often achieved via networks of sending and receiving
equipment, wires and satellite links. The technologies involved in communication
tend to be complex. You certainly do not need to understand them for your ICT
course. However, there are certain aspects of digital communications that you need
to be aware of. These relate primarily to the types of network and the ways of
connecting to the Internet. Let us look at these two briefly (further revision notes
provide the details to support your study).
i) Internal networks
Network which used to share information between a specific group or peoples
of an entity. Internal network is also known as private network. In corporate
world internal network mean the entire employ realm login to one common
domain “not Microsoft OS domain” to access the enterprise’s shareable
application like payroll, health insurance, or emergency services or business
development services. This type of applications are proprietary to the particular
organization. To share the information between employees or different groups
of organization, it requires its own network which is also called as private
network or internal network.
This is also usually referred to as a local area network (LAN), this involves
linking a number of hardware items (input and output devices plus computer
processing) together within an office or building. The aim of a LAN is to be
able to share hardware facilities such as printers or scanners, software
applications and data. This type of network is invaluable in the office
environment where the colleagues need to have access to common data or
programs.
ii) External networks
Like we discussed the internal network is the private network and restricted
from the outer world. External network is also called public network. A business
entity or the corporate provide the information and business solution on the
www form or web page to the public on external network of the company, so
all the individuals can go the external network and fetch the information from
anywhere according to their requirement. External network is provided by the
service provider or also called backbone carrier. For example, AT& T “the
mother bell” is also known as the backbone carrier or service provider world
wide. It means when two remote business entity like to share the private
information they can use any service provider network i.e. “External network”
to complete their communication path.
Often you need to communicate with someone outside your internal network; in this
8 case you will need to be a part of a Wide Area Network (WAN). The Internet is the
ultimate WAN - it is a vast network of networks.
Evolution and
ICT in a Broader Context Growth of ICT
ICT will almost certainly cover the above examples of ICT in action, perhaps focusing
on the use of the key applications such as spreadsheets, databases, presentations,
graphics and web design software.
It will also consider the following important topics that deal with the way ICT is used
and managed in an organization:
− The nature of information (the “I” in ICT): this covers topics such as the meaning
and value of information, how information is controlled, the limitations of ICT,
legal considerations;
− Management of information: this covers how data is captured, verified and
stored for effective use the manipulation, processing and distribution of
information, keeping information secure, designing networks to share
information; and
− Information systems strategy: this considers how ICT can be used within a
business or organization as part of achieving goals and objectives.
Thus, ICT is a broad and fast-changing subject.
A new generation of computer network software aims at building virtual communities:
permanent (or at least recurring) online meeting places where people can work and
play, buy and sell, gossip and govern, flirt and fight and generally seek their fortunes.
The first such places are being built more or less ad hoc. Their builders are mostly
innocent of the history of human efforts to shape the spaces where people live so
that these might better serve people’s needs and express their dreams. Construction
tools appropriate to the physical (i.e. electronic) constraints of shared online
environments are rapidly becoming available. But there is no generally accepted
conceptual framework for their design, nobody of validated experience to guide
their construction. There is not yet any architecture for cyberspace.
In a world so new that its most fundamental properties are still being created (gravity,
for example), cyberspace designers confront - consciously or unconsciously − many
of the classic architectural challenges which may be classified as:
i) Selecting from alternative construction approaches and materials: The “native”
medium of cyberspace, a finely woven mesh of polygons with subtly refractive
polychrome surfaces, demands more machine resources than most visitors can
currently afford to. A richly realised environment is thus, in cyberspace as
elsewhere, inevitably an elitist one. Buildings based on simple cubes covered
with low-resolution bitmaps are accessible to all, but are also banal and
dispiriting. How can we build virtual villages that are at once idiomatic,
pleasant to be in and socially inclusive?
ii) Using pre-fabricated elements to reduce costs and speed up construction.
Cyberspace is made of software; and software engineers have been wrestling
for decades with a problem that is also central to modern architecture − how
systems can be modularly designed to make them more economic and more
reliable. Here, however, the issues are more complex, since cyberspace
communities are built on a constantly shifting infrastructure. In fact, the
relationship between structure and infrastructure is all but reversed; how can 9
Introduction to ICT and we design places for human community that can survive a continual re-design
Cyberspace
of the foundations on which they are built?
iii) Supporting sensible patterns of traffic flow: In most virtual settings, people can
fly. In some, they can also “beam” instantly from one point to the next, ignoring
all barriers. People may be present without taking up any visible space, or
alternatively their virtual representative (“avatar”) may be so huge or so resource-
intensive that it fills a space intended to hold a hundred visitors. What is “traffic”
when the users of a space are themselves constructs produced by other
(perhaps even antagonistic) designers?
iv) Designing to human scale: In the virtual world, the role of “size” as a design
factor is disconcertingly variable. It depends on the visitor’s/user’s field of view
and functional reach, which in turn depends on the power of the user’s display
and controls. It is like the shift to electronic music, where timbre, volume and
tonal range, once given by the physical nature of instrument, become variables,
which the composer/performer must learn to control. Issues of appropriate
scale do not go away, but must be redefined in relative terms: what is the ratio
of sizes that must be maintained to support different experiences?
v) Designing new structures (or re-purposing the old ones) to enhance existing
settings: The Musee D’Orsay and the new subterranean entrance arcade created
for the Louvre will soon have their analogues in cyberspace; perhaps a
conference room smuggled into the design model of an automobile engine, or
an entire city whose “streets” are the circuit diagrams of a computer processor.
Current work to build a database of 3D mages (the “Digital Human”) to serve
as an explorable setting for medical education suggests part of the challenge;
how can virtual reality help making physical/natural structures more accessible?
The far broader issue is: how can we connect the various virtual environments
we build to one another? What design criteria can be established to aid the
process of linking new worlds to the old?
There would-be cyber-architect navigating this maze of conflicting constraints in
search of more than just the solution to a puzzle. In cyberspace as in the physical
world, the goal of architectural design is always a place which, while fulfilling its
various functions, also communicates something to (and about) the people.

Discuss the meaning of the term information and communication technology?
.................................................................................................................
.................................................................................................................
.................................................................................................................
.................................................................................................................
.................................................................................................................
.................................................................................................................
10
Evolution and
1.5 BENEFITS OF ICT Growth of ICT
Obviously, there are significant tangible and intangible benefits of ICT:

• Can be a powerful enabler of development goals because its unique
characteristics dramatically improve communication and the exchange of
information to strengthen and create new economic and social networks;
• Is pervasive and cross cutting as it can be applied to the full range of human
activity from personal use to business and government. It is multifunctional and
flexible, allowing for tailored solutions — based on personalisation and
localisation — to meet diverse needs; and
• Facilitates disintermediation, as it makes it possible for users to acquire
products and services directly from the original provider, reducing the need for
intermediaries. This not only become a considerable source of efficiency, but
has in fact been one of the factors leading to the creation of an alternative
development paradigm that skips the formation of Co-operatives and self-
help groups.
It is, thus, evident that ICT has the potential to bring in multiple benefits in the areas
of governance, integration of marginalized sections, development of rural areas
profitability, and productive improvement in major sectors of the economy. This
would provide the much-needed forward linkage by adding value to information for
using it as an enabler that has been discussed widely in literature. What needs to be
tested are the various hypotheses that evaluate the role of ICT and its contribution
and impact on the Indian economy.
1.6 E-READINESS ASSESSMENT OF STATES/UTs

It is defined as the degree to which a country/state is prepared to participate in the
networked world. It would demand the adoption of important applications of ICTs
in offering interconnection between government, business and citizens.
In this context, it has become important to regularly take stock of e-readiness at the
country level, states/UTs level and in major verticals to ascertain the status of
underlying infrastructure, human resources, policy regimes, investments climate etc
and arrive at what steps need to be taken to optimize investment and reach free
potential. In that sense, “India: E-readiness Assessment Reports 2003 & 2004”
which carry out the assessments at the disaggregated level of states/UTs throw up
some useful and valuable insights.
Encouraged by the overwhelming response and positive feedback received on the
E-readiness Assessments 2003 & 2004, Department of Information Technology
(DIT), Govt. of India (GOI) has initiated E-readiness Assessment 2005 for the
states and UTs. National Council of Applied Economic Research (NCAER), which
is a premier research agency has once again been entrusted the task of state
government and ranking based on the fair selection process.
States have used e-readiness assessment reports to carry out the road map of
improving their network readiness as well as increasing the penetration of ICT for
economic development; in fact the states are engaged in policy competition for
improving the e-readiness.
11
Introduction to ICT and E-readiness Assessment 2005
Cyberspace
In the current report, effort has been given to analyse the time series data to understand
how states have adopted strategies/action plan to improve the network-readiness.
The section on case studies in the current report would not only confine to appearing
projects but also would examine e-governance initiatives undertaken, general
governance changes, policy changes initiated as per the act of increased penetration
of ICT etc.
E-readiness Framework 2005
The network readiness index framework will be used for the e-readiness study
2005 and is based on the following broad parameters, which are further classified
into sub indication:
• Environment for ICT offered by agent country or community:
Market; Political/regulating; and Infrastructure;
• Readiness of the community’s key stakeholder to use ICT:
Individual readiness; Business readiness; and Government readiness;
• Usage of ICT among the stakeholders:
Individual usage; Business usage; and Government usage. The chosen

framework is based upon the following premium.
There are 3 stakeholders to consider in the development and use of ICT:

Individual, Business & Government.
The degree of usage of ICT by (and hence the impact of ICT on) the
three stakeholders is linked to their degrees of readiness (or capability) to
use and benefit from ICT.
There is a general macro economic and regulatory environment for ICT in

which the stakeholders play out their respective rules.
E-readiness Index 2005
A factor analytic technique will be used to construct the e-readiness index and based
on this, the states will be classified into following six categories:
• Leaders
• Aspiring Leaders
• Encepeatants
• Average Achievers
• Below Average Achievers
• Leant Achievers
12
Please answer the following Self Assessment Auestion. Evolution and
Growth of ICT

True or False:
i) E-readiness is the degree to which a country/state is prepared to participate
in the networked world. ( )
ii) States have used e-readiness assessment reports to carry out the road
map of improving their network readiness as well as increasing the
penetration of ICT for economic development. ( )
iii) A factor analytic technique will be used to deconstruct the e-readiness
index. ( )
1.7 THE GLOBAL SCENARIO

All the countries are making serious efforts to participate in the digital economy.
Asia has become an emblem of the borderless economy. India’s famed IT-enabled
service (ITES) sector, which now contributes an estimated US$17bn to the economy
annually, is a Shining example to the emerging markets. India’s success story has
been replicated throughout the region — there are booming call centres surrounding
Manila, customer help desk centres in Malaysia, and Korean and Japanese
language software production houses in China. It is ironic that India hardly appears
on the e-ready radar screen, though it is starting to push ahead. Many countries are
reaping benefits from being at least partially e-ready, even if they do not have all the
components that support digital services (Complete technology infrastructure,
favourable policy, business and social environments) in place. But it is also clear that
having one or more of the basics in place can go a long way, as a country leverages
what e-assets it has to generate competitive advantage. In the Indian context, it
would be helpful to look at the level of e- preparedness of the Indian states, as this
would be helpful in assessing the strengths and weaknesses in the e-readiness
environment and consequently appropriate remedies can be planned.
During 1991, the twin programs of macro economic stabilisation and structural
reforms were initiated. It has been argued that reforms carried out till date are not
enough for the Indian economy if the country wishes to ensure the quality and
sustainability of growth on a long-term basis. This, the policy planners argue, would
be accomplished through second-generation reforms. The second-generation reforms
simply aim at improving government efficiency through a reduction in the fiscal
deficit. They aim to bring about increased private sector participation in
developmental activities and sustaining high growth through appropriate institu-
tional mechanisms. It can be observed from factors that indicate the health of the
state (debt to GSDP, levels of fiscal deficit, primary deficit and revenue deficits to
GSDP) that the objective of the second-generation reforms is to improve the
governance and observe the requisite fiscal discipline. It is here that one can see a
major role for ICT and e-governance. In practice, state reform and government
modernisation nowadays can hardly proceed without calling upon ICTs. In fact,
from long-term perspective the second-generation reforms are needed to sustain
the ICT revolution. The second-generation reforms in general suggest that increased
13
Introduction to ICT and involvement of the private sector in development activities and promotion of private
Cyberspace
investment in the industry and infrastructure segments of the state is required. Hence,
reforms, particularly in the areas of right institutions, administrative, legal and
regulatory functions of the state coupled with the restructuring of the incentives
and actions that are required for greater participation of the private sector in
developmental activities has become imperative.
E-governance: ICT has made the development of a new service delivery model
possible, which can bring about a major shift in the way the government does business.
Anywhere anytime access brings in incredible opportunities, but there is a downslide
for state and local governments.
First, the public sector is held to a higher standard than the private sector
particularly in terms of risk. Second, with new technologies come whole new levels
of competition. Digital government is all about using technology to improve the
access to and delivery of public services. The goal is to create a network that builds
closer relationships with all stakeholders − citizens, businesses, governments and
the workforce − while maintaining security. With the expansion of e-governance,
there are increasing concerns about the security of transactions, which also need to
be addressed. Specific e-governance initiatives that provide particular solutions to
some governmental problems which are associated with ICT components, can
contribute to one or more of these valued functions:
● increasing the efficiency of government operations: economists and social
scientists call this “greater efficiency of the public administration by the
automation/digitization of administrative functions”—in other words,
simplifying processes and improving service delivery. Resources are used more
effectively, and better tools are made available to both staff and agencies, as
well as to the clients’ interaction with the service. Efficiency gains are the first
quoted arguments for ICT infusion. It is usually the first step, which started
decades ago when automation was brought in, but the process is a long,
continuous one.
1.8 ICT AND ECONOMIC GROWTH

According to NASSCOM data, the IT industry’s contribution to the Indian GDP
has also increased from approximately 1.4 per cent in 1998-99 to more than 3 per
cent in 2002-03 and is estimated to grow further to 3.8 per cent, highlighting its
increasing importance to the Indian economy. Contrast this share of ICT around 3.8
per cent of GDP with the combined share of all registered manufacturing in various
industry segments ranging from food processing, beverages, textiles, leather, basic
chemicals, petrochemicals, iron and steel, basic metals such as aluminum, copper,
rubber and petroleum, machinery, both electrical and mechanical which is just around
11 per cent of GDP. This combined share had marginally declined during the 1990’s
while the ICT sector in the national income is increasing at a brisk pace now .
Obviously the importance of this sector needs no further emphasis. Apart from the
indirect contribution that IT makes to the Indian Economy through e-governance
etc the direct contribution of IT exports is becoming increasingly important. The
sectors that exhibit strong backward-linkages with other sectors of the economy
are presumed to have a higher output multiplier. Sectors, which have an output
multiplier of two or more, can be treated as key sectors for economic growth. The
14 ICT sector which reveals an output multiplier that is higher than the average− contrary
Evolution and
to the popular perception that this sector may not have strong backward linkages− Growth of ICT
can be an eye-opener for the Indian policy planners. The ICT sector, in context of
the output multiplier, has a rank of 30 of a total 115 sectors and the Software Sector
corresponds to a rank of 80 out of 115 sectors. The increase in ICT output does
have a significant output multiplier effect and should thus be encouraged. The
employment multiplier for the ICT industry has been estimated at 0.183 man-years
per lakh of output in 2000-01 prices. In other words, an additional output of the
ICT sector to the tune of Rs 1 lakh would ensure 0.183 man-years of jobs created.
For the software sector alone, which is the sector of interest, the output multiplier is
1.78 and the employment multiplier is 0.2096. In other words, increased output of
one lakh in the software sector creates an additional employment of 0.2096 man-
years. The rank for both the ICT and the software sector in terms of the employment
multiplier is 110 out of total 115 sectors.
It is important to look at the economic implications of the above observations. For
instance, the CSO has estimated that the value of output at current prices for the
software sector during 1999-2000 is at Rs 21,263. The linkages among different
sections of an economy are of crucial significance in understanding the trajectory of
any industry. The significance and potential of any industry can be observed by
looking at three important indicators, i.e. the output multiplier, the employment
multiplier and the degree of forward linkage. As elaborated earlier, the output
multiplier can be defined as a total increase in output generation for one unit increase
of final demand in a particular sector. The employment multiplier is specified as
man-years of additional employment created for an increased unitary output of the
sector. Both these measures spell out the backward linkages with the other sectors
of the economy in terms of output and employment effect. Forward linkages refer to
the inter relationship between a particular sector and all other sectors which demand
the output of the former as inputs. To better understand the macroeconomics of the
ICT sector we analyse these parameters. In the input-output table, the’ Other
Services Sector’s’’ employment and output multiplier coefficients were taken as
output and employment multiplier of “ICT sector’’ in the first iteration. However, the
importance of ICT sector cannot be clubbed with Other Services category. Thus,
the NCAER research team looked at direct coefficients (employment/output and
input/output) for ‘‘Software Sector’’ from the CSO and for ‘‘Hardware Sector’’
from the ASI data. Since the direct coefficients from input-output table and CSO
table were available, we used two sets of direct coefficients; one from the 114th
sector of the input - output table which corresponds to the “Other Services Sector”
and the other for software and hardware clubbed together to obtain output and
employment multiplier coefficient that is reflective of the entire ICT sector. For the
ICT sector (software and hardware) output in 2000-01 is at Rs. 21,263 crores and
at Rs. 50,302 crores in 2002-03. Within this short gap of 3 years, the output of the
software sector has increased by 29,039 crores and in this period the economy has
been able to create 6.8 lakh man-years of employment, or in simpler terms, this
sector has been able to create jobs for 24,500 people who would be able to work
in this sector for the next 25 years. Its contribution to GDP in 1999-2000 was Rs
14,619 crores and Rs. 34,584 crores in 2002-03 current prices. The contribution
of the software sector alone out of the ICT sector, in GDP has increased from 0.83
per cent in 1999-2000 to 1.54 per cent in 2002-03 (all figures in current prices).
Direct employment in the software sector in 1999-2000 was 322983 according to
CSO (corresponding figures for the year 2002-03 are not available). The
15
Introduction to ICT and contribution of the hardware sector to GDP in 1999-2000 was Rs 796 crores and
Cyberspace
employed around 16,800 persons. The output of the hardware sector in 1999-
2000 was Rs. 4400 crores. Though the ICT industry in India is mainly export oriented,
domestic consumption does show a forward linkage that is not high as on date but is
expected to increase in the coming years as the economy and the using domestic
sectors mature making greater use of ICT in business, governance and
society.(Resource:CSO report 2005, NASSCOM MCKINSEY Report 2005)

What are the indicators to determine the importance and potential of any industry?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
Let us now summarize the points covered in this unit.
1.9 SUMMARY
• ICT stands for information, communication and technology.
• ICT is concerned with the storage, retrieval, manipulation, transmission or receipt
of digital data. Importantly it is also concerned with the way these different
uses can work with each other.
• ICT is very essential for businesses, individual and government.
• E-readiness is the degree to which a country/state is prepared to participate in
the networked world and demand the adoption of important applications of
ICTs in offering interconnection between the government, business and citizens.
• It is important to regularly take stock of e-readiness at the country level, states/
UTs level and in major verticals to ascertain the status of under lying
infrastructure, human resources, policy regimes, investments climate etc and
arrive at what steps need to be taken to optimize investment and reach free
potential.
• ICT has the potential to bring in multiple benefits in the areas of governance,
integration of marginalized section, development of rural areas profitability and
productive improvement in major sectors of the country’s economy.
• In practice, state reforms and government modernisation can hardly proceed
16 without calling upon ICT.
Evolution and
1.10 TERMINAL QUESTIONS Growth of ICT
1) What are the advantages of ICT? Explain.

2) How does ICT help to grow the economy? Analyse it from Indian point of
view.
3) Describe about the global status of ICT in brief.
4) Discuss E-readiness assessment of State/UTs?
1.11 ANSWERS AND HINTS

Self Assessment Questions
1) (i) Tech Savvy Society and (ii) the Internet, Mobile Phone
2) ICT stands for Information Communications Technology. ICT is concerned
with the storage, retrieval, manipulation, transmission or receipt of digital data.
3) (i) True, (ii) True (iii) False.
4) The significance and potential of any industry can be observed by looking at
three important indicators, i.e. the output multiplier, the employment multiplier
and the degree of forward linkage.
Terminal Questions
1) Refer to section 1.5 of the unit.
3) Refer to section 1.7of the unit.
1.12 REFERENCES AND SUGGESTED READINGS

1. Government of India. Ministry of communication and Information Technology.
InformationTechnology Annual Report. Department of Information Technology
15 Jan.2007< http://www.mit.govt.in.>.
2. Government of India. Ministry of Statistics & Program Implementation.

Millenium Development Goals India Country Report. CSO Reports and
Publications. 2005. 26 Dec.2006< http://www.mospi.nic.in/>.
3. NASSCOM Mckinsey Report. NASSCOM.2005.30 Dec.2006

<http://www.nasscom.in/nasscom/templates/normalpage.aspx?id.
17
Cyberspace
UNIT 2 COMPUTER HARDWARE,
SOFTWARE AND PACKAGES
Structure
2.1 Introduction
2.2 Objectives
2.3 Evolution and Development of Computing
2.4 Hardware Components of Computers
2.5 What is Software?
2.5.1 Difference between System Software and Application Software
2.6 System Software: Functional Categories

2.6.1 System Control Programs
2.6.2 System Support Programs
2.7 Software Crisis

2.8 Application Software or Packages
2.9 Summary
2.1 INTRODUCTION
Modern computers are equipped with powerful hardware facilities driven by extensive
software packages. Today computing speed is very high and it is capable of doing
huge amount of work within seconds with proper accuracy. Nowadays computing
and telecommunication both controls the whole universe with multiple manners. To
access the state of art of computing, it is always better to review the historical
milestones in the developments of computers. Nowadays the computer system plays
such a vital role that no corporate or individual can survive without it by any means.
Starting from the country’s national security to any common issue, the use of the
computer system is enormous.
In general, the computer accepts inputs, then processes it, and gives the output.
2.2 OBJECTIVES
After studying this unit, you will be able to:
• describe the evolution and development of computing;
• list hardware components of a computer;
• explain what is software and the different types of software; and
• discuss major problems faced by the management, namely software crisis.
18
Computer Hardware,
2.3 EVOLUTION AND DEVELOPMENT OF Software and Packages
COMPUTING
As far as hardware technology is concerned, the first generations (1945-1954)
used vacuum tubes and relay memories interconnected by insulated wires. The second
generation (1955-1964) was marked by the use of discrete transistors, diodes, and
magnetic ferrite cores, interconnected by printed circuits. The third generation (1965-
1974) was started with integrated circuits (ICs) for both logic and memory in small
scale or medium scale integration (SSI or SMI) and multilayered printed circuits.
The fourth generation (1974-1991) was started with large scale or very large scale
integration (LSI or VLSI) having core memory replaced with semiconductor memory.
High density and high-speed processors are used in the fifth generation (1991-
Present) and memory chips based on even more improved VLSI technology are
used. For example, 64-bit 3.0 GHz microprocessors are now available on a single
chip. Random Access Memory (RAM) of more than 1024 MB is commonly available
in the market now.
The First Generation: From architectural and software point of view, these were
built with a single central processing unit (CPU) which performed serial fixed-point
arithmetic using a program counter, branch instructions, and an accumulator. The
CPU must be involved in all memory access and input/output (I/O) operations.
Machine and assembly language were used in first generation computers.
The Electronic Numerical Integrator And Calculator (ENIAC), built at the school
of the University of Pennsylvania in 1950, was the first model of the first generation
Computers.
The Second Generation: In this era of computers, index registers, floating-point

arithmetic, multiplexed memory, and I/O processors were introduced. High-level
Languages (HLLs), such as Fortran, ALGOL, and Cobol were introduced along
with compilers, subroutines and batch processing monitors. Irving Reed (1957)
developed registers Transfer Language for systematic design of digital Computers.
Example for the above system is IBM 7030 (the stretch computer) featuring
instruction look ahead and error-correcting memories built in 1962.
The Third Generation: These were being started with microprogrammed control.
Pipelining and cache memory were introduced to close up the speed gap between
the CPU and main memory. The idea of multiprogramming was implemented to
interleave CPU and I/O activities across multiple user programs. Example of the
third generation system is IBM/360-370 series.
The Fourth Generation: Parallel computers in various architectures were started

in this era, using shared or distributed memory or optional vector hardware.
Multiprocessing OS, Special languages and compilers were developed for parallelism.
Software tools and environments were created for parallel processing or distributed
computing. During this period, the technology of parallel processing matured and
entered the production mainstream. Example of fourth generation system is VAX
9000.
The Fifth Generation: The development in the fifth generation is still in progress.
Here more importance is placed on massively parallel processing (MPP). Scalable 19
Introduction to ICT and and latency to lerant architecture is being adopted in MPP system using VLSI silicon,
Cyberspace
GaAs technologies, high-density packaging and optical technologies.
2.4 HARDWARE COMPONENTS OF COMPUTERS

The electronics or mechanical parts of the computer are generally called
hardware components. From a layman point of view, the common visibility
hardware of computers are Central Processing Unit (CPU), Display Unit
(Monitor), Input Unit (Keyboard), Pointing Device (mouse), Multimedia Unit (Sound,
video and Game) and Output Unit (Printer). Apart from these, there are so
many enhancing devices like pen drive (high capacity removable storage device,
scanner (for scanning Photo etc), combo drive (for DVD play) which are easily
available in market.
As our study is basically concerned with cyberspace (Internet related) only, so it is
better to understand more about network and the Internet application hardware.
These are the essential components, which are needed if somebody desires to work
on the Internet:
a) Autonomous computer,
b) Modem or Lan Card,
c) Connection from ISP,
d) Normal phone line (If dial up connection), and
e) Browsing software.
Nowadays broadband connection (speed is more than 256 KBPS) is available
almost everywhere throughout India. So customers are generally attracted towards
high speed Internet instead of dial-up access.
Though the Internet may run on Pentium-I machine having min 32 MB RAM, the
following system configuration is highly desirable:
A) Pentium 2.0 GHz (or more), cache 512, Intel Genuine Based Motherboard
Chip set and Min FSB 512,
B) At Least 128 MB RAM (or more) having 80 GB HDD (Hard disk Drive),
C) Ideally 17” Color Monitor,
D) Quality VGA card (min 32 MB) with better sound Quality, and
E) Branded Modem or Ethernet Card.
Modem is the most important hardware when the need of the Internet arises. Let us
analyse how modem works.
Modem stands for modulator/demodulator. It is the most popular type of Data
Circuit-terminating Equipment (DCE).
Additionally, some other enhancing device like the web cam and microphone may
also be used for better multimedia facilities.
20 Please answer the following Self Assessment Question.

Computer Hardware,
Self Assessment Question 1 Spend 2 Min. Software and Packages
Fill in the blanks:

i) The __________________ part of the computer is called hardware
components.
ii) ______________ is the most popular type of Data Circuit-Terminating
Equipment (DCE).
2.5 WHAT IS SOFTWARE?

Software is a program, which controls hardware and user interface. It combines the
user and hardware through common set of instructions of particular software. So,
for starting a computer, an Operating System (OS) is needed first. An OS makes a
computer prompt to understand what the human input coming in and what output
needed there. As computer understands only binary code (means only 0 and 1), OS
converts human code to binary code.
Software consists of computer programs, which are sequences of instructions for
the computer. The process of writing (coding) programs is called programming and
individuals who perform this task are called programmers. The computer is unable
to do anything until it is instructed by software. Although computer hardware is,
made for, general purpose, software enables the user to instruct a computer system
to perform specific functions that provides commercial value to individual as well as
corporate. There are two major types of software: system software and application
software. The relationship between hardware, system software and application
software is pictured here in figure.
The relationship between Hardware, System Software and Application Software.
2.5.1 Difference between System Software and Application

Software
System Software is a set of instructions that serves primarily as an intermediary
between computer hardware and application programs and also is directly
manipulated by skilled users. System software provides important self-regulatory
functions for computer systems, such as loading itself when the computer is first
turned on, managing hardware resources such as secondary storage for all applications
and providing commonly used sets of instructions for all applications to use. System
programming is either the creation or maintaince of system software.
Application software is a set of computer instructions that provide more specific
functionality to the user. That functionality may be broad, such as general Excel 21
Introduction to ICT and Sheet or narrow such as a Stock Programming. An application program applies to
Cyberspace
a computer to a certain need. Application programming is either the creation or
modification and improvement of application software. There are large numbers of
application software available in the market today.
Finally, the basic difference between both of them is the application programs primarily
manipulate data or test to produce or provide information where as system programs
manipulate computer hardware resources.

True or False:
i) Software consists of computer programs, which are sequences of
instructions for the computer. ( )
ii) The computer can do everything without any instructions by the
software. ( )
iii) Application programs manipulate data or test to produce or provide
information where as system programs manipulate computer hardware
resources. ( )
2.6 SYSTEM SOFTWARE: FUNCTIONAL

CATEGORIES
Basically two major functional categories come under the system software:
System Control Programs
System Support programs
2.6.1 System Control Programs
System control programs control the use of the hardware, software and data resources
of a computer system. The main system control program is the Operating System.
The operating system provides the overall operations of the computer including
monitoring the computer’s status and scheduling operations, which includes the input
and output process. In addition, the operating system allocates CPU time and main
memory to programs running on the computer and it also provides an interface
between the user and the hardware. Especially the operating system provides services
that include process management, virtual memory, file management, security, fault
tolerance and the user interface.
Process management involves managing the program or programs (jobs) running
on the processor at a given time. In a desktop operating system, it loads a
program into the main memory and executes it. The program utilizes the computer
resources until it relinquishes control. Some operating systems offer more sophisticated
forms of process management, such as multitasking, multithreading and
multiprocessing.
The management of two or more tasks or programs, running on the computer system
22 at the same time is called multitasking, or multiprogramming. The first program is
executed until any interruption occurs, such as request for input or with the priority Computer Hardware,
Software and Packages
defined by the batch process. While the input request is handled, the execution of
second program begins. Multithreading is a form of multitasking that focuses on
running multiple tasks within a single application at a time. When the parent process
generates multiple child process on the same parent process ID is called threading.
The idea of threading is to faster the application process with higher resource utilization.
For example, a word processor application may edit one document while another
document is being checked for spelling. Time-sharing is an extension of
multiprogramming. In this mode, a number of users operate online with the same
CPU, but each user uses a different input/output terminal. The programs of these
users are placed into partitions in primary storage. Execution of these programs
rotates among all users, occurring so rapidly that it appears to each user as though
he or she were the only one using the computer.
Multiprocessing occurs when a computer system with two or more processors can
run more than one program, or thread, at a given time by assigning them to different
processors. Multiprocessing uses simultaneous processing with multiple CPUs,
whereas multiprogramming involves concurrent processing with one CPU. The idea
of multiprocessing is, all the processors will continue different jobs of the application
program without interrupting or waiting for the other processor, to complete or
release the resources, multiprocessing is highly recommended where application
response time is critical like less than one millisecond.
Virtual memory simulates more main memory than what actually exists in the
computer system. It allows a program to behave as if it had access to the full storage
capacity of a computer, rather than just access to the amount of primary storage
installed on the computer. Virtual memory divides an application program or module
into fixed-length portions called pages. The system executes some pages of
instructions while pulling others from the secondary storage. In effect, primary storage
is extended into a secondary storage device, allowing users to write programs as if
the primary storage were larger than it actually is. This enlarged capability boosts
the speed of the computer and allows it to efficiently run programs with very large
number of instructions. Virtual memory is not good for high memory intensive
program. High memory intensive program requires higher memory space and memory
access time, since the virtual memory is defined or secondary storage, to access the
page of program or data again required some I/O operation or extra CPU and other
resource cycle.
The operating system is responsible for resource management of the system like, file
management, memory management or device management and security management
up to some extent. The file management is to create and manages a directory structure
that allows file to be created and retrieved by name, and it also responsible to
manage the indexes for it is internal usages. It may control access to those files
based on permissions and access controls. The operating system provides other
forms of security as well. For example, it must typically provide protected memory
and maintain access control on files in the file system. The operating system also
must keep track of the users and their authority level as well as audit charges to
security permissions.
Fault tolerance is the ability of a system to produce correct results and to continue to
operate even in the presence of fault or errors. Fault tolerance can involve error- 23
Introduction to ICT and correcting memory, redundant computer components and related software that
Cyberspace
protect the system from hardware, operating systems or user errors.
Although operating systems perform some of their functions automatically, for certain
tasks, the user interacts directly with the computer through the system software. The
ease or difficulty of such interaction is to a large extent determined by the interface
design. Older text-based interfaces like Disk Operating System ( DOS) needed
typing in cryptic commands. In an effort to make computers user-friendlier, the
Geographical User Interface (GUI) was developed.
The GUI allows users to have direct control of visible objects (such as icons) and
actions that replace complex command syntax. The GUI was developed by
researchers at Xerox Palo Alto Research Center (PARC) and then popularized by
the Apple Macintosh computer. Microsoft soon introduced its GUI-based Windows
operating system for IBM-style PCs. The next generation of GUI technology will
improve features such as wireless communication, artificial intelligence, etc. The
next step in the evolution of GUIs is social interfaces. A social interface is a user
interface that guides the user through computer applications by using carttonlike
characters, graphics, animations and voice commands. The carttonlike characters
can be cast as puppets, narrators, guides, inhabitant’s avatars (computer generated
human like figures), or hosts.
Types of Operating System: If hardware is the skeleton and software is the body
then operating system (O.S.) is the soul of the system. It manages all the hardware
and gives operating environments, from which the user can communicate with the
system, it allows system developers to create system applications or share the system
resources by requesting the allowed operating system services and allow the
application developers to develop the run user application from application
environment. Operating system can directly and indirectly interact with user programs.
Operating environments are not operating systems, but work only with an operating
system. For example, the early versions of Windows were operating environments
that provided a graphical user interface and worked only with MS-DOS.
Operating system can be categorised by the number of users they support as well as
by their level of sophistication. OS, for mobile devices, are designed to support a
single person using a mobile, handled device, or information appliance. Desktop
operating systems are designed to support a single user or a small workgroup of
users. Departmental server OSs generally support thousands of simultaneous users
and millions or billions of simultaneous transactions. Super computer operating system
supports the particular processing needs of a supercomputer.
Supercomputer and enterprise server operating system offer the greatest functionality,
followed by departmental server operating systems, desktop operating systems and
finally mobile device operating systems. An important exception is that the user
interface, which is most sophisticated on desktop operating system is least
sophisticated on supercomputer and enterprise server operating systems.
Mobile device operating systems are Embedded Linux, Windows CE 32 bit, Pocket
PC, Windows Embedded NT 4.0 32 bit, and Palm Operating System.
Desktop and notebook computer operating system: The Windows family is

24 the leading series of desktop operating system. The MS-DOS (Microsoft Disk
Operating System) was one of the original operating systems for the IBM PC and Computer Hardware,
its clones. This 16-bit operating system, with its text-based interface, has now been
almost totally replaced by GUI operating system such as Windows 2000 and XP.
Windows 1.0 through 3.1 were not operating system, but were operating
environments that provided the GUI that operated with and extended the capabilities
of MS-DOS.
Windows 95, released in 1995, was the first version of a series of products in the
Windows operating system that provided a streamlined GUI by using icons to provide
instant access to common tasks. It is a 32 bit processing that features multitasking,
multithreading, networking, etc. It also offers plug-and-play capabilities, which is a
feature that can automate the installation of the new hardware by enabling the
operating system to recognise the new hardware and install the needed software
(called device drivers) automatically.
Subsequent products in the Microsoft Windows Operating System are:
Windows 98,Wndows Millennium Edition, Windows NT, Windows 2000, Windows

XP, Windows 2003 and Windows 2005.
UNIX provides many desktop features including multiprocessing and multitasking.

It is more secured than desktop operating system so, big commercial organizations
use the UNIX servers. Linux is a powerful version of the UNIX that is totally free of
charge. Nowadays, various organizations use Linux as most windows version are
being pirated in the market.
2.6.2 System Support Programs

The second major category of systems software, system support program, supports
the operations, management, and users of a computer system by providing a variety
of support services. Examples of system support programs are system utility
programs, performance monitors, and security monitors.
System utilities are the programs that have been written to accomplish common
tasks such as sorting records and checking the integrity of diskettes and creating
directories and subdirectories. They also restore accidentally erased files, locate
files within the directory structure, manage memory usage, and redirect the output.
System performance monitors are programs that monitor the processing of jobs on
a computer system. They monitor computer system performance and produce reports
containing detailed statistics relating to the use of system resources such as processor
time, memory space, and application program. These reports are used to plan and
control the efficient use of the computer system resources and to help troubleshoot
the system in case of problems.
System security monitors are programs that monitor the use of a computer system
to protect it and its resources from unauthorized use, fraud or destruction. Such
programs provide the computer security needed to allow only authorized users access
to the system. Security monitor also controls the use of the hardware, software and
data resources of a computer system.

25
Cyberspace Self Assessment Question 3 Spend 3 Min.
What do you mean by software? How many types of software are there?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
2.7 SOFTWARE CRISIS

At present, software comprises a much larger percentage of the cost of modern
computer system then it was earlier. There are so many grounds for this trend. First,
the price of the hardware has dramatically reduced, while the performance of
hardware has exponentially increased. Second, building applications−a process called
software development−is slow, complex and error-prone. Software is, therefore,
expensive and getting more so as its complexity grows. Thirdly, salaries of software
developers are steadily increasing because there is an increased demand for their
skills.
The above factors have led to major problems for the management, called Software
Crisis. The software crisis arises when the organizations are not able to develop
new software applications fast enough to keep up with rapidly changing business
conditions and the rapidly evolving technologies. Computer hardware can be designed
and manufactured on automated assembly lines and so can be turned out quickly
but, software must be engineered by hand. Therefore, software generally lags several
generations behind hardware. The result is that the organizations are unable to make
full use of hardware due to a lack of software to effectively exploit the hardware.
The increasing complexities of software exacerbate the software crises. This
complexity naturally leads to the increased potential for error or bugs. Large
applications today may contain millions of lines of computer code, written by hundreds
of people over the course of several years. So the potential for errors is huge and
testing and debugging software is expensive and time-consuming.
2.8 APPLICATION SOFTWARE OR PACKAGES

Application software consists of an instruction that directs a computer system to
perform specific information processing activities and that provides functionality for
users. As there are so many different users for the computers, there are
correspondingly large numbers of different application softwares available. A
controversial set of software applications involves surveillance.
Application software includes a proprietary software and off-the-shelf application
software. Proprietary software addresses a specific business need for an organization.
This type of software may be developed in-house by the organization’s IT experts
or it may be commissioned from a software vendor. Such specific software programs
26 developed for a particular company by a vendor is called Contract Software.
Alternatively, off-the-shelf application software can be purchased, leased or rented Computer Hardware,
from a vendor that develops programs and sells them to many organizations. It may
be a standard package or it may be customizable.
Personal applications software is designed to help the individual users to increase

their productivity. Some of them are highlighted below:
Spreadsheet: This software transforms a computer screen into a ledger sheet, or

grid, of coded rows and columns. Users can enter numeric or textual data into each
grid (cell). In addition, formula can be entered into a cell to obtain a calculated
answer displayed in those cells location. It is very useful for financial transaction
such as income statements or cash flow analysis.
Data Management: It supports the storage, retrieval and manipulation of related

data. DBMS and RDBMS are most popular in this regard.
Word Processing: It allows the user to manipulate the text rather than just numbers.
Modern word processors contain many productive writing and editing features. MS
Word is popular in this regard.
Desktop Publishing: It allows microcomputers to perform photographs, pictures

and other images combined with text, to produce a readymade document.
Graphics: It allows the user to create, store and display or print charts, graphs and
maps and drawings. There are basically three categories of graphics software
packages: presentation graphics, analysis graphics and computer aided-design
software. Example of this software is PhotoShop and CorelDraw, etc.
Multimedia: It combines at least two media for input or output of data. These
media include audio, voice, animation, video, text, graphics, and images.
Communications: To exchange information between networked computers,

computers utilize communication software. E-mail and video conferencing rely on
communication software.
Speech-Recognition Software: Two categories of this are available today: discrete

speech and continuous speech. Many firms and people use speech-recognition
software when use of a mouse and a keyboard is impractical.
GroupWare: It is a class of software that facilities communication coordination and

collaboration among people. It is useful because it allows the workgroups to
communicate and share information even when they are working together at a distance.
The most elaborate system, IBM’s Lotus Notes/Domino, is a document management
system, a distributed client/server database, and a basic for Intranet and electronic
commerce system as well as a communication support tool.
So the importance of software in the computer system has brought new issues to the
forefront for the organizational managers. These issues include software evaluation
and selection, software testing, software upgradations, open systems, and open
source software.

27
Cyberspace Self Assessment Question 4 Spend 3 Min.
Write about the different types of application software
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
2.9 SUMMARY
• Computer accepts Inputs, then processes the inputs and finally produces the
output.
• The VLSI technology is the latest technology used in the modern computers.
• The electronic and mechanical parts of a computer are generally called Hardware
components of the system.
• A computer system consists of a CPU, monitor, keyboard, mouse and
multimedia the device.
• For simple Internet connection, an autonomous computer with modem or LAN
card, an Internet account or broadband connection and browsing software are
must.
• Broadband connection means an Internet connection with speed more than
256 KBPS without interruption.
• Modem stands for modulator /demodulator. It is the most popular type of Data
Circuit Termination Equipment.
• Software is a program, which controls the hardware and the user interface.
• System Software is a set of instructions that serves primarily as an intermediary
between computer hardware and application program.
• Application software is a set of instructions that provides more functionality to
the user.
• Software crisis are the unbalanced situation between changing hardware and
software version.
2.10 TERMINAL QUESTIONS

1) How computer was developed? Write about its generation-wise progress.
2) What do you mean by Software crisis? How can it be managed?
28
3. What are DBMS and RDBMS? Do you think there is any difference between Computer Hardware,
these two?
4. Define system software. Discuss its functional categories.

1) (i) electronics or mechanical (ii) Modem
2) (i) True, (ii) False (iii) True
3) Software is a program, which controls the hardware and user interface. There
are two types of software: System Software and Application Software.
4) Application software includes proprietary software and off-the-shelf application
software. Proprietary software addresses a specific business need for an
organization. This type of a software may be developed in-house by the
organization’s IT experts or it may be commissioned from a software vendor.
Such specific software programs developed for a particular company by a
vendor is called Contract Software. Alternatively, off-the-shelf application
software can be purchased, leased or rented from a vendor that develops
programs and sells them to many organizations. It may be a standard package
or it may be customizable.
Terminal Questions
1) Refer section 2.3 of the unit.

1. Kai Hwang. Advanced Computer Architecture. Singapore: McGraw-Hill
International Edition, 1993.
2. Turban, Rainer and Potter. Introduction to Information Technology. 2nd ed.

John Wiely & Sons, INC 2003, 2004.
29
Cyberspace UNIT 3 NETWORKING CONCEPTS
Structure
3.1 Introduction
3.2 Objectives
3.3 Types of Networks
3.4 Network Topology
3.5 Reference Models
3.6 Networking Protocols
3.6.1 TELNET
3.7 Authorities to Control the Networks

3.8 Summary
3.1 INTRODUCTION
Two computers are said to be interconnected if they are able to exchange information
by any means. Basically in this chapter, computer networks to mean an interconnected
connection of autonomous computers. If one computer can forcibly start, stop or
control another one, the computers are not autonomous, system with one control
unit and many slaves is not a network; nor is a large computer with remote printers
and terminals.
When the concept of network comes to mind before that we have to understand the
confusion between computer networks and Distributed system. In a network, each
system treated as a node or terminal and each terminal must have an unique
identification on the network. A node can share its own resources like file system or
its own resources like printer using network spooling. It is also possible to define
multiple subnet networks under main network under one or multiple domain. Parent
domain normally use to control the user access or authentication and sub domain
can have fine grain authentication. It is also possible to create a virtual network
under a network, where other people can access or utilize the resources of virtual
network under certain rule and access rights. In computer network each node or
participant agreed to communicate with certain rules and protocols layer like TCP/
IP , IPX or netBois.
Users must explicitly log onto one machine, can submit jobs remotely, or move
files around and generally handle all the network management personally. With a
distributed system, nothing has to be done explicitly; it is all automatically done by
the system without the user’s knowledge.
30
A network is a set of devices (often referred to as nodes) connected by the media Networking Concepts
links. Node can be a computer, printer, or any other device capable of sending and/
or receiving data generated by other nodes on the network. The links connecting the
devices are often called communication channels.
Data communication is the exchange of data (in the form of 0s and 1s) between two
devices via some form of transmission medium (such as a wire cable). The
effectiveness of a data communication system depends on three fundamental
characters:
• Delivery
• Accuracy
• Timeliness
3.2 OBJECTIVES
After studying this unit, you should be able to:
• describe different types of networks, viz. local, metropolitan and wide networks;
• explain the topologies on which networks work;
• list the difference between OSI and TCP Reference Model;
• describe protocols used for networks; and
• list organizations dedicated for establishing standards for controlling the
Internet.
3.3 TYPES OF NETWORKS

The computer networks can be classified into three broad categories:
Local Area Networks (LAN)
Metropolitan Area Networks (MAN)
Wide Area networks (WAN)
All the three above networks are briefly discussed below:
Local Area Networks (LAN)
Local Area Networks, generally called LANs, are high speed, fault-tolerant data
networks that cover a relatively small geographic area. They are widely used to
connect personal computers and work stations in company offices and factories to
share resources (e.g. files) and exchange information. LAN offers computer users
many advantages including shared access to devices and applications, file
exchanges, file exchange between connected users, and communication between
the users via electronic mail and other applications.
LANs are restricted in size, which means that the worst case transmission time is
bounded and known in advance. Knowing this time bound makes it possible to use
certain kinds of designs that would not otherwise be possible. It also simplifies the
network management.
31
Introduction to ICT and General Characteristics of LAN:
Cyberspace
• Cost of setting up network is usually low.
• Data transfer rates are in- between 10 to 100 Mbps.
• Each device connected in the network can either operate standalone or in the
Network.
• Area covered is small.
• All the connected devices in the network share the transmission media.
Metropolitan Area Networks (MAN)
The Metropolitan Area Networks or MAN is basically a bigger version of LANs
and normally uses the same technology. It might cover a group of near by corporate
offices or a city and might be either private or public. A MAN can support both data
and voice and might even be related to the local cable television network. A MAN
just has one or two cables and does not contain switching elements, which shunt
packets over one of the several potential output lines. Not having to switch simplifies
the design.
The main reason for even distinguishing MANs as a special category is that a
standard is now being implemented. It is called DQDB (Distributed Queue Dual
Bus) or for people who prefer numbers to letters, 802.6(the number of the IEEE
standard that defines it). DQDB consists of two unidirectional buses (cables) to
which all the computers are connected. A key aspect of MAN is that there is a
broadcast medium (for 802.6, two cables) to which all the computers are attached.
This greatly simplifies the design compared to other kinds of networks.
Wide Area Networks (WAN)
A wide Area Network or WAN covers large geographical area, often a country or
continent. Suppose a company having its head office at Delhi and branch office at
USA and Italy wants to be in a single network then WAN is the only solution here.
WAN contains a collections inter for running users (i.e. applications) programs.

What do you mean by Network? Discuss about types of Networks?
...................................................................................................................
...................................................................................................................
...................................................................................................................
...................................................................................................................
...................................................................................................................
...................................................................................................................
...................................................................................................................
32
Networking Concepts
3.4 NETWORK TOPOLOGY
The term topology refers to the way a network is laid out, either physically or logically.
The topology of a network is the geometric representation of the relationship of all
the links and linking devices (usually called nodes) to each other. Though there are
various topologies for broadcasting LANs, some of them are briefly highlighted
here:
• Bus
• Ring
• Star
• Tree
• Mesh
1) A Bus Topology is a linear LAN artitecture in which all the stations are
connected to a single communication line, transmission from the network
stations propagate the length of the medium and are received by all other stations.
The arbitration mechanism may be centralized or distributed. IEEE 802.3,
popularly called EATHERNET, for example, is a bus based broadcast
network with decentralized control, operating at 10 or 100 Mbps.
2) A Ring topology is a LAN Architecture that consists of a series of devices
connected to one another by unidirectional transmission links to form a single
form loop, i.e. local area networks that have each station attached to an adjacent
station using point-to-point link from a physical ring. Each station attached and
active to the ring regenerated the information frame, and then retransmits the
information frame on the ring. The ring itself is logically circular and the
information travels in one direction.
Failure of a station in ring topology disrupts the ring because the information
frame is not generated. Additions or deletions of stations to the ring can be
disruptive, if the change is not managed properly. Both token ring and FDDI
(Fiber Distributed data Interface) networks implement a ring topology.
3) A Star topology is a LAN architecture in which the ends points of one network
are connected to a common central hub, or switch, by dedicated links. Logical
bus and ring topologies are often implemented physically in star topology.
Communications on the connecting links between the stations and the central
station of a star topology cab are bi-directional and point-to-point. A station
on this type of network passes an information frame to the central controller,
which then forwards the information to the destination station. The central
controller manages and controls all communications between the stations on
the network.
Failure of station on a star network is easy to detect and can be removed from
the network. However failure of the central controller will disable the
communication throughout the whole network.
4) A Tree Topology is a LAN architecture that is identical to the bus topology,
except those branches with multiple nodes are possible in this case.
33
Introduction to ICT and 5) In a Mesh topology, every device has a dedicated point-to-point link to every
Cyberspace
other device. The term dedicated means that the link carries traffic only between
the two devices it connects. A fully connected mesh network therefore has n (n
– 1)/2 physical channels to link n devices. To accommodate that many links,
every device on the network must have (n – 1) input/output (I/O) ports.
Advantages of this network are:
a) The use of the dedicated links guarantees that each connection can carry its
own data load, thus eliminating the traffic problems that can occur when the
links must be shared by multiple devices;
b) Privacy or security is good enough here; and
c) A mesh topology is robust.
The main disadvantages are related to the amount of cabling and the number of I/O
ports needed.
Devices commonly used in LANs include repeaters, hubs, LAN extenders, bridges,
LAN switches and routers.

Define the term Topology?
.................................................................................................................
.................................................................................................................
.................................................................................................................
.................................................................................................................
.................................................................................................................
.................................................................................................................
3.5 REFERENCE MODELS

The two most important reference models are OSI (Open System Interconnection)
and TCP/IP model.
THE OSI Reference Model: This model is based on a proposal developed by
the International Standards Organizations (ISO). It deals with connecting open
systems that are open for communication with the other systems. The OSI model
has seven layers:
• The physical layer
• The data link layer
• The transport layer
• The network layer
34
• The session layer Networking Concepts
• The presentation layer

• The application layer
The physical layer is concerned with transmitting raw bits over a communication
channel. The design issues have to do with making sure that when one side sends a
1 bit, the other side as a 1 bit, not as a 0 bit receives it.
The main task of data link layer is to take a raw transmission facility and transform it
into a line that appears free of undetected transmission errors to the network layer.
It accomplishes this task by having the sender break the input data up into data
frames, transmit the frames sequentially and in the process the acknowledgement
frames are sent back by the receiver.
The network layer is concerned with controlling the operation of the subnet. A key
design issue is to determine how packets are routed from the source to destination.
Routes can be based on static tables that are “wired into” the network and rarely
changed.
The basic function of the transport layer is to accept the data from the session layer,
split it up into smaller units if need be, pass these to the network layer and ensure
that the pieces all arrive correctly at the other end.
The session layer allows users on different machines to establish sessions between
them. A session allows ordinary data transport, as does the transport layer, but it
also provides enhanced services useful in some applications. A related session service
is TOKEN Management.
The presentation layer performs certain functions that are requested sufficiently often
to warrant finding a general solution for them, rather than letting each user solve the
problems. The presentation layer manages abstract data structures and converts
from the representation used inside the computer to the network standard
representation and back.
The application layer contains a variety of protocols that are commonly needed. All
the virtual terminal software is in the application layer. Another application layer
function is file transfer.
The TCP/IP Reference Model: This model has been created from ARPANET.
TCP stands for Transmission controls protocol and the Internet protocol. There are
four layers:
• Host-to-network
• Internet
• Transport
• Application
TCP is a reliable connection-oriented protocol that allows a byte stream originating
on one machine to be delivered without error on any other machine in the Internet.
The second protocol in this layer is UDP (User Datagram Protocol) is an unreliable,
connectionless protocol.
The OSI and TCP/IP have much in common. Both are based on the concept of a
stack of independent protocols. Also the functionality of the layers is roughly similar. 35
Introduction to ICT and Despite these fundamental similarities, the two models also have many differences in
Cyberspace
the following ways:
• Provisions of service
• Interfaces
• Protocols
3.6 NETWORKING PROTOCOLS

In computer networks, communication occurs between entities in different systems.
For communication to occur, the entities must agree on a protocol which is a set of
rules that govern data communication. A protocol defines what is communicated,
how it is communicated, and when it is communicated. The key elements of a protocol
are syntax, semantics, and timing.
The TCP/IP protocol suite is most important for the Internet. This was developed
prior to OSI model, so this suite does not match exactly with those in the OSI
model. The TCP/IP protocol suite is made of five layers: physical, data link, network,
transport and application. The first four layers provide physical standards, network
interface, internetworking, and transport functions that correspond to the first four
layers of the OSI model. The three topmost layers in the OSI model, however, are
represented in TCP/IP by a single layer called the application layer.
At the Transport Layer, TCP/IP defines two protocols: Transmission Control Protocol
(TCP) and User Datagram Protocol (UDP). At the network layer, the main protocol
is IP (Internet Protocol).
In addition to the Internet Protocol (IP), which is used for data transfer, the Internet
has several control protocols used in the network layer, including Internet Control
Message Protocol (ICMP), Address Resolution Protocol (ARP), Reverse Address
Resolution Protocol (RARP) and BOOTP. Every host and router on the Internet
has an IP address, which encodes its network and host number. The combination is
unique: no two machines have the same IP address. All IP addresses are 32 bits
long.
Network addresses are usually written in dotted decimal notation. Network numbers
are assigned by the Network Information Center (NIC).
Internet Control Message Protocol (ICMP): When something unexpected
occurs, the event is reported by it. About a dozen types of ICMP messages are
defined. Each ICMP message type is encapsulated in an IP packet.
Address Resolution Protocol (ARP ): Although every machine on the Internet
has one (or more) IP addresses, these cannot actually be used for sending packets
because the data link layer hardware does not understand the Internet address.
ARP will resolve the address confusion.
Reverse Address Resolution Protocol (RARP): ARP solves the problem of
finding out, which Ethernet address corresponds to a given IP address. But sometimes
how can we find IP address when Ethernet addresses are given? This solution is
being solved by RARP protocol.
36
These above protocols are very much vital when the concept of network stands. Networking Concepts
But in case of the Internet, Domain Name System (DNS) is a very important aspect
by which Uniform Resource Locator (URL) address is being maintained globally.
DNS is a protocol that can be used in different platforms in the Internet. The domain
name space (tree) is divided into three different sections: generic domains, country
domains and inverse domains.
Generic Domains define registered hosts according to the generic behavior. These
are com, edu, gov, int, mil, net, and org.
The Country Domain system follows the same format as the generic domains but
uses two-character country abbreviations (e.g. in for India). But at present the country
domain can be like www.mtnl.in (for Example).
Inverse Domain is used to map an address to a name. This may happen, for example,
when a server has received a request from a client to do a task. Where the server
has a file that contains a list of authorized clients, the server lists only the IP address
of the client (extracted from the received IP packet).
3.6.1 TELNET
It is a general-purpose client-server application program. It is an abbreviation of
Terminal Network. It enables the establishment of a connection to a remote system
in such a way that the local terminal appears to be a terminal at the remote system.
Both local login and remote login are quite possible through TELNET. It solves the
remote login problem by defining a universal interface called the network virtual
terminal (NVT) character set. Through this interface, the client TELNET translates
characters (data and commands) that come from the local terminal into NVT form
and delivers them to the network. The server TELNET, on the other hand, translates
data and the commands from NVT form into the form acceptable by the remote
computer.
File Transfer Protocol (FTP) is the standard mechanism provided by TCP/IP for
copying a file from one host to another. Transferring files from one computer to
another is one of the most common tasks expected from networking or
internetworking environment. These problems can be solved by FTP: two systems
may use different file name conventions. Again two systems may have different ways
to represent text and data. Two systems may have different directory structure. All
the above problems are solved by FTP in a very simple and elegant approach.
The actual mail transfer is done through mail transfer agents( MTAs). To send a
mail, a system must have a client MTA, and to receive a mail, a system must have a
server MTA. Although Simple Mail Transfer Protocol (SMTP) does not define a
specific MTA, send mail is commonly used by the UNIX system MTA.
The post office protocol (POP) is used for retrieving a message. POP3 version is
very popular to download messages from server.
The Simple Network Management Protocol (SNMP) is a framework for managing
devices in an Internet using TCP/IP protocol suite. It provides a set of fundamentals
operations for monitoring and maintaining the Internet.
The Hypertext Transfer protocol (HTTP) is a protocol used mainly to access data
on the World Wide Web. The protocol transfers data in the form of plain text,
37
Introduction to ICT and hypertext, audio, video, and so on. It functions like a combination of FTP and SMTP.
Cyberspace
It is similar to FTP because it transfers files and uses the services of TCP.
The World Wide Web (WWW) is a repository of information spread all over the
world and linked together. It has a unique combination of flexibility, portability, and
user-friendly features that distinguish it from other services provided by the Internet.
It is a subset of the Internet. It must be clear that the term Internet and World Wide
Web are not similar.

Define Protocol and list key elements of Protocol?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
3.7 AUTHORITIES TO CONTROL INTERNET

Day by day hundreds of stations are being connected to the Internet. So it is very
difficult to control the naming system worldwide. To solve this problem, Domain
Name System (DNS) was invented previously. The essence of DNS is the invention
of a hierarchical, domain-based naming scheme and a distributed database system
for implementing this name scheme. It is primarily used for mapping host names and
email destinations to IP addresses but can be also used for other purposes. DNS is
defined in RFCs 1034 and 1035.
Scenario is quite different as Internet Corporations for Assigned Names and
Numbers (ICANN), controls how to assign the IP addresses. Though India is a
member country of ICANN, it is not satisfied with the functionality of this organization
as it supports the USA directly.
Standards are developed by cooperation among standard creation committees,
forums, and government regulatory authorities. While many organizations are
dedicated to the establishment of standards, some of the reputed ones are described
below:
International Standard Organizations (ISO): It is a multinational body whose
membership is drawn mainly from the standards creation committees of various
Governments through the world. Created in 1947, the ISO is an entirely voluntary
organization dedicated to worldwide agreement on the international standards.
Institute of Electrical and Electronics Engineers(IEEE): It is the largest
professional engineering society in the world. It aims to advance theory, creativity,
and product quality in the fields of electrical engineering, electronics and radio as
well as all the related branches of engineering. The IEEE oversees the development
and adoption of international standards for computing and communication. The IEEE
has a special committee for local area networks (LANs), out of which has come
38 project 802 (the 802.3, 802.4 and 802.5 standards.)
International Telecommunication Union-Telecommunication Std. Sector (ITU- Networking Concepts
T):
On March 1993, it was formed. It is divided into two study groups, each devoted to
a different aspect of the industry. A national committee such as CEPT in Europe and
ANSI in the USA submits proposals to these study groups. If the study group
agrees, the proposal is ratified and becomes part of the ITU-T standard, issued
every four years. The best known ITU-T standards are the V series (V.32, V.33,
and V.42) which define transmissions over public phone lines: the X series (X.25,
X.400, and X.500), which defines transmission over public digital networks.
Information Highway is one of the successful projects of it.
Internet Corporation for Assigned Names and Numbers (ICANN) : It is a
co-ordinate private sector non-profit organization, which was set up by the United
States in1998 to take over the activities performed for thirty years, amazingly by a
single pony tailed professor in California. India is a member country of ICANN. But
its private-sector approach favours the United States, so the other member countries
have no real power in case of any decision. All domain names are maintained by this
organization.
With the rapid growth of high-speed technology, the basic concept of networking is
going to face a tremendous change. Nowadays, network and telecommunication
have already been merged into a single entity. Therefore, network security is becoming
more and more crucial as the volume of data being exchanged on the Internet increases
largely. Though at present lot of attentions are been given to network security, still a
review is needed for further strengthening the universal cryptological background.

What is Domain Name System? Write about the role of ICANN.
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
3.8 SUMMARY
• A network is a set of device (often referred to as nodes) connected by media
links.
• Three types of networks are LAN, MAN and WAN.
• The Internet is the bigger version of WAN.
• Network topology is the way in which network is laid out either physically or
logically. 39
Introduction to ICT and • Some important topologies are bus, star, ring, tree and mesh.
Cyberspace
• TCP/IP and OSI are two basic reference models.
• OSI has seven layers where as TCP/IP has four layers.
• TCP/IP is the main protocol suite on which the Internet is based.
• TELNET is a general purpose client-server application program.
• Through TELNET both local login and remote login are possible.
• To control the naming system worldwide, previously domain name system
(DNS) was invented. It is primarily used for mapping host names and e-mail
destinations to IP addresses.
• ICANN is a non-profit private organization that controls the domain name
system in the Internet.
3.9 TERMINALQUESTIONS
1) What is the basic difference between OSI and TCP/IP models?
2) Write about TELNET and FTP.
3) What are the advantages of LAN?
4) Discuss various Network Topologies.

1) A network is set of devices (often referred to as nodes) connected by media
links. Node can be a computer, printer, or any other device capable of sending
and/or receiving data generated by other nodes on the network. The links
connecting the devices are often called communication channels. The computer
networks can be classified into three broad categories: Local Area Network
(LAN), Metropolitan Area Networks (MAN) and Wide Area networks (WAN).
2) The term topology refers to the way a network is laid out, either physically or
logically. The topology of a network is the geometric representation of the
relationship of all the links and linking devices (usually called nodes) to each
other.
3) A protocol defines what is communicated, how it is communicated, and when
it is communicated. The key elements of a protocol are syntax, semantics, and
timing.
4) The Domain Name System (DNS) helps the users find their way around the
Internet. Every computer on the Internet has a unique address called its “IP
address” (Internet Protocol address). Because IP addresses (which are strings
of numbers) are hard to remember, the DNS allows a familiar string of letters
(the “domain name”) to be used instead. So rather than typing “192.0.34.163”,
you can type “www.icann.org”. ICANN is responsible for coordinating the
management of the technical elements of the DNS to ensure universal
40
resolvability so that all the users of the Internet can find all valid addresses. It Networking Concepts
does this by overseeing the distribution of unique technical identifiers used in
the Internet’s operations, and the delegation of Top-Level Domain names (such
as .com, .info, etc.).
Terminal Questions

1. Andrew S. Tanenbaum. Computer Networks. 5th ed. New Delhi: Prentice
Hall of India, Pvt. Ltd., 2003.
2. Behrouz A. Forouzan, Data communication & Networking. 3rd ed. TATA

McGRAW-HILL, 2003.
3. ICANN-Internet Corporation for Assigned Names and Numbers. 3 Feb.2007

<http://www.icann.org>.

41
Cyberspace UNIT 4 INTRODUCTION TO
CYBERSPACE AND ITS
ARCHITECTURE
Structure
4.1 Introduction
4.2 Objectives
4.3 The Difference Between Real Space and Cyberspace
4.4 Overview: What is Digital Identity
4.4.1 Working Definition of Identity
4.4.2 Identity as a Commodity
4.5 Verifying versus Revealing an Identity

4.6 Cyber and Computer Crimes
4.7 Architecture of Cyberspace
4.7.1 Link and No-Link: An Architectural Choice
4.8 Preventing Crimes

4.9 Implications of Choosing the Link System
4.10 Road to Implementation
4.11 Summary
4.1 INTRODUCTION
Cyberspace is such a term, which is not yet completely defined and also has no
geographical limitation. It is a term associated with application of the Internet world-
wide. It is also called as a virtual space as physical existence of cyberspace is not
detectable at all. Cyberspace is “the total interconnectedness of human beings
through computers and telecommunication without regard to physical geography.
Cyberspace is a term coined by science fiction author William Gibson to describe
the whole range of information resources available through computer networks. For
our purposes, cyberspace is a realm in which communication and interaction between
two individuals or between an individual and a computer is facilitated by digital data
exchanged over computer networks. This interaction or communication can be used
for a host of different purposes.
The Internet is currently the biggest network for linking computers, but cyberspace,
as a concept, is independent of the Internet. Cyberspace communication began
before the Internet and the World Wide Web, and cyberspace interaction and
42
communication will continue to take place after the Internet is no longer the network Introduction to
Cyberspace and Its
of choice. Architecture
Currently there is no generic system for identification in cyberspace. It is not possible
to absolutely identify an entity or to accurately tell whether an object has a specific
characteristic. Digital environments have inherent differences from real space which
causes this discrepancy, and when implementing an identity system for cyberspace
one needs to consider more than just the architectural nature of the system any system
chosen will have the social repercussions which need to be also taken into account.
Identity is a unique piece of information associated with an entity. Identity itself is
simply a collection of characteristics which are either inherent or are assigned by
another. The colour of a person’s hair is good or bad and whether he is attractive or
not is part of a person’s identity which is usually reviewed by another person.
Interactions done in real space inherently carry the identity of the person originating
the transaction. Generally, physical traits are carried along in a transaction - for example
when one purchases a book from a book store, the book dealer may remember the
buyer’s face or build.
4.2 OBJECTIVES
• describe what is Cyberspace;
• explain the difference between Real Space and Cyberspace;
• explain the concept of Digital Identity;
• describe Computer and Cyber Crimes;
• describe the architecture of Cyberspace;
• state implications of choosing the link system; and
• list the barriers before cyberspace identity mechanism.
4.3 THE DIFFERENCE BETWEEN REAL SPACE

AND CYBERSPACE
The difference between real space and cyberspace is that the essence of any digital
transaction is unbundling. Ones and zeros do not inherently carry any separate
information along with them; a real space transaction carries along inseparable
secondary information. Digital transmissions can only transmit; there is no secondary
information encoded in the transmission unless explicitly put there. Thus, for
authentication purposes, additional information needs to be carried with cyberspace
transactions for identity purposes.
Providing extra information in digital communication introduces the possibility for identity
theft. Because nothing prevents the transmission of false identity information, or the
duplication of another’s identity information. To prevent these problems, the actual
identity must not be transmitted along with the message; instead a verification scheme
needs to be used to convince the recipient that the message was actually sent by the
sender. This eliminates the need to send one’s actual identity. The concept of verifying
instead of revealing provides an extra layer of security to the sender.
The other point of insecurity is in the digital certificates which were issued to verify
43
these characteristics. These certificates are meant to be used only by their owner, but
Cyberspace
if another party obtains them, then that party can falsify his identity, representing him
as the individual for whom he has digital certificates.
Architecturally, we must decide how to store and use these certificates. The certificates
can be stored on a smart card for use on a computer terminal, or the certificates can
be stored in an “identity server” locked via password or biometrics information and
available for transmission over the Internet.
In real space, it is difficult to select, to verify or reveal portions of one’s identity: most
forms of identification contain more information than is needed for any transaction.
The unbundling that is possible in cyberspace allows portions of identity to be
disassociated and verified by a third party. This not only creates the ability to verify via
the least revealing means, but it also creates the framework for anonymous transactions
− it is possible to merely verify the proper information without ever distributing the
same characteristic. Further, cyberspace users have control over the strength of the
link between their real world and the cyber-identities.
4.4 OVERVIEW: WHAT IS DIGITAL IDENTITY?

A digital identity system must serve several functions. First: authentication-ensuring
that when a message purports to be from Alice, Alice sent it, not someone pretending
to be Alice. Second: message integrity-providing certainty that when a message arrives
from Alice, it is the same message that Alice sent, not modified en route in any way.
Third: non-repudiation-ensuring the inability of Alice later to deny that she sent the
message, and the inability of the recipient of Alice’s message to deny that the message
was received. Fourth: establishing a digital identity architecture may have the beneficial
side effect of facilitating confidentiality through encryption−the knowledge that no
one besides Alice can read a message intended for her.
Before proceeding with cyber artitecture, however, it is important to examine the

concept of identity itself. This section develops a working definition of identity, considers
the ways in which people use their identities, and articulates the reasons why it is
important to protect our identities, especially in the digital context.
4.4.1 Working Definition of Identity

It is difficult to craft a formal definition of identity. Basically, the essential and unique
characteristics of an entity are what identity it. For example, how the system will
identifies this person is called Joe Jindo where there are many Joe Jindo around the
world. These characteristics might include, among other things, the unchanging physical
traits of the person, his preferences, or other people’s perceptions of the individual’s
personality. The skills that a person possesses can also become part of one’s identity.
For example, a person’s identity could include the fact that he “has the ability to drive”
or that he “has brown hair”. Some characteristics, such as height, have one correct
setting. Those traits of an individual that reflect someone else’s perceptions do not
have to have an absolute setting. Bob may set Alice’s “is friendly” flag to true, whereas
Charles may set the same flag to false. Even if Bob and Charles agree on what should
be the flag’s setting for Alice, Alice’s own view may differ from theirs. Thus, in
practice, there is a degree of fuzziness to the definition of an entity’s identity, and most
certainly to how others perceive it.
No two identities are the same. Each identity maps to a unique set of characteristics.
Two people may share some of the same characteristics, such as being old enough to
44
drive or having the same hair colour, but that does not mean that they have the same Introduction to
identity. If Jow Jindo 2 can identified himself as Joe Jindo 1 then Joe Jindo 2 can Cyberspace and Its
Architecture
access and manipulate all the private information of Joe Jindo 1 which is called
identity theft.
4.4.2 Identity as a Commodity

In today’s economy, information on identity often is viewed as a valuable commodity.
This view of identity is worth a closer examination.
Businesses desire to advertise their products to the markets most interested in them,
and may even retool their products to be more appealing to certain segments of a
market. Knowing the preferences of individuals allows a corporation to target perfectly
their products to those who would prefer and, thus, be most likely to purchase them.
Making a detailed survey of an individual’s preferences, though, is very difficult, if not
impossible. Often an individual cannot specify the exact motivation for her purchase
of a particular product. From the seller’s perspective, determining which questions to
ask purchasers can be a daunting task. Further, certain questions, despite their potential
usefulness, are not likely to be answered by a purchaser. To work around this problem,
businesses use identity information as a proxy for preferences. For example, rather
than trying to discover the exact reason why an individual purchased a Ford Mustang,
a car dealer might instead try to find out the purchaser’s profession or income level.
Suppose the car dealer discovers that a number of his customers who have purchased
Ford Mustangs are lawyers. Although the car dealer may not understand why they
purchased Ford Mustangs, he can assume with some level of confidence that there is
something about lawyers that leads them to purchase Mustangs instead of Cougars.

Why identity is viewed as a valuable commodity?
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
4.5 VERIFYING VERSUS REVEALING AN

IDENTITY
Cyberspace creates opportunities for identity theft. One inherent property of digital
media is that, it can be duplicated perfectly and easily. Exact copies of everything sent
over a digital communications channel can be recorded. Consider the act of
45
Introduction to ICT and sending a signed letter to someone. In the real space, I reveal to the recipient the
Cyberspace
exact form of my signature, but the difficulty of mastering the art of forgery protects
me from the possibility that the recipient would begin signing letters with my
signature. However, if I send a digital letter that contains the digital representation of
my signature, the recipient could easily duplicate and use my signature to assume my
identity when signing documents. The seriousness of this problem is highlighted when
you consider that future technologies will allow extremely important identifiers, such
as a retinal scan or a fingerprint, to be represented digitally. These biometrics
characteristics are protected in real space because they are embedded in the physical
body of the person. This is lost in cyberspace. Thus, cyberspace needs a system
that allows individuals to verify their identities to others without revealing to them the
digital representation of their identities. A verification system would let Bob, for
example, know the identity of Alice or that she possesses a particular trait, but
would not give him the ability to impersonate Alice or use the trait identifier as if it
was his own. In our digital letter example, Bob would be able to verify that the letter
contains Alice’s signature but would not let him sign the documents as Alice. Similarly,
a verification that someone is of the proper age to purchase alcohol would not give
the person a change to verify this identifier anything that would allow him to represent
himself as being of the proper age to purchase alcohol. Such a system helps both the
parties obtain what they want out of exchanging identity information without the risk
of identity theft.
4.6 CYBER AND COMPUTER CRIMES

Computer crimes can involve criminal activities that are traditional in nature, such as
theft, fraud, forgery and mischief, all of which are subject everywhere to criminal
sanctions. The term computer misuse and abuse are also used frequently but they
have significantly different implications. Annoying behaviour must be distinguished
from criminal behaviour in Law. As per IT Act, 2000, no description has been
categorically made for computer crime and cyber crime. So till today, it is very
difficult to differentiate between these two words. In relation to the issue of intent,
the principle of claim of right also informs the determinations of criminal behaviour.
For example, an employee who has received a password from an employer, without
direction as to whether a particular database can be accessed, is unlikely to be
considered guilty of a crime if he or she accesses those databases. So a distinction
must be made between what is unethical and what is illegal, the legal response to
the problems must be proportional to the activity that is alleged. Common types of
computer crimes are:
• Forgery;
• Fraud by system manipulation intentionally;
• Any modification to data or programs or databases; and
• Accessing computers without authorization;
But cyber crimes are somehow different from computer crimes. Computer crime
happens in physical space with or without the network. Cyber crime takes place in
a virtual space through digital environment. Recent example of cyber crime was
Bazzee.com case, which is a MMS scandal. Cyber crimes may happen globally as
46 there is no geographical limit for cyberspace.
Please answer the following Self Assessment Question. Introduction to
Cyberspace and Its
Architecture
Give two examples of Computer Crimes.
............................................................................................................................
............................................................................................................................
............................................................................................................................
............................................................................................................................
............................................................................................................................
............................................................................................................................
............................................................................................................................
4.7 ARCHITECTURE OF CYBERSPACE

Practically cyberspace architecture for global standard is not yet possible, though
certain groups of networks are maintaining some rules and regulations to make a
minimum architecture through TCP/IP and a virtual global server system. Here some
theoretical architectural choice has been described.
4.7.1 Link and No-Link: An Architectural Choice

As identified earlier, any digital identification system must determine where to lie upon
the continuum of anonymity and accountability; that is, a system must adopt an
appropriate degree of Type II unbundling. However, within the context of law
enforcement it becomes clear that not all points along this continuum are equal. One
point is very different from all the others: the point at the far end of the spectrum
where there is absolutely no traceability. For the sake of clarity in our further discussion,
this point will be called “no-link”. At the no-link point, there exists within the digital
identification the architecture which has no mechanism for determining the link between
data in cyberspace and the real world recipient or sender. The no-link point implies
only that there is no mandatory link between cyberspace and the real world; this does
not preclude an additional, non-mandatory method of determining an identity that
could be layered on the top of the no-link architecture. All other points along the
spectrum will be designated as “link” points. This indicates that there is some mandatory
architectural mechanism for determining the real world identity of the sender and
receiver of data in cyberspace.
Both link and no-link architecture have benefits and drawbacks associated with them.
With a link architecture, access to the link information can be limited, presumably, only
to an appropriately regulated law enforcement agency with specific regulatory
processes in place for obtaining the information. However, the immediate point is that
not everyone will have the access to the information contained in the architectural
link; to those without access, link architecture is identical to no-link architecture. The
benefit of identification is still present, but the ability to gain knowledge of the person’s
real world identity from the architecture of the system is limited to those specific
bodies with access. Thus, once again, the interesting area of discussion is that pertaining
to law enforcement: when can a link system effectively be used as a no-link system,
and are there benefits able to determine a link which outweigh any corresponding
drawbacks?
47
Cyberspace
At all the points along the continuum, except for the extreme of one-to-one identity,
there is a need to distinguish between “transient anonymity” and “persistent anonymity”.
With transient anonymity, no persistent link remains to the sender of the information;
this is analogous to anonymous leafleting. Persistent anonymity is perhaps more useful:
it allows continuity of cyber identity, generally without disclosing the real world identity,
i.e both the sender and receiver mutually agreed and define their private communication
channel in the network which is not accessible to any other at any circumstances
unless the private information of any party is not tempered or compromised. It only
permits disclosure of the real world identity within a link system. In a no-link system,
continuity is preserved, but without facilitating the link. Both the types of anonymity
are useful in some circumstances, but persistent anonymity is likely to be more generally
useful.
No Link
The benefits of a no-link system are, as mentioned above, those pertaining mostly to
issues of freedom of speech and freedom of action. In the commercial domain, the
wheels of capitalism are greased by the no-link architecture. People who have no fear
of ever being personally associated with what they buy are far less likely to be
concerned about the social norms which might have previously restricted them from
purchasing a product. Unbundling facilitates the necessary degree of identification
that commerce will require without necessitating the revelation of the entire real world
identity. Free speech is likewise assisted by the absence of traceability: where potential
oppressors are unable to determine the sender’s real world identity, there is no danger
of oppression.
Link Architecture
No-link architecture provides protection from McCarthyism. But in so doing, it removes
all accountability from speech. It is an architecture that completely eliminates the
power of social norms, market regulation, and legal regulation to govern interaction on
the Internet. Society should not overlook the more general consequences that may
result from the ability to avoid accountability in all speech, especially the speech which
would not be considered criminal: people may routinely and without concern spout
inaccurate and misleading information, and the responsibility may disappear even further
from the moral landscape. However, the aspects which can be most clearly identified
and discussed are those which result in criminal behaviour.
Please answer the following Self Assessment Auestion.

Discuss about the various types of Cyberspace Architecture.
.............................................................................................................................
.............................................................................................................................
.............................................................................................................................
.............................................................................................................................
.............................................................................................................................
.............................................................................................................................
.............................................................................................................................
48
Introduction to
4.8 PREVENTING CRIMES Cyberspace and Its
Architecture
The issue then becomes one of the preventing crimes, while simultaneously attempting
to mitigate this potential “chilling effect” on free speech. At the heart of this discussion,
lies the distinction between transactional information and content information.
Transactional information is the information regarding the sender, recipient, and other
information associated with the transmission of the information, but not regarding the
content of the information. Thus, so far the argument has centered on transactional
information; however, the value of content to law enforcement must be considered: if
it is absolutely necessary to have content as well as transactional information, then it
will do no good to consider offering the latter without the former. If, on the other hand,
transactional information without content is a tool that can be utilized, it may result
an effective compromise between the needs of law enforcement and the desires of
the society.
Encryption represents the single largest barrier to law enforcement obtaining content
from a computer. This is an issue that is relatively unique to cyberspace, as handwritten
and telephone encryption is relatively rare. One choice can be made with respect to
encryption: allow it, without regulation, or disallow it. Disallowing encryption altogether
is pragmatically different from allowing only key escrowed encryption, but for the
purposes of this discussion, they are effectively the same. The overwhelming response
of the government has been that, encryption controls are in fact necessary, and several
initiatives have been proposed to this effect; however, both the public and legal reaction
to these initiatives have been negative: many organizations are resisting the degree of
control which law enforcement would be given, and the Communications Decency
Act was recently ruled as too general to be constitutional. In this situation, law
enforcement’s claims of what it needs to be effective are strongly disputed by the
public: the equilibrium between the two is harder to strike in cyberspace.
4.9 IMPLICATIONS OF CHOOSING THE LINK

SYSTEM
The negative implications of choosing the link system are clear: it may place an
unreasonable burden on free speech. Even if it is not unconstitutional in this manner, it
may simply deter people from speaking out in situations where their voices would be
most useful. In order to convince the society that its interests in avoiding unreasonable
persecution are maintained, the architectural decision to include the link must be
combined with legal regulations regarding who is given sanction to disclose the link,
and under what circumstances such disclosure is acceptable. While the negative impacts
of providing a link with all the transmitted data can never be fully accounted for, the
goal of a system which provides an architectural link must be to mitigate the impact of
the architecture as fully as possible.
No-link architecture has more tangible drawbacks. Crimes can be easily planned and
carried out on a system with no accountability, and there is no reason to think that they
would not be. However, practical concerns such as sovereignty and providing
unrestricted speech to political dissidents regardless of their governments’ policy on
free speech may outweigh the potential societal costs. It may be also that suitable
mechanisms for regulating their identity can be created in a legal or market based
way; it is hard to see how these methods would be enforceable in a cost-effective
manner, but the number of criminal deviants might be small enough that the identification
by law enforcement could be reasonably achieved.
A Note on Architectural Choice
It is very important whether the architecture of a digital authentication mechanism 49
Cyberspace
should be designed to permit traceability. Although the discussion focuses on how
traceability on the Internet would meet the needs of the government in carrying out its
law enforcement function, it should be noted that businesses also have an interest in
the development of architecture with such a feature. Many corporations have
established Intranets to facilitate communication between the various divisions of their
companies. Traceability in the architecture would help the leadership of a business
monitor the activities of its employees. Monitoring of this sort might be motivated by a
desire to track the productivity of the individual workers or a need to ensure procedures
designed to govern access to the company’s sensitive information are followed. The
development of architecture for the Internet that included traceability would provide a
standard that could be adopted for the corporate internal networks, without the
associated research and development costs.
Aside from the caveat presented above, business-domain interests in the use of identity
do not require the developers of the architecture to make any fundamental architectural
choices for the system. Instead, most of the concerns regarding the business arena
are related to how businesses and consumers will behave in an environment using the
digital authentication mechanism proposed.
Social Aspects
Community in cyberspace is based on the interaction between people.
Cyberspace has an important social aspect to it that must not be overlooked. Ever
since the ARPA Net was created, its primary use has been to communicate with other
people. With the advent of a faster backbone, different types of communication media
became possible namely, interactive communications. Community in cyberspace is
based on the interaction between people.
Although a community is a group of people who interact with each other, at the basic
level it comprises a group of people who exist with each other in a common plane.
Cyberspace can be treated as a conduit touching portion of real space at key points.
Ideas are passed through the conduit, and business is transacted through this conduit.
The cyberspace communities are members of the global community interacting on a
different plane than in real space. These members rarely interact in the real space, but
they communicate through multimedia means in cyberspace whether it be by text,
image, sound, or a combination of the three. It is not possible to use the Internet
without being part of this community of people; you cannot avoid being a part of the
community, even if you are using the Internet as a conduit: by e-mailing people, reading
web pages, reading newsgroups, or doing commerce online, one has joined the
cyberspace community.
4.10 ROAD TO IMPLEMENTATION

The current state of cyberspace identification mechanisms is far from the flexible,
broad potential of the identity architecture. There is still a long way to go from the
‘here’ of the Internet as it exists in 1998 to the ‘there’ of the ubiquitous, secure identity
architecture. In order for the Internet to reach its full potential, a secure mechanism
for managing and verifying the digital identity is necessary. There remain ranges of
hurdles to overcome before a cyberspace identity mechanism will be deployed and
ubiquitous. These hurdles can best be analysed in four categories: social norms, market,
legal, and architectural barriers.
Social Norms Barriers
The main social obstacle to implementation of a cyberspace identification mechanism
50 is that the general public does not recognise that there is a problem with the existing
identification architecture. The general public does not understand the need for an Introduction to
improved, secure cyberspace identification system. Even without any effective Cyberspace and Its
Architecture
identification mechanism, the use of the Internet − for both casual and secure applications
− has soared, with double-digit growth rates measured month-to-month rather than
year-to-year. While more sophisticated Internet users may recognise the need for a
digital identity mechanism, these advanced users represent a shrinking percentage of
the overall Internet? Community? Many people using popular Internet applications
seem to be satisfied with the existing levels of security and identification. E-mail, for
instance, is often self-identifying through the content of the message. Forged e-mail,
while easy to create in the current architecture, is not perceived to be a major problem.
E-mail eavesdropping, also a relatively simple technical task, has not slowed the flood
of e-mail communications. On-line commerce is booming even based on systems
requiring credit card numbers and the overly revealing identification that credit card
numbers enable.
Market Barriers
The market barriers to the implementation of a secure Internet identification system
stem from the difficult business economics inherent in solving this type of problem.
One of the key problems is that, there is significant business model risk for companies
providing identity verification solutions. In other words, it is unclear exactly how these
companies can make money. In addition, economic incentives do not encourage the
development of an open-standard identity infrastructure. Ultimately, success of an
open-standard identification architecture, such as our proposed system, may require
government intervention in the marketplace.
Legal Barriers
The most critical legal obstacle to the development and adoption of any effective
digital identity mechanism is the current confusion over legal liability rules. In other
words, who is responsible if someone’s digital identity is misused or stolen? Who
bears the cost if a digital identification mechanism is compromised? The lack of a
clear legal liability regime for these two issues discourages the cyberspace identity
market from emerging in the first place and from operating efficiently once it does
become widespread. Legislatures may need to enact liability laws that cover digital
identity before the identity infrastructure can be effectively implemented.
The appropriate liability rules must reconcile two competing principles. First, because
the market for the digital identity mechanisms is in its infancy, the selected liability
rules must help create incentives that will drive towards the widespread adoption of a
secure identity infrastructure. According to this goal, the liability for identity misuse
should be placed on whichever party can best induce the introduction and implementation
of the identity architecture. Second, in order to have an efficiently operating marketplace
for identity mechanisms, it is desirable for the selected liability rules to place liability on
the party who is the “least cost avoider” of harm. Adopting this goal, liability for
identity misuse should be placed on whoever is best able to avoid misuse of the digital
identity. If these two goals point towards the same party, both goals can be accomplished
together. However, if these two goals suggest that different parties should bear liability,
then one goal or another must be made paramount or the goals must be balanced.
Architectural Barriers
In broad terms, there are just three types of identification mechanisms. Authentication
can be based on a person’s shared knowledge (such as a password); a person’s
possession of unique information or device (such as a digital certificate); or a person’s
inherent unique characteristics (such as a fingerprint or other biometric).
Please answer the following Self Assessment Question. 51
Cyberspace
What are the barriers before cyberspace identity mechanism can be deployed?
.............................................................................................................................
.............................................................................................................................
.............................................................................................................................
.............................................................................................................................
.............................................................................................................................
.............................................................................................................................
.............................................................................................................................
4.11 SUMMARY
• There is no proper definition of Cyberspace yet. Only some concepts have been
derived.
• Cyberspace is the total interconnection of human beings through networked

computers and telecommunications without any regard to physical geography.
• The difference between real space and cyberspace is that the essence of any
digital transaction is unbundling. Main problems are to identify the reality.
• Digital Identity is the mechanism to identify the man or product through digital
environment.
• In the present scenario, digital identity is also often viewed as a commodity.

• Computer crime and cyber crime seem to be similar but both are different.
• Computer crime belongs to any individual computer without the Internet connection
i.e. physically whereas cyber crime happens in cyberspace through the Internet
only.
52
• Cyberspace architecture, which is not properly defined now, is a design in Introduction to
Cyberspace and Its
which virtual space transactions are being made through digital environment. Architecture
• Presently the cyberspace identification mechanism is not flexible; there are a

number of barriers, for example: social norms, market, legal and architectural,
before a cyberspace identity mechanism could be deployed.

1) What is Cyberspace and how it differs from the physical space?
2) Write about the concept of Digital Identity.
3) Differentiate between the computer crimes and the cyber crimes.

1) As there is no chance of physical verification of personal identity in cyberspace,
the identity, in cyberspace plays a crucial role for electronic identity. So, this
electronic identity (called identity only) is viewed as valuable commodity for
commercial purpose.
2) Forgery, Accessing the Computer without Authorization.
3) In practice, there is no specific architecture defined for cyberspace but some
theoretical concept has been yet proposed for the same like link and no-link
architecture for architecture frame work.
4) The cyberspace identification mechanism is not flexible; there are a number of
barriers, for example: social norms, market, legal and architectural, before a
cyberspace identity mechanism could be deployed.
Terminal Questions
1) Refer to section 4.2 and 4.3of the unit.

1. “Cybernotary Subcommittee Home Page”. Section of Science and Technology
Law. American Bar Association.6 jan.2007<www.abanet.org/scitech/ec/cn/
home.html>.
2. “Digital & Electronic Signatures”. WTV Home page. 5Dec.1997. Winchel

“Todd” Vincent, III.8Jan.2007<members.aol.com/Winchel3/Links/Legal/
Signatures/Signatures LegalLinks.htm>.
3. Uniform Electronic Transactions Act.23 Mar. 1998.

53
Cyberspace UNIT 5 EVOLUTION AND BASIC
CONCEPTS OF INTERNET
Structure
5.1 Introduction
5.2 Objectives
5.3 History of the Internet
5.4 The Internet Technology
5.5 Accessing the Internet
5.6 Services Provided by the Internet

5.6.1 Communication Service
5.6.2 Information Retrieval Services
5.6.3 The World Wide Web (WWW)
5.7 Browsers
5.8 Search Engine
5.9 E-commerce
5.9.1 Types of E-commerce
5.9.2 Application of E-commerce
5.9.3 Security in Electronic Payment
5.10 Summary
5.13 Referenced and Suggested Readings
5.1 INTRODUCTION
There are so many networks exiting in the world, often with different hardware and
software. But Internet is a term which is very common to all irrespective to any age
group. Perhaps there is no such human being in the universes, who is unaware of the
term Internet. In other words, Internet is the backbone of rapid growth of
technological revolution. The word Internet is derived from Internetworking that is a
collection of individual networks, connected by intermediate networking devices
that function as a single large network. Network is a collection of terminals, computer
servers and components which allow for the easy flow of data and use of resources
between one another. In simple words, a network is a group of two or more computer
54 systems linked together.
Evolution and Basic
5.2 OBJECTIVES Concepts of Internet
After studying this unit, you will be able to:

• explain the concept of Network and the Internet;
• describe the History of Internet;
• explain the Internet Terminology;
• describe the ways by which the Internet can be connected ;
• list services provided by the Internet;
• know the importance of browsers in connecting the internet;
• describe the functions of a search engine; and
• describe the concept of E-commerce, various types of E-commerce, its
application and security requirement needed for conducting electronic
commerce.
5.3 HISTORY OF THE INTERNET

The Internet has a glorious history. It has come across a long way to reach its
current position.When traditional circuit-switched telephone networks were
considered too vulnerable, DoD (Department of Defence of USA) turned to its
research arm, Advanced Research projects Agency (ARPA). ARPA was created
in response to the Soviet Union’s launching Sputnik in 1957 and had the mission of
advancing technology that might be useful to the military. This network is popularly
known as ARPANET. In the late 1970s, NSF (The U.S. National Science
Foundation) found the enormous impact the ARPANET was having on University
research, allowing scientists across the contry to share data and collaborate on
research projects. However, to get on the ARPANET, a University had to have a
research contact with the DoD, which many did not have. This lack of Universal
access prompted NSF to set up a virtual network, CSNET, centered around a
single machine at BBN that supported Dial-up lines and had connections to the
ARPANET and other networks. NSF also founded some (eventually about 20)
regional networks that connected to the backbone to allow users at thousands of
universities, research labs, and museums to access any of the supercomputers and
to communicate with one another. The complete network, including the backbone
and the regional networks, was called NSFNET. It connected to the ARPANET
through a link between an Interface Message Processors (IMP) and fuzzball in the
Carnegie-Mellon machine room.
The number of networks, machines, and users connected to the ARPANET grew
rapidly after TCP/IP became the only official protocol on 1st January 1983. When
NSFNET and ARPANET were interconnected, the growth became exponential.
So finally a global network was created, which connected all the types of networks
around the globe, it is popularly known as the Internet.
Technically a machine is on the Internet if it runs the TCP/IP protocol stack, has an
IP address and has the ability to send IP Packets to all other machines on the Internet.
The mere ability to send and receive the electronic mail is not enough, since e-mail is
55
Introduction to ICT and a gateway to many networks outside the Internet. However this issue is clouded
Cyberspace
somewhat by the fact that many personal computers have the ability to call up an
Internet service provider using a modem, be assigned a temporary IP address and
send IP packets to other Internet hosts. It makes sense to regard such a machine
being on the Internet for as long as they are connected to the service provider’s
router.
With tremendous growth, the old informal way of running the Internet no longer
works. In January 1992, the Internet Society was set up to promote the use of the
Internet and perhaps eventually taken over managing it.
Traditionally, Internet had five main Applications as follows:
• E-mail
• News
• Remote Login
• File Transfer
• Research

What is the Internet? How it differs from the network?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
5.4 THE INTERNET TECHNOLOGY

Internet uses TCP/IP. TCP stands for Transmission Control Protocol and IP stands
for Internet Protocol. Every host and router on the Internet has an IP address, which
encodes its network number and host number which are usually written in Dotted
Decimal Notation Ex: 212.32.46.1. There are two versions of IP, IPv4 and IPv6.
Each IP Address is 32 bits long and is used in the Source address and Destination
Address fields of IP packets. There are five classes as A, B, C, D and E. First two
classes are for general networks or private network like LAN, Class C is defined
for public network and accessible by any user on internet and class D stands for
Multicast Address and class E is reserved for future use. Network’s number is
assigned by Network Information Centre (NIC) to avoid conflicts. The lowest IP
address is 0.0.0.0 and the highest is 255.255.255.255. The IP address specifies a
computer where the information is present, i.e. the physical domain on the Internet.
56 The web server placed over Internet are registered to a domain. An IP address
registered to a domain is also known by the alias name. For example, a host with IP Evolution and Basic
Concepts of Internet
address like 212.15.20.4 can have host name as ignou and if this ip address is
registered in the domain called ac.in, then the host can be identified in the network
as ignou.ac.in, it is also possible to defined the alias of ignou.ac.in as www.ac.in or
www.ignou.ac.in . One web server can serve multiple virtual web server and where
each virtual server mapped or registered to different or unique names. For example,
in the web server ignou.ac.in it is possible to defined virtual server physics.ac.in and
english.ac.in and both the server may point to different web container on the same
physical system or can redirect to any server on the network. All the servers /
systems on the network on different network ID communicate each other through
the particular path called gateway. Internet is also called and inter network, mean all
networks are inter connected, each system on network can send or receive the
packet from other network using one particular path which is also called next hop or
gateway, in the internet world it is also some time called internet gateway, because a
server on network may have multiple destination like one for back-up and one for
back hand access and one if for www services. The back hand access or back up
access may be required for system admin so the traffic of those specific can be
routed on different gateway call back up gateway. The physical networks are called
the Internet Backbone, which is called heterogeneous systems network.
Each domain name has an extension to it depending on the service provided by it. A
domain name describes organizational or geographic realities. They indicate which
country the network connection is in, what kind of organization owns it and the
further details also.
There are six common domain top levels types:
.COM for Commercial Organizations Ex: www.yahoo.com
.NET for Network Organizations Ex:www.internic.net
.GOV for parts of Govt within US Ex:www.nasa.gov
.EDU for educational Institutes Ex:www.mit.edu
.MIL for classified Military networks Ex:www.xxx.mil
.ORG for nonprofit Organizations Ex:www.cdc.org
5.5 ACCESSING THE INTERNET

There are different ways to connect the IP base network or the internet. A home
user can connect to public domain of the network through a service provider. One
can access the service provider network over serial line like modem, or ADSL, or
from cable line called broadband services, or through the Wireless network using
blue tooth or wireless ADSL broadband modem, or from any wi-fi terminal of service
provider. This mean, an end user need to connect to service provider and uses the
backbone of service provider to sending or receiving the information or data. In the
corporate network, a user or employee can connect to internet by login or connecting
to local area network with proper authorization, provided if the corporate network
is allowed to connect the public network with defined internet gateway.
There are three main ways to connect to the Internet. These methods include
connecting via a LAN server, connecting via SLIP/PPP, or connecting via an online
service.
57
Introduction to ICT and Connect via LAN Server: This approach needs the user’s computer to have
Cyberspace
specific protocol “Example IP” with specific configuration, which provides a set of
communications rules that perform the complete functions of the seven layers of the
OSI communication model. LAN servers are typically connected to the internet at
2Mbps or faster. This type of connection is expensive, but cost can be spread over
multiple LAN users.
Connect via Serial Line Internet Protocol/Point-to-point Protocol (SLIP/PPP):
This approach needs that the users have modem and specialized software that allows
them to dial into a server through a service provider at some specific cost. This type
of connection is advantageous, for example, for employees working at home who
need to access the Internet or their own Intranet.
Connect via an Online Service: This approach needs a modem, standard
communication software and an online information service account with an Internet
service provider. The cost includes the online service fee, per-hour connect charge
and where applicable, e-mail service charges. There are so many Service providers
throughout India like Satyam and Sify.
Connect through Broadband: This type of connection is very popular right now
because here the data transfer speed is more than 256 KBPS without interruption.
In India, almost all Internet Service Providers (ISP) provides Broadband connection
with a very nominal cost.
5.6 SERVICES PROVIDED BY THE INTERNET

The Internet is provides four major types of services. These are communication,
Information retrieval, Web services and World Wide Web (WWW). Communication
services include electronic mail, USENET newsgroup, chatting, telnet, Internet
telephony and Internet fax, etc. Information retrieval services include gophers, archie,
WAIS, file transfer protocol and Veronica etc. Web service provides software
application over the Internet. The WWW is an application that uses transport
functions.
5.6.1 Communication Service

This type of service is most popular both for personal and business community. A
tremendous variety of data can be accessed through the Internet. Users are no
longer strictly dependent on telephony for one-to-one communication. Also some
of these services enable interactive communication with individuals and groups around
the world who share personal and professional information.
Electronic Mail(E-mail)
E-mail is the most widely used application of the Internet. It is an application that
allows an electronic message to be sent between individuals through World Wide
Web. E-mail is not limited to simple text messages. Users can embed sound and
images in their message and can attach files that contain text documents, spreadsheets,
graphs and executable programs. For sending a mail, you have to write the e-mail
address and subject matter in the specified column. CC (Carbon copy) and BCC
(by carbon copy) options also can enable one to send the same matter to many
addresses.
58
USENET newsgroup (forums) Evolution and Basic
It is a protocol that delineates how groups of messages can be stored on and sent
between computers. Users send e- mail messages on a specific topic to the USENET
server machine, which acquires this information by following this protocol. Users
can log on to the server to read messages or have the computer automatically
download messages to be read at the user convenience. It provides a form for the
interested users on the Internet. This forum is divided into newsgroups. USENET
newsgroups are international discussions groups in which people share information
and ideas on a particular topic.
Chatting
It allows two or more people who are at a time connected to the Internet to hold live
(real-time), interactive, written conversation. Internet Relay Chat (IRC) is a general
chat program for internet though nowadays so many chat programs are easily available
in the market. Chat groups are divided into channels each assigned its own topic of
conversion. It is the third most-used application in the Internet after e-mail and
search.
Instant Messaging
It is an online, real time communication between two or more people who are
connected to the Internet. Users can send instant text messages to other users who
are logged on. A window appears on the screen of all the people engaged in the
messaging. Each window displays what one person is typing, in real-time. A number
of companies are providing Instant Messaging like Yahoo, Hotmail and Indiatimes,
etc.
Telnet
It allows users to be on one computer while doing work on another. It is the protocol
that establishes an error-free but not secure access from source to target computers
provided the target server running the telnet services. Users can log on to their office
computers while travelling or from their homes. Also users can log on and use third-
party computers that have been made accessible to the public, such as using the
catalog of the U.S Library of Congress.
Internet Telephony
It is otherwise called as Voice over IP or VoIP. Here users talk across the Internet
throughout the world to any personal computer as well as any phone line (Restricted
by Law of any Country). It carries voice calls over the Internet, normally the data
line and voice line communicate through the same communication media like cable
with different frequency, VoIP can either partially or completely bypassing the public
switched telephone networks. Sound quality may be poor due to Latency and Jitter.
Internet Fax
It is just similar to general fax techniques but it is possible only through the computer
having Internet and Fax software. This application is useful because faxes can be
sent long distances at local call rates and delivery can be guaranteed through store
and forward mechanism.
59
Introduction to ICT and Streaming Audio and Video
Cyberspace
It allows the Internet users to see and hear data as it is transmitted from the host
server instead of waiting until the entire file is downloaded. For Example, real
network’s real audio allows a web site to deliver an on-demand audio over the
Internet and can work over connections. Streaming audio enables the broadcast of
radio programs, music, press conference, speeches, and new programs over the
Internet. It is well predicted that streaming audio and Internet telephony use will
overlap and complement one another.
Real-Time Audio and Video
With the help of it, the transmission from source is live or only slightly delayed.
These applications include point-to-point conversations between two people
conferences among more than two people collaborative ‘‘white boarding” (where
two or more users can interactively create graphic images) and shared hypermedia
documents live broadcasts of news, talk shows, or sporting events and broadcasts
of music and concerts.
5.6.2 Information Retrieval Services
It allows the users to access through the Internet, thousands of huge online library
catalogs, as well as millions of databases that have been opened to the public by
corporations, Government, and agencies and non-profit organizations. Apart from
that, many users download free, high quality software made available by the
developers over the Internet. This chapter will focus on five methods of accessing
the computers and locating files. These are free to any Internet user. The Internet is
a voluntary, decentralized collection of Networks with no central listing of sites and
no central listing of the data located at those sites.
File Transfer Protocol (FTP)
It enables the users to access a remote computer and retrieve files from it. After the
users have logged on to the remote computer, they can search the directories that
are accessible to FTP, looking for the files they want to retrieve.
Archie
It is a tool that allows to the user to search the files at FTP sites. It regularly monitors
hundreds of FTP sites and updates a database (called an Archie server) on software,
documents and data files available for downloading. By clicking on a list of Archie
server, it will take them to another computer system where relevant files are stored.
Once there, the archie server may allow users to continue their searches for files
until they locate what they need actually.
Gophers
It is a computer client tool that enables the users to locate the information stored on
the Internet gopher servers through a series of hierarchical menus. Most files and
digital information that are accessible through FTP are also available through
gophers. Each gopher server contains its own system of menus listing subject-
matter topics, local files, and other relevant gopher sites. When the users access
gopher software to search a specific topic and select an item from a menu, the
server will automatically transfer them to the appropriate file on that server or to the
60 selected server wherever it is located. Once on that server, the process goes on.
Veronica Evolution and Basic
It stands for Very Easy Rodent-Oriented Net wide Index to Computer Archives. It
provides the capability of searching for the text that appears in gopher menus. When
the user enters a key word, veronica will search through thousands of gopher sites
to find the titles containing that keyword. It places these files on a temporary menu
on the local server, so that the users can browse through them.
Wide Area Information Service (WAIS)
It also allows the users to locate files around the Internet. It is the most thorough
way to locate a specific file, but it needs that the users know the names of the
database they want to search. After the users specify the database names and key
identifying words, WAIS searches for the key words in all the files in those databases.
When the search is finished, users obtain a menu listing all the files that contain the
key words.
Web Services
These are the unique pieces of computer codes (components) accessed through a
web site that delivers a specific type of function. Web service allows us to transparently
access the rich software content from any site on the web. In Web services the
application code normally deployed to one or more web server but controlled by
the app server. Web services accept the information as a input from the called program
and return the output like XML format.
Sun’s JSP is a Java platform tool which is mostly used for making Java based active
server pages. It is also an object-oriented language that enables the programmers to
build wide range of applications for the JAVA platform.
5.6.3 The World Wide Web (WWW)

This concept has changed the way in which the Internet used to work earlier. It is
not the same as the Internet today. The Internet functions as the transport mechanism
and the WWW is an application that uses those transport functions. It is a system
with universally accepted standards for storing, retrieving, formatting, and displaying
information via a client/server system. The web handles all types of digital information
including text, hypermedia, graphics, and sound. It is very easy to use as it uses the
graphical user interface.
The web is based on a standard hypertext language called Hypertext Markup
Language (HTML), which formats documents and incorporates dynamic hypertext
links to other documents stored on the same or different computers. HTML is a
simpler subset of Standard Generalized Markup Language (SGML), and
incorporates tables, applets, text flow around images, superscripts and subscripts.
Using this hypertext links, (which are typically blue and underlined), the user points
at a highlighted word, clicks on it and is transported to another document. Users are
able to navigate around the web freely with no restrictions, following their own logic,
needs, or interests.
Offering the information through the web needs establishing a home page, which is a
text and a graphical screen display that usually welcomes the user and explains the
organization that has created the page. In most cases, the home page will lead the
users to other pages too. All the pages of a particular company or individual are 61
Introduction to ICT and known as Web site. Most web pages provide a way to contact the organization or
Cyberspace
the individual. The person in-charge of an organization’s web site is its web master.
For accessing a web site, the user must specify a uniform resource locator (URL),
which points to the address of a specific resource on the web. For example, the
URL for Indira Gandhi National Open University is http://www.ignou.ac.in. HTTP
stands for Hypertext Transport Protocol, which is the communication standard used
to transfer a page across the WWW portion of the Internet.

What is Internet Telephony? How does it differ from chatting?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
5.7 BROWSERS
To get connected into the Internet, a browser is the minimum requirement. It is
capable of communicating via HTTP, managing HTML and displaying certain data
types such as Graphic Interchange Format (GIF) and Joint Photographic Experts
Group (JPEG) for graphics. The two leading browsers are Internet Explorer from
Microsoft and Netscape Navigator. The competition between both of them has
been extremely beneficial for the users, providing them highly capable applications
at almost no costs. Microsoft’s strategy is to minimize the importance of the browser
as a distinct application by building the browser functionality directly into its latest
operating system. Netscape’s strategy is to make the browser the core of a compelling
suite of applications for corporate users.
Netscape’s Browser Suite
It includes Netscape Navigator, Netscape Mail, Netscape Instant Manager,
Netscape Composer and Netscape Address Book. The suite provides functions
for running web applets, audio playback, streaming media, web content, and
Net2phone for free PC-to-phone calls anywhere within the United States. Netscape
communicator is a comprehensive set of components that integrates e-mail, web-
based word processing, and chat to allow users to easily communicate, share and
access the information.
Microsoft’s Internet Explorer
This software comes with the window operating system for free. AS Netscape has
established its own market, so Microsoft embarked on a strategy to gain market
62
share and penetrate the installed base. It also provides all the facilities that are
provided by Netscape. At present, IE 6.0 version is very much popular in the Evolution and Basic
browser market. IE 7.0 from Microsoft is the most reliable browser available today
for PC world. Many browsers are platform/OS oriented.
Beside these two browsers, there are so many browsers available in the market,
like Fire Fox, which comes with so many advanced options.
Offline browsers (pull products) enable a user to retrieve pages automatically from
web sites at predetermined sites, often during the night. Web Whacker and Web
Copier are offline browsers that allow the users to define a group of sites by their
URLs and then download the text and images from those sites to their local storage.

Name two leading browsers
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
5.8 SEARCH ENGINE

Search engine is the most popular option after e-mail over the Internet. These are
the programs that return a list of web sites or pages (with URLs) that match a
selected criteria. To use one of the publicly available search sites, the user navigates
to the search engine’s site and types in the subject of the search.
Goggle is the largest, search engine and the first search engine to index more than
one billion pages. Goggles method of searching is called Page Rank. The more links
there are to a page, the higher it moves in Goggle’s ranking. Page Rank improves
both recall and precision ratio.
Meta search engine automatically enters search queries into a number of other search
engines and returns the results. Example of it includes All4one, Meta crawler and
starting point.
Some popular search engine URLs are given here:
Alta Vista altavista.com
Excite excite.com
LookSmart looksmart.com
Yahoo Yahoo.com
MSN search.msn.com
Oingo oingo.com
63
Cyberspace 5.9 E-COMMERCE
Electronic commerce (e-commerce) has changed the life style of the society. With
the help of e-commerce, it is possible to buy, sell and exchanging the products,
services and information via computer networks, primarily through the Internet.
Though the definition of E-commerce is quite debatable, still it is very much useful
for both individual and the corporate.
5.9.1 Types of E-commerce

Previously it was assumed that e-commerce is applicable only to a business
community. But with the great use of high-speed technology, the idea has been
changed. At present, basically five types of E-commerce can be summarized here:
• Business-to-Consumer (B2C) E-commerce;
• Business-to-Business (B2B) E-commerce;
• Consumer-to-Consumer (C2C) E-commerce;
• Peer-to-Peer (P2P) E-commerce; and
• Mobile Commerce or M-commerce.
In India, E-commerce is not so much successful as it was desired because Indian
customers mostly believe in the practical market as they are very much economical
and they have no good faith upon the product provider through E-commerce or
other mode of net booking.
On the other part, the product provider does not give so much positive attention to
the net customer as there is no direct contact between both of them. For better E-
commerce, it is very much vital that a good faith must exist between the product
provider and the customer.
5.9.2 Application of E-Commerce

E-commerce has various forms of applications. Some of them are described here:
1) Electronic Payments: This is the best form of payment throughout the universe
at present. Electronic payments can be done through the following ways:
electronic credit cards, electronic cash, smart cards, electronic fund transfer
(EFT), and e-wallets and purchasing cards.
2) Banking Gateway: E-commerce plays a vital role in the banking sector for
inter-bank transactions and building a separate gateway for the unified banking
gateway.
3) E-Governance: Now the government of India has initiated total online
transactions for tax payment, phone bill payment, loan EMI payment from
banks, etc.
5.9.3 Security in Electronic Payment

Two main issues need to be considered under this topic: what is needed in order to
make EC payment safe, and another one is which methods can be used for?
64
Security requirements needed for conducting Electronic Commerce (EC ) are: Evolution and Basic
• Authentication for identity for both the parties;
• Integrity for unaltered transactions;
• Non-repudiation for unjustified denial of placing orders;
• Privacy for identity to be secured; and
• Safety for providing the credit card number over the Internet.
Security Protection: Several methods and mechanism can be used for the security
protection. One of the most used mechanisms is Encryption. Encryption is a process
of making messages indecipherable except by those who have an authorized
decryption key. The key is a code composed of a very large collection of letters,
symbols, and numbers. For example, “A” might be coded as some other forms like
123 etc.
Encryption is of two types, one is symmetric key and another one is symmetric key,
which is known as Public Key Infrastructure (PKI). Public Key Infrastructure also
includes digital certificates and signature, which are provided by the trusted third
party, called Certified Authority (CA).
Security Protocols: Protocols are a set of rules and procedures that govern the
transfer of information. Two major payment protocols are being used in E-commerce.
Secure Socket layer (SSL): It is a mostly used protocol on the Internet payment
system. It may be of 40 bits, 64 bits and 128 bits. It appears as a lock symbol in the
bottom of the browser. It is very important for a net user when he pays through the
credit cards to know that the site is SSL secured and is valid. As a user, you may
also read all about SSL from that SSL certificates.
Secure Electronic Transactions (SET): It is also very useful for credit card
transactions, but due to its more cost and complexity, it is very less used over the net
transactions.

Fill in the blanks:
i) With the help of ___________, it is possible to buy, sell and exchange the
products, services and information via the computer networks.
ii) There are _____ types of E-commerce.
5.10 SUMMARY
• ARPANET was the first Network in the world.
• Internet is defined as the network of networks. It has mainly the following
applications: 65
Introduction to ICT and E-mail,
Cyberspace
Search,
File Transfer,
Research, and
Electronic Transactions.
• The Internet is based upon TCP/IP protocol. Every host and router over the
Internet has a unique IP address. All IP addresses are 32 bits long.
• The lowest IP address is 0.0.0.0 and highest is 255.255.255.255.
• There are six common top levels domains: com, net, gov, edu, mil and org.
• At present, broadband connection is the best one to access the Internet for
home or remote users (speed more than 256 Kbps).
• World Wide Web (WWW) is the basic infrastructure on which HTTP works.
• Browsers are the browsing software for the Internet. For example, the Internet
Explorer.
• Search Engines are the internet Tools to search a file from various locations
from the Internet within some seconds.
• E-commerce is the electronic way on which buying, selling and exchange of
products is possible over the Internet.
• Secure Socket Layer (SSL) is the Internet security protocol for online financial
or secure transactions. 40 bits, 64 bits and 128 bits SSL are available in the
market.
• Due to the demand of the Internet, many challenges have to be faced in future
regarding Internet Regulation, New Technology, Internet Expansion and Internet
Privacy etc. As far as India is concerned, it should formulate a suitable Data
protection legal framework to cope with the International standard. Again the
Information Technology Act 2000 has to be modified with strong a technological
as well as legal concept.

1) Define IP. Why every computer on the Internet has a unique IP address? What
is its length?
2) E-commerce has changed the life style. Examine it critically.
3) What is the security over the Internet for Monetary Transactions?

1) A network is a group of two or more computer systems linked together. The
Internet is network of Computer Networks.
66
2) Chatting allows two or more people who are at a time connected to the Internet Evolution and Basic
to hold live (real-time), interactive, written conversation. Internet Telephony is
also called as voice over IP or VoIP. Here the users talk across the Internet
throughout the world to any personal computer as well as any phone line
(restricted by law of any country).
3) Internet Explorer from Microsoft and Netscape Navigator.
4) i) E-commerce, and (ii) five.
Terminal Questions
3) Refer to section 5.9.3 of the unit.

1. Behrouz A. Forouzan. Data Communication and Networking. 3rd ed. Tata
McGrawhill, 2003.

67
UNIT 6 INTERNET OWNERSHIP
AND STANDARDS AND
ROLE OF ISPs
Structure
6.1 Introduction
6.2 Objectives
6.3 Internet Ownership

6.3.1 Need of Internet Ownership
6.4 Internet Service Provider (ISP)

6.5 Working of Internet and Role of ISP
6.6 Code of Conduct for ISP
6.7 ISP as New Media Centre
6.8 Evolution and Present Status of an ISP in India
6.9 Business Model for ISPs in India
6.10 Value Added Services
6.11 Monetary Concepts of an ISP
6.12 Evaluation of Performance of ISPs
6.13 Liability of Web Site Owner/ISPs
6.14 Summary
6.1 INTRODUCTION
Internet is the network of networks around the globe or interconnections of
Networks. Lakhs of computers are connected through Internet so the term “Internet
ownership” is very critical in terms of language. But from the maintenance point of
view, these must be maintained by humans by, machine or with the help of technology,
within a legal framework. Everyone understands that the internet is crucial for the
functioning of modern economecs, societies, and even governments, and everybody
it should to be reliable and secure. But internet possesses such a decentralized status
that there is no authority to control over cyberspace. So internet ownership has no
exact definition till now as far as cyberspace is concerned.
5
Cyberspace
6.2 OBJECTIVES
• explain the basic concepts behind Internet and its ownership status;
• describe the code of conduct prescribed for Internet Service Providers;
• enlist the roles and liability of ISPs; and
• develop a vision for better technology.
6.3 INTERNET OWNERSHIP

Any network needs some centralized control to function. The Global Phone system,
for example, is administered by the world’s oldest international treaty organization,
the International Telecommunication Union, founded in 1865 and now a part of the
UN family. Similarly, the Internet should be administered under a multilateral treaty.
ICANN (Internet Corporation for Assigned Names and Numbers), coordinated by
a private sector non-profit organization which was set up by the Unites States in
1998, took the activities performed for 30 years , amazingly , by a single pony
tailed professor in California. It has the responsibility for internet protocol (IP)
address space allocation, protocol identifier assignment, generic (GTLD) and
country code (CCTLD) Top level Domain name system management and root
server system management function. It supports the United States only, though
Governmental Advisory Committee, composed of delegates from other nations,
having no real powers.
As ICANN favours the United States openly and wants to control the domain
system, a cold war is going on between the European Community and US because
of controlling authority. This discontent finally boiled over at the UN’s (WISS) World
Summit on the Information Society, the first phase of which was held in Geneva, in
Dec 2003. The second phase was held at Nov Tunnis.
6.3.1 Need of Internet Ownership

The most critical area which requires sufficient attention is “Domain Name System”.
Firstly, there are domain names such as www.careindia.org. Somebody must decide
who will operate the database of generic names ending with suffixes such as “.com”,
“.org” and others. Also someone must appoint the operators of two-letter country-
code suffixes (such as “.in.” for India)
Secondly, there are internet protocol numbers, of up to 12 digit codes, and invisible
to users, that every machine on the networks needs to have in order to be recognised
by other machines. Due to a technical decision made when the network was
developing in the late 1970s−in a world speckled with mainframe computers −
the system was set up to accommodate only around four billion potential internet
protocol numbers, far fewer than are necessary now. Until the internet is upgraded,
IP numbers must be allocated sparingly and carefully, since accidentally duplicating
them creates mayhem for routing internet traffic.
Thirdly, what is the meaning of Root servers? Somebody must decide who should
6
operate the root servers. Where will those operators be based?
Fourthly and finally, there are technical standards that must be formally established Internet Ownership
and Standards and
and coordinated to ensure the interoperability of internet. Role of ISPs

Why is Internet called the Unsecured Channel? Do you think ICANN supports
USA only?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
6.4 INTERNET SERVICE PROVIDER (ISP)

An ISP (Internet Service Provider) is a service provider company that collects a
monthly or yearly fee in exchange for providing the subscriber with Internet access
or remote access as per Government prescribed framework.
An ISP might provide dial-up service, cable, ADSL, TI, leased line or other types of
Internet access. Some ISPs are local while others are national. A national ISP will
provide access throughout most of the nation, while a local ISP will only serve
subscribers in a limited geographical region.
When looking for an ISP the initial consideration is the type of access desired. Some
ISPs only offer dial-up access, which is the slowest type of connection. If you want
cable service, you’ll be checking with your local cable TV provider to see if cable
access is offered. For DSL service, you may have multiple choices or it could be
that DSL is not yet available in your area. Often this can be remedied with a call to
the phone company to upgrade local telephone lines.
Every ISP has a privacy policy and Terms of Service (TOS) contract that subscribers
must agree to before subscription will be accepted. The privacy policy will state
what the company will and will not do with personal information collected at the
time of sign-up. Name, address, and normally a credit card number are required.
The privacy policy should also state under what conditions your personal information
might be shared with third parties, government officials, or others. The TOS contract
stipulates how you can use the service. For example, dial-up access is often sold as
“unlimited access” but this is not to be taken literally. Dial-up accounts normally limit
hours per month to 250-400, depending on the ISP. Truly unlimited access (leaving
your computer on and actively connected to the Internet 24/7) is called dedicated
access. Most DSL or cable subscriptions allow dedicated access.
The Terms of Service contract of the ISP will also state rules about hacking, protecting
copyrighted materials, denial of service attacks, harassing other people, spam,
compromising the service, and many other issues. These are as much for the legal
protection of the ISP as to let potential subscribers know what the ISP will and will
not tolerate. If you are planning on using web space provided by the ISP, check for 7
Cyberspace limitations here too. Many ISPs do not allow commercial websites to be set up on
their servers. This usually means that nothing can be sold from your personal web
space, including for example, a software program you wrote, original music, or any
other item. ISP websites are normally for personal use only, to block, post pictures,
and so on.
Once you find an ISP that offers the services, privacy policy and TOS you can live
with, you can sign up online through a public terminal, or call. From here all that
needs to be done is to enter the ISP access number and a few other parameters into
the networking software on your computer.

What does the term ‘ISP’ stand for?
..................................................................................................................
..................................................................................................................
6.5 WORKING OF INTERNET AND ROLE OF ISP

All the computers and networks connected by the Internet work because they follow
a simple rule, TCP/IP (a communication protocol). TCP/IP breaks all data into
small packets, and the first part of each packet has the address where the packet is
meant to go. There is no central computer or authority. For transmission hardware,
the Internet is dependent on the existing infrastructure developed by telephone
companies and other telecommunications companies. Internet Service Providers
lease data circuits from the telephone networks and have dedicated computers at
the end points or nodes. These rely on the distributed intelligence of networking
equipment known as “routers”, thus bypassing the telephone company’s expensive
switching computers, while using their transmission lines. Computers known as the
“servers” hold all the content of the Internet, and the servers are owned by
organizations and companies who want to distribute information.
For example, if a message is sent from Delhi to California to a server named
california.org, the message will be broken up into packets. Some may travel from
VSNL to the MCI router in the US, some may travel to Chennai and then to the
MCI router, and so forth. There is no predetermined path and even individual packets
of the same message may follow different paths. It all depends upon the traffic at
that node, at that moment in time. As the packets reach california.org, they are all
put together as in the original message and delivered to the given address.
In order to accomplish the task of messaging across a network, computers use a
networking protocol. This enables different types of computers running different
types of operating systems to communicate effectively. The de-facto standard today
is TCP/IP.
Suppose you as a user want to access the Internet and see a website called, http://
www.mtnl.in/. Then you will have to log on to the net using a telephone and a modem,
and use a browser to access the site. Any entity that provides you with means to do
so is called an Internet Service Provider (ISP).
8
The main components providing access to the are: Internet Ownership
and Standards and
• International connectivity which allows you to connect to the amorphous Internet Role of ISPs
• Domestic connectivity, which allows you to connect to the domestic gateway.

There are three ways an ISP can connect to the Internet cloud, which includes
VSNL/DoT, STPI or through a private operator. STPI is a semi-government
organization that was authorized to sell international gateway services to companies
involved in developing software for exports. It has now been permitted to sell
international connectivity to ISPs and is presently providing this service in 10 cities
and planning to increase its presence in other cities throughout India.
6.6 CODE OF CONDUCT FOR ISP

Preamble
– This Code of Conduct is open to voluntary acceptance by all members of the
Internet Service Providers Association of India (ISPAI).
– Members of ISPAI agree that they will abide by this Code of Conduct in letter
and spirit.
– Members of ISPAI understand that compliance with this Code of Conduct
does not necessarily imply that they are acting within the law. Any reference in
the Code of Conduct to lawfulness or unlawfulness relates solely to Indian
Legal Framework.
– This Code of Conduct is issued by the Executive Council of ISPAI, which is
the sole authority to amend it from time to time in accordance with rules and
regulations of ISPAI.
Objective
– The aim of ISPAI Code of Conduct is to enunciate and maintain high standards
of ethical and professional practices in the field of Internet Services.
Principles
– In seeking to achieve its objective, the ISPAI Code of Conduct is based on the
following principles:
Technology neutral
Fair to all concerned
Protection of user’s data
Responsibility for contents on the Internet rests with the relevant content provider.
Obligatory Practices
Obligations to Law
– ISPAI and its members have a responsibility to adhere to law and co-operate
with ‘Law Enforcement Agencies’ acting within specified Indian Legal
Framework.
9
Cyberspace – Members will not knowingly permit any User or fellow Member to engage in
any illegal activity in terms of the provisions of Information Technology Act
2000, ISP Policy and any other such applicable legal framework.
– Members will follow and adhere to all jurisdictional laws pertaining to transaction
reporting.
– Members, their services and promotional material will not encourage anything
patently, which is in any way unlawful.
Obligations to the Public
– Members will deal fairly with fellow professionals and public, giving due respect
to the rights and legitimate interests of others.
– Members will endeavour to support public service initiatives in harmony with
the jurisdictions in which they provide their services.
– Members will ensure that their services and promotional material does not
contain anything which may incite violence, cruelty or hatred on the basis of
sexual discrimination, cast, creed or religion.
– Members shall ensure that minors are not registered by them for Internet services
except with the explicit permission of their parents/guardian.
Obligations to own Profession
– Members will abide by all terms and conditions of the license agreement in
letter and spirit for provision of internet services.
– Members shall be truthful in all promotional activities and publish such
information which is devoid of inaccuracies, ambiguities, exaggerations or
omissions about their operations, services and pricing to the customers and
government / private agencies.
– Members will institute controls to detect and eliminate fraud and protect their
data and the systems from internal and external breaches.
– Members will co-operate with each other in investigating and preventing the
instances of hacking.
– Members will institute adequate control measures to prevent the unauthorized
access to the resources of Internet services.
– Members shall ensure that that they explicitly bring to the notice of their
customers, all terms and conditions for provision of their services, before such
customers register with the member for their services.
Obligations to the Customers
– Members have a responsibility to make this Code of Conduct clear to all their
clients as well as to their channel partners / distributors and indicate to them
that any breach of the Code of Conduct and / or violation of law will result in
cessation of services.
– Members will design and operate their services to afford customer’s privacy
and confidentiality and will post their confidentiality practices and procedures
10 appropriately.
– Members will follow best industry practices in offering latest Customers Filtering Internet Ownership
and Standards and
Software and advise them regarding any software tools, which they can use to Role of ISPs
protect their confidential data and privacy.
– Members will follow the best industry practices in using Anti-Spamming
Software, such that customers can elect to minimize the amount of spam sent
to their e-mail account.
– Where Internet services involve collection of personal information such as
telephone no., credit card details and addresses etc from the customers, it
would be obligatory for Members to clarify to them the purpose for which such
information will be used.
Complaints
– Since this Code of Conduct is open to voluntary acceptance by all members of
ISPAI, the Executive Council considers it prudent not to institute any ‘complaint
handling procedure’ at the initial stage. However, this situation may be reviewed
subsequently.
Before any Internet Service Provider (ISP) can start operating, he/she needs
bandwidth, which is the channel for global connectivity. Currently in India, bandwidth
can be obtained from either VSNL or STPI (Software Technology Park India) or
the DoT. The government has granted permission to private players for setting-up
their own gateways. As per Satyam’s estimate this could cost anywhere between
Rs. 90 crore to Rs. 110 crore.
The private gateway providers are responsible for connecting routers above 2
mbps with monitoring agencies like Intelligence Bureau and RAW. DoT would
be responsible for issuing the security clearances. A committee comprising
representatives from DoT, Department of Electronics, Ministry of Defence, Space
and Home, National Informatics Centre and NASSCOM clears projects.
Under the new Internet Policy, ISPs were allowed to set up their own gateways, but
the absence of any security guidelines precluded this, and they had to lease capacities
from VSNL. Like VSNL, they would be allowed to lease surplus capacities to
other ISPs.
The government has brought some relief to ISPs by reducing the rent they had to
pay for a telephone line. ISPs will now have to pay the normal costs. In an earlier
circular, it was notified that for every telephone line that an ISP took from DoT, it
was supposed to pay an annual rental of Rs.15, 000, which is significantly higher
than the rate for normal users.
6.7 ISP AS NEW MEDIA CENTRE

The ISP or Internet Service Provider can be viewed as a new media centre. It
allows a number of people to interact around it (what experts call as community
creation) and can exploit this crowd to get advertising and push e-commerce. There
are two aspects of facilitating this interaction: (A) Up linking and (B) down linking
Down linking is transfer of data from the servers located elsewhere, to the one
located where the user is. Up linking is the opposite. It is observed and proven that
in case of Internet, up linking forms a very small part of the data transfer. Majority of 11
Cyberspace the transfer involves downloading from various servers, which are mostly located
outside India. Compare this with a television, where the transfer only involves down
linking from the satellite. There is no up linking at all.
Links to the subscriber can be provided in the following ways:
• Dial-up Access
The most common way to access the Internet from home is with a modem and a
phone call to the ISP. The call to the ISP is through the regular MTNL or DoT lines.
This option is best suited for small time users, students, etc. This is the most viable
option for people using the Internet for 5-6 hours a day.
• Leased Lines
Leased lines are dedicated lines directly from the ISP to the subscriber. The speeds
available are in the range of 9.6 kbps to 2 mbps. The efficiency of the leased line
connection is 2-2.5 times better than the dial-up access. Usually corporate houses
subscribe to this type of service. The cost is more than that of the dial up access.
• ISDN
ISDN network is a very fast, highly reliable medium that brings voice, data and
video together on one digital line. The hardware cost for setting up ISDN services is
higher. It has two channels, hence it can support up to two voice-grade signals per
‘ISDN wire’.
6.8 EVOLUTION AND PRESENT STATUS OF AN

ISP IN INDA
Before the appearance of VSNL’s Gateway Internet Access service (GIAS), the
Internet in India was in the form of Educational Research Network (ERNET).
However, it was not possible for many people to get access to it, as it was meant
only for the educational and research communities. The ERNET was a joint
undertaking of the Department of Electronics (DOE) of the Government of India,
and the United Nations Development Program (UNDP), which provides technical
assistance to developing nations. ERNET was one of the most successful operations
that UNDP has funded.
All major nodes of ERNET are connected to each other using 9,600 bps leased
lines. These lines are being upgraded to 64 kbps links. Over 200 academic and
R&D groups exchange e-mail with each other using ERNET. Over 8,000 scientists
and technologists have access to ERNET facilities. International access is provided
over a 64 kbps leased line, from NCST, Mumbai, to USA.
Videsh Sanchar Nigam Limited (VSNL) is the dominant Internet Service Provider
in India. On August 15, 1995, Videsh Sanchar Nigam Limited (VSNL) − India’s
international trunk carrier and Gateway to the world − launched the Gateway
Internet Access Service (GIAS) for the first time on commercial basis. VSNL has
set up Internet nodes. Each GIAS Internet node is connected to the Internet via
high speed circuits from one of the following service providers, MCI (USA), KDD
(Japan), Telecom Italia, and TELEGLOBE. A total of approximately 40 mbps
bandwidth is available for Internet data transmission in and out of India. VSNL in
12 coordination with DoT has launched Internet services in many other cities. Users in
remote areas of India can reach GIAS via I-NET. The Department of Internet Ownership
and Standards and
Telecommunication (DoT) has a widespread network in India called the I-NET, Role of ISPs
which has direct connectivity to each GIAS node.
At present, there are 67.3 lakh registered Internet users throughout India. Similarly
many ISPs are providing services, like Sify, Satyam and Spectra net.
6.9 BUSINESS MODEL FOR ISPs IN INDIA

There are more surfers in India than there are on-line customers for any product or
service. The country’s 3.40 lakh customers of ISPs, whose ranks are swelling by
200 per cent per annum, will spend more than Rs. 240 crore in 1999 simply to stay
linked to the Net. That’s 1.83 times the amount they are expected to spend buying
products in the country’s market space this year.
The product segments that an ISP can cater to are mainly two: (1) basic services
and (2) value added services.
For an ISP, cash flow may not be a problem because revenues are collected upfront,
but a certain critical mass of customers is essential, before the ISP can start making
money. Unlike landline services, an ISP’s costs are not ramped up with an increase
in its customer-base. On the contrary, as much as 60 per cent of its initial total costs,
(which could average Rs. 15 crore), could be and on setting up the InfoTech
infrastructure for managing the service, and on buying bandwidth from the VSNL,
which still has a monopoly on gateways. The requirement of bandwidth will
depend on the type of applications the ISP intends to provide to its customers.
(Ref. Table 2)
Table 2: Bandwidth requirements for different applications
Minimum Bandwidth Name of Application Type of
per user, kbps Technology
155,000 Virtual reality, medical imaging ATM
3,000 Video-conferencing, Multimedia T3/E3
1,500 Sample video, Digital voice T1/E1
128 Browsing ISDN, Frame relay
28.8 IP, E-mail, File Transfer New modem
19.2 Telnet Old modem
4.8 Paging Wireless WAN
However providing connectivity alone will not be enough. The ISPs will have to
provide value added services to the customers. Two possible revenue strategies
should be considered for this: one, use these value-additions to attract surfer traffic
much the way any content-provider does-and then sell those to advertisers. Two,
market them to the captive customer-base of ISP services, charging higher prices.
Thus, while Satyam-online is offering additional user features like horoscopes,
greeting-card services, free classifieds et al, Mantra-online has added corporate
services like setting up intranets, extranets, and virtual private networks.
13
Cyberspace
6.10 VALUE ADDED SERVICES
• Web Hosting
The Internet has unleashed a number of business opportunities, the basic of which is
what is known as web hosting. Web hosting ISPs will provide the servers where the
sites are hosted, for example, when you type www.hotline.com, your request goes
to the server on which the site is residing. Some of the smaller entities cannot afford
to buy their own servers, so they lease server space. This has resulted in the web
hosting opportunity.
• Virtual Private Network
A virtual private network is a group of computer systems, typically connected to a
private network (a network built and maintained by an organization solely for its
own use) with limited public-network access that communicates “securely” over a
public network. VPNs may exist between an individual machine and a private network
(client-to-server) or a remote LAN and a private network (server-to-server). Security
features differ from product to product, but most security experts agree that VPNs
include encryption, strong authentication of remote users or hosts, and mechanisms
for hiding or masking information about the private network topology from potential
attackers on the public network. As networks get more and more complicated,
many corporate may just want to outsource the entire service to a provider who
offers managed data network services. That means creating and running the whole
network – including Intranet, extranet and VPN – for a corporate client.
Usages of VPN
To access the protected network or office network from a public network, users
need to send a request by VPN client to the external interface of the office/protected
network. The user id and password of the user must be configured on the external
interface “normally router” of the protected network. If the user id and the credential
match then a secure network pipe established between the user system and
destination network, which allows the user to access the total network or to a pre-
defined destination.
Voice Over Internet
Internet telephony is the new technology where phone calls can be made to any part
of the world through the Internet. There are various web sites offering Net Telephony
services like Net2phone (www.Net2Phone.com), Vocaltec (www.vocaltec.com),
NetMeeting (www.netmeeting.com.). The voice quality is not comparable to that of
the normal telephone call. According to a survey, it has been found that price is a
more favoured feature than quality. Currently, Internet telephony is banned in India
and if detected an ISP can lose its operating license.
• E-Mail
Incoming e-mail is received by the ISP and stored in a mailbox on a computer
known as a MX “message exchanger” server. Two kind of protocol/services
configured on mail server knows as POP “Post office protocol” and SMTP “simple
message transport protocol”. POP3 is the protocol by which message download to
a mailbox on the user computer, when he logs in and runs his mail software. Outgoing
e-mail is essentially the same process by SMTP . Quality expectations are up and
14
user fees are down. The result is that low budget/low volume/low quality/low cost Internet Ownership
and Standards and
systems can no longer expect to find a profitable initial niche in most markets. Role of ISPs
• Cable Internet
A cable modem is a device that allows high-speed data access (such as Internet) in
a cable TV network. It will have two connections, one to the cable wall outlet and
the other to a computer. Cable modem speeds vary depending on the cable modem
system, cable network architecture and traffic load. An asymmetric cable modem is
most common. The downstream channel has a much higher bandwidth allocation
(faster data rate) than the upstream, primarily because Internet applications tend to
be asymmetric in nature.

What is the value added services provided by ISP in India? Elaborate.
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
6.11 MONETARY CONCEPTS OF AN ISPs

For an ISP, the major cost items are infrastructure and access costs. A significant
proportion of the costs in the Internet service business are fixed in nature and
independent of the level of usage of the network. The cost components of the
infrastructure network primarily includes hardware, software, networking, telecom,
backbone and costs of up gradation. These costs depend on the category of ISP
licence. There are three categories of ISP licences. A national level player is defined
as category A, while category B includes cities of Ahmedabad, Bangalore,
Hyderabad and Pune in addition to four metros and 20 territorial telecom circles.
Category C ISPs are local in nature, limited to a secondary switching area of the
DoT.
The basic hardware includes servers, peripherals, personal computers and backup
storage devices. On the software side, an ISP requires software for billing, server
maintenance, security and network management. The investments in hardware at
each Point of Presence (PoP) could vary between Rs. 3-4 mn. For other categories,
costs could be lower at Rs. 1.5mn. This will depend on the subscriber base.
The other important attribute of the cost is access. It has to focus on the ratio
between the numbers of subscribers per port. Globally, the norm is placed at 1:8.
This means that the number of subscribers per port is 8. In India, it is 1:10, at times
higher at 1:15.
The capital cost of an ISP is the cost of establishing distribution infrastructure
through a network of PoPs. A PoP is an ISP’s node, with necessary infrastructure 15
Cyberspace to which a subscriber connects locally (through any of the various access mechanisms
such as local dial-up, leased lines, ISDN lines or cable modem) for accessing the
Internet. The number of locations in which an ISP would choose to establish a PoP,
is likely to be determined by the costs of connecting the PoP to a node of the
international gateway provider and the expected revenues from each PoP. A PoP
would be connected to the gateway node through leased telecommunication lines.
An ISP would also need to invest in hardware, software and telecommunication
infrastructure, to be able to provide value-added services.
The Internet access charges are not very important whereas the hike in the local call
charges is an important issue. It is a hidden cost and will matter in the long run when
people start accessing the Net more and more as they will pay higher telephone
bills. It will also allow providers like MTNL and VSNL to continue their monopoly
as they have their own networks. They can even afford not to charge anything for
Internet access.
The Internet market can be demarcated into 2 segments − commercial and retail.
With price wars threatening to break out (given stiff competition), players will find it
difficult to make money. For an ISP to be successful, it should have a proper
infrastructure. Customer acquisition should be the first priority for ISPs.

What are the main cost items for an ISP?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
6.12 EVALUATION OF PERFORMANCE OF ISPs

In order to provide a basis for comparison of different Indian ISPs, a model for
evaluation has been proposed. This is primarily based on models used for evaluating
the ISPs in the US also. It involves assessment of the following 4 core issues:
• Network design
• Content hosting and applications
• Customer service and pricing
• Performance guarantees
16 Let us now look at each of these in detail:

Network design: Internet Ownership
and Standards and
This section looks at various design parameters of the ISP network including the Role of ISPs
following important ones:

• Geographic coverage — number of cities covered within own country and
whether other Asian countries are included.
• Whether direct links to other Asian countries are provided? This would permit
the ISPs to switch traffic straight to the destination instead of routing it via the
US. It avoids dealing with congestion on the US backbone and leads to a big
reduction in the number of router hops.
• Whether there are any connections to network access points and private peering
arrangements.
• What choice of access methods has been used — dial-up modems, leased
lines, ISDN, frame relay or ATM.
• Whether redundant links have been provided to every point-of-presence
Content hosting and applications:
This part looks at the infrastructural aspects of the ISPs and addresses the following
key issues:
• What kind of servers are being used — shared, dedicated or collocated?
• How is the database hosting done
• Whether ISPs will help customers to build internets/extranets?
• What security services are provided by the ISP in terms of consultancy, systems
integration, software applications, firewalls and authentication servers?
Customer service / pricing:
Customer service and pricing are key parameters for attracting and retaining
customers as the customer base available is itself very low. The customer aspects
involve:
• Cost of access
• Whether 24-hour customer service is provided?
• Whether a web-based interface has been provided for reporting and / or trouble
shooting?
• Whether network maps and performance reports are made available to
customers?
• Whether there are any standard billing formats in use?
Performance Guarantees:
Performance Guarantee has to maintain as per the term of contract, as far as
Quality of Service (QoS) is concerned. These are generally:
• Speed
17
Cyberspace • Download and Upload capacity
• Free Space provision
6.13 LIABILITY OF WEB SITE OWNER/ISPs

A company could also be held liable as a Web site host/owner or as an ISP for any
defamatory statement published on its site. If a hacker breaks into a Web site and
publishes a defamatory statement, the Web site host or ISP could be held liable.
However, if a defendant can show that the publication of the defamatory matter was
not intentional, he/she can escape liability proceedings.
The question that will have to be decided by courts is whether a Web site host can
be equated to a distributor of published matter such as a library or whether it should
simply be equated to an institution such as a telephone firm, which is a mere passive
conduit for the information which it carries and over which it has no effective control.
ISPs and Web site hosts or owners must, therefore, take care to control, as far as
possible, the information published on their Web sites. Factors that could possibly
be taken into account in determining whether an ISP or a Web site host/ owner have
exercised reasonable care would be:
• The nature and purpose of the Web site containing the defamatory material and
the relationship of the defendant thereto, that is, whether the defendant is a
bulletin board operator or an ISP or simply an organization controlling its own
Web site;
• Whether the monitoring system is proportionate to the size of the site;
• The amount and characteristics of information flowing through the site;
• The characteristics of the site users;
• Whether or not the site attracted repeat offenders and, if so, why was the Web
site then not removed;
• Whether defamatory material was removed immediately upon request by the
person being defamed;
• Measures that would assist in reducing the exposure of an ISP or a Web site
host/owner to liability for defamation include;
• Posting of notices, warning potential users of the site not to put libelious material
on the site;
• A periodic monitoring of Web sites and bulletin boards with a view to doing
away with any problematic material;
• The introduction of a system to facilitate speedy publication of apologies in
respect of any statements published on the site which are found to contain
libelious allegations, and;
• Making access to the Web site conditional upon the provision by any user to
provide his/her name, address and other specified identifying data so that the
author of any defamatory statement can later be easily traced and disclosed to
a potential defendant if a claim for defamation is threatened.
18 Let us now summarize the points covered in this unit.

Internet Ownership
6.14 SUMMARY and Standards and
Role of ISPs
• Internet has no owner yet. It has no central authority to manage or control it.
That’s why it is called Unsecured Channel.
• India is a member country of ICANN, a private sector non profit? dedicated

to preserving the operational stability of the Internet.
• ISPs (Internet Service Providers) are the service providers for Internet access.
There are two types of ISPs. One is national ISPs and others are local ISPs.
• Presently broadband service is in huge demand .It means speed must be

minimum 256 KBPS.
• Links to the subscriber can be provided in the following ways:
• Dial –up Access,
leased Line, and
ISDN.
• Value added services are: Web Hosting, VPN, Internet Telephony and E-mail.
• Performance of ISPs can be evaluated by network design, content hosting and

application, Customer Service and pricing and performance guarantee.
• Web Site owner/ISPs are also liable for any defamatory statement published
on its site.

1) What do you mean by an ISP? Describe its role and liability?
2) How will you evaluate the performance of an ISP?
3) What are the main problems in Domain Name System?

1) Internets possess a decentralized status as there is no authority to control over

cyberspace. Yes, ICANN does favour United States.
2) Internet Service Provider.
3) Web hosting, Virtual Private Network, Voice over Internet, E-mail, Cable
Intranet
4) The major cost items for an Internet Service Provider are infrastructure and
access cost.
19
Cyberspace Terminal Questions
1) Refer to section 6.4, 6.5 and 6.13 of the unit.
3) Refer to section 6.3.1 of the unit.

Apart from the above, please follow other reference books for in-depth
knowledge.

1. Best4sites.net.16 feb. 2007 <http://www.best4sites.net>.
2. ISPAI - ISP Association of India.16 Feb. 2006 <http://www.ispai.in>.
3. Oemji. 2 Mar. 2007 <http://www.Oemji.com>.
4. Vsnl.3 Mar. 2007 <http://www.vsnl.in>.
20
Data Security and
UNIT 7 DATA SECURITY AND Management
MANAGEMENT
Structure
7.1 Introduction
7.2 Objectives
7.3 Security Problem vis-à-vis Internet
7.3.1 Threats to Computing System
7.4 Security Measures to Protect the System

7.5 Security Policy
7.5.1 Purpose of Security Policy
7.5.2 Who should be Involved When Forming Policy?
7.5.3 What Makes a Good Security Policy?
7.6 Identification and Authentication

7.7 Access Control
7.8 Data and Message Confidentiality
7.9 Security Management
7.10 Security Audit
7.11 Summary
7.1 INTRODUCTION
During the first few decades of their existence, computer networks were primarily
used by defense personnel for security by university researchers for research purposes
and by corporate employees for sharing printers and other peripherals. Under these
conditions, security of data transmission did not get much attention as there were
very few people using the networks. But in the new corporate scenario, millions of
ordinary citizens are using networks for online banking, shopping and filling their
returns through E-governance etc.and so data security is looming on the horizon as
a potentially massive problem.
7.2 OBJECTIVES
• describe threats posed to computing systems;
• enlist security measures to protect the system; 21
Cyberspace • explain the need and aim of security policy;
• enlist who should be involved in forming policy;
• determine what makes a good security policy and security mechanisms that
could be implemented to provide identification and authentication services;
• describe how to control access and types of security mechanisms that could be
implemented to provide access control service; and
• explain the concept of security management.
7.3 SECURITY PROBLEM VIS-À-VIS INTERNET

With the huge growth in the number of Internet users all over the world, the security
of data and its proper management plays a vital role for future prosperity and
potentiality. Security is a broad topic and it covers a multitude of issues. In its simplest
form, it is concerned with making sure that nosy people cannot read, or still worse,
modify messages intended for other recipients. It is concerned with people trying to
access remote service is that they are not authorized to use.
Security problems can be generally divided into four areas: secrecy, authentication,
non repudiation and integrity control. Secrecy has to do with keeping information
from the unauthorized users. Authentication deals with determining whom you are
talking to before revealing sensitive information or entering into a commercial deal.
Non repudiation deals with signatures and being sure that a message you received
was really the one sent and not something that a malicious adversary modified in
transit or concocted.
Security violations (misuse) of the system can be categorised as being either intentional
(malicious) or accidental. It is easier to protect against accidental misuse than to
protect against malicious misuse. Among the forms of malicious access are the
following:
− Unauthorized reading of data (theft of information)
− Unauthorized modification of data
− Unauthorized destruction of data
Absolute protection of the system from malicious abuse is not possible, but the cost
to the perpetrator can be made sufficiently high to deter most, if not all, attempts to
access, without proper authority, the information residing in the system.
7.3.1 Threats to Computing System

There are basically two types of threats to a computing system. Both are briefly
highlighted below:
Program Threats:
i) Trojan Horse
ii) Trap doors
Trojan Horse: Many systems have mechanisms for allowing programs written by
22 users to be executed by other users. If these programs are executed in a domain that
provides the access rights of the executing user, they may misuse these rights. For Data Security and
Management
example, inside a text-editor program, there may be a code to search the file to be
edited for certain key words. If any one found it, the entire file may be copied to
special area accessible to the creator of the text editor. A code segment that misuses
its environment is called a TROJAN HORSE.
Trap Door: The designer of a program or system might leave a hole in the software
that only he or she is capable of using. This type of security breach was shown in the
movie “WAR GAMES”. For instance, the code might check for a specific user
identifier or password, and might circumvent normal security procedures. There
have been cases of people being arrested for embezzling from banks by including
rounding errors in their code, and having the occasional half-cent credited to their
accounts. This account crediting can add up to a large amount of money, considering
the number of transactions that a large bank executes.
A clever trap door could be included in a compiler.
System Threats
The two most common methods for achieving misuse in an operation system are
worms and viruses.
Worms: A worm is a process that uses the spawn mechanism to clobber system
performance. The worm spawns copies of itself, using up system resources and
perhaps locking out system use by all other processes. On computer networks,
worms are particularly patent, since they may reproduce themselves among systems
and thus shut down the entire network.
Viruses: Another form of computer attack is virus. Like worms, viruses are designed
to spread into other programs and can wreak havoc in a system including modifying
or destroying files and causing system crashes and program malfunctions. A worm is
structured as a complete, standalone program while a virus is a fragment of a code
embedded in a legitimate program. Viruses are major problems for computer users,
especially users of microcomputer systems.
The best protection against it is prevention, or the practice of safe computing. Another
safeguard, although it does not prevent infection, does permit early detection.
Worms and viruses are generally considered to pose security, rather than protection,
problems.

Fill in the blanks?
i) Security problems can be divided into four areas:
Secrecy, __________, __________ and __________
ii) Absolute protection of the system from malicious abuse is ____________
23
Cyberspace
7.4 SECURITY MEASURES TO PROTECT THE
SYSTEM
To protect the system, security measures must be taken at two levels:
Physical: The site or sites containing the computer systems must be physically
secured against armed or surreptitious entry by intruders.
Human: Users must be screened carefully so that the chance of authorizing a user
who then gives access to an intruder is reduced.
7.5 SECURITY POLICY

The security-related decisions you make or fail to make as administrator largely
determines how secure or insecure your network is, how much functionality your
Network offers, and how easy your network is to use. However, you cannot make
good decisions about security without first determining what your security goals are.
Until you determine what your security goals are, you cannot make effective use of
any collection of security tools because you simply will not know what to check for
and what restrictions to impose. For example, your goals will probably be very
different from the goals of a product vendor. Vendors are trying to make configuration
and operation of their products as simple as possible, which implies that the default
configurations will often be as open (i.e. insecure) as possible. While this does make
it easier to install new products, it also leaves access to those systems, and other
systems through them, open to any user who wanders by.
Your goals will be largely determined by the following key tradeoffs:
Services offered versus security provided
Each service offered to users carries its own security risks. For some services the
risk outweighs the benefit of the service and the administrator may choose to
eliminate the service rather than try to secure it.
Ease of use versus security
The easiest system to use would allow access to any user and require no passwords;
that is, there would be no security. Requiring passwords makes the system a little
less convenient, but more secure. Requiring device-generated one-time passwords
makes the system even more difficult to use, but much more secure.
Cost of security versus risk of loss
There are many different costs to security: monetary (i.e. the cost of purchasing
security hardware and software like firewalls and one-time password generators),
performance (i.e. encryption and decryption take time), and ease of use (as mentioned
above). There are also many levels of risk: loss of privacy (i.e. the reading of
information by unauthorized individuals), loss of data (i.e. the corruption or erasure
of information), and the loss of service (e.g. the filling of data storage space, usage
of computational resources, and denial of network access). Each type of cost must
be weighed against each type of loss.
Your goals should be communicated to all users, operations staff, and managers
24 through a set of security rules, called a “security policy”. We are using this term,
Data Security and
rather than the narrower “computer security policy” since the scope includes all Management
types of information technology and the information stored and manipulated by the
technology.
Finally, a security policy is a formal statement of the rules by which people who are
given access to an organization’s technology and information assets must abide.
7.5.1 Purpose of Security Policy

The main purpose of a security policy is to inform users, staff and managers of their
obligatory requirements for protecting technology and information assets. The policy
should specify the mechanisms through which these requirements can be met. Another
purpose is to provide a baseline from which to acquire, configure and audit computer
systems and networks for compliance with the policy. Therefore, an attempt to use
a set of security tools in the absence of at least an implied security policy is meaningless.
Another major use of an AUP is to spell out, exactly, the corporate position on
privacy issues and intellectual property issues. In some countries, if the company
does not explicitly state that e-mail is not secure, it is considered to be so and any
breach could cause privacy and confidentiality liabilities. It is very important to spell
out what is and is not acceptable in intellectual transfers and storage and what the
corporate privacy policies are to prevent litigation about the same.
An Appropriate Use Policy (AUP) may also be part of a security policy. It should
spell out what users shall and shall not do on the various components of the system,
including the type of traffic allowed on the networks. The AUP should be as explicit
as possible to avoid ambiguity or misunderstanding. For example, an AUP might list
any prohibited USENET newsgroups. (Note: Appropriate Use Policy is referred to
as Acceptable Use Policy by some sites.)

What is a Security Policy?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
7.5.2 Who should be Involved When Forming Policy?

In order that a security policy be appropriate and effective, it needs to have the
acceptance and support of all levels of employees within the organization. It is
especially important that corporate management fully support the security policy
process otherwise there is little chance that they will have the intended impact. The
following is a list of individuals who should be involved in the creation and review of
25
security policy documents:
Cyberspace ⇒ Site security administrator
⇒ Information technology technical staff (e.g. staff from computing center),
administrators of large user groups within the organization (e.g., business
divisions, computer science department within a university, etc.)
⇒ Security incident response team
⇒ Representatives of the user groups affected by the security policy
⇒ Responsible management
⇒ Legal counsel (if appropriate)
The list above is representative of many organizations, but is not necessarily
comprehensive. The idea is to bring in representation from key stakeholders,
management who have budget and policy authority, technical staff who know what
can and cannot be supported, and legal counsel who know the legal ramifications of
various policy choices. In some organizations, it may be appropriate to include EDP
audit personnel. Involving this group is important if resulting policy statements are to
reach the broadest possible acceptance. It is also relevant to mention that the role of
legal counsel will also vary from country to country.
7.5.3 What Makes a Good Security Policy?

The characteristics of a good security policy are:
1) It must be implementable through system administration procedures, publishing
of acceptable use guidelines, or other appropriate methods.
2) It must be enforceable with security tools, where appropriate, and with
sanctions, where actual prevention is not technically feasible.
3) It must clearly define the areas of responsibility for the users, administrators,
and management.
The components of a good security policy include:
1) Computer Technology Purchasing Guidelines, which specify required, or
preferred, security features. These should supplement existing purchasing policies
and guidelines.
2) A Privacy Policy which defines reasonable expectations of privacy regarding
such issues as monitoring of electronic mail, logging of keystrokes, and access
to users’ files.
3) An Access Policy, which defines access rights and privileges to protect assets
from loss or disclosure by specifying acceptable use guidelines for users,
operations staff, and management. It should provide guidelines for external
connections, data communications, connecting devices to a network, and adding
new software to systems. It should also specify any required notification
messages (e.g., connect messages should provide warnings about authorized
usage and line monitoring, and not simply say “Welcome”).
4) An Accountability Policy, which defines the responsibilities of users, operations
26 staff, and management. It should specify an audit capability, and provide incident
handling guidelines (i.e., what to do and who to contact if a possible intrusion is Data Security and
Management
detected).
5) An Authentication Policy which establishes trust through an effective password
policy, and by setting guidelines for remote location authentication and the use
of authentication devices (e.g., one-time passwords and the devices that
generate them).
6) An Availability statement.

What are the main components of good security policy?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
7.6 IDENTIFICATION AND AUTHENTICATION

The first step toward securing the resources of a LAN or network is the ability to
verify the identities of users [BNOV91]. The process of verifying a user’s identity is
referred to as authentication. Authentication provides the basis for the effectiveness
of other controls used on the LAN. For example, the logging mechanism provides
usage information based on the user ID. The access control mechanism permits
access to LAN resources based on the user ID. Both these controls are only effective
under the assumption that the requestor of a LAN service is the valid user assigned
to that specific user ID.
Identification requires the user to be known by the LAN in some manner. This is
usually based on an assigned user ID or in some other format like user certificate or
user token. However the LAN cannot trust the validity that the user is in fact the
person who he/she, claims to be, without being authenticated. The authentication is
done by having the user supply something that only the user has, such as a token or
credential, something that only the user knows, such as a password, or something
that makes the user unique, such as a fingerprint. The more of these that the user has
to supply, the less risk there is of someone masquerading as the legitimate user.
A requirement specifying the need for authentication should exist in most LAN
policies. The requirement may be directed implicitly in a program level policy
stressing the need to effectively control access to information and LAN resources,
or may be explicitly stated in a LAN specific policy that states that all users must be
uniquely identified and authenticated.
On most LANs, the identification and authentication mechanism is a user ID/
password scheme. [BNOV91] states “password systems can be effective if managed 27
Cyberspace properly [FIPS112], but seldom are. Authentication which relies solely on passwords
has often failed to provide adequate protection for systems for a number of reasons.
Users tend to create passwords that are easy to remember and hence easy to guess.
On the other hand users that must use passwords generated from random characters,
while difficult to guess, are also difficult to be remembered by users. This forces the
user to write the password down, most likely in an area easy accessible in the work
area”. Research works such as [KLEIN] detail the ease with which passwords can
be guessed. Proper password selection (striking a balance between being easy-to-
remember for the user but difficult-to-guess for everyone else) has always been an
issue. Password generators that produce passwords consisting of pronounceable
syllables have more potential of being remembered than generators that produce
purely random characters. [FIPS180] specifies an algorithm that can be used to
produce random pronounceable passwords.
Password checkers are programs also called password policy that enable a user
to determine whether a new password is considered easy-to-guess, and thus are
unacceptable.
Password-only mechanisms, especially those that transmit the password in the clear
(in an unencrypted form) are susceptible to being monitored and captured. This can
become a serious problem if the LAN has any uncontrolled connections to outside
network.
Networks agencies that are considering connecting their LANs to outside networks,
particularly the Internet, should examine [BJUL93] before doing so. If, after
considering all authentication options, LAN policy determines that password-only
systems are acceptable, the proper management of password creation, storage,
and destruction become all the more important. [FIPS 112] provides guidance on
password management. [NCSC85] provides additional guidance that may be
considered appropriate.
Because of the vulnerabilities that still exist with the use of password-only
mechanisms, more robust mechanisms can be used. [BNOV91] discusses advances
that have been made in the areas of token-based authentication and the use of
biometrics. A smartcard based or token based mechanism requires that a user be
in possession of the token and additionally may require the user to know a PIN or
password. These devices then perform a challenge/response authentication scheme
using real time parameters. Using real time parameters helps prevent an intruder
from gaining unauthorized access through a login session playback. These devices
may also encrypt the authentication session, preventing the compromise of the
authentication information through monitoring and capturing.
Locking mechanisms for LAN devices, workstations, or PCs that require user
authentication to unlock can be useful to users who must leave their work areas
frequently. These locks allow users to remain logged into the LAN and leave their
work areas (for an acceptable short period of time) without exposing an entry point
into the LAN.
Modems that provide users with LAN access may require additional protection. An
intruder who can access the modem may gain access by successfully guessing a user
password. The availability of modem use to legitimate users may also become an
issue if an intruder is allowed continual access to the modem. Mechanisms that
28 provide a user with his or her account usage information may alert the user that the
account was used in an abnormal manner (e.g. multiple login failures). These Data Security and
Management
mechanisms include notifications such as date, time, and location of last successful
login, and number of previous login failures. The type of security mechanisms that
could be implemented to provide the identification and authentication service are
listed below.
⇒ password-based mechanism,
⇒ Smartcards/smart tokens based mechanism,
⇒ Biometrics based mechanism,
⇒ Password generator,
⇒ Password locking,
⇒ Keyboard locking,
⇒ PC or workstation locking,
⇒ Termination of connection after multiple failed logins
⇒ User notification of ‘last successful login’ and ‘number of login failures’,
⇒ Real-time user verification mechanism,
⇒ Cryptography having unique user keys.

Fill in the blanks:
i) On most LANS, the identification and authentication mechanism is a
__________________________.
ii) Modems that provide user with LAN Access requires additional
protection from ________________.
iii) _______________________ and _________________________ are
security mechanisms that could be applied to provide identification and
authentication services.
7.7 ACCESS CONTROL

This service protects against the unauthorized use of LAN resources, and can be
provided by the use of access control mechanisms and privilege mechanisms. Most
file servers and multi-user workstations provide this service to some extent. However,
PCs which mount drives from the file servers usually do not. Users must recognise
that files used locally from a mounted drive are under the access control of the PC.
For this reason it may be important to incorporate access control, confidentiality
and integrity services on PCs to whatever extent possible.
According to [NCSC87], access control can be achieved by using discretionary
access control or mandatory access control. Discretionary access control is the
most common type of access control used by LANs. The basis of this kind of 29
Cyberspace security is that an individual user, or program operating on the user’s behalf is allowed
to specify explicitly the types of access other users (or programs executing on their
behalf) may have to information under the user’s control.
Discretionary security differs from mandatory security in that it implements the access
control decisions of the user. Mandatory controls are driven by the results of a
comparison between the user’s trust level or clearance and the sensitivity designation
of the information.
Access control mechanisms exist to support access granularity for acknowledging

an owner, a specified group of users, and the world (all other authorized users). This
allows the owner of the file (or directory) to have different access rights than all
other users, and allows the owner to specify different access rights for a specified
group of people, and also for the world. Generally access rights allow read access,
write access, and execute access. Some LAN operating systems provide additional
access rights that allow updates, append only, etc.
A LAN operating system may implement user profiles, capability lists or access
control lists to specify access rights for many individual users and many different
groups. Using these mechanisms allows more flexibility in granting different access
rights to different users, which may provide more stringent access control for the file
(or directory). (These more flexible mechanisms prevent a situation in which a user
has to be given more access than necessary, a common problem with the three level
approaches.) Access control lists assign the access rights of named users and named
groups to a file or directory. Capability lists and user profiles assign the files and
directories that can be accessed by a named user.
User access may exist at the directory level, or the file level. Access control at the
directory level places the same access rights on all the files in the directory. For
example, a user who has read access to the directory can read (and perhaps copy)
any file in that directory. Directory access rights may also provide an explicit negative
access that prevents the user from any access to the files in the directory. Some
LAN implementations control how a file can be accessed. (This is in addition to
controlling who can access the file.) Implementations may provide a parameter that
allows an owner to mark a file sharable, or locked. Sharable files accept multiple
accesses to the file at the same time. A locked file will permit only one user to access
it. If a file is a read only file, making it sharable allows many users to read it at the
same time.
These access controls can also be used to restrict usage between servers on the
LAN. Many LAN operating systems can restrict the type of traffic sent between
servers. There may be no restrictions, which imply that all users may be able to
access resources on all servers (depending on the user access rights on a particular
server). Some restrictions may be in places that allow only certain types of traffic,
for example only electronic mail messages, and further restrictions may allow no
exchange of traffic from server to server. The LAN policy should determine what
types of information need to be exchanged between servers. Information that is not
necessary to be shared between servers should then be restricted.
Privilege mechanisms enable authorized users to override the access permissions,

or in some manner legally bypass controls to perform a function, access a file, etc. A
30 privilege mechanism should incorporate the concept of least privilege. [ROBA91]
defines least privilege as “a principle where each subject in a system be granted the Data Security and
Management
most restrictive set or privileges needed for the performance of an authorized task”.
For example, the principle of least privilege should be implemented to perform the
backup function. A user who is authorized to perform the backup function needs to
have read access to all files in order to copy them to the backup media. (However
the user should not be given read access to all files through the access control
mechanism.) The user is granted a ‘privilege’ to override the read restrictions (enforced
by the access control mechanism) on all files in order to perform the backup function.
The more granular the privileges that can be granted, the more control there does
not have to grant excessive privilege to perform an authorized function. For example,
the user who has to perform the backup function does not need to have a write
override privilege, but for privilege mechanisms that are less granular, this may occur.
The types of security mechanisms that could be implemented to provide the access
control service are listed below.
• Access control mechanism using access rights (defining owner, group, world
permissions),
• Access control mechanism using access control lists or “ACLs”, user
profiles, capability lists,
• Access control using mandatory access control mechanisms (labels),
• Granular privilege mechanism,

What is the use of Access Control Service?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
7.8 DATA AND MESSAGE CONFIDENTIALITY

The data and message confidentiality service can be used when the secrecy of
Information is necessary. As a front line protection, this service may incorporate
mechanisms associated with the access control service, but can also rely on
encryption to provide further secrecy protection. Encrypting information converts it
to an unintelligible form called cipher text, decrypting converts the information
back to its original form. Sensitive information can be stored in the encrypted
cipher text form. In this way if the access control service is circumvented, the file
may be accessed but the information is still protected by being in encrypted form.
(The use of encryption may be critical on PCs that do not provide an access control
service as a front line protection.)
31
Cyberspace It is very difficult to control unauthorized access to LAN traffic as it is moved through
the LAN. For most LAN users, this is a realised and accepted problem. The use of
encryption reduces the risk of someone capturing and reading LAN messages in
transit by making the message unreadable to those who may capture it. Only the
authorized user who has the correct key can decrypt the message once it is received.
7.9 SECURITY MANAGEMENT

Businesses all over the world are adopting the BS7799 Information security
management system to systematically plug loopholes that exist due to the constant
and varied means of information exchange that form part of daily routine.
BS7799 is the British standard for Information Security Management. It is the most
widely recognised security standard in the world. It has now become an International
Standard, ISO 17799. The standard is divided into two parts:
BS7799 Part-1 (ISO-17799: 2000)-Code of Practice for Information Security
Management.
BS7799 Part-2, Specifies requirement for establishing, implementing and
documenting ISMS.
ISO/IEC 17799:2005 is a standard code of practice and can be regarded as a
comprehensive catalogue of good security things to do. Now it may be called ISO/
IEC 27001.
It contains 11 basic frameworks and 132 sets of controls. The major components of
Information Security Management System (ISMS) are.
A) Plan - It contains Scope, Policy, Risk Assessment (RA), Risk Treatment Plan
(RTP), Statement of Applicability (SOA)
B) DO - It contains controls, awareness training, manage resources and prompt
dedication and response to incidents.
C) Check- It contains management review, internal ISMS audit.
D) Act- It contains ISMS improvements, prevention action, and concentrative
action.
Basic Frameworks are as follows:
1) Security Policy
2) Organizing Security
3) Asset Management
4) Human Resource Security
5) Physical and Environmental Security
6) Communication and Operation Management
7) Access Control
8) Information System Acquisition Development and Maintainance
9) Information Security Incident Management
10) Business Continuity Management
32 11) Compliance
Data Security and
7.10 SECURITY AUDIT Management
One of the most important and critical reasons for conducting a security audit is to
ensure that the efforts spent on security is coherent with business objectives ultimately
yielding cost effective benefits. Although this may seem obvious, it is possible that
efforts might go off the requisite target missing out on the key areas where the effort
is needed. The objective of Security Audit is to find out the vulnerabilities that an
organization is facing with its IT infrastructure.
Physical Security Audit
Physical Security is one of the most neglected areas in Security. Global E-Secure
helps companies to plug this area by identifying the threats in terms of location of
hosted servers, perimeter and barrier protection followed and physical measures
adopted currently to protect sensitive data such as: cages, racks, Personnel controls,
Biometrics devices, Alarm Systems and others.
Network Security Audit
Internal employees, customers or partners access the organizational network

internally, through a public gateway or through VPNs, Leased Lines, ISDN or even
Dial-Up connections. The Network conducts a study of the access policies and
procedures for internal LAN access, as well as the connectivity of the organization
with its branches and remote locations and highlights the vulnerabilities in the
network.
Application Security Audit
This involves a complete detailed analysis of the mission critical applications of the
enterprise such as web servers, directory servers, mailing applications and enterprise
solutions of the company to which its employees, customers or partners may have
access. Since security has to complement business and should be transparent to the
user, it is essential for security to integrate seamlessly with the application.

What are the major components of ISMS?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
Let us now summarize the points covered in this unit. 33

Cyberspace
7.11 SUMMARY
• Security policy is totally dependent upon requirement and what the type of
network.
• Purpose of Security policy is to inform users, staff and managers of their
obligatory requirement for protecting technology and information assets.
• Following personnel must be present when forming policy. Site security manager,
all IT staff, managers of all divisions, Security Incident Response team and
Legal Counsellor.
• A good security policy is one which is implementable, enforceable and defines
the areas of responsibilities.
• The process of verifying user’s identity is referred to as Authentication.
• Access control can be achieved by using discretionary access control and
mandatory access control.
• The data and message confidentiality service can be used when the secrecy of
information is necessary.
• BS7799 is the widely used ISO/IEC standard having 11 frameworks and 132
set of controls.
• Security audit is mostly needed in case of vulnerabilities that an organization
has to face at physical, network and application level.

1) Why is security policy needed? How will you choose a good security policy?
2) Define access control. Give a practical example of the same.
3) BS7799 is only one choice for security management. Explain it critically

1) (i) Authentication, Non-repudiation and Integrity Control, (ii) Not possible
2) A security policy is a formal statement of the rules by which people who are
given access to an organization’s technology and information assets must
abide.
3) A good security policy has the following components:
Computer Technology Purchasing Guidelines, A Privacy Policy, An Access
Policy, An Accountability Policy, An Authentication Policy, An Availability
statement.
4) (i) User ID/Password, (ii) Intruders, (iii) Password based mechanism and smart
card/smart tokens based mechanism.
34
5) Access control service protects against the unauthorized use of LAN resources. Data Security and
Management
This service can be provided by the use of access control mechanisms and
privilege mechanisms.
6) The major components of ISMS are :
A) Plan - It contains Scope, Policy, Risk Assessment (RA), Risk Treatment Plan
(RTP), Statement of Applicability (SOA)
B) DO - It contains controls, awareness training, manage resources and prompt
dedication and response to incidents.
C) Check- It contains management review, internal ISMS audit.
D) Act- It contains ISMS improvements, prevention action, and concentrative
action.
Terminal Questions
1) Refer to section 7.4 and 7.5 of the unit.
Please also go through other reference books for more details.

1. Andrew S. Tanenbaum. Computer Networks. 5th ed. New Delhi: Prentice
Hall of India Pvt. Ltd., 2003.
2. Behrouz A Forouzan. Data Communication and Networking. 2nd ed. Tata

Mcgraw-Hill Edition, 2003.
3. ICANN - Internet Corporation for Assigned Names and Numbers. 24 Mar.

2006 <http://www.icann.org>.
35
Cyberspace
UNIT 8 DATA ENCRYPTION AND
DIGITAL SIGNATURES
Structure
8.1 Introduction
8.2 Objectives
8.3 Conventional Cryptography
8.3.1 Types of Ciphers
8.4 Meaning of Encryption

8.5 Algorithm used in Encryption
8.6 Encryption Scheme: Symmetric Key vs Asymmetric Key
8.7 Digital Signature
8.8 Authentication and Identification
8.9 Hash Functions
8.10 Protocol and Mechanisms
8.11 Key Establishment, Management and Certification
8.12 Trusted Third Parties and Public Key Certificates
8.13 Pseudorandom Numbers and Sequences
8.14 Summary
8.1 INTRODUCTION
One of the most powerful and important methods for security in computer systems
is to encrypt sensitive records and messages in transit and in storage. Cryptography
has a long and colorful history. Historically, four groups of people have used and
contributed to the art of Cryptography, the military, the diplomatic corps, diarists,
and lovers. The military has had the most sensitive role and has shaped the field.
At present, information and data security plays a vital role in the security of the
country, the security of the corporate sector and also of every individual, working
for personal benefit.
8.2 OBJECTIVES
At the end of this unit, you will able to:
36 • discuss what is conventional cryptography and types of ciphers;
• explain the meaning of encryptions ; Data Encryption and
Digital Signatures
• describe Algorithms used in Cryptology;
• discuss encryption schemes, their merits and demerits;
• explain the meaning and use of Digital Signature;
• discuss cryptographic hash functions and cryptographic protocols and
mechanism;
• describe methodology for ensuring the secure distribution of keys for
cryptographic purposes; and
• explain the concept of trusted third parties and public key certificates.
8.3 CONVENTIONAL CRYPTOGRAPHY

The message or data to be encrypted, also known as the plaintext, is transformed
by a function that is parameterized by a KEY. The output of the encryption process,
known as the cipher text, is then transmitted through the insecure communication
channel. The art of breaking ciphers is called cryptanalysis. The art of devising
ciphers (cryptography) and breaking them (cryptanalysis) is collectively known as
cryptology.
Mathematically, C = Ek (P) meaning that the encryption of the plaintext P using key
K gives the cipher text C. Similarly, P = Dk(C) implies the decryption of C to get the
plaintext again. It then follows that Dk (Ek (P)) = P.
8.3.1 Types of Ciphers

Conventionally, there are two types of ciphers. They are the following:
Substitution Ciphers: Another letter or group of letters to disguise it replaces each
letter or group of letters. One of the oldest known ciphers is the Caesar Cipher,
attributed to Julius Caesar. For example, using this cipher, attack becomes
DWWDFN. Here plaintext is in lowercase and cipher text in uppercase letters. A
slight generalisation of the Caesar cipher allows the cipher text alphabet to be shifted
by k letters, instead of always 3.In this case k becomes a key to the general method
of circularly shifted alphabets. Example in Fig. 1 shows:
JULIUSCAESAR Plaintext
EFGEFGEFGEFG Key EFG repeated
10 21 12 09 21 19 03 01 05 19 01 18 Plaintext, numeric
05 06 07 05 06 07 05 06 07 05 06 07 Key EFG, numeric
15 19 11 12 19 20 06 07 02 22 07 21 Cipher text (Plain XOR key)
Figure 1
A FUNCTION BASED SUBSTITUTION CIPHER

A substitution cipher can be made unbreakable by using a long no repeating key.
Such a key is called one-time pad. A one-time pad may be formed by using words
from a book starting from specific place known to both the sender and receiver. For 37
Cyberspace example, starting with this sentence and using XOR on ASCII encoding of the letters
of the plaintext and of the key. The encryption would proceed as given in Fig. 2.The
textual equivalent of the cipher text is not given because it contains nonprintable
ASCII characters. The message can be deciphered by reversing the process. XO
Ring each letter of the cipher text with the ASCII representation of the key produces
the ASCII encoding of a letter of the plaintext.
JULIUSCAESAR Plaintext
FOREXAMPLEST key-starting sentence (one-time pad)
74 85 76 73 85 83 67 65 69 83 65 82 Plaintext, ASCII
70 79 82 69 88 65 77 80 76 69 83 84 Key ASCII
12 26 30 12 13 18 14 17 09 22 18 06 Cipher text = Plain XOR key
Figure 2
A ONE-TIME PAD
One-time pad ciphers are unbreakable because they give no information to the
cryptanalyst. The primary difficulty with one-time pad is that the key must be as long
as the message itself, so key distribution becomes a problem, since a different pad
must be used for each communication.
Transposition Ciphers: It operates by reordering the plaintext symbols, whereas

substitution ciphers preserve the order of the plaintext symbols but try to disguise
them. An example of it Columnar transposition is described below:
CONSULT Keyword
1435726 Column numbers
E N C RYPT Plaintext:
I ONISP E
ENCRYPTIONSPERFORMEDBYWRITINGTHEPLAINTEXT
R FORMED
B YWR ITI
N G T H E P L cipher text:
A I N T E X
TEIRBNAPPETPXCNOWTNNOFYGIRIRRHTTEDILTYSMIEE
FIGURE for Transposition Cipher

38
Data Encryption and
Self Assessment Question 1 Spend 3 Min. Digital Signatures
Fill in the blanks:

i) The output of the encryption process is known as ___________________.
ii) Substitution and _________________ are two types of Ciphers.
8.4 MEANING OF ENCRYPTION

Encryption is one common method of protecting information transmitted over
unreliable links. In practice, the following is the mechanism of encryption:
A) The information (text) is encrypted (encoded) from its initial readable form
(called clear text), to an internal form (called cipher text). This internal text
form, although readable, does not make any sense.
B) The cipher text can be stored in a readable file, or transmitted over unprotected
channels.
C) The receiver must decrypt (decode) it back into clear text to understand the
meaning of the cipher text.
Since it is likely that people may become involved with negative aspects of computing,
care has to be taken to see that encryption algorithms are free from statistical and
mathematical weakness and that they are not feasible to break computationally so
that cracking becomes prohibitively time-consuming. At the other end, the
computational complexity of encryption and decryption should be reasonable
because they represent processing overhead that increases communication delays.
8.5 ALGORITHM USED IN ENCRYPTION

The Secret-Key Algorithm: A system where one secret key shared is called
Symmetric or secret key cryptography.
Data Encryption Standard (DES): It was originally developed by IBM and was
adopted as an NBS Standard in 1977. It is no longer secure in its original form
(Wayner, 1995), but in modified form it is still useful. DES is a symmetric
cryptosystem, so the cipher text is decrypted using the same key. It operates on 64-
bit (8 byte) blocks of input at a time. The algorithm, which is parameterized by a 56-
bit key, has 19 distinct stages. The first stage is a key independent transposition on
the 64-bit plaintext. The last stage is the exact inverse of this transposition. The
stage prior to the last one exchanges the leftmost 32 bits with the rightmost 32 bits.
The remaining 16 stages are functionally identical but are parameterized by
different functions of the key.
The steps of the DES encryption algorithm operating on 64-bit block are:
L0R0 = t(input)
Repeat for n = 1 to 16
Ln = Rn−1
Rn = Ln−1 + f(Rn−1,Kn)
Output = t −1 (L16r16) 39
Cyberspace Obviously, DES is a complex algorithm. But critics say that its key is too short,
which makes it susceptible to brute-force attack. In 1977, two standford
Cryptography researchers, Diffie and Hellman designed a machine to break DES
and estimated it could be built for 20 Million dollars. Given a small piece of plaintext
and matched cipher text, this machine could find the key by exhaustive search of the
entry key space in under 1 day. Nowadays such a machine would cost perhaps 1
million dollars. A detailed design for a machine that can break DES by exhaustive
search in about four hours is presented in (Wiener, 1994).
Another calculation says that software encryption is 1000 times slower than
hardware encryption and that, a high-end home computer can still do about 3, 50,
000 encryption/sec in software and is probably idle 2 million second/month. This
idle time could be put to use breaking DES. Probably the most innovative idea for
breaking DES is the CHINESE LOTTERY (Quisquater and Girault, 1991). With
this, every radio and television has to be equipped with a cheap DES chip capable
of performing 1 million encryption /sec in hardware.
Public Key Algorithms: A cryptosystem where two different keys are used for
encryption and decryption is called Asymmetric or Public key System. The key
distribution is the most important thing whatever may be the cryptosystem. If
somehow the key is stolen, the total system would be worthless. The primary
advantage of public key cryptography is increased security. The secret keys don’t
have to be transmitted or revealed to anyone. Another advantage of this system is
that public key and the secret key can both be used for encoding as well as decoding.
Their functions are interchangeable.
RSA Algorithm: These are the initials of three discoverers (Rivest, Shamir, and
Adleman) at M.I.T. They all produced this algorithm, which is totally based on
modular mathematics of Number theory. It is an asymmetric cryptography algorithm
because it uses two different keys for encoding and decoding.
One of the properties of modular arithmetic is the possibility of computing
multiplicative inverses. That is, given an integer e in the range of [0, n−1], it is
sometimes possible to find a unique integer d in the range [0, n−1] such that
ed mod n = 1
For example, 3 and 7 are multiplicative inverses modulo 20, because 21 mod 20 =
1. It can be shown that integer e [0.n−1] has a unique multiplicative inverse mod n
when e and n are relatively prime, that is when gcd (e, n) = 1.(gcd denotes the
greatest common divisor). The no. of positive integers that are relatively prime to n
is a function denoted as @n. For n = pq and p and q are prime, it can be shown that
@n = (p−1)(q−1)
For number P set of [0, n−1] it can be shown that the equation
C = pe mod n (First) is an inverse of
P = Cd mod n (Second)
If ed mod @(n) = 1 where @n = (p−1)(q−1)
First equation is used for encryption by several public keys algorithms with e and n
as the key. Decryption is performed using second equation with d and n as keys.
40
Since the key (e, n) is public, only the number d in the decryption pair (d, n) is Data Encryption and
Digital Signatures
private.
This above idea is used in case of RSA also. The determination of n, d and e is
prescribed in the following way:
Choose two large primes, p and q, each greater than 10 100
Calculate n= pq and @n = (p−1)(q−1)
Assume a number d to be a large, random integer that is relatively prime to @n that
is such that ed mod @(n) = 1
Calculate e such that ed mod @(n) = 1
These parameters may be used to encipher plaintext P where 0 less that equal to
less than n. If the plaintext is longer, it must be broken into strings smaller than n.
Cipher text is obtained as C = pe mod n. C may be then decrypted as P = cd mod n.
Steps of algorithm ensures that encryption and decryption are inverses of each other.
Yet breaking of RSA is not reported yet wide use of it has been tremendous increased.
A cryptanalyst would presumably use factoring to derive d from n and e, which are
publicly known.

Why is RSA algorithm more widely used than DES?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
8.6 ENCRYPTION SCHEME: SYMMETRIC KEY

VS ASYMMETRIC KEY
Symmetric-key and public-key encryption schemes have various advantages and
disadvantages, some of which are common to both. This section highlights a number
of these and summarizes features pointed out in previous sections.
i) Advantages of symmetric-key cryptography
1) Symmetric-key ciphers can be designed to have high rates of data
throughput. Some hardware implementations achieve of hundreds of
megabytes per second, while software implementations may attain
throughput rates in the megabytes per second range.
41
Cyberspace 2) Keys for symmetric-key ciphers are relatively short.
3) Symmetric-key ciphers can be employed as primitives to construct various
cryptographic mechanisms including pseudorandom number generators,
hash functions and computationally efficient digital signature schemes, to
name just a few.
4) Symmetric-key ciphers can be composed to produce stronger ciphers.
Simple transformations which are easy to analyse, but are weak on their
own weak, can be used to construct strong product ciphers.
5) Symmetric-key encryption is perceived to have an extensive history,
although it must be acknowledged that, notwithstanding the invention of
rotor machines earlier, much of the knowledge in this area has been acquired
subsequent to the invention of the digital computer, and in particular, the
design of the Data Encryption Standard in the early 1970s.
ii) Disadvantages of symmetric-key cryptography
1) In a two-party communication, the key must remain secret at both ends.
2) In a large network, there are many key pairs to be managed. Consequently,
effective key management requires the use of an unconditionally trusted
TTP .
3) In a two-party communication between entities µ and ¶, sound
cryptographic practice dictates that the key be changed frequently and
perhaps for each communication session.
4) Digital signature mechanisms arising from symmetric-key encryption
typically require either large keys for the public verification function or the
use of a TTP.
iii) Advantages of public-key cryptography
1) Only the private key must be kept secret (authenticity of public keys must,
however, be guaranteed).
2) The administration of keys on a network requires the presence of only a
functionally trusted TTP as opposed to an unconditionally trusted TTP.
Depending on the mode of usage, the TTP might only be required in an
“off-line” manner, as opposed to in real time.
3) Depending on the mode of usage, a private key/public key pair may remain
unchanged for considerable periods of time, e.g., many sessions (even
several years).
4) Many public-key schemes yield relatively efficient digital signature
mechanisms. The key used to describe the public verification function is
typically much smaller than for the symmetric-key counterpart.
5) In a large network, the number of keys necessary may be considerably
smaller than in the symmetric-key scenario.
iv) Disadvantages of public-key encryption
42 1) Throughput rates for the most popular public-key encryption methods

are several orders of magnitude slower than the best-known symmetric- Data Encryption and
Digital Signatures
key schemes.
2) Key sizes are typically much larger than those required for symmetric-
key encryption and the size of public-key signatures is larger than that of
tags providing data origin authentication from symmetric-key techniques.
3) No public-key scheme has been proven to be secure (the same can be
said for block ciphers). The most effective public-key encryption schemes
found to date have their security based on the presumed difficulty of a
small set of number-theoretic problems.
4) Public-key cryptography does not have as extensive a history as
symmetric-key encryption, being discovered only in the mid 1970s.
Summary of comparison
Symmetric-key and public-key encryptions have a number of complementary
advantages.
Current cryptographic systems exploit the strengths of each. Public-key encryption
techniques may be used to establish a key for a symmetric-key system being used
by communicating entities and in this scenario, we can take advantage of the long
term nature of the public/private keys of the public-key scheme and the performance
efficiencies of the symmetric-key scheme. Since data encryption is frequently the
most time consuming part of the encryption process, the public-key scheme for key
establishment is a small fraction of the total encryption process.
To date, the computational performance of public-key encryption is inferior to that
of symmetric-key encryption. There is, however, no proof that this must be the
case. The important points in practice are:
1. Public-key cryptography facilitates efficient signatures (particularly non-
repudiation) and key management; and
2. Symmetric-key cryptography is efficient for encryption and some data integrity
applications.

What are the basic advantages of Asymmetric Key?
.................................................................................................................
.................................................................................................................
.................................................................................................................
.................................................................................................................
.................................................................................................................
.................................................................................................................
43
Cyberspace
8.7 DIGITAL SIGNATURE
People authenticate other people by recognising their faces, voices and handwriting.
Signatures on letterhead paper handle proof of signing raised seals and so on.
Handwriting, paper, and ink experts can usually detect tampering. But none of these
options are available electronically. That’s why the concept of Digital signature came
into existence to authenticate electronic documents.
A Digital Signature is a technique by which it is possible to secure electronic

information in such a way that the originator of the information, as well as the
integrity of the information, can be verified. This procedure of guaranteeing the
origin and the integrity of the information is also called Authentication.
The authenticity of many legal, financial, and other documents is determined by the
presence or absence of an authorized handwritten signature. For a computerised
message system to replace the physical transport of paper and ink documents
handwritten signatures have to be replaced by Digital Signatures. Basically what is
needed, is a system by which one party can send a “signed” message to another
party in such a way that
A) The receiver can verify the claimed identity of the sender.
B) The sender cannot repudiate the contents of the message.
C) The receiver cannot possibly have concocted the message himself/ herself.
A digital signature is only a technique that can be used for different authentication
purposes. For an E-record, it comes functionally very close to the traditional hand-
written signatures. The user himself/ herself can generate key pair by using specific
crypto software. Now Microsoft IE and Netscape, allow the user to create his/ her
own key pair.
Here, the most important thing is how can the user be sure that public keys belong to
his/ her partner only? In this case, a third party (TTP) will guarantee the relationship
between the identity and the public keys. The TTP are popularly called Certified
Authorities (CAs).
Digital Certificate: These certificates are provided by CAs to authenticate that a

particular site is globally secured. There are so many reputed CAs all over the
world. Some of them are Very Sign from USA and Thawte Consulting from South
Africa. Popular India CAs are SafeScrypt Ltd, TCS, IDRBT, MTNL Ltd and NIC.
Digital certificates contain the following:
Issuer, Issued to, orgnization name, organization unit, validity, Version, Public Keys,
Thumbprint, algorithms etc.
Secure Socket Layer (SSL) is the widely used protocol for digital certificates. The
Uniform Resource Locator (URL) starts with “https” instead of “http” and are
secured by SSL. At the bottom of the window, a lock symbol appears for SSL.
Generally 128 bits SSL are used.40 bits SSL are also available.

44
Data Encryption and
Self Assessment Question 4 Spend 3 Min. Digital Signatures
Is digital signature equivalent to handwritten signature legally?

...................................................................................................................
...................................................................................................................
...................................................................................................................
...................................................................................................................
8.8 AUTHENTICATION AND IDENTIFICATION

Authentication is a term which is used (and often abused) in a very broad sense. By
itself, it has little meaning other than to convey the idea that some means has been
provided to guarantee that entities are who they claim to be, or that information has
not been manipulated by unauthorized parties. Authentication is specific to the
security objective which one is trying to achieve. Examples of specific objectives
include access control. The host countries might not permit secrecy on the channel;
one or both countries might want the ability to monitor all communications. Jack and
Bond, however, would like to be assured of the identity of each other, and of the
integrity and origin of the information they send and receive.
Authentication is one of the most important of all information security objectives.
Until the mid 1970s it was generally believed that secrecy and authentication were
intrinsically connected. With the discovery of hash functions and digital signatures, it
was realised that secrecy and authentication were truly separate and independent
information security objectives. It may at first not seem important to separate the
two but there are situations where it is not only useful but essential. For example, if
a two-party communication between Jack and Bond is to take place where Jack is
in one country and Bond in another, the host countries might not permit secrecy
on the channel; one or both countries might want the ability to monitor all
communications. Jack and Bond, however, would like to be assured of the identity
of each other, and of the integrity and origin of the information they send and receive.
The preceding scenario illustrates several independent aspects of authentication. If
Jack and Bond desire assurance of each other’s identity, there are two possibilities
to consider.
1) Jack and Bond could be communicating with no appreciable time delay. That
is, they are both active in the communication in “real time”.
2) Jack or Bond could be exchanging messages with some delay. That is, messages
might be routed through various networks, stored, and forwarded at some
later time. In the first instance Jack and Bond would want to verify identities in
real time. This might be accomplished by Jack sending Bond some challenge,
to which Bond is the only entity which can respond correctly. Bond could
perform a similar action to identify Jack. This type of authentication is
commonly referred to as entity authentication or more simply phrase
challenge for identification.
For the second possibility, it is not convenient to challenge and await response, and
moreover the communication path may be only in one direction. Different techniques
45
Cyberspace are now required to authenticate the originator of the message. This form of
authentication is called data origin authentication.
Thus Data origin authentication or message authentication techniques provide
to one for originality.
8.9 HASH FUNCTIONS

One of the fundamental primitives in modern cryptography is the cryptographic
hash function, often informally called a one-way hash function simplified definition
of hash function is given below.
Definition A hash function is a computationally efficient function mapping binary
strings of arbitrary length to binary strings of some fixed length, called hash-values.
The most common cryptographic uses of hash functions are with digital signatures
and for data integrity. With digital signatures, a long message is usually hashed
(using a publicly available hash function) and only the hash-value is signed. The
party receiving the message then hashes the received message and verifies that the
received signature is correct for this hash-value. This saves both time and space
compared to signing the message directly, which would typically involve splitting
the message into appropriate-sized blocks and signing each block individually.
Note here that the inability to find two messages with the same hash-value is a
security requirement, since otherwise, the signature on one message hash-value
would be the same as that on another, allowing a signer to sign one message and at
a later point in time claim to have signed another.
Hash functions may be used for data integrity as follows. The hash-value
corresponding to a particular input is computed at some point in time. The integrity
of this hash-value is protected in some manner. At a subsequent point in time, to
verify that the input data has not been altered, the hash-value is recomputed using
the input at hand, and compared for equality with the original hash-value. Specific
applications include virus protection and software distribution.
A third application of hash functions is their use in protocols involving prior

commitments, including some digital signature schemes and identification protocols.
Hash functions as discussed above are typically publicly known and involve no
secret keys. When used to detect whether the message input has been altered, they
are called modification detection codes (MDCs). Related to these are hash functions
which involve a secret key, and provide data origin authentication as well as data
integrity; these are called message authentication codes (MACs).
8.10 PROTOCOL AND MECHANISMS

Definition A cryptographic protocol (protocol) is a distributed algorithm defined
by a sequence of steps precisely specifying the actions required of two or more
entities to achieve a specific security objective.
Remark (protocol vs mechanism) As opposed to a protocol, a mechanism is a

more general term encompassing protocols, algorithms (specifying the steps
followed by a single entity), and non-cryptographic techniques (e.g., hardware
46 protection and procedural controls) to achieve specific security objectives.
Protocols play a major role in cryptography and are essential in meeting Data Encryption and
Digital Signatures
cryptographic goals. Encryption schemes, digital signatures, hash functions, and
random number generation are among the primitives which may be utilized to
build a protocol.
Protocol and mechanism failure
Definition A protocol failure or mechanism failure occurs when a mechanism

fails to meet the goals for which it was intended, in a manner whereby an adversary
gains advantage not by breaking an underlying primitive such as an encryption
algorithm directly, but by manipulating the protocol or mechanism itself.
Example (mechanism failure) Jack and Bond are communicating using a stream
cipher.
Messages which they encrypt are known to have a special form: the first twenty bits
carry information which represents a monetary amount. An active adversary can
simply XOR an appropriate bit string into the first twenty bits of cipher text and
change the amount. While the adversary has not been able to read the underlying
message, she has been able to alter the transmission. The encryption has not been
compromised but the protocol has failed to perform adequately; the inherent
assumption that encryption provides data integrity is incorrect.
Example (forward search attack) Suppose that in an electronic bank transaction
the bit field which records the value of the transaction is to be encrypted using a
public-key scheme. This simple protocol is intended to provide privacy of the value
field – but does it? An adversary could easily take all possible entries that could be
plaintext in this field and encrypt them using the public encryption function.
(Remember that by the very nature of public-key encryption this function must be
available to the adversary.) each of the cipher texts with the one which is actually
encrypted in the transaction, the adversary can determine the plaintext. Here the
public-key encryption function is not compromised, but rather the way it is used.
8.11 KEY ESTABLISHMENT, MANAGEMENT AND

CERTIFICATION
This section gives a brief introduction to methodology for ensuring the secure
distribution of keys for cryptographic purposes.
Definition Key establishment is any process whereby a shared secret key becomes
available to two or more parties, for subsequent cryptographic use.
Definition Key management is the set of processes and mechanisms which support
key establishment and the maintenance of ongoing keying relationships between
authorized parties, including replacing older keys with new keys as and when
necessary.
Key establishment can be broadly subdivided into key agreement and key transport.
Many and protocols have been proposed to provide key establishment.
Key management encompasses techniques and procedures supporting:
1. initialisation of system users within a domain;
2. generation, distribution, and installation of keying material; 47
Cyberspace 3. controlling the use of keying material;
4. update, revocation, and destruction of keying material; and
5. storage, backup/recovery, and archival of keying material.
Key management through symmetric-key techniques
One solution which employs symmetric-key techniques involves an entity in the
network which is trusted by all other entities. This entity is referred to as a trusted
third party (TTP). Each entity shares a distinct symmetric key with the TTP. These
keys are assumed to have been distributed over a secured channel. If two entities
subsequently wish to communicate, the TTP generates a key (sometimes called a
session key) and sends it encrypted under each of the fixed keys. This approach
has certain advantages and disadvantages.
A symmetric cryptographic system is a system involving two transformations – one
for the originator and one for the recipient – both of which make use of either the
same secret key (symmetric key) or two keys easily computed from each other. An
asymmetric cryptographic system is a system involving two related transformations
– one defined by a public key (the public transformation), and another defined by a
private key (the private transformation) – with the property that it is computationally
infeasible to determine the private transformation from the public transformation.
Advantages
1. It is easy to add and remove entities from the network.
2. Each entity needs to store only one long-term secret key.
Disadvantages
1. All communications require initial interaction with the TTP.
2. The TTP must store long-term secret keys.
3. The TTP has the ability to read all messages.
4. If the TTP is compromised, all communications are insecure.
Key management through public-key techniques
There are a number of ways to address the key management problem through public-
key techniques. Each entity in the network has a public/private encryption key pair.
The public key along with the identity of the entity is stored in a central repository
called a public file.
Advantages of this approach include:
1. No trusted third party is required.
2. The public file could reside with each entity.
3. Only public keys need to be stored to allow secure communications between
any pair of entities, assuming the only attack is that by a passive adversary.
The key management problem becomes more difficult when one must take into
account an adversary who is active (i.e. an adversary who can alter the public file
48 containing public keys).
Please answer the following Self Assessment Question. Data Encryption and
Digital Signatures
Key establishment can be divided into ____________________ and key
transport.
8.12 TRUSTED THIRD PARTIES AND PUBLIC KEY

CERTIFICATES
Definition A TTP is said to be unconditionally trusted if it is trusted on all matters.
For example, it may have access to the secret and private keys of users, as well as
be charged with the association of public keys to identifiers.
Various third party services require different types of trust and competency in the
third party. For example, a third party possessing secret decryption keys (or entity
authentication keys) must be trusted not to disclose encrypted information (or
impersonate users). A third party required (only) to bind an encryption public key to
an identity must still be trusted not to create false associations and thereafter
impersonate an entity. In general, three levels of trust in a third party T responsible
for certifying credentials for users may be distinguished. Level 1: T knows each
user’s secret key. Level 2: T does not know users’ secret keys, but can create false
credentials without detection. Level 3: T does not know users’ secret keys, and
generation of false credentials is detectable
Definition A TTP is said to be functionally trusted if the entity is assumed to be
honest and fair but it does not have access to the secret or private keys of users.
Public-key certificates
The distribution of public keys is generally easier than that of symmetric keys, since
secrecy is not required. However, the integrity (authenticity) of public keys is critical.
Primary advantages offered by public-key (vs symmetric-key) techniques for
applications related to key management include:
1) Simplified key management. To encrypt data for another party, only the
encryption public key of that party need be obtained. This simplifies key
management as only authenticity of public keys is required, not their secrecy. .
The situation is analogous for other types of public-key pairs, e.g., signature
key pairs.
2) On-line trusted server not required. Public-key techniques allow a trusted
on-line server to be replaced by a trusted off-line server plus any means for
delivering authentic public keys (e.g., public-key certificates and a public
database provided by an un-trusted on-line server). For applications where an
on-line trusted server is not mandatory, this may make the system more amenable
to scaling, to support very large numbers of users.
3) Enhanced functionality. Public-key cryptography offers functionality
which typically cannot be provided cost-effectively by symmetric techniques
(without additional online trusted third parties or customized secure
49
Cyberspace hardware). The most notable such features are non-repudiation of digital
signatures, and true (single-source) data origin authentication.
A public-key certificate consists of a data part and a signature part. The data
part consists of the name of an entity, the public key corresponding to that entity,
possibly additional relevant information (e.g., the entity’s street or network address,
a validity period for the public key, and various other attributes). The signature part
consists of the signature of a TTP over the data part.
8.13 PSEUDORANDOM NUMBERS AND

SEQUENCES
Random number generation is an important primitive in many cryptographic
mechanisms.
For example, keys for encryption transformations need to be generated in a manner
which is unpredictable to an adversary. Generating a random key typically involves
the selection of random numbers or bit sequences. Random number generation
presents challenging issues.
Often in cryptographic applications, one of the following steps must be performed:
i) From a finite set of elements, select an element at random.
ii) From the set of all sequences (strings) of length over some finite alphabet of
symbols, select a sequence at random.
iii) Generate a random sequence (string) of symbols of length over a set of symbols.
It is not clear what exactly it means to select at random or generate at random.
Calling a number random without a context makes little sense. Is the number a
random number?
8.14 SUMMARY
• Encryption is one common method of protecting information transmitted over
unreliable lines where plain text is being converted to Cipher text and then
again to plain text.
• Basically there are two algorithms used for encryption .One is RSA and other
one is DES.
• RSA is an asymmetric cryptography and DES is symmetric one.
• A system where one secret key shared is called Symmetric or Secret Key
Cryptography.
• A cryptosystem where two different keys are used for encryption and
decryption is called Asymmetric or Public Key System.
• Digital signature is a technique to secure electronic information in such a way
that the originator of the information, as well as the integrity of information can
50 be verified with proper authentication.
• Digital certificates are provided by Certified Authorities (CAs) to authenticate Data Encryption and
Digital Signatures
that a particular site is globally secured.
• There are five common CAs in India. They are Safescrypt Ltd, TCS, IDRBT,
MTNL and NIC.
• A hash function is a computationally efficient function mapping binary strings of
arbitrary length to binary strings of some fixed length called hash-values. The
most common cryptographic uses of hash functions are with digital signatures
and for data integrity.
• Key establishment is any process whereby a shared secret key becomes
available to two or more parties, for subsequent cryptographic use.
• Key establishment can be subdivided into key agreement and key transport.
• Key management is the set of processes and mechanisms, which support key
establishment and the maintenance of ongoing keying relationships between
parties, including replacing older keys with new keys as and when necessary.

1) What do you mean by Encryption? Describe RSA algorithm with examples.
2) How do you know that URL is secured?
3) What are the differences between digital signatures and certificates?

1) (i) Cipher text, (ii) Transposition
2) RSA is asymmetric cryptographic algorithm and uses two different keys for
encoding and decoding while DES is a symmetric cryptosystem and the cipher
text is decrypted using the same key. It is a complex algorithm. So far no
breaking of RSA has been reported though DES can be broken.
3) The advantages of Asymmetric keys are as follows:
1) Only the private key must be kept secret
2) The administration of keys on a network requires the presence of only a
functionally trusted TTP as opposed to an unconditionally trusted TTP
3) Depending on the mode of usage, a private key/public key pair may remain
unchanged for considerable periods of time.
4) According to Patrick W. Brown, Digital Signature technology may be employed
to produce legally enforceable signatures in Electronic Data Interchange (EDI)
among computer users within the same general guidelines and requirements as
those developed for handwritten signatures on paper. Digital Signature
technology may be employed to produce legally enforceable signatures in
Electronic Data Interchange (EDI) among computer users within the same
general guidelines and requirements as technology promises assurance at least
51
Cyberspace equal to written signatures. From a legal standpoint, this assurance remains to
be tested in the evidentiary process. Business policies for organizational use of
this technology are being created as the use of digital signature technology is
adopted. Digital signatures may be used to provide assurances in distributed
and networked computer environments where electronic transactions require
a high degree of trust.
5) Key Agreement
Terminal Questions
2) Refer to section8.7 of the unit.
Apart from above, please follow other reference books for in depth knowledge.

1. Brown, P.W. “Digital signatures: are they legal for electronic commerce”.
Communications Magazine. IEEE. 32.9 (Sept. 1994): 76 – 80.
2. Mlen Milenkivic. Operating System Concepts and design. New York :

McGraw-Hill, Inc, 1992.
3. Silberschatz. Galvin, Gagne. Operating System Concepts. 7th ed. John Wiley
& Sons, 2006.
52
Convergence, Internet
UNIT 9 CONVERGENCE, INTERNET Telephony and VPN
TELEPHONY AND VPN

Structure
9.1 Introduction
9.2 Objectives
9.3 What is Convergence?
9.3.1 The Communication Convergence Bill 2001
9.4 Virtual Private Network

9.5 Defining the Different Aspects of VPNs
9.5.1 Intranet VPNs
9.5.2 Remote Access VPNs
9.5.3 Extranet VPNs
9.6 VPN Architecture

9.7 Understanding VPN Protocols
9.7.1 SOCKS v5
9.7.2 PPTP/L2TP
9.8 What is Internet Telephony?

9.8.1 Benefits of Internet Telephony
9.8.2 Bandwidth Growth
9.9 Approval Issue and Internet Telephony

9.10 Types of Equipment Required for Internet Telephony
9.11 Commercial Viability
9.12 The H.323 Standard: An Introduction
9.13 Summary
9.1 INTRODUCTION
In this unit we will discuss the concepts of convergence, Internet telephone and
VPN. Convergence is a term that has a different meaning for every platform. It
covers a wide area of applications. Every field of application is on the way to
convergence because of advancement of technology. For example, mechanical
convergence is quite different from communication convergence. In simple words,
convergence means taking advantage of a unified way to do an operation which is
53
Cyberspace being done through multiple ways, so that effort will be less and the same effect or
output is obtained. The VPN market is on the verge of explosive growth. A virtual
private network (VPN) broadly defined, is a temporary, secure connection over a
public network, usually the Internet. The idea of the VPN is to give the company the
same capabilities at a much lower cost by using the shared public infrastructure
rather than a private one. Internet telephony is the latest technology to dazzle both
the datacom and telecom industries. Many of those outside those sectors are now
wondering what exactly this technology is, how it works, and whether it has yet
matured into a commercially viable communications tool.
9.2 OBJECTIVES
• explain what is Communication Convergence;
• describe what is Virtual Private Network (VPN) its working and Architecture;
• enlist protocols that have emerged for building VPN’s; and
• describe what is Internet telephony, and explain the benefits, approval issues
and equipments required for Internet telephony.
9.3 WHAT IS CONVERGENCE?

Here a basic concept has been given for digital convergence or Communication
Convergence. The concept that all modern information technologies, currently based
on very disparate technological paradigms and systems, are becoming digital in
nature. At present a person might receive information by telephone, television,
radio, newspaper and print. In future these different information delivery systems
may be replaced by a unified system based wholly on digital technology, with all its
advantages (e.g.: ease of access, flexibility) and disadvantages (e.g.: increased
centralize). Communication sector comprises broadcasting, telecom and information
technology.
Malaysia is the first country in world to bring the communication convergence
through legislation.
9.3.1 The Communication Convergence Bill 2001
The Communication Convergence Bill 2001 was the second in the world. This Bill
will replace 5 existing laws .These are The Indian Telegraph Act-1885, Cable TV
Networks Act 1995, Indian Wireless Telegraphy Act-1933, The Telegraph Wires
(Unlawful Possession) Act 1950 and the Telecom Regulatory Authority of India Act
1997.
The Bill seeks to achieve 4 main purposes-
• The development of national infrastructure for an information based society,
and to enable access thereto;
• To provide a choice of services to the people with a view to promoting plurality
of news, views and information;
• To establish a regulatory framework for carriage and content of communication;
• To establish a single regulatory and licensing authority with defined powers,
54 procedures and functions and an Appellate Tribunal.
Please answer the following Self Assessment Question. Convergence, Internet
Telephony and VPN
What are the laws which may be replaced by Convergence Bill if it is passed?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
9.4 VIRTUAL PRIVATE NETWORK

A virtual private network (VPN) is a private data network that makes use of the
public telecommunication infrastructure, maintaining privacy through the use of a
tunneling protocol and security procedures.
Though the term is relatively new, everyone from telcos to operating system vendors,
to firewall suppliers and router companies has rushed to offer some type of VPN
capability. Why? This is because VPNs make sense, and as a result, the market is
expected to reach at least several billion by the year 2006.
By leveraging the Internet, VPNs offer significant cost savings, greater flexibility,
and easier management relative to traditional internetworking methods, such as
leased lines and dial-up remote access.
However, choosing an appropriate solution from the recent flood of VPN offerings
can be a difficult task for information technology managers who have no spare time.
Each solution presents varying levels of security, performance and usability, and
each has its benefits and drawbacks.
At minimum, a VPN should encrypt data over a dynamic connection on a public
network to protect the information from being revealed if intercepted. Beyond that
basic function, VPN features customarily include tools for authentication, and a
limited number provide integrated access control and authorization capabilities. In
addition to enumerating the possible VPN components, this white paper outlines the
predominated VPN technologies and interprets the nuances of different VPN
approaches so IS professionals can better decide how to secure their corporate
communication.
9.5 DEFINING THE DIFFERENT ASPECTS OF

VPNs
Before online business can truly reach its potential, corporations must feel comfortable
using the Internet as the backbone for secure communication. VPNs are the first
real step towards that end. When implemented correctly, they protect networks 55
Cyberspace from viruses, snoops, corporate spies, and any other known threat that results from
mistakes in configuration, poorly implemented access controls, lack of system
management, weak authentication, and “back-door” entry points to the network.
The three fundamental features that define virtual private networking are encryption,
authentication, and access control. While strong authentication and encryption are
critical components of the VPN, they are relatively simple to deploy and verify.
Access control, on the other hand, is relatively complex because its deployment is
tied intimately to every other security tool. Roughly speaking, the security of a VPN
is a function of how tightly authentication, encryption, and access control are
connected. If one component is lacking, the VPN will be lacking.
Where a company might use a guarded gate in the physical world to block all
unauthorized visitors, a firewall might be used in the analogous VPN world. With
emerging VPN technologies and solutions, companies can verify someone’s identity
with strong authentication technologies like token cards, digital certificates, or even
fingerprints. Once identified, users are granted access to resources according to
very detailed profiles based on identity and often a user’s role within a larger group.
VPNs are also beginning to provide tools to monitor a user’s activity once inside the
corporate network. Prior to even connecting to the Internet, corporations should
develop a security policy that clearly identifies who can have access to what resources,
leaving room for growth and change. And before implementing a VPN, corporations
should evaluate their current security paradigm to determine what equipment can be
leveraged for a VPN.
A comprehensive solution might incorporate a firewall, router, proxy server, VPN
software or hardware, or all of the above.
Are professionals can effectively use VPNs to address three predominant
internetworking scenarios?
1) Between a corporation and its branch offices, which will be referred to as an
“intranet VPN”?
2) Between a corporation and its remote or travelling employees, which will be
referred to in this paper as a “remote access VPN”?
3) And between a corporation and its business associations, such as partners,
customers, suppliers, and investors, which will be referred to as an “extranet
VPN”.
9.5.1 Intranet VPNs
Intranets are defined here as semi-permanent WAN connections over a public
network to a branch office. These types of LAN-to-LAN connections are assumed
to carry the least security risk because corporations generally trust their branch
offices and view them as extensions of the corporate network.
In this case, the corporation generally controls both the source and destination nodes.
IS administrators should ask whether or not this assumption holds true for their
company.
General Case
When the two endpoints of a data channel are relatively trusted, a company can
56 comfortably opt for a VPN solution that focuses on performance over security,
which is limited to the strength of the encryption and authentication methods Convergence, Internet
Telephony and VPN
between the two routers. High volumes of data are often exchanged between LANs
on an intranet VPN, so the premium is wisely placed on speed and smooth
interoperability.
The LANs that are connected by centralized corporate databases or other enterprise-
wide computing resources should appear to be part of the same corporate network.
Many of the firewall, router, and frame relay vendors, as well as some of the ISPs,
are offering solutions that adequately secure intranet VPNs while transferring data
quickly and reliably.
Highly Secure Case
Security threats often come from within an organization. In fact, according to a
study issued jointly by the FBI and the Computer Security Institute, almost half of all
computer break-ins occur within a company.
If a company is concerned about proprietary information being leaked by employees,
whether intentionally or accidentally, or if a company routinely applies different
levels of trust to branch offices or individuals, then it should consider investing in a
VPN solution that can control the information flow on an authenticated, user-specific
policy level rather than on a trusted subnet basis. IT managers should look closely at
solutions that provide reasonable ways to implement and manage these advanced
role-based policies.
9.5.2 Remote Access VPNs
Corporations are just now beginning to realise the advantages the Internet offers
over traditional direct dial-up remote access. Many corporations, burdened by
the effort of maintaining large modem pools and the expense associated with
long distance charges, are finding that using the Internet as a backbone for remote
access is much more affordable and easier to implement and maintain than
traditional solutions.
In any remote access VPN scenario, usability is an important criterion. Most security
flaws are attributed to configuration errors, so the easier the system is to manage,
the less likely is the chance for oversight. On the client side, simplicity is critical
because many travelling employees and telecommuters either lack the technical
proficiency or the access to technical resources for troubleshooting. Clients should
not have to manually build a VPN tunnel, “manually” meaning having to launch VPN
software each time the user wants to establish a secure communication channel.
Instead, the VPN software should launch automatically at start-up and run
transparently in the background. On the server side, centralized and easy manage-
ment is essential because monitoring large numbers of users and adding and
removing users on a regular basis can quickly become chaotic and can create a
security risk.
A directed VPN uses IP to establish directional control of information across a
VPN. It also offers capabilities above and beyond typical tunneling solutions,
including the ability for IS managers to specify access on the basis of sources,
destinations, applications, encryption/authentication and other filtering
profiles. Directed VPNs also provide data encryption and user-based authentica-
tion. In contrast, VPNs based on tunneling are not as secure or do not offer as
many features. 57
Cyberspace General Case
With most remote access VPNs, it is assumed that a corporation trusts the person
at the other end of the link, which is typically a travelling or remote salesperson.
Rather than worrying that the employee might do damage to the network or steal
proprietary formation, the company is probably more concerned with the unknown
element between the two end points. These companies will generally assume a
“transparent access” policy, best described as: “The remote employee should have
unfettered access to all resources that would be available to them if they were sitting
at their desk at corporate headquarters.”
The priority, therefore, becomes encrypting the data in transit so that only the intended
recipient can decipher it. Most VPNs can meet this basic security requirement, so
evaluators should consider additional criteria, such as the strength of the encryption
cipher and the authentication method for providing additional security.
Highly Secure Case
The industries that are the most leery of any kind of security risk, such as the financial,
health, and government sectors, are paradoxically the earliest adopters of VPN
technologies, which have the perception of being less secure than traditional means
of networking. In reality, the best VPN technologies are much more secure than
most leased lines and dial-up remote access, because highly secure VPNs encrypt
all data and generally provide very detailed user profiles for access control. Highly
secure remote access solutions are deployed by sophisticated IT shops with a strong
understanding of the security risks inherent in any network communication. These
shops generally adopt a “controlled access” policy for their remote users. This is
best described by the following policy statement: “The remote employee should
have tightly controlled access to specific resources on the network according to the
requirements of their job function.”
These companies deploy policy-driven VPNs to provide highly secure remote access
over the public networks. Secure policy-driven VPNs authenticate individual users,
not just IP addresses, so that a corporation knows which employee is trying to gain
access to the network. This can be accomplished through common passwords digital
certificates, token cards, smart cards, or biometrics, such as fingerprint or iris
scanning. Once an employee has authenticated to the corporate VPN server, he or
she is granted a certain level of access depending on his or her profile, which is
usually set up by a network administrator to match the corporate security policy
and enforced by a sophisticated system of data stream filters and access control
parameters. This three-tier system is essential for companies that allow their
employees to access mission-critical information, particularly when those
employees are not entirely trusted.
Any time a company wants to provide varying levels of access so that different
resources can be made available to different employees when appropriate, or when
a company wants to prevent “back-door” holes into the network, which is common
in some systems, and then a more robust VPN solution is recommended. In other
words, a highly secure VPN should be able to intercept network traffic destined for
a particular host, add the required encryption, identify individual users, and apply
restrictions and filter content accordingly.
58
9.5.3 Extranet VPNs Convergence, Internet
Telephony and VPN
Unlike intranets that are relatively isolated, extranets are intended to reach
partners, customers, and suppliers, as well as remote employees. Securing that wide
area network requires diligence and the right tools. An extranet VPN needs to be
able to provide a hierarchy of security, with access to the most sensitive data being
nested under the tightest security control. It should secure all applications, including
TCP and UDP applications, such as Real Audio, FTP, etc.; corporate vertical
applications, such as SAP, BAAN, People Soft, Oracle, etc.; and “homegrown”
applications, such as Java, Active X, Visual Basic, etc. Because most corporate
computing environments are heterogeneous with many legacy systems, a sound
VPN solution should be extremely versatile and interoperable with multiple platforms,
protocols, and authentication and encryption methods.
General vs Highly Secure Case
The main objective of an extranet or business-to-business VPN is to ensure that
mission-critical data arrive intact and in the proper hands without ever exposing
protected resources to potential threats, so companies should only consider
implementing the most secure breed of VPNs.
The security elements of a VPN can be prioritized differently, but with an extranet
VPN, all the fundamental pieces 3/4 encryption, authentication, and access control
3/4 should be integrated tightly with some type of perimeter security. Usually this
means a company will place a VPN proxy server behind an impenetrable firewall
that blocks all unauthenticated traffic. Any traffic that is allowed in is then funneled
through a common portal directly to the VPN server, which filters traffic according
to company policy. It is essential for the connection between the firewall and the
VPN to be strong and reliable, and the client software should be as transparent as
possible.

What is the difference between Intranet and Extranet VPNs?
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
..................................................................................................................
9.6 VPN ARCHITECTURE

The most secure VPNs are built around a “directed” architecture, as opposed to a
bi-directional “tunneled” method. Directed VPNs transmit encrypted information at
a higher level in the networking protocol stack than tunneled VPNs, and security
and control increase as functionality moves up the network hierarchy. Directed
VPNs act as proxy servers, which means they do not open any direct connections
into corporate networks, preventing IP addresses from being “spoofed”, or mapped. 59
Cyberspace Tunneling hides information in IP packets at the packet level, exposing them more
easily to attack. Because all data is proxied in directed VPNs, administrators can
tell at a glance who has been trying to gain access to the network and how often.
Unlike tunneled VPNs, directed VPNs protect connected networks from each
other’s security flaws. Directed VPNs do not assume a two-way trusted relationship
between connecting parties. If security is breached in the directed model, only the
attacked network is exposed, not the linked networks. In the tunneled model, when
one network is attacked, each successive network is susceptible to the same attacker.
In the directed model, each company’s IS managers can set their own access
privileges and be confident they are not exposing their networks to unknown security
problems.
Tunneled VPNs, as the name implies, open tunnels within the Internet and secure
information travelling through them with basic packet filtering. This approach gives
participating companies weakly secured access to each other’s networks, with no
way to fine-tune access control. These types of solutions often mistakenly start with
the faulty assumption that there should be peer-to-peer trust among companies
connected by VPNs. When trading partners or customers are involved, that is rarely
the reality.
When companies conduct multi-faceted business transactions over public networks,
simple encrypted tunnels will not suffice. Online business, or electronic commerce,
is not restricted to credit card transactions. It involves complex negotiations and
collaboration on projects. When vital, confidential information is involved, IS
professionals cannot risk compromising any portion of the network. An extranet
VPN should use the highest encryption available, which is currently 128 bits, except
when restricted by exportation laws. In addition, the VPN should support multiple
authentication and encryption methods since business partners, suppliers, and
customers are likely to have varying network infrastructures and platforms. In a true
business-to-business scenario, IS managers should look for a VPN that filters access
to resources based on as many parameters as possible, including source, destination,
application usage, type of encryption and authentication used, and individual, group,
and subnet identity. Administrators should be able to identify individual users, not
just IP addresses, either through passwords, token cards, smart cards, or any other
method of authentication. Passwords are usually sufficient for casual office use, but
they are not considered as secure as token or smart cards. Employees are often
careless with their passwords, and they rarely change their codes, whereas token
and smart cards change the pass code on a regular basis, often as frequently as
every 60 seconds.
Once authenticated, administrators should be able to route authorized traffic to
protected resources without jeopardizing network security. The access control is
what ultimately distinguishes the level of security among VPN solutions. Without
being able to control exactly who has access to each resource on a network, a VPN
is virtually useless beyond the network’s perimeter. Once authenticated, a user should
not have carte blanche to the network. Rather, specific permissions should be granted
to each user in order to retain the most control over every resource.
Security should increase, not lessen, as a user moves inward toward the most sensitive
data. By utilizing strong encryption, authentication, and access control methods, all
working seamlessly within a VPN solution, companies can seal their corporate
networks from almost any security breach.
60
Convergence, Internet
9.7 UNDERSTANDING VPN PROTOCOLS Telephony and VPN
The VPN security market is young, and standards are still evolving, but a handful of
protocols have emerged as the leading choices for building VPNs. An IS manager
should not have to base his or her purchasing decision on the technology used, but
understanding the benefits of each protocol may help clarify the related strengths
and weaknesses of different VPN end products. Although there are many possible
security approaches for creating a VPN, the following protocols show the most
promise for lasting in the market, whether for the quality of their design or their
financial backing.
For secure VPNs, the technologies that VPNC supports are
• IPsec with encryption
• L2TP inside of IPsec
• SSL with encryption
For trusted VPNs, the technologies that VPNC supports are:
• MPLS with constrained distribution of routing information through BGP
(“layer 3 VPNs”)
• Transport of layer 2 frames over MPLS (“layer 2 VPNs”)
IPsec is the most dominant protocol for secure VPNs. SSL gateways for remote-
access users are also popular for secure VPNs. L2TP running under IPsec has a
much smaller but significant deployment. For trusted VPNs, the market is split on
the two MPLS-based protocols. Companies want to do their own routing the to
use layer 2 VPNs; companies that want to outsource their routing tend to use layer
3 VPNs.
The various VPN protocols are defined by a large number of standards and
recommendations that are codified by the Internet Engineering Task Force (IETF).
There are many flavours of IETF standards, recommendations, statements of common
practice, and so on. Some of the protocols used in IPsec are full IETF standards;
however, the others are often useful and stable enough to be treated as standard by
people writing IPsec software. Neither of the trusted VPN technologies are IETF
standards yet, although there is a great deal of work being done on them to get them
to become standards.
9.7.1 SOCKS v5
SOCKS v5 was originally approved by the IETF as a standard protocol for
authenticated firewall traversal, and, when combined with SSL, it provides the
foundation for building highly secure VPNs that are compatible with any firewall.
STOCKS 5, which follows a proxy server model and works at the TCP socket
level. It requires a SOCKS 5 server and appropriate software in order to work.
The SOCKS 5 client intercepts a request for service, and checks it against a security
database. If the request is granted, the server establishes an authenticated session
with the client, acting as a proxy. This allows network managers to apply specific
controls and proxied traffic, and specify which applications can cross the firewall
into the Internet.
It is most appropriately applied to VPNs that require the highest degree of security,
since its strength is access control. SOCKS v5 was developed in 1990 by David
Koblas and championed through the IETF by NEC Systems Laboratory. It is currently 61
Cyberspace the only IETF-approved standard being used to create VPNs. Though it is not as
well known as some of the other protocols, it has received widespread support
from industry leaders such as Microsoft, Netscape, and IBM. SOCKS v5 is the
protocol used in Aventail’s policy-based VPN solution.
Advantages
SOCKS v5 controls the flow of data at the session, or circuit, layer, which maps
approximately to layer five of the OSI networking model. Because of where it
functions in the OSI model, SOCKS v5 provides far more detailed access control
than protocols operating at the lower layers, which permit or reject packets based
solely on source and destination IP addresses. SOCKS v5 establishes a virtual
circuit between a client and a host on a session-by-session basis and provides
monitoring and strong access control based on user authentication without the need
to reconfigure each new application. Because SOCKS v5 and SSL operate at the
session layer, they have the unique ability to interoperate on top of IPv4, IPSec,
PPTP, L2TP, or any other lower-layer VPN protocol. In addition, SOCKS v5
and SSL have more information about the applications running above them than do
lower-layer protocols, so they can provide very sophisticated methods of securing
traffic.
SOCKS v5 stands out as the only VPN approach to use a directed architecture,
which essentially protects destination computers by proxying traffic between source
and destination computers. When used in conjunction with a firewall, data packets
are passed through a single port in the firewall (port 1080 by default) to the proxy
server, which then filters what is sent forward to a destination computer. This prevents
administrators from having to open multiple holes in their firewall for different
applications. For additional security, the VPN proxy server hides the address structure
of the network, making it more difficult for confidential data to be cracked. Another
design advantage of SOCKS v5 is that the client is non-intrusive. It runs transparently
on the user’s desktop and does not interfere with networking transport components,
as do lower-layer protocols, which often replace the Winsock DLL, TCP/IP stack,
and low-level drivers, interfering with desktop applications. SOCKS v5 is also highly
flexible. It works easily with multiple security technologies and platforms, which is
critical for IS professionals managing heterogeneous computing environments. It
offers modular plug-in support for many authentication, encryption, and key
management methods, providing IS managers the freedom to adopt the best
technologies for their needs. Plug-and-play capabilities include access control tools,
protocol filtering, content filtering, traffic monitoring, reporting, and administration
applications. SOCKS v5 can filter data streams and applications, including Java
applets and ActiveX controls, according to very detailed specifications.
Disadvantages
Because SOCKS v5 adds a layer of security by proxying traffic, its performance

generally is slightly slower than that of lower-layer protocols, depending on how
the VPN is implemented. Though it is more secure than solutions located at the
lower network or transport layers, the extra security requires more sophisticated
policy management than at the lower layers. Also, client software is required to
build a connection through the firewall to transmit all TCP/IP data through the
proxy server.
62
9.7.2 PPTP/L2TP Convergence, Internet
Telephony and VPN
One of the most widely known VPN security choices is Point-to-Point Tunneling
Protocol (PPTP) from Microsoft. It is embedded in Microsoft’s Windows NT v4.0
operating system and is used with Microsoft’s Routing and Remote Access Service.
It sits at the datalink layer, which maps approximately to layer two of the OSI
model. It encapsulates PPP with IP packets and uses simple packet filters and the
Microsoft Domain networking controls to provide access control. PPTP and its
successor, L2TP, are seen as tools to extend the current PPP dial-up infrastructure
supported by Microsoft, most ISPs, and the remote access hardware vendors.
Layer Two Transport Protocol (L2TP) has evolved from the combination of
Microsoft’s PPTP protocol and Cisco Systems’ Layer 2 Forwarding (L2F). It
supports multiple, simultaneous tunnels for a single client and is targeted at the telco
and ISP markets. With L2TP, the end user dials up a local ISP POP without
encryption, and the ISP, acting as an agent for the end user, creates an encrypted
tunnel back into the secure destination.
Advantages
Are professionals running Microsoft-centric shops will find PPTP and L2TP
readymade to work with their systems? Because they use packet-filtering that makes
use of existing network routers, they are typically less complicated to implement,
and they are transparent to end users.
In typical Microsoft fashion, PPTP is free. Microsoft includes it as a component of
its RAS and router software, formerly known as Steelhead. When affordability in a
Microsoft-only environment is an issue, PPTP is a viable solution. L2TP will likely
follow the same path and be included in upcoming versions of NT servers and
Windows 32-bit desktop clients.
Most VPNs secure TCP/IP traffic, but PPTP and L2TP support additional net-
working protocols such as Novell’s IPX, NetBEUI, and AppleTalk. They also
support flow control, which keeps traffic from overwhelming clients and servers.
They enhance network.
State whether True or False
1) Tunneled VPN close tunnels within the internet and secure
information and secure information in travelling through them with
basic packet filtering?
..........................................................................................................
2) Socks v5 was developed by David Koblas in 1990 and championed
through the IETF by NEC Systems Laboratory.
..........................................................................................................
3) PPTP is one of VPN security choices and embedded in Microsoft’s
window NT v 4.0 operating system.
..........................................................................................................
63
Cyberspace
9.8 WHAT IS INTERNET TELEPHONY
The concept behind Internet telephony (also known as Voice over IP (VOIP) or IP
telephony) is a simple one: the transfer of voice messages using Internet protocol
(IP) networks. This technology enables standard data packets to transmit multimedia
information such as voice or video over the Internet or any other IP-based local- or
wide-area network. It draws on open standards and recommendations generated
by international groups such as the Internet Engineering Task Force (IETF) and the
International Telecommunication Union (ITU). All suppliers of Internet telephony
products meet these standards. At present internet telephony has already been
legalized in India. It is limited to legalizing PC to PC phone calls to India. Again PC
to landline phones is still not permissible in India under the government of India’s
guidelines.
9.8.1 Benefits of Internet Telephony
Standing to benefit most from Internet telephony, obviously, are companies that
make significant numbers of long-distance calls — for example, large organizations
with offices around the world. With Internet telephony, the customer pays only for
the call to the Internet gateway hosted by its local Internet service provider or its
own company intranet. Thus all telephone calls are billed at the local-call rate,
dramatically reducing long-distance charges. Moreover, choosing an IP network
enables a company to use a single communication medium rather than having to
maintain separate systems for voice and data communications — again lowering
costs and increasing efficiency.
In effect, then, Internet telephony offers a single method for communications,
combining voice, video, and data traffic by adopting IP as a common protocol and
merging up to three different network structures in one comprehensive medium.
9.8.2 Bandwidth Growth
One reason for the increasing acceptance of Internet telephony is the continuous
expansion of bandwidth within LANs, as Fast-Ethernet and switching are gradually
being replaced by the far more efficient asynchronous transfer mode (ATM) and
Gigabit Ethernet. The resultant oversupply of bandwidth (especially among local
networks) has in turn created a demand for new applications such as Internet
telephony. Standards now being developed will guarantee a certain level of service
in these IP-based networks, since bodies such as IETF have recognised that few or
no standards adequately addressed the transmission of voice or video over the
Internet. New technologies such as RSVP (resource reservation protocol) and RTP
(real-time transport protocol) have therefore been developed to enable real-time
operation on today’s existing IP networks. More than anything else, however, it is
the sheer improvement in voice quality that has allowed the Internet telephony
technology to compete successfully with traditional telephone companies.
9.9 APPROVAL ISSUE AND INTERNET

TELEPHONY
On the approval front, there are a number of considerations that must be addressed
regarding Internet telephony, including connection scenarios, technical requirements,
64 and country-by-country regulatory differences.
The three basic types of connection in Internet telephony are telephone to telephone, Convergence, Internet
Telephony and VPN
telephone to computer, and computer to computer. At present, no specific country
approvals apply specifically to Internet telephony, although formal approval is
required for any equipment that connects directly to a public network. Such
connections comprise standard telephony connections to the public switched
telephone network (PSTN) via either approved telephones or modems;
connections via internal or external ISDN adapters (BRI or PRI); connections via
“nailed-up” circuits such as G.703s or X.21s; and connections via least-cost routers
or PBX systems.
9.10 TYPES OF EQUIPMENT REQUIRED FOR

INTERNET TELEPHONY
Exactly what kinds of hardware and software will be required for Internet telephony?
For each connection type, several components are necessary within a given telephony
network. On one side there are terminals for Internet telephony, much like traditional
telephones but with an Ethernet rather than an analog or digital connection to the
telephone network; alternatively, there are special PC programs that act as Internet
telephones (e.g. Microsoft NetMeeting and Vocal Tec Internet Phone). Gateways
are needed at the interface between the traditional telephone network and the IP-
based network to map the different signalling and transmission procedures; also
necessary are certain central components such as directory services to map and find
multiple terminal addresses (both IP and e-mail addresses and telephone numbers),
as well as servers for authentication and billing. These devices typify the range of
products now being developed for Internet telephony.
9.11 COMMERCIAL VIABILITY

Until very recently, Internet telephony has been widely accused of suffering from
poor voice quality and long time delays in transmission. These problems have now
been largely eliminated, making Internet telephony’s voice quality competitive with
that offered by its rival PSTN, and reducing delays to an acceptable 250 milliseconds
or less. Unlike traditional PBX telephony, Internet telephony cannot guarantee a
100% connection rate, but its reliability is sufficient to allow companies to save huge
sums of money over a relatively short period. Financial controllers of large companies
such as PepsiCo have already been persuaded on purely economic grounds to
implement IP telephony across their organizations. Industry reports endorse the claims
that Internet telephony is here to stay; Forrester Research even predicts that by the
year 2004, U.S. telephone companies alone will have lost some $3 billion to Internet
telephony. Little wonder, then, that traditional carriers and telcos are beginning to
feel the pressure.
9.12 THE H.323 STANDARD: AN INTRODUCTION

H.323 is an umbrella recommendation drafted by the ITU to define multimedia
communications in LANs that do not provide a guaranteed level of service quality.
Now dominating the world of data processing, such networks include packet-
oriented TCP/IP and IPX networks over Ethernet, Fast-Ethernet, or token-ring-
network topologies. H.323 and other similar standards promise to be extremely
important in the development and provision of new applications that will work
together network wide. 65
Cyberspace Network Components
H.323 contains technical requirements for audio and video transmission within LANs.
It covers four main components: terminals, gateways, gatekeepers, and multipoint
control units.
Communication
H.323 communication is defined as a combination of audio, video, data, and control
information. The standard’s mandatory components are transmission of audio,
connection control according to Q.931, communication with the gatekeeper over
the RAS protocol, and use of the H.245 signaling protocol; the rest of the text,
including coverage of the ability to transmit video and data, is optional.
IP Networks and Multimedia
H.323 also covers protected and unprotected connections. Control and data
information requires a protected transmission to prevent packets from being lost or
not received in the right order. For instance, with video, if a packet arrives late, it
loses its meaning and may not be inserted correctly in the clip being played. For this
reason, unprotected connections are used only for audio and video transmissions,
which are more efficient. In IP-based networks, the connection-oriented TCP
protocol, used for protected connections, guarantees an error-free transmission in
the right order but causes delays and has a lower throughput. H.323 references
TCP connections for the signalling protocol (H.245), for data transmission (T.120),
and for connection control (Q.931).
H.323 communication is defined as a combination of audio, video, __________
_______________________________, and _______________________.
9.13 SUMMARY
• Convergence is a method of doing many things in a single way. As far as our
course is concerned, Communication convergence is most important.
• Communication sector comprises broadcasting, telecom and information
technology.
• Malaysia is the first country to introduce Communication Convergence bill.
• A virtual private network (VPN) is a private data network that makes use of
the public telecommunication infrastructure, maintaining privacy through the
use of a tunneling protocol and security procedures.
• The three fundamental features that define virtual private networking are
encryption, authentication, and access control.
• VPNs can be used by is professionals via Intranet VPN, remote access VPN
and extranet VPN.
• Socks v5, PPTP (Point to Point Tunneling Protocol/ L2TPP Layer Two
66 Transport Protocol are VPN protocols.
• A corporation and its branch offices, is referred to as an “intranet VPN”. Convergence, Internet
Telephony and VPN
• The concept behind Internet telephony (also known as Voice over IP or IP
telephony) is the transfer of voice messages using Internet protocol (IP) networks.
• At present, Internet telephony is legal in India and fee has been reduced. It is
limited to legalizing PC to PC calls in India.
• PC to landlines telephony is still not permissible in India under the Government
of India Guidelines.

1) What do you mean by Convergence? Describe Communication convergence
with the help of a example?
2) Why are VPNs are still expensive? What types of VPNs are advisable for
Extranet Based?
3) Describe VoIP? What techniques are used here? What will be the impact on
the economy if PC to land phones telephony? Is allowed?

1) The Communication Convergence Bill would replace 5 existing laws. The Indian
Telegraph Act-1885, Cable TV Networks Act 1995, Indian Wireless
Telegraphy Act-1933, The Telegraph Wires (Unlawful Possession) Act 1950
and the Telecom Regulatory Authority of India Act 1997.
2) Intranet VPNs are semi-permanent WAN connections over a public network
to a branch office and are relatively isolated while extranet VPNs are intended
to reach partners, customers, suppliers and also remote employees.
3) (1) False, (2) True, (3) True
4) data and control information
Terminal Questions
2) Refer to section 9.4, 9.5, 9.6 of the unit.
3) Refer to section 9.7, 9.10 of the unit.
Apart from above, please follow other reference books for in depth knowledge.

1. Behrouz A. Forouzan. Data communication & Networking. 2nd ed. TATA
McGraw-HILL, 2003.
2. Dr. M. Jain and Satish Jain. Data communication and Networking. 1st ed .BPB,
2004.
67
The Regulability of
UNIT 10 THE REGULABILITY OF Cyberspace
CYBERSPACE
Structure
10.1 Introduction
10.2 Objectives
10.3 Desirability of Regulation of Cyberspace
10.3.1 Need for Regulation of Cyberspace
10.4 How Cyberspace can be Regulated

10.5 Legal and Self Regulatory Framework
10.5.1 Filtering Devices and Rating Systems
10.6 Government Policies and Laws Regarding Regulation of Internet Content

10.7 Regulation of Cyberspace Content in the United States
10.7.1 Communications Decency Act 1996(CDA)
10.7.2 Internet Online Summit (December 1997)
10.7.3 COPA
10.7.4 CIPA
10.7.5 Other Related Legislation
10.8 Regulation of Cyberspace Content in Australia

10.9 Regulation of Cyberspace Content in European Union
10.10 Regulation of Cyberspace Content in United Kingdom
10.10.1 Related Legislation in UK
10.11 Regulation of Cyberspace Content in India

10.12 International Initiatives for Regulation of Cyberspace
10.12.1 Organization for Economic Cooperation and Development (OECD)
10.12.2 UNESCO
10.13 Summary
10.1 INTRODUCTION
Internet is not a physical or tangible entity but rather a giant network which interconnects
innumerable smaller groups of linked computer networks. The term ‘online’ (relating to
the form of communication and its mode of transmission by telecommunication lines)
can also be used. There has been a rapid increase in the use of the online environment
where millions of users have access to internet resources and are providing contents on
a daily basis. This content can be accessed from any computer connected to the network 5
Social Issues in the though the content may be actually stored on a number of different computers or ‘servers’
Regulation of Cyberspace
which need not be in the same jurisdiction as the person who is accessing the material.
Internet users may be completely unaware where the resource being accessed, is in
fact physically located. This computer networking has been very helpful for businesses
of all types for a variety of commercial transactions and consumer services. Apart from
transactions involving physical goods, delivery of digitized information products such as
music, photographs, novels, motion pictures, multimedia works and software can also
be done online. In future also it leads to an increase of economic and creative interactions
and inevitably also leads to expansion of disputes involving acquisition, use, possession,
processing and communication of information.
The rules for regulating business interaction in a country are different from rules for
online commerce. Every country in the world is regulated by law, which is the primary
source of regulation. Social norms which guides ones behaviour also function as
secondary regulatory constraint. The third constraint is the market which regulates through
price mechanism by limiting the amount which a person can spend on different needs;
another constraint may be the nature of the world in which we exist. In the real world,
the person or the entity with whom interaction relating to business is going on can be
located; and thereby the validation of a transaction is facilitated. But in Cyber Space it
is very difficult, since parties to a transaction may be sitting in adjoining rooms or in
distant locations but the network offers no way to know it. It is often argued that
cyberspace is unavoidable but it is not regulable, its behaviour can’t be regulated.
According to Dr. Dan L. Burk, Assistant Professor of Lawseton Hall University, there
is simply no coherent homology between Cyberspace and real space, and screening or
blocking of Internet resources by country is nearly impossible. On the other hand it is
argued by Lawrence Lessing in his article ,‘‘The Laws of Cyberspace”, that Cyberspace
has the potential to be the most fully and extensively regulated space that has ever been
known – anywhere at any time in our history. According to him just as in real space,
behaviour in Cyberspace is regulated by four sorts of constraint i.e. law, social norms,
market and codes (also called architecture).
Every technological revolution brings with it a new spate of legal issues and legal
problems to be addressed. The real purpose of our study is to stress the need for
regulation of Cyberspace and the possibility and scope of its regulation.
10.2 OBJECTIVES
• explain the need and desirability for regulation of internet content both in developed
and developing countries;
• discuss that in relation to harmful content on on-line services, the greater emphasis
is on self-regulatory scheme of industry governance;
• discuss the nation’s legal policies and framework for regulating cyberspace;
• state the desirability for international framework of principles, guidelines and rules
for global communication; and
• discuss the need for coordinated national, if not international criminal laws to deal
with illegal content on online services.
6
The Regulability of
10.3 DESIRABILITY OF REGULATION OF Cyberspace
CYBERSPACE
10.3.1 Need for Regulation of Cyberspace
The following reasons can be cited in favour of the above proposition:
1) The most visible and readily sensational concern is about the use of internet
particularly for the distribution of obscene, indecent and pornographic content.
The use of internet for child pornography and child sexual abuse and the relative
ease with which the same may be accessed calls for strict regulation.
2) The challenge that Cyberspace is posing to traditional notions of jurisdiction and
regulation is another factor. The increasing business transaction from tangible
assets to intangible assets like Intellectual Property has converted Cyberspace
from being a mere info space into important commercial space. The attempt to
extend and then protect intellectual property rights online will drive much of the
regulatory agenda and produce many technical methods of enforcement.
3) With the inventions of new technologies, the media has enhanced the possibility of
invasion of the privacy of individual and bringing it into the public domain. The
major area of concern where some sort of regulation is desirable is data protection
and data privacy so that industry, public administrators, netizens, and academics
can have confidence as on-line user.
4) Encryption is the process of converting a message or document into a form which
hides the content of the communication from the eyes of an eavesdropping third
party and needs to be decrypted if its content is to be read. New cryptographic
techniques (cryptography is the process used to encode/encrypt electronic
information) are commonly cracked in a relatively short time by computational
force or by other analytical means. Therefore another area in which regulation has
assumed importance is in the debate over whether the public should be permitted
to use ‘cryptography’ or not.
5) Internet has emerged as the ‘media of the people’ as the internet spreads fast there
were changes in the press environment that was centered on mass media. Unlike
as in the established press, there is no editor in the Internet. In the press and
publication environment, editors check the truthfulness of facts and circulate them
once the artistic values are confirmed. On the internet however, people themselves
produce and circulate what they want to say and this direct way of communication
on internet has caused many social debates. Therefore the future of Cyberspace
content demands the reconciliation of the two views of freedom of expression and
concern for community standards.
6) Another concern is that, money laundering, be ‘serious crime’ becomes much
simpler through the use of net. The person may use a name and an electronic
address, but there are no mechanisms to prove the association of a person with an
identity so that a person can be restricted to a single identity or identity can be
restricted to a single person. Viruses, rumor-mongering, hate-mail and mail box
bombardment are all describable phenomena and because of the fear of retribution
all are more likely to use fake identity or may be anonymous mailers rather then a
readily identifiable person. Therefore Cyberspace needs to be regulated to curb
this phenomenon.
Please answer the following Self Assessment Question. 7
Social Issues in the
Regulation of Cyberspace Self Assessment Question 1 Spend 3 Min.
Describe the need for regulation of cyberspace?

.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
10.4 HOW CYBERSPACE CAN BE REGULATED

In “Code and other Laws of Cyberspace”, Lawrence Lessing argues that the architecture
(code) of the internet i.e. The hardware and software of Cyberspace that define the
system can be a form of regulation. It is a set of rules implemented or codified in the
software by the code writers, requiring the constant certification of identity.
In “A Non delegation doctrine for the digital age” (Cited: 50 Duke L.J. 5), James Boyle
argued that regulation of the internet can increasingly rely on a three fold strategy:
i) Privatization: The state can use a private body to achieve those goals which it
could not get directly and then implement that body’s decision through mandatory
technological arrangements. For e.g. for Copyright enforcement in Cyberspace,
the Clinton administrations original plan was to make Internet Service Providers
(ISPs) strictly liable for copyright violations by their subscribers – thus creating a
private police force, largely free of statutory and constitutional privacy constraints
with strong incentives to come up with innovative surveillance and technical
enforcement measures.
ii) Propertization: According to him, first of all an attempt is to be made to extend
and then protect intellectual property rights online. This will produce many technical
methods of enforcement.
iii) Technological Controls the system is to be designed so as to hardware in desired
regulatory features. For e.g. Digital texts and music could be encoded to a particular
person. Detection devices could be built in to players, so that others cannot play
one’s music. Unique identifiers could be built into computer chips, so that a
person’s computer would broadcast a universal ID with an associated set of legal
8 characteristics as you roamed the net.
Blocking software or Internet contents grading system are other forms of regulations The Regulability of
Cyberspace
based on technology. In Korea, the government has started the internet contents grading
system. The system forces the sites designated as ‘content harmful to minors’ to attach
an electronic tag that the blocking software can catch. Especially the Korean government
categorises homosexual sites as content harmful to minors and those sites are often
blocked.
10.5 LEGAL AND SELF REGULATORY

FRAMEWORK
In any country the role of government is seen as the provider of legal and regulatory
framework within which its subjects have to function. In this context of regulation of
cyberspace it can be said that the Internets’ design precludes central control which may
be regulated by government to make the information economy safe, secure, certain and
open. Rather in the last few years outstanding progress has been made in identifying
appropriate structures for industry self-regulation with the minimum appropriate level
of government intervention. The development of technology to permit content labeling
and the early growth of complaint hot lines in a number of countries have helped to
provide the ingredients for self-regulatory schemes. Here we will discuss some of the
major developments in the area of national and international cooperative, major
developments for effective online industry regulation in various countries, and end-user
voluntary use of filtering/ blocking technologies. This approach is taken in United
Kingdom, Canada, New Zealand and a considerable number of Western European
countries.
But the idea that Cyberspace should be presumptively self-governing has resounded in
thoughtful scholarship and has been criticized by many scholars and it has been argued
that the selective government regulation of Cyberspace is warranted to protect and
promote liberal democratic ideas. However in this unit we will not go into the jurist’s
debate whether Cyberspace can be self regulated or not but try to find out the possibilities
in the existing legal framework in various countries for regulating internet content.
10.5.1 Filtering Devices and Rating Systems

‘Filters’ are software tools used to block access to unwanted material. By the 1990’s,
concerns about problematic content on on-line services had prompted the development
of a range of content filter software and rating systems including the Platform for Internet
Content Selection (‘PICS’); for example, E-mail filters automatically delete the bulk of
unread e-mail messages commonly known as ‘spam’ and can also be customized to
delete incoming messages from particular sources. There can be site blocking filters to
screen out specified websites or websites containing specified keywords that the system
presumes to relate to other objectionable content. Site blocking filters also may use a
protocol ‘PICS’ developed by the World Wide Web Consortium (‘W3C’) to develop
common protocols for the World Wide Web’s evolution and ensure its interoperability.
Organizations in several countries have established labeling schemes, which conform to
the PICS standards, designed for use by parents and schools. For example, RSACi
(Recreational Software Advisory Council labeling scheme for the Internet) rating system
addresses the level of violence, sex, nudity, and language on a website and operates as
a classification of the content on an Internet site rather than making a judgment about its
appropriateness for any given audience or purpose. Such an approach has advantages
over those filtering programmes that operate on a keyword basis to exclude offensive 9
Social Issues in the material but inevitably, a significant amount of useful, inoffensive content is also
blocked. However its major disadvantage is that it is limited to rating functions, rather
than more general information. Consequently, it is not adapted to perform more complex
information retrieval searches. Other labeling schemes are Safe surf, Cyber Patrol
and Surf Watch.
In 1997 W3C created the ‘Metadata Activity’, which includes the Resource Description
Framework (RDF) Working Group. RDF is a protocol for description of Internet content
based on a set of 105 ‘categories’ of information, known as the ‘Dublin Core’, which
is used to Filter out obscene content. However it does not deal with controversial
content or aim to protect children from harmful content, but describes those aspects of
content such as authorship, publishers, date and source in a similar way to that developed
by library catalogues and facilitates more effective searching. Examples of its
applications include search engine data collection and digital library collections.
Therefore it has not been widely used as an alternative to those schemes that eliminate
content on the basis of controversial content alone (see speech by Gareth Grainger).

What do you mean by the term filters? Give examples.
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
10.6 GOVERNMENT POLICIES AND LAWS

REGARDING REGULATION OF INTERNET
CONTENT
According to Electronic Frontiers Australia (EFA, March 2002) report on government
policies regarding internet censorship in various countries, government policies can be
classified into the following four categories:
1) The policy to encourage self regulation.
2) Criminal law penalties (Fines or Jail Terms) applicable to content providers who
make content “unsuitable for minors” available online.
3) The government has also mandated blocking of access to content deemed unsuitable
for adults; for example Australia, China, Saudi Arabia, Singapore etc.
4) A number of countries have either prohibited general public access to the internet
or require internet users to be a registered / licensed by a government authority
10 before permitting them restricted access.
However concerns over access to content on internet vary markedly around the world The Regulability of
Cyberspace
and this is reflected by the respective regulatory policies, which we will now discuss
below.
10.7 REGULATION OF CYBERSPACE CONTENT

IN THE UNITED STATES
The exponential growth in the usage of on-line services in the United States in the late
1980s and early 1990s led to demands for its operations to be regulated.
10.7.1 Communications Decency Act 1996 (CDA)
The Section 502 of the CDA amended sections 223(a) and (d) of Title 47 of the United
States Code (‘USC’). It prohibits the making and transmission of obscene or ‘indecent’
material to a minor by means of a telecommunications device, and the use of an interactive
computer service to send or display ‘patently offensive’ material to minors. The provisions
also prohibited a person from knowingly permitting a telecommunications facility under
that person’s control to be used to commit these offences. However Supreme Court in
American Civil Liberties Union v, Janet Reno, Attorney General of the United States;
American Library Association, Inc. v, United States Department of Justice (the ‘CDA
Case’, 1997) declared unconstitutional the above two statutory provisions as a violation
of both freedom of speech and personal privacy.
10.7.2 Internet Online Summit (December 1997)
One of the consequences of the US Supreme Court’s rejection of the CDA in July
1997 was the calling of an Internet on-line Summit, entitled ‘Focus on Children’, to
examine alternative strategies to promote children’s interests on-line. The Summits main
focus was on the issue of appropriate content for children and personal safety, it also
emphasized the need to enforce existing obscenity laws and laws against child
pornography. At the Summit, the US Internet Service Provider (‘ISP’) industry
announced its new ‘zero tolerance’ policy against child pornography, involving full
cooperation with law enforcement agencies, and the use of the Cyber tip line also
announced at the summit. Strategies for specialist training for police officers in the
investigation of computer crime were put forward.
10.7.3 COPA
In 1998 US Congress enacted Children Online Protection Act (COPA), which was
very narrow in scope and covered only communications that were made for commercial
purposes on the World Wide Web but the same was struck down by Supreme Court in
Aschcroft vs American Civil Liberties Union (2004).
10.7.4 CIPA
In 2000 Children Internet Protection Act (CIPA) was passed. This Act requires the
schools and libraries to install filters on computers used by minors and adults.
10.7.5 Other Related Legislation
The two legislations which need to be mentioned here are:
i) Uniform Electronic Transactions Act, 1999 (UETA) - to remove barriers to
electronic commerce by validating and electronic records and signatures. However
the substantive rules of contract remain unaffected by it. 11
Social Issues in the ii) Uniform Computer Information Transaction Act, 2000 (UCITA)
According to UCITA, for a transaction to be ‘Computer Information Transaction’, the
main focus of the transaction must be acquiring the computer information, access to it,
or its use and not a mere incident of another transaction. The act applies to contracts
for the development or creation of computer information, such as software development
contracts and contracts to create a computer database. This Act does not apply to
many cases in which one person provides information to another person for another
transaction such as making an employment or loan application.

IN AUSTRALIA
In Australia, the growth in the use of the Internet and the concern for abusive content
on the internet led to the establishment of the Australian Broadcasting Authority
(‘ABA’) which was established pursuant to the Broadcasting Services Act 1992 by
the Commonwealth of Australia for the regulation of broadcasting media in Australia.
The ABA’s 1996 report on content of on-line services, recommended in favour of a
scheme of industry substantial self-regulation for on-line services with voluntary codes
of practice supported by the labeling of on-line content using PICS and identified the
advantage of PICS protocol in Australia. Following on from this Report, on 15 July
1997 the Australian Minister for Communications and the Arts and the Australian
Attorney-General announced 47 principles for a national approach to regulate the
content of on-line services (Internet), ‘inferring’ towards the view that ‘material
accessed through on-line services should not be subject to a more onerous regulatory
framework than ‘off-line’ material such as books, videos, films and computer games’.
For the investigation into matters relating to future regulatory arrangement of online
services ABA formed a children and content online task force which works in three
key areas (a) contact and safety issues (b) illegal content and (c) unsuitable content
areas that affect children and has also developed a set of practical recommendations,
aiming to address this.
Broadcasting Services Amendment (Online Services) Act, 1999
This Act came into force on January 1, 2000. There is a provision for additional
access prevention method other than ISP blocking of overseas hosted material at
server level.
10.9 REGULATION OF CYBERSPACE CONTENT IN

EUROPEAN UNION
The approach of a large majority of (perhaps all) European Union Member States in
dealing with illegal and harmful content on the Internet appears to be in accord with the
1996 recommendations of the European Commission advocating the use of filtering
software and rating systems, and an encouragement of self-regulation of access-
providers. In these countries, laws regarding material that is illegal offline, such as child
pornography and racist material, also apply to Internet content. With regard to material
unsuitable for children, the EU Safer Internet Action Plan covering the period 1999-
12 2002 has a budget of 25 million euro and has three main action lines;
• Creating a safer environment through promotion of hotlines, encouragement of The Regulability of
Cyberspace
self-regulation and codes of conduct,
• Developing filtering and rating systems, facilitation of international agreement on

rating systems,
• Awareness: Making parents, teachers and children aware of the potential of the
Internet and its drawbacks, overall co-ordination and exchange of experience.

IN UNITED KINGDOM
In September 1996 UK Government issued R3 Safety-Net action plan (now Internet
Watch Foundation, IWF), developed by UK ISP trade associations and where it is
agreed by Government involve industry for establishment of complaints hotline and
related take-down procedures for illegal Internet content, primarily child pornography.
In February 2002, the IWF announced that it would henceforth also deal with “criminally
racist content”.
10.10.1 Related Legislation in UK

1) Data Protection Act, 1998 for the regulation of processing of information relating
to individuals including the obtaining, holding, use or disclosure of such information.
2) Electronic Communications Act, 2000 to facilitate the use of electronic

communications and electronic data storage.

IN INDIA
In India, cyber laws are contained in the Information Technology Act 2000. The main
objective of the Act is to provide legal recognition for transactions carried out by means
of electronic data interchange and other means of electronic communication, commonly
referred to as e-commerce, which involve the use of alternatives to paper-based methods
of communication and storage of information to facilitate electronic filing of documents
with the Government agencies.
Digital Signatures [Chapter II]
Any subscriber (i.e., a person in whose name the Digital Signature Certificate is issued)
may authenticate electronic record by affixing his Digital Signature. Electronic record
means data record or data generated image or sound, stored, received or sent in an
electronic form or microfilm or computer generated microfiche.
Electronic Governance [Chapter III]
Where any law provides submission of information in writing or in the typewritten or
printed form, it will be sufficient compliance of law, if the same is sent in an electronic
form. Further, if any statute provides for affixation of signature in any document, the
same can be done by means of Digital Signature.
Similarly, the filing of any form, application or any other documents with the Government
Authorities and issue or grant of any licence, permit, sanction or approval and any 13
Social Issues in the receipt acknowledging payment can be done by the Government offices by means of
electronic form. Retention of documents, records, or information as provided in any
law, can be done by maintaining electronic records. Any rule, regulation, order, by-law
or notification can be published in the Official Gazette or Electronic Gazette.
However, no Ministry or Department of Central Government or the state Government
or any Authority established under any law can be insisted upon acceptance of a
document only in the form of electronic record.
Regulation of Certifying Authorities [Chapter IV]
The Central Government may appoint a Controller of Certifying Authority who shall
exercise supervision over the activities of Certifying Authorities.
Digital Signature Certificate [Chapter VII]
Any person may make an application to the Certifying Authority for issue of Digital
Signature Certificate. The Certifying Authority while issuing such certificate shall certify
that it has complied with the provisions of the Act.
Penalties and Adjudication [Chapter IX]
If any person without the permission of the owner, accesses the owner’s computer,
computer system or computer net-work or downloads copies or any extract or introduces
any computer virus or damages computer, computer system or computer net work
data etc. he/ she shall be liable to pay damage by way of compensation not exceeding
Rupees One Crore to the person so effected.
The Cyber Regulations Appellate Tribunal [Chapter X]
Under the act, the Central Government has the power to establish the Cyber Regulations
Appellate Tribunal having power to entertain the cases of any person aggrieved by the
Order made by the Controller of Certifying Authority or the Adjudicating Officer.
Offences [Chapter XI]
Tampering with computer source documents or hacking with computer system entails
punishment with imprisonment up to three years or with fine up to Rs. 2 lakhs or with
both.
Publishing of information, which is obscene, in electronic form, shall be punishable with
imprisonment up to five years or with fine up to Rs. 10 lakh and for second conviction
with imprisonment up to ten years and with fine up to Rs. 2 lakhs.
10.12 INTERNATIONAL INITIATIVES FOR

REGULATION OF CYBERSPACE
Today there is a need for an international framework of principles, guidelines and rules
for global communications for the twenty-first century. In July 1997, the German
Government hosted an International Conference in Bonn on the topic ‘Global
Information Networks’, in cooperation with the European Commission. It was attended
by Ministers from 29 European Union, EFTA, CCEC and G7/G8 countries as well as
by representatives of on-line content providers, access and service providers and users
of on-line services. It resulted in the adoption of the ‘Bonn Declaration’ of the Ministers
14 as well as declarations by industry and user participants.
The Bonn Declaration pointed in the direction of: The Regulability of
Cyberspace
1) using current national legal frameworks for the enforcement of criminal law
provisions where appropriate in respect of on-line crime;
2) development by industry of common principles for schemes of self-regulation

regarding content of on-line services; and
3) establishment of national hotlines for complaints regarding on-line content and for
some appropriate interconnection and interaction between national hotlines.
Martin Bangemanns, EC Commissioner in her speech of 8 September 1997 to the

International Telecommunications Union in Geneva has pointed out that there is a need
for an international charter for global communications, and in particular governing
activities carried out over the Internet, could provide a suitable framework covering
such issues as the legal recognition of digital signatures, encryption, privacy, protection
against illegal and harmful content, customs and data protection. The tools for achieving
these objectives would include mutual recognition, self-regulation and, if needed,
regulation.
In 29 June 1998, on invitation by Martin Bangemann, business leaders from around the
world participated in a discussion on global communication issues, with the objective to
explore the need for strengthened international coordination which resulted in the
formation of Global Business Dialogue and it was resolved that wherever possible, it
should avoid legislation, and concentrate on market-led, industry- driven, self-regulatory
models and any regulation should ensure competition. It should focus on a well-defined
list of issues on which quick progress can be made with the close cooperation of business,
consumer groups and governments of all countries who wants to participate and work
on these issues should be industry-led and coordinated with relevant international bodies.
Two organizations closely involved in this process were the Transatlantic Business
Dialogue and the US-Japan Business Council. Attendance at the first meeting of the
GBD’s Business Steering Committee took place in New York on 14 January 1999 and
consisted largely of representations of major corporations from United States, Europe
and Japan. However, the issue of Internet content was not considered amendable to
relatively fast solutions by the GBD and so Internet content is not receiving immediate
attention from this Group.
In 27 February 1999, the first meeting of the International Network of Experts on Self-
Regulation for Responsibility and Control on the Internet was held at New York. This
network was brought together by the Bertelsmann Foundation, a charitable foundation
which owns the controlling interest in Bertelsmann Corporation, the German media and
publications enterprise, as a part of its advocacy of self-regulatory solutions to the
problems of Internet content. The three regulatory agencies represented at the meeting
were the Australian Broadcasting Authority, the Canadian Radio Telecommunications
Commission (by Mr. Ted Woodhead) and the Singapore Broadcasting Authority (by
Ms. Ling Pek Ling); all of which are actively dealing with the issues of self-regulation of
harmful content on the Internet.
The above study reflects different legal policies in the world for regulation of cyberspace
and International efforts to deal with it. However some sort of criminal penalties should
also be there in all national laws for which coordinated criminal laws are needed to deal
with illegal content on on-line services. 15
Social Issues in the 10.12.1 Organization for Economic Cooperation and
Development (OECD)
The OECD an international organization working in the area of data privacy and
information security, established an ad hoc process of meetings (the first was on 1-2
July 1997 and second on 22 October 1997) on approaches being taken in major
industrial countries for the regulation of content conduct on the Internet. The meeting
acknowledged the primary role of the private sector in regulating the Internet. However
at the joint OECD/Business and Industry Advisory Committee forum held on 25 March
1998 in Paris, the OECD resolved to do no further work in this area. On 19 April
2006, OECD task force on spam has recommended that Governments and industry
should step up their coordination to combat the global problem of spam. It calls on
governments to establish clear national anti-spam policies and give enforcement
authorities more power and resources. Co-ordination and co-operation between public
and private sectors are critical, the report notes.
10.12.2 UNESCO
The United Nations Educational, Scientific and Cultural Organization (UNESCO) was
founded on 16 November 1945. At the 29th UNESCO General Conference held in
Paris from 21 October to 12 November 1997 the Director-General of UNESCO
made a preliminary report on the feasibility of an international instrument on the
establishment of a legal framework relating to cyberspace. It recommended the
preservation of a balanced use of language on cyberspace, which represented the
concern of non-Anglophone countries at the domination of English as the language of
the Internet. Today, UNESCO functions as a laboratory of ideas and a standard-setter
to forge universal agreements on emerging ethnical issues: the organization also serves
as a clearing house – for the dissemination and sharing of information and knowledge –
while helping Member States to build their human and institutional capacities in diverse
fields.

State whether the following statements are true or false:
a) In Australia, government has mandated blocking of access to content deemed
unsuitable for adults.
................................................................................................................
b) In Korea, the government has no system of Internet content grading.
................................................................................................................
c) Australian Broadcasting Authority and Singapore Broadcasting Authority are
the only two regulatory agencies in the meeting of International Network of
Experts (Feb, 1999).
................................................................................................................

16
The Regulability of
10.13 SUMMARY Cyberspace
• There has been rapid increase in use of internet for various types of commercial
transactions and consumer services.
• For the safe carriage and conduct of Cyberspace, regulation ought to be identified
as appropriate and necessary.
• The necessity arises due to the expansion of economic and creative interaction
which in term led to disputes involving acquisition, use, possession, processing
and communication of information.
• The use of internet for obscene, indecent and pornographic content, rumor
mongering, viruses, cyber crime, possibility of invasion of privacy of individuals,
all this emphasized the need for cyberspace regulation.
• Legal policies in various countries like USA, UK, European Union, and New
Zealand show that in the context of regulation of Cyberspace more emphasis is on
self regulation through use of filtering/blocking technologies.
• There is need for coordinated international guidelines and principles to regulate

cyberspace.
• International organizations such as OECD and UNESCO can play an important

role in framing international regulatory framework for internet.

1) Discuss the need for Cyberspace Regulation.
2) What are government policies and laws regarding Cyberspace Regulation in USA,
India and UK?
3) “Internet design precludes central control by government rather an attempt has

been made for industry self regulation.’’ Comment.

1) Yes, there is a need for regulation of cyberspace. The use of internet for
distribution of obscene, indecent and pornographic content, and child
pornography; increasing numbers of business transactions through internet
and issue of intellectual property rights; issues of privacy and emerging cyber
crimes are major areas of concern today that point towards the need to regulate
cyberspace.
2) ‘Filters’ are software tools used to block access to unwanted material. Examples
are E-mail Filters, Site Blocking Filters.
3) (a) True, (b) False & (c) False 17

Social Issues in the Terminal Questions
1) Refer to section 10.3.
2) Refer to section 10.7, 10.10 & 10.11 of the unit.
3) Refer to section 0.5 – 10.12 of the unit.
10.16 REFERENCES AND SUGGESTED

READINGS
1. ‘‘Anti Spam Toolkit of recommended policies and measures’’. OECD Task force
on Spam. 19 April 2006. 30 Dec. 2006<http://www.oecd-antispam-org>.
2. ‘‘Internet Censorhsip: Law and Policy around the world’’. Electronic Frontiers
Australia (EFA). 28 Mar. 2002. 2 Dec.2006<http://www.efa.org.au/>.
3. Dr. Dan L. Burk. “Jurisdiction in a Word without Borders”. Virginia Journal

of Law and Technology university of Virginia, 1997.23 Nov. 2006 <http:/
vjolt.student.virginia.edu>.
4. Gareth Grainger. “Freedom of Expression and regulation of Information in

Cyberspace: Issues concerning potential information cooperation principles for
cyberspace”. speech given at UNESCO INTERNATIONAL CONGRESS,
INFO Ethics ’98, Monte Carlo, Monac. 1 Sept. 1998.
5. James Boyle. “In a Non Delegation Doctrine for the Digital Age”. Duke L.J. 5.50.
6. Lawrence Lessing. “Commentories – The Law of the Horse: what cyberspace

might teach’’. Harvard Law Review 113(1991):501. <http:// www.lessing.org/
control/articles/works/finalhls.pdf>.
7. Lawrence Lessing. “Code and Other Laws of Cyberspace”.1999. 85-99.
8. Lawrence Lessing. “The Laws of Cyberspace”. essay presented at – Taiwan

Net ’98 Conference in Taipei, Mar. 1998. 24. Nov. 2006<http://www.lessing.org/
content/articles/works/laws_cyberspacepath>.
9. Martin Bangemann’s. “New World Order for Global Communications – The Need
for an International Charter”. Speech given at International Telecommunications
Union, Geneva.8 Sept. 1997.
18
E-governance
UNIT 11 E-GOVERNANCE
Structure
11.1 Introduction
11.2 Objectives
11.3 Concept of E-governance
11.4 Components of E-governance
11.5 Rationale for E-governance
11.6 Benefits of E-governance
11.7 E-governance Initiatives in India

11.7.1 National E-governance Action Plan
11.7.2 E-governance Initiatives at National Level
11.7.3 E-courts: ICT in Judiciary
11.7.4 E-governance Initiatives at State Level
11.8 Legal Framework for E-governance
11.9 Obstacles in Implementing E-governance
11.10 Summary
11.1 INTRODUCTION
This is perhaps one of the most interesting times when we are undergoing such
significant changes in the way we live and operate as a society. We have witnessed
phenomenal of changes in societies around the world in a very short period, and the
source of agents of some of these changes is new technologies and the Internet. In
the past decade and a half we have seen every aspect of the lives of individuals and
organizations go through many transformation evolutions. Large, medium and small
corporations alike have discovered the need to adapt to the new technologies, or
sink in the emerging global knowledge economy. There is no facet of life in the
industrialized and developing world that has not undergone some form of alteration.
The resultant new information economy has brought with it different approaches to
work. There has been a surge in tele-workers, entrepreneurs and home-run businesses.
Corporations have downsized, and knowledge workers migrate from company to
company, open to the highest bidder and the organization with the best deal. The
highly proficient, intelligent and innovative knowledge worker is in demand. Knowledge
itself seems to have become a commodity in the marketplace of ideas. We now live
in an intensely information driven society. 19
Social Issues in the Nowhere has this been more evident than with government, who constantly have to
cope with the persistently emerging new technologies and new demands from citizens.
In today’s wired world, the interactive citizen is one of the fundamental cornerstones of
change. Governments can no longer simply be dispensers of information. New
technologies are being used not only to deliver services to the public but also to enhance
government administration and facilitate businesses. Information sharing is of
particular relevance to developing countries. The application of IT to government
processes, E-governance in short, can have a profound impact – on the efficiency,
responsiveness and accountability of government; thereby, on the quality of life and
productivity of citizens, especially the poor and ultimately, on the economic output and
growth of the country as a whole.
11.2 OBJECTIVES
• explain the concept of E-governance, and its various components;
• know the rationale for E-governance;
• list the benefits of E-governance;
• describe E-governance initiatives in India and its objectives;
• know the legal framework for E-governance in India; and
• describe what are the challenges in implementation of E-governance.
11.3 CONCEPT OF E-GOVERNANCE

E-governance is the short form of ‘electronic governance’. Governance includes those
processes and systems by which an organization or a society operates. Within the
context of any institution or society, governance describes the mechanism through which
decisions are made and implemented in order to conduct the affairs of that organization
or society. Governance may be defined as the way society works and is organized.
If governance is done through the use of Information and Communication Technology

(ICT) it is said to be E-governance. Thus in general E-governance denotes use of ICT
in any organization i.e. governing through electronic mode. But the term is now used
with a particular meaning and in a particular context. Increasingly E-governance is used
to refer performance of governmental function through the application of ICT, the most
well known part of which is ‘internet’. The term E-governance refers to governance
processes in which Information and Communications Technology (ICT) play a
significant role. The role played by ICT could be wide-ranging: from delivery of
governance services, to how people access such services, and the participation of
people in the sphere of governance. E-governance uses ICT to induce changes in the
delivery and standards of governance services and more importantly, in the way citizens
interact and participate in governance. The meaning and use of the term E-governance
is with reference to the functions which are being performed by the Government of any
country. In common parlance there are two terms which are quite often used
20 interchangeably: E-government and E-governance.
However the scope of the later term is broader than that of the former. E-government E-governance
is the use of ICT to provide access to and delivery of government services to benefit
the general public. E-government thus provides citizens the ability to obtain government
services through electronic means, enabling access to government information and
completion of government transactions on an anywhere, anytime basis. The idea is
simply to create the capability for providing the citizens access to government
departments through electronic networks. In fact through E-government the following
objectives are achieved:
i) Achieving visibility i.e. the general public comes to know about that organ of
Government. Most of the sites maintained by State provide certain basic
information and profile of that state.
ii) On-line access to information in public domain. Knowledge of laws, rules and
regulation reports of various commissions etc. are being provided by Government
on-line now.
iii) Completing transaction on-line like filing of tax returns, driving-licences,

passport etc.
Thus through E-government, the broader objective of paper-free and hassle-free

government offices is achieved.
With the implementation of E-governance, though many of the citizen’s worries can be
solved, the ultimate goal is to achieve ‘good-governance’; a government in which people
have active participation, a government which is transparent, responsive, effective and
result-oriented. It is the ICT internet in particular, with its capacity to break the barriers
of time and distance and to bring together a wealth of information from a virtually
unlimited number of sources, that has the potential to transform traditional governance
and to achieve good-governance. Thus comes the concept of E-governance, i.e. use of
ICT to ensure the citizen’s participation in governance and allowing him/her to
communicate with the government. The E-governance will truly allow citizens to
participate in the government at decision and policy-making process, reflect their true
needs and welfare by utilising E-government as a tool. In simple words, E-governance
is the use of ICT by Government to deliver information and services, to encourage
citizen’s participation, to redress public grievances and to make its machinery more
responsive, accountable and effective. In fact, through E-governance, the aim of
SMART governance is to be achieved:
Simple – Because there are no elaborate procedures, no paper work and no need for
frequenting government offices.
Moral – The system is cleaned up of corruption and other unethical practices.
Accountable – Since all the information is in public domain, government’s accountability

enhances.
Responsiveness – Through the use of ICT; Government can be in regular touch with the
masses and get their feedback.
Transparency – The information which was shrouded in secrecy within dark file
chambers will become available to all on the click of a mouse.
21
Social Issues in the Please answer the following Self Assessment Question.
‘E-governance is the application of ICT to governmental processes’. Do you agree?

........................................................................................................................
........................................................................................................................
........................................................................................................................
........................................................................................................................
........................................................................................................................
........................................................................................................................
11.4 COMPONENTS OF E-GOVERNANCE

In order to make E-governance effectual ICT is to be applied not only between
government and citizens and within various levels of government, but also between
different interest groups like business, NGOs etc and the Government. Following are
the main components of E-governance:-
1) Government-Citizen Interface
This is the primacy component of E-governance since the citizens are mostly a harassed
lot in their dealings with the Government. One of the most promising aspects of the E-
governance is its ability to bring citizens closer to their governments: both as voters and
stakeholders or as customers who consume public services.
As voters and stakeholders in a democratic country like ours, citizens can be given
access to the information relating to government policies, programmes etc. run for their
welfare. The citizens can give their feedback on-line and they can also suggest measures
to enhance effectiveness of government policies and programmes.
Citizens are also consumers of a number of Government services. E-governance
initiatives can attempt to make transactions such as renewing licences and certifications,
paying taxes etc. less time consuming and easier to carry out.
2) Government – Government Interface
Government itself is a very complex structure and it is divided into various ministries
and departments. In addition to central government there are also state governments
and local governments. There communication gaps and lack of proper coordination
can result in ineffective administration, delays etc. Government to government interface
via internet will ensure speedier flow of information, instructions, and compliance reports
hence ensuring smooth functioning at all levels of government.
3) Government – Business Interface
The use of ICT will cause business and government to come closer. In a country like
India where there is a mixed economy, the role of Government is to give directions for
economic development. It sets policy guidelines and targets (in terms of GDP etc.)
22 which both the public and private sectors strive to achieve. With the smooth flow of
information and instructions to and for there would be better understanding and E-governance
coordination between business and government.
4) Government – Employee Interface
This is yet another important aspect of governance because employees working in
government departments form the backbone of the whole system of Governance. Be it
a military personnel or a clerk in a government department, each has got its own role to
play and hence there is the need for communication between the Government and its
employees.
5) Government – Society Interface
In any society there are various interest groups such as trade unions, political parties
and now more importantly NGOs. NGOs have, over a period built for themselves a
special role in our democratic setup. They are now entrusted with a range of tasks in
the welfare of society right from poverty alleviation to health care, environment
protection etc. With the use of ICT, Government can maintain regular communication
with society.
11.5 RATIONALE FOR E-GOVERNANCE

ICT is an effective tool for bringing revolutionary changes in governance. E-governance
ensures that citizens can avail of governmental services easily and can participate in
governmental policy making processes. The citizens are no longer merely passive
recipients of government services. They have a say about the types and standards of
government services they want and the governance structures which can best deliver
them. The modern state is a welfare state and the emphasis is on good-governance.
The rationale of E-governance is its capacity to provide good-governance. The
Government has to be responsive, transparent, allowing participation of citizens,
consensus oriented, effective, efficient and accountable. Now the question is how the
same can be ensured? How can government become more responsive and accessible?
How can it improve services, health care and education? These questions can be
adequately answered through the adoption of E-governance. E-governance has been
widely accepted as a methodology to improve transparency, administrative efficiency,
and public services, to provide citizens new governmental services and bring new sections
of society under the governance sphere, like the differently abled. Let us examine in
some detail the role of E-governance in the promotion of democracy & citizen’s
participation.
E-governance & Democracy
The first important role which E-governance can play in promoting democracy is that of
building government accountability and transparency in decision making so that there is
increased citizen’s trust in government. E-governance makes governance more
representative, more individual based and pro-active. It does not require an individual
to come to the government for services. It leads to closer contact of individuals with
decision-makers and hence greater access and control over governance thus leading to
more transparent, accountable and efficient governance. To effectively involve various
stakeholders like political parties, interest groups, NGOs, business, and interested citizens
in the governmental process, is another big challenge which can be met through E-
governance. For this purpose, online consultation portals can be developed. The
Governments of United Kingdom, Canada, and New Zealand have special portals to
promote open consultations across their governments. 23
Social Issues in the E-governance and Information Sharing
Information Sharing is a democratic tool. It has been said that access to information
is power. Those who have access to information can use it selectively to create
hierarchical structures in the society resulting in unequal distribution of power.
Limiting access to information to a few will open up possibilities for manipulation of
information for private gains. Hence it is necessary that there is equitable distribution
of information and information sharing is an essential activity for governments in
E-governance. Information sharing will become an essential part of the democratic
process as governments become more open and accountable. ICT has created new
expectations and citizens are now beginning to demand accountability and better
access to government information. Sharing information with public will bring more
accountability as well as other benefits to the public.
E-governance and Greater Citizen Participation
Governments can ensure increased citizen participation through E-governance. This
can be done by making more information available online, seeking input from people on
government programmes & issues online and encouraging online discussion groups on
important national issues, providing grants to organizations seeking online democratic
activities etc. While doing this, care is to be taken of the special needs and local community
requirements. Thus developing easy-to-use websites to facilitate seamless access by
citizens is necessary in villages. Effort should be made to develop information policies
embracing all levels of society.
From the above discussion it is clear that E-governance can go a long way in promoting
greater citizen participation and in strengthening democracy. This provides the rationale
for investing in E-governance.
11.6 BENEFITS OF E-GOVERNANCE

In this part we attempt to examine the reforms which can be made in the administrative
process through E-governance. This will spell out the benefits of E-governance. The
reforms in the administrative process have focused on restructuring the systems and
processes to enhance service delivery capacity. ICT can be used to give further impetus
to this process. ICT can help in the following manner:-
1) Automation of Administrative Processes: Till now the administrative process
has been largely manual and involves a large bureaucratic structure. ICT can be
used to make this system automatic. There are various tasks in government
offices which are repetitive in nature for instance, filing of forms, periodic
information reporting etc. These tasks can be automated to save time and effort.
2) Workforce Reduction: The present governmental structure is a behemoth. The
government employs a large work force for its various functions. Truly e-governed
system would require minimal work force and would be system driven. The
resultant spare work force can be engaged in more productive tasks.
3) Better Service Delivery: E-governance would integrate various departments
to provide a single point of delivery of services to citizens. Service delivery at
the click of a button is possible. Also there would be quality control because the
delivery of services will be open to public scrutiny and criticism. This type of
constant monitoring may enhance the quality of services. ICT reduces the costs
24 involved in the production and delivery of services making them cheaper.
4) Technical & Supportive Role: ICT can be used to create a paper free or a E-governance
least paper office. It is possible to store the entire information of the whole
office in the hard disc of a computer. This support to the office work will be of
immense importance since now there is no need to physically carry the files or
to search for them. E-mails can be used for communication between different
locations almost instantaneously and record of which is also available.
5) Transparency: E-governance aims at providing information to all without
discrimination. ICT makes it possible to quickly disseminate information through
the use of websites and portals. This makes the systems transparent too, which
subsequently enhances accountability and ensures a corruption free government.
6) Economic Development: E-governance can bring economic development to
the remote areas of the country. For example, most of the rural areas suffer on
account of lack of right information regarding the markets, products, agriculture,
health, education, weather, etc. and if all this could be accessed through
connectivity and IT, this would bring in more opportunities and thereby
prosperity to these areas.
7) Social Development: E-governance brings all-round changes not only in the
governance but also in society. As a result of economic growth, there is
improvement in the living standard of people. Better access to information
empowers the citizens. As the government becomes more citizen oriented and
there is also greater participation the concerns of society are voiced, which can
be accommodated in programme formulation, implementation, monitoring and
finally service delivery.
8) Innovative Role: E-governance can be used to initiate new governance
services or new mechanisms for improved service delivery. For instance, online
checking of the status of an application (from remote and beyond office
hours); providing instant access to the same information to all individuals
through e-mails and website etc.
9) Change in the Administrative Culture: E-governance will change the
administrative culture by making it more open, transparent, accountable and
responsive and citizen oriented. With E-governance, actions of public functionaries
come under public scrutiny and this would certainly induce accountability and
change in the administrative culture.
Given below is a brief comparison of the two models:

Conventional Governance vs E-governance
Basis Conventional E-governance
Governance
Nature Secretive Transparent
Power Structure Hierarchical Horizontal/Networked
Response Passive and Pro-active and Quick
Slow
Communication One Way Direct / Immediate
Emphasis Compliance Achieving Targets
25
Social Issues in the The above table gives us an idea of the advantages of E-governance over the traditional
system. Now we can say that E-governance is a far better system than the present
system. Due to this reason the governments world over are switching to E-governance.
We shall now examine the position of E-governance in India.
Do you think that E-governance is better than the conventional system?

.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
11.7 E-GOVERNANCE INITIATIVES IN INDIA

The E-governance initiatives in India are of recent origin. ICT’s application to the
governments’ functioning aims to bring about the system of governance that works
better costs less and is capable of fulfilling the citizen’s needs effectively. For India, ICT
provides an opportunity to overcome obstacles of vast size, population and resource
crunch to become a developed nation. The E-governance initiatives in India aim at
achieving the following objectives:
1) Efficient delivery of government services to citizens and business;
2) Better dissemination of government information;
3) Improved revenue collection and budgetary controls;
4) Providing access to government services through a single window;
5) Speeding up transactions;
6) Transparent functioning and zero corruption;
7) Reduction in the procedural and postal delays involved in the system.
11.7.1 National E-governance Action Plan
In order to implement E-governance Government of India has approved a policy
framework in the form of the National E-governance Action Plan. The plan seeks to
provide policy guidelines to create the mechanisms for E-governance. A number of
projects has been envisaged under the plan in order to create citizen friendly governance.
States are to be encouraged to adopt E-governance. Under the plan common service
centers has been envisaged for the delivery of services. Emphasis has been laid on
quality and speed of implementation of the plan and connectivity is to be extended up to
block level. The plan seeks to cover major areas of governance like taxes, passport,
26
land records, agriculture markets and the like. The plan envisages creation of right E-governance
environments to implement G2G, G2B, G2E and G2C services.
11.7.2 E-governance Initiatives at National Level
In the recent past Government of India has taken a number of initiatives to implement
E-governance. The Government has set up National Informatics Centre (NIC) under
the Department of Information Technology as the specialized body to provide the
network backbone and E-governance support to Central Government, State
Governments, UT Administrations, Districts and other Government bodies. Almost all
the Government departments now maintain web presence. Following is the list of certain
projects undertaken at central level:
1) India Image (Government of India Portal)
2) Agricultural Marketing Information Network (AGMARKNET)
3) Central Passport System
4) Community Information Centres (CICs)
5) Computerised Rural Information Systems Project (CRISP)
6) Court Information System (COURTIS)
7) Department of Agriculture Network (DACNET)
8) Examination Results Portal
9) Land Records Information System (LRIS)
10) National Hazardous Waste Information System (NHWIS)
11) Public Grievance Redress and Monitoring System (PGRAMS)
11.7.3 E-courts: ICT in Judiciary

The administration of justice is another field where ICT can be of much help in solving
many problems. Most of the bottlenecks related to delays, arrears and backlog can be
partly overcome if ICT is used for case & docket management. First National Judicial
Pay Commission (popularly known as Shetty Commission) has recommended the
following areas where IT will be useful:
a) Legal information databases
b) On line query system for precedents, citations, codes, statutes etc.
c) Generation of cause list and online statistical reports
d) Online caveat matching
e) Online updating of data, monitoring and “flagging” of events
f) Pooling of orders and judgments
g) Daily list generation with historical data of each case
h) Word processing with standard templates including generation of notices/processes
i) Access to international databases 27
Social Issues in the j) Feed back reports for use at various levels.
With the help of the National Informatics Division much of the above mentioned
information is available now on the net.
11.7.4 E-governance Initiatives at the State Level
The state governments have also realised the importance of E-governance in improving
the performance of the system. Various initiatives have been taken by them. These
initiatives aim at improving the quality of life in the backward areas of the country, better
dispensation of services, and collection of inputs from the public for taking policy
decisions. A list of some of these initiatives have been given in Appendix-A. The services
which have been made available range from online revenue record, payments of bills,
applications to departments, online information concerning rural and urban population
etc. The state of Kerala has from the very beginning taken steps in this regard. The
FRIENDS project of Kerala allows people to make a number of transactions online.
The GYANDOOT project of Madhya Pradesh caters to the needs of rural population.
However a survey of these initiatives reveals that most of them are clustered in few
states. Especially the states in the south have taken more such steps as compared to
others. This trend may create regional disparities of a new kind and may widen the
overall developmental gap between the states.

What are the E-governance initiatives at the national level?
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
11.8 LEGAL FRAMEWORK FOR E-GOVERNANCE

The Information Technology Act, 2000 provides the necessary legal framework for
E-governance. Though the Act deals with a variety of issues related to cyber world,
one of its objectives is to promote E-governance by providing legal recognition to
transactions with the government online. With the coming in to force of IT Act 2000
where any law provides for submission of information in writing or in the typewritten or
printed form, from now onwards it will be sufficient compliance of law, if the same is
sent in an electronic form. Further, if any law provides for signature on any document,
the same can be done by means of digital signature.
28
Similarly, the filing of any form, application or any other document with the Govern- E-governance
ment Authorities and issue or grant of any licence, permit, sanction and any receipt
acknowledging payment can be done by the Government offices by means of electronic
form. Now it is possible to maintain records in Govt. offices in the form of electronic
records.
Chapter III of the Act deals with E-governance (Sec. 4 to 10). Sec 4 provides for legal
recognition of electronic records of any matter or information which is by law required
to be in written, typewritten or printed form. Sec 5 removes the major hindrance of
authentication of any document by authorizing the use of digital signatures for such
purposes. Now, wherever it is required by law that a person shall affix his/her signature
to any document, such requirement is satisfied by affixing digital signature in the
prescribed manner in the case of electronic records.
Sec 6 of the Act provides for the use of electronic records and digital signatures in
Government and its agencies. Now the filing of any form, application or any other
document with any Government authority or office can be effected by means of electronic
form. Further the issue of any license permit, sanction or approval can also be done
through electronic means. Even the receipt or payment of money can also be made on
line as per Sec 6.
Hence it is now possible to file tax-returns applications for grant of licence, permit etc.
online instead of going to the offices and queuing up. Further it is no more necessary to
maintain loads of files and office records because Sec 7 of the Act provides for retention
of electronic records and if any law provides that documents, records or information be
retained then that can be retained in the electronic form.
Sec 8 takes a decisive step towards E-governance in the country by allowing publication
of rules, regulations, order, bye-laws etc. in electronic gazette. Now it is no more
necessary to go to the Collectorate for a copy of the gazette as the same can be accessed
online in any internet kiosk.
Which section of the IT Act provides for use of digital signatures in government and
its agencies?
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
11.9 OBSTACLES IN IMPLEMENTING

E-GOVERNANCE
E-governance is of immense benefit to citizens. But there are many obstacles to be
overcome before the benefits can actually reach the people. There is the problem of
infrastructure, capital, trained manpower etc. Certain obstacles are noted here: 29
Social Issues in the i) Lack of Resources: The major obstacle in implementation of E-governance is
the resource crunch. ICT is capital intensive since most of the hardware has to be
imported and software needs to be developed. The cost involved in running the
system is also there. Most of the installation is delicate and there is the need for
trained personnel to handle it.
ii) Lack of Infrastructure: E-governance is based on the telecommunication and
electricity services. Infrastructure of these services is first necessary in order to
provide the end-user the E-governance services effectively. India has a relatively
low tele-density of 3 per cent for landlines and the target for 2008 is to get the
number 20 per thousand. However there has been substantial increase in
cellular phone subscribers. Still the available infrastructure is quite inadequate for
the purpose of fully affecting E-governance.
iii) Digital Divide: According to an AzimPremji Foundation study, the number of
personal computers, installed in the country is 7.5 million of which the four metros
viz. Delhi, Mumbai, Chennai, and Kolkata accounted for 53 per cent. At present
there are approximately 10 million users of the Internet facility in the country of
more than 1000 million. But more than 75 per cent of these users are in urban
India and rural and poor people are deprived of ICT.
iv) Lack of Relevant Information in Local Languages: The information available
on the net is mostly of academic nature or entertainment purposes. It is difficult to
find information which is useful. The content of the information should be such that
it should be purposive and useful to the people. For this purpose the local conditions
as well as the needs of a particular community have to be taken in to account.
Here it is also worth mentioning that currently the language used for E-governance
is English and the databases are also in English. In order to provide the benefits of
E-governance to maximum people it is necessary to develop interface and database
in local languages.
v) Building E-governance Capacity : For the effectiveness and success of E-
governance services it is necessary that there is a well equipped and efficient ICT
organization manned by trained manpower to handle the system. But there is a
lack of trained manpower in comparison to the requirement for implementing E-
governance. There is a need to open many more technical institutes to educate
people to build a pool of human resource.
vi) Security Issues in Cyberspace: The major issue in digitization of the database
and completion of transactions through internet is the security of the transactions.
Data protection and data reliability are the major issues concerning all internet
transactions and E-governance. Cyberspace is owned by none and it is virtually
uncontrollable. It spreads across all nations without any soverign control. This
makes the challenge of monitoring cyberspace even more difficult. The government
needs to enact appropriate laws. Information & Technology Act, 2000 is a step in
this direction.
vii) Restructuring Bureaucracy: The most important step in implementing E-
governance is to restructure the existing bureaucratic structure since it is very slow
to adopt any new features. This system is hierarchical involving multi level clearance,
too much documentation and the procedures followed are colonial. E-governance
requires a realisation on the part of the bureaucracy that it is basically the service
30 provider and not the ruling class. ICT can help only when the service provider is
willing to adopt it. The bureaucracy has to be more open, responsive and willing E-governance
to change. ICT has enabled people to involve themselves in the democratic process
in new and unique ways. Governments at all levels and international organizations
accordingly will increasingly be impacted by these changes. Thus, there is also a
need for awareness-building within governments and international organizations of
the changes that are occurring. This can be accomplished through educational
and training programmes.
11.10 SUMMARY
• E-governance primarily refers to use of ICT in the discharge of governmental
functions. However it is not only limited to delivery of the governmental services.
The aim of E-governance is to ensure greater citizen participation in governance.
• The components of E-governance are:
Government–Citizen Interface
Government – Government Interface
Government – Business Interface
Government – Employee Interface
Government – Society Interface
• The rationale for E-governance is its capacity to provide a government which is
efficient, responsive, and corruption-free. It strengthens democracy by increasing
the citizen’s role in policy making and information sharing.
• The benefits of E-governance are:
Automation of Administrative Processes
Workforce Reduction
Better Service Delivery
Technical and Supportive Role
Transparency
Economic and Social Development
Change in the Administrative Culture
• The ICT has been accepted by the Indian Government as a catalyst to bring
rapid institutional reforms in the governmental structure and as an effective tool to
reach out to hitherto deprived masses. The central government has framed National
E-governance Action Plan for the proper implementation of E-governance. Various
states have also started programmes related to E-governance.
• The challenges faced in implementing E-governance are:
Lack of Resources
Lack of Infrastructure 31
Social Issues in the Digital Divide
Lack of Relevant Information in Local Languages
Building E-governance Capacity
Security Issues in Cyberspace
Reluctant Bureaucracy

1) Explain the concept of E-governance. How it is different from E-government?
2) Is E-governance concerned only with citizens? What are the various components
of E-governance?
3) How will you justify E-governance for a developing country keeping in mind the
heavy cost involved in it?
4) What are the legal provisions related to E-governance?
5) What steps would you suggest to remedy the problems in the implementation of
E-governance?

1) E-governance is the application of ICT to the governmental process. This statement
is partially true since E-governance is not limited to the computerisation of the
governmental process. Its true scope encompasses citizen’s participation in the
policy making and the governance of the country.
2) E-governance has got certain merits which makes it better than the conventional
system. It provides a government which is responsive, quick and allows increased
access to information. The other benefits of E-governance are automation, work
force reduction, facilities to citizens etc.
3) At the national level, central government has taken a number of initiatives for
implementing E-governance. India Image is the government portal which gives a
lot of information. National Informatics Centre is the agency entrusted with the
task of creating and maintaining web portals.
4) Sec 6 of the Act provides for the use of electronic records and digital signatures in
Government and its agencies.
Terminal Questions
3) Refer to section 11.5 & 11.6 of the unit.
32 5) Refer to section 11.9 of the unit.
E-governance
1. ‘‘The Next Revolution - A Survey of Government and the Internet’’. The
Economist. 24 June 2000.
2. Bhatnagar, Subash, and Robert Schware. Information and Communication

Technology in Development: Cases from India. New Delhi: Sage Publications,
2000.
3. Bouwman, Harry and et.al. Information and Communication Technology in

Organisations. London, Calif: Sage Publications, 2005.
4. Breen, Jeff. “At the Dawn of E-government: The Citizen as Customer”.

Government Finance Review. (1 Oct. 2000):15-20.
5. Chakravarti, A.K., and A. S. A. Krishnan. Government of India. Department of

Electronics. Electronic Governance and International Scenario: IT Group. 2002.
6. E.M. Roche. Information Technology, Development and Policy: Theoretical

Perspectives and Practical Challenges. Ed. Zajtchuk, Russetal Aldershot/
Brookfield: Avebury, 1996.
7. India Image. 27 Dec.2006<http://www.indiaimage.nic.in>.
8. Jessop Bob. “The Rise of Governance and the Risks of Failure: The
Case of Economic Development”. International Social Sciences Journal
155(1998):29-45.
9. N.Vittal. “Emerging Trends in Business: Role of Government & Industry”. Paper

presented in the IPM Seminar. Meerut. 28 Jan. 2002. 4 Jan. 2007<http://
cvc.nic.in>.
10. Prabhu, C.S.R. E-governance: Concepts and Case Studies. New Delhi:Prentice
Hall of India, 2004.
11. Saith, Aswini, and M.Vijayabaskar. ICTs and Economic Development. New
Delhi: Sage Publications, 2005.
12. Satyanaraya, J. E-Government, The Science of the Possible. New Delhi:Prentice

Hall of India, 2004.
13. Wikipedia:the free dictionary.com mirror.26. Dec.2006<http://www/encyclopaedia.

thefreedictionary.com>.
33
Social Issues in the Appendix A
E-GOVERNANCE INITIATIVES AT STATE LEVEL

Bhoomi
The Department of Revenue in Karnataka State has computerised 20 million records
of land ownership of 6.7 million farmers in the State. Record of Rights, Tenancy and
Crops (RTC) for a fee of Rs. 15, a printed copy of the RTC can be obtained online at
computerised land record kiosks (Bhoomi centers) in 177 taluk offices.
e-Seva (electronic Seva)
Electronic Seva (e-Seva) is the improved version of the TWINS project launched in
1999, in the twin cities of Hyderabad and Secunderabad in Andhra Pradesh. e-Seva
centres offer 118 different services like payment of utility bills/taxes, registration of
births/deaths, registration of applications for passports, issue of births/deaths certificates,
filing of Sales Tax returns, Trade licences of MCH, B2C services.
CARD
The Computer-aided Administration of Registration Department – CARD in Andhra
Pradesh. CARD was initiated to meet objectives to demystify the registration process,
bring speed, efficiency, consistency and reliability, and substantially improve the citizen
interface. CARD project has great benefit for the rural farming community.
FRIENDS
Fast, Reliable, Instant, Efficient Network for the Disbursement of Services is part of
the Kerala State IT Mission, FRIENDS counters handle 1,000 types of payment bills
originating out of various PSUs. The payments that citizens can make include utility
payments for electricity and water, revenue taxes, licence fees, motor vehicle taxes,
university fees, etc.
Gyandoot
The Gyandoot project was initiated in January 2000 in the Dhar district of Madhya
Pradesh. Gyandoot is a low cost, self-sustainable, and community-owned rural Intranet
system (Soochnalaya) that caters to the specific needs of village communities in the
district. Thirty-five such (centres) have been established since January 2000 and are
managed by rural youth selected and trained from amongst the unemployed educated
youth of the village. They run the Soochanalayas (organized as Kiosks) as entrepreneurs
(Soochaks); user charges are levied for a wide range of services that include
agricultural information, market information, health, education, women’s issues, and
applications for services delivered by the district administration related to land
ownership, affirmative action, and poverty alleviation.
Vidya Vahini
This portal provides the opportunity for schools, teachers and students all across the
nation, to express and share their creative and academic potential via the internet. The
portal aims at creating such an environment by providing facilities for Content
34 Development, Content Deployment and collaboration.
Lok Mitra (Integrated Citizen Service Centre / e-Kiosks ICSC) E-governance
Lok Mitra is the first of its own kind of Electronic service in the state of Rajasthan. It
aims to deploy Information Technology for the benefit of the masses.
It is an e-governance project in which the computer server is linked to different
Departmental servers through Dedicated Leased Line & Dial-up Network with multiple
e-counters, which can handle all services. It has facility of making payments through
Internet using Credit Card.
SETU- A bridge for facilitation between Citizen & Government
The facility aims at providing following services
− Single windown clearance of 83 important certificates (includes renewal of leases,
permits & licences)
− Quick redressal of public grievances
− Common registry of letters, petitions for all sections of the office
− On line pendency monitoring of all above
− To provide services after office hours & on holidays also in order to save Time,
Money & Energy of the public.
Jan Mitra
Jan Mitra is an Integrated e-platform through which rural population of Rajasthan can
get desired information and avail services related to various government departments at
kiosks near their doorsteps.
It offers following services:
− Public Grievance Redressal System, Online Submission of Application forms and
Land & Revenue Records.
− Public Distribution System, BPL List, Electricity Priority Connection List, Drinking
Water Resources, Village Schemes, Citizen Charters and Immovable Property
rates.
− Health Information, Agriculture Information, Education Information and Animal
Husbandry Information.
− Agriculture Mandi rates daily Mandi rates and Weekly / Monthly Mandi rates.
Drishtee-Connecting India Village by Village
Drishtee is an organization platform for developing IT enabled services to rural and
semi-urban populations through the usgage of state-of-the-art software. Using a tiered
franchise and partnership model, Drishtee is capable of enabling the creation of
approximately 50,000 Information Kiosks all over India within a span of six years.
These kiosks would potentially serve a market of 500 million people, with aggregate
discretionary purchasing power of Rs. 100 billion (Rs. 10,000 crores). In less than two
years, Drishtee has successfully demonstrated its concept in over 90 kiosks across five
Indian states.
35
Social Issues in the States where Implemented: Haryana, Punjab, Madhya Pradesh, Gujarat, Orissa.
Aarakshi
Aarakshi is an Intranet based system that has been developed and implemented for
Jaipur City Police. This innovative system enables the city police officers to carry out
on-line sharing of crime & criminal data bases, carry out communication and perform
monitoring activities.
FAST – Transport Department Automated
The ‘Fully Automated Services of Transport’ is another e-governance project
implemented in the cities of Andhra Pradesh. The objective of FAST is to make the
transport department citizen friendly in its functioning and provide SMART services to
the public. Covering all gamut of services of Transport Department like Issue of Driving
Licences, Registration of Motor Vehicles, Issue Permits, Collection of Motor Vehicle
Taxes, etc.
VOICE (Vijayawada Online Information Centre)
The project to delivers municipal services such as building approvals, and birth and
death certificates, to the people of Vijayawada. It also handles the collection of
property, water and sewerage taxes.
MUDRA (Municipal Corporation towards Digital Revenue Administration)
The system will be useful for the Holding owners, Tax collectors, officials at
headquarter levels and Circles levels. They will have total picture of tax collection that
will help the decision makers to take suitable decision for further improvement. It is
designed to computerise the over all functions of tax collection system of Patna
Municipals Corporation.
KHAJANE (Online Treasury System)
The online treasury project, KHAJANE, implemented in computerises all the 216
treasury offices in Karnataka and is connected to a central server at the state Secretariat
through VSAT (Very Small Aperture Terminal). KHAJANE aims to bring about a more
transparent and accountable system of financial transactions and also discipline in
operations and management, resulting in efficiency and cost savings for the government.
e-Cops (e-Computerised Operations in Andhra Pradesh for Police Services)
Launched on the 17th of July 2002, as part of the VISION 2020, the state’s focus on
modernisation of police administration takes the shape of eCOPS. It will help police
stations reduce paperwork and automate the maintenance of registers, report generation,
data analysis, planning and co-ordination, enable the speedy detection of crime and
monitor prosecutions. For citizens, the project will lead to online interaction with the
police department over the Internet.
TARAhaat – Achieving Connectivity for the Poor Case Study
This project, named “TARAhaat” after the all-purpose haat (meaning a village bazaar),
comprises a commercially viable model for bringing relevant information, products and
services via the Internet to the unserved rural market of India from which an estimated
50% of the national income is derived.
36
Lok Mitra E-governance
The Lok Mitra project was formally dedicated to the people of Hamirpur in Himachal
Pradesh as a pilot phase on the 8th of May 2001. The services offered include information
about vacancies, tenders, market rates, matrimonial services, village e-mail. An interesting
feature is that citizens can use the IT enabled system as a grievance redress system.
Mahiti Shakti
Launched in 2001, in Gujarat the portal http://www.mahitishakti.net/ operates like a
single window through which the citizens can access information related to all aspects
of the government’s functioning, various benefit schemes and services ranging from
obtaining ration cards to getting sanction for old age pension.
Warana Wired Villages
The key objective of the project has been to utilize IT to increase the efficiency and
productivity of the existing sugar cane cooperative enterprises by setting up of a state-
of-the-art computer communications network. This provides agricultural, medical, and
educational information in the local language to villages around Warana Nagar in the
Kolhapur and Sangli Districts of Maharashtra.
Community Information Centre
On 22 August 2002, the Prime Minister dedicated to the people of the eight North-
Eastern states a new structure of localized governance called Community Information
Centres. Basic services to be provided by CICs include Internet access and e-mail,
printing, data entry and word processing and training for the local populace. Most
CICs charge nominal amounts from users for services, which helps them to meet day-
to-day running expenses.
Community Learning Centre Project
Set up between March and July 2001, the Community Learning Centre (CLC) is a
joint initiative between the Azim Premji Foundation (APF) and the State government of
Karnataka. Each CLC is housed in a separate room in the school and is equipped with
five to eight computers. The CLCs are used to enhance classroom learning during
school hours.
Dairy Information Services Kiosk
The project consists of two basic components — an application running at the rural
milk collection society that could be provided Internet connectivity and a portal at the
district level serving transactional and information needs of all members. DISK has
helped in the automation of the milk buying process at 2,500 rural milk collection societies.
State where Implemented: Gujarat
GramSampark
‘Gramsampark’ is a flagship ICT product of the state of Madhya Pradesh. A
complete database of available resources, basic amenities, beneficiaries of
government programmes and public grievances in all the 51,000 villages of Madhya
Pradesh can be obtained by accessing the website, Gramsampark has three sections-
Gram Paridrashya (village scenario), Samasya Nivaran (grievance redress) and
Gram Prahari (village sentinel). 37
Social Issues in the Akshaya
As part of Kerala’s ambitious e-literacy campaign, Akshaya e-Centers are being set up
throughout Kerala. These centers will initially provide e-literacy to one member from
every household and act as ICT dissemination nodes and ITeS delivery points in every
village.
Headstart
Headstart provides computer-enabled education and basic computer skills for all students
in 6000 Jan Shiksha Kendras of Madhya Pradesh. Madhya Pradesh has 6500 Jan
Shiksha Kendras (cluster resource centres) located in Middle School premises in 48
districts. Headstart will equip every Jan Shiksha Kendra in the state with computer
hardware and multimedia software.
E-chaupal
Started by ITC’s international Business Division as a cost-effective alternative supply
chain system to deal directly with the farmer to buy products for exports is getting
transformed into a meta market for rural India. The tobacco giant has already set up
over 700 choupals covering 3,800 villages in four states –– which include Madhya
Pradesh, Uttar Pradesh, Karnataka and Andhra Pradesh –– dealing with products
ranging from soya bean, coffee, acquaculture and wheat.
38
Issues Concerning
UNIT 12 ISSUES CONCERNING Democracy, National
Sovereignty, Personal
DEMOCRACY, NATIONAL Freedom
SOVEREIGNTY, PERSONAL
FREEDOM
Structure
12.1 Introduction
12.2 Objectives
12.3 Cyberspace and National Sovereignty
12.3.1 Threats Posed by Cyberspace
12.4 Democracy and Cyberspace

12.4.1 Cyber Democracy
12.4.2 How Cyber Democracy Contributes to Effectiveness of Democracy?
12.5 Personal Freedom

12.5.1 Freedom of Speech, Thought and Expression
12.5.2 Limitation on Freedom of Speech
12.6 Cyberspace and its Impact on Specific Rights and Freedoms

12.7 Summary
12.1 INTRODUCTION
The architecture and growing use of internet demands the fundamental re-examination
of the institutional structure within which rule making takes place. Traditionally, justice is
administered by law which binds together the community and enforce some rules to
prevent conflict of people within the community. This law contemplates first a community
and secondly some authority which can enforce the rules intended to prevent these
conflicts, and it is this community or organizations with rules to regulate the conduct of
the members of the community that we usually term as state. This state has four elements
(1) population – ‘i.e., citizens (members of states) (2) territory which is definite
(3) government – an instrument through which sovereign will of the state finds concrete
expression, (4) sovereignty – a body having internal supremacy and external
independence i.e., legally independent of the control of any other state.
In the context of cyberspace, which is very technological in nature, it can be said that its
very nature has affected the cultural practices of various communities in cyberspace.
John Perry Barlow in his Article, “Thinking Globally, Acting Locally”, has described
cyberspace as offering the promise of a new social space, global and anti sovereign,
within which anybody, anywhere can express to the rest of humanity whatever he or
she believes without fear. There is in these new media a foreshadowing of the intellectual
and economic liberty that might undo all the authoritarian power on earth.
39
Social Issues in the Today, in addition to nations of the world having their respective geographical territories,
the new domain that coexists is the domain of Cyberspace transcending national
boundaries and therefore the challenge before us is to determine what customary mores
it will acquire, how the concept of morality and principle of law can be enacted while
dealing with it, whether it should be subject to its own law in consideration with the
notion that it is outside the territory of the individual nation or whether it is more
appropriate to be concerned with individual morality reflected within the framework of
individual nations and their laws.
12.2 OBJECTIVES
• discuss the threats that are being posed to law and sovereignty by cyberspace;
• explain the concept of cyber democracy, and whether it can make the democratic
process more open and participatory;
• describe the concept of freedom of speech and expression and limitations on it;
and
• discuss impact of cyberspace on specific rights and freedom.
12.3 CYBERSPACE AND NATIONAL SOVEREIGNTY

The idea of sovereignty is associated with the state as the supreme power of law making,
having complete legal authority over all individuals and groups that compose it. The
sovereign state is free from external control of any other state.
In a country, the rule of law is based to a large extent on the notion of territoriality and
jurisdiction. Just as the jurisdictions of national courts are based upon the domestic
laws of individual countries, the legislative jurisdiction of the state is limited to its territory.
The existing international laws are also predicated on the existence of the sovereign
state.
12.3.1 Threats Posed by Cyberspace
To have sovereignty a state must have a defined territory, a government and have the
capacity to enter into diplomatic relations. Now the question is whether cyberspace
challenges this traditional notion of jurisdiction, traditional political institutions and
perhaps even the very concept of sovereignty itself, as it creates the issue of identifying
legal subjects in cyberspace. In every country there are determined legal subjects whom
we call citizens of a nation, however in cyberspace it is difficult to ascertain the exact
legal identity of a person, nationality etc.
The internet is an interconnected electronic communications network having no physical
existence and controlling body, though there are large numbers of individuals networking
with each other through a common language but different operating systems. So
cyberspace exists in the virtual world rather than the world and therefore there is a
tendency that it can cause changes in the concept of sovereignty, the state, jurisdiction
and laws. Now, it is not possible for the nation state to be the sole or prime regulator of
legal norms for conducting trade and business. This may be because global computer
based communication cuts across the territorial border creating a new area of human
activity and undermining the feasibility and legitimacy of applying national laws based
40 on geographic boundaries. Further traditional international legal rules for regulation are
not effective in the context of cyberspace regulation. To deal with the borderless nature Issues Concerning
Democracy, National
of cyberspace, nations need to act in coordination making uniform laws across Sovereignty, Personal
jurisdictions. Further, when we talk of sovereignty, it is considered as supreme power Freedom
to legislate, it can be said that as a threat to sovereign authority, Internet may create
new opportunities for international cooperation in surveillance and authority or for
increase in public participation in government.
12.4 DEMOCRACY AND CYBERSPACE

In the era of globalisation, Internet can be seen as democratic renaissance, through
which millions of people can raise their voice. In comparison to mass media or any
other medium of communication more powerful ideas are discussed online. Talking
about, popular activism, Richard K. Moore pointed out that the internet might turn out
to be a sleeping political giant – coordinate protests, facilitating strategy discussions,
mobilizing massive voter turnouts, distributing reports, suppressed in the mass media
etc. This activist empowerment potential of Internet is something that many elements of
society find threatening; they may take it as the threat of “excess democracy”. The
countries such as Iran, China, and Malaysia have actually taken this threat seriously and
have formed various kinds of restrictive Internet policies.
The term “Democracy” means government by the people i.e. the power is vested in
people, they have right to vote and choose their representative. But in today’s scenario
it is seen that elite groups can influence this political process in many ways through
money power. Further, globalisation and privatisation, free trade policies, all point
towards that now ownership is dominated by modern TNC (Trans National
Cooperation) showing shift of global power from democratic institutions to elite
institutions with growing potential of cyberspace to connect people seeming of next
concern.
12.4.1 Cyber Democracy

In recent years there has been a growing global trend towards cyber democracy. When
we use the term ‘Cyber democracy’ it means the use of information and communication
technologies to support governance. We can also use the term electronic democracy
but this term is much wider in scope and cannot be given any definite definition. It may
be used to refer to everything, be it community networking, online discussion of issue,
or e-mail of elected representatives.
According to the report on Cyber Democracy 2001: A global scan, cyber democracy
consists of the following components:
1) Cyber Administration – Or E-government. The use of the Internet and other

information and communications technology (ICT) to enhance government
services. The Internet is helping to expedite a wide range of such services.
2) Cyber Voting – Internet voting for candidates as well as for policies via initiatives
and referenda.
3) Cyber Participation – ICT-enhanced citizen interaction and input on policy issues

or policy development apart from voting. This would include petitioning legislatures,
electronic town meetings, polling and electronically mediated policy dialogues.
41
Social Issues in the 4) Cyber Infrastructure – In addition to connectivity, more specific cyber tools
used to enhance participation, deliberation, and community building. These tools
include groupware and online community development tools, games and
simulations, as well as polling and surveys.
5) Cyber Agenda-Setting – The use of the Internet and other ICTs to enhance or
redirect the political or policy agenda by established groups such as political parties
and non-governmental organizations (NGOs).
However this cyber democracy can be a two edged sword; the information technology
can either spark a renewal of democracy and civil society leading to popular sovereignty
or it can lead to populist manipulation. As the connectivity increases, more privacy
violations will occur may be by its governments, corporations or terrorists, there can be
increase in employment discrimination, loss of civic rituals and communities, causing
isolation into one’s own potential community.
12.4.2 How Cyber Democracy Contributes to Effectiveness of

Democracy?
Traditionally democracy can be said to include the following values.
1) Freedom – ie. freedom from government interferers or it may be freedom to

exercise certain rights.
2) Equality – which may be defined to mean equal opportunity or actual quality in life
conditions or equality of results.
3) Democracy requires stability which in term requires rules and regulations to be

applied consistently.
4) Majority rule while continuing protection of minority view points.
5) Participation by the citizens of the nation.
Cyber democracy describes the democratic activities which are enhanced by Internet
and other information and communication technologies (ICT’s). Let us now discuss the
promises and threats posed by cyber democracy.
It can be said that
1) Cyber democracy may give citizens the opportunity to understand various current
and future issues, problems and opportunities, it will build community generate
learning by citizens and can ensure consistency between policy-making and
informed decision of citizens but the success of cyber democracy can be determined
by the ability of new ICTs to expand and enhance qualities of good political
participation and creation of new public policies reflecting the shared aspirations
and visions of citizens.
2) Elections give citizens the chance to shape the political landscape by selecting their
government representatives. Cyber voting can be said to have the potential to
facilitate the democratic process but it is argued by some scholars like the Prof. of
Political Science, Rick Valelly, that this will erode the civic ritual of standing side
by side Rich/Poor / Young / or Old standing side by side in line at the polling place.
42 There is the prospect of a greater loss of community. However success of cyber
voting can be judged by whether it makes the electoral process more responsive, Issues Concerning
Democracy, National
and helps to increase turn out or not. Sovereignty, Personal
Freedom
3) Citizen feedback to elected officials has always been a cornerstone of representative
democracy: The widespread use of internet has created a platform by cyber policy
participation with application of ICTs, thereby enhancing and creating new channels
of communication between the public and office holders. These changes are
expected to create new political communities based on shared vision and aspirations
thereby broadening the role of the citizen in a society. One thing which can be
raised here is that enhancing democratic participation is a social challenge rather
than technological one; Can the social changes of greater involvement can be
overcome and if they can be overcome for a project, can they have lasting impact
on communities where they occur.
Thus it can be said that cyber democracy is a two edged sword. It has the potential to
enhance qualities of good political participation, stimulate the creation of public policies
reflecting the supporting collective intelligence and imagination of humanity. However
there is also the possibility of harm therefore as according to report on cyber democracy,
to achieve a proper degree of foresight, it is important to concentrate specifically on the
following:
1) The opportunity for cyber democracy developments to eliminate disparities within
communities, nations and globally.
2) The option for protecting privacy, securing devices from unauthorized use and
freedom as cyber democracy advances.
3) Trying to set a particular direction for developing shared vision across countries
and also ensuring subsequent action.
4) Role that cyber democracy can play in dealing with issues of new training and
employment opportunities and ability to use such services in an interactive ways
by citizens as ICTs affect the nature of work.

What do you mean by electronic democracy? Can it enhance democratic process
in a nation?
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
....................................................................................................................... 43
Regulation of Cyberspace 12.5 PERSONAL FREEDOM
Every human being in the world has certain rights, which are inherent and inalienable.
These rights are fundamental rights giving personal freedom to individuals and are
incorporated in the constitution of every nation. The democracy presupposes and also
supports the concept of liberty of expression and communication amongst citizens and
between them and the state. However certain restrictions can be imposed by parliament,
administrative or judicial arms of government curtailing one freedom; for e.g. freedom
of speech can be limited for public good, morality, decency etc.
The emergence of internet as a tool of expression, it has opened new possibilities for
achieving freedom of speech using methods that do not depend upon legal measures.
Anonymity and data havens (such as free net) allow free speech, as the technology
guarantees that content cannot be censored.
12.5.1 Freedom of Speech, Thought and Expression
Freedom of speech and expression is an essential component of a free society; an
individual is free to speak and to determine where, when to whom and how much to
speak. It is a fundamental human right, closely connected to freedom of thought and is
the precondition for individual self expression and self fulfilment; One has the freedom
to have ones own views on living, way of life, the world and politics and when this
thought is expressed outwardly it becomes freedom of press and publication, guarantying
free delivery in media; An author has the right to determine whether his/her words will
be published or not, and where they will be published. Thus intellectual property rights
and free expression coexist. Freedom of speech and expression is a fundamental right
of every citizen of India under article 19(1)(a) of the Indian Constitution. In the USA,
amendment [1791] to the constitution guarantees freedom of speech. According to it
Congress shall make no law respecting an establishment of religion, or prohibiting the
free exercise thereof; or abridging the freedom of speech, or of the press; or the right of
the people peaceably to assemble, and to petition the government for a redressal of
grievances. This right to freedom of expression is provided for in the Universal Declaration
of Human Rights (Article 19), the International Covenant on Civil and Political Rights
(Article 19), the American Convention on Human Rights (Article 13), The African
Charter on Human and Peoples Rights (Article 9), and the European Convention for
the Protection of Human Rights and Fundamental Freedoms (Article 10). However
Internet challenges the right to freedom of expression safeguarded in the international
human rights treaties. On the one hand, Internet empowers freedom of expression by
providing individuals with new means of imparting and seeking information. On the
other hand, the free flow of information has raised the call for content regulation.
12.5.2 Limitation on Freedom of Speech
Freedom of speech and expression however can be limited under some conditions to
protect public value. Article 18 & 19 of the international covenant on civil, political
rights lays down that freedom of thought and expression can be limited for protection
of people’s rights and freedoms, protection of national security, public order, public
health and morality. Universal declaration of human rights, (Article 29(2)) provides,
that in the exercise of his/her rights and freedoms, everyone shall be subject only to
such limitations as are determined by law solely for the purpose of securing due
recognition and respect for the rights and freedoms of others and of meeting the just
44
requirements of morality, public order and general welfare in a democratic society. In Issues Concerning
Democracy, National
India, this right is not absolute and can be subjected to reasonable restrictions which Sovereignty, Personal
may be imposed in the interest of the sovereignty and integrity of India, the security Freedom
of the state, friendly relations with foreign states public order, decency and morality
or in relation to contempt of court, defamation or an incitement to an offence. This
freedom of speech and expression includes freedom of the press, implying freedom
of circulation of newspapers and even precensorship on newspapers and thus banning
the views of editors or correspondents on a current topic is also considered as violative
of the freedom of the press. In mass media and press publication however the access
to public is controlled by those who own it. The potential of the internet to link
individuals from all corners of the world has make it a global common; anyone can
publish on the net, it is a useful resource for free discussion and information exchange.
However freedom provided by the internet is open to abuse as there is no editor in
internet; it is almost impossible to pre censor cyberspace thereby greatly reducing the
ability of the state to exercise disciplinary power. With telecom, print or mass media,
the protection of freedom of expression is subject to state-regulation through media
or telecom law. For instance, almost all countries have established systems for
regulating the broadcast media. Issues in relation to these systems include the fairness
of licensing procedures and the independence of regulatory bodies from government
and commercial pressures (Article 19, “The Virtual Freedom of Expression Handbook”
on broadcast and print regulation). States around the world also regulate the print
media and other printed works in a variety of ways, including rights of reply, the
impartiality of subsidy systems, and the independence of any regulatory bodies
(Ibid). Regarding telecom regulation, this typically includes the protection of non-
discriminatory access for citizens to telecommunication lines. In this sense mass media,
print media, and telecom are government-supervised, and governments even have
some rights to supervise content as a results. In the context of cyberspace we have
already studied in previous units that as far as regulation of cyberspace is concerned,
emphasis is on self regulating policies with least or no government interference, but if
we shift focus from the negative obligation on governments not to interfere, to the
positive obligation to protect, we might argue that states increasingly need to secure
that freedom of expression is protected in cyberspace. This provides for Internet the
same level of protection which is provided for the physical public sphere.

Write whether the following statements are true or false.
a) Freedom of expression includes freedom of thought.
................................................................................................................
b) Intellectual property rights and free expression coexist.
................................................................................................................
c) Freedom of expression is absolute.
................................................................................................................
45
Regulation of Cyberspace 12.6 CYBERSPACE AND ITS IMPACT ON
SPECIFIC RIGHTS AND FREEDOMS
The precepts on which the conventional discussions of liberties are based are now
shaken as cyberspace threatens the traditional notion of jurisdiction giving new shape
to specific rights and freedom.
Cyberspace has enabled building of many new patterns of human communication
breaking down the geographical boundaries; it brings freedom, but with that comes
some responsibilities also on the user. It should not give rise to unlawful or irresponsible
use of that freedom and there should be some self restraint and self regulation. Now the
demand for new information rights is emerging. In the words of Roger Clarke, the rights
relating to information are becoming unenforceable by national jurisdiction and therefore
freedom of speech and expression, freedom to access and intellectual property rights
are becoming dependent on factors other than legislation, the court and the law
enforcement agency. Therefore certain scholars are demanding for a separate electronic
rights and responsibilities to govern cyberspace. These electronic rights and
responsibilities are thought to be the basis of ethical standards with which one has to the
policies of State Corporation with regard to the internet and related multicast
communication networks. Another term ‘cyber ethics’ is also now emerging which refers
to a code of safe and responsible behaviour for the internet community. Accordingly
practising good cyber ethics involves understanding the risk of harmful and illegal
behaviour online and learning how to protect ourselves and other internet users from
such behaviour; It also involves teaching young people who may not realise the potential
for harm to themselves and others, how to use the internet safely and responsibly.
However, Internet should not merely be perceived as a new media, comparable to
mass media, but must rather be seen as a new communicative sphere encompassing
both system and the world and there is a need for positive state obligations in order to
protect individuals’ right to express themselves and to seek information free from
interference by third parties.
For the last years, states have turned to self-regulation as the preferred path when
dealing with potentially harmful content on Internet. However, self-regulation regulates
communication according to commercial system codes and the protection of
freedom of expression nor human dignity can be left to only private parties to regulate.
As Internet is both a commercial sphere (system) and a public communicative sphere
therefore it must be governed by Law of State to ensure transparency, accountability
and democracy.

What do you mean by the term cyber ethics?
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
46 Let us now summarize the points covered in this unit.

Issues Concerning
12.7 SUMMARY Democracy, National
Sovereignty, Personal
• The growth in the use of internet is affecting the cultural practices of various Freedom
communities, challenging the traditional notion of sovereignty and democracy.
• In a country, law making is considered as the sovereign function of the state and it
is largely based on the notion of territoriality and jurisdiction.
• The growth in the use of Internet and Cyberspace has developed from science
fiction into a socially constructed reality, thereby causing changes in the traditional
concepts of sovereignty, state, jurisdiction and laws.
• Due to the borderless nature of cyberspace the law of a nation based on geographical
boundaries cannot be applied to cyberspace as in the real world.
• Today Internet can be seen as one of the means to enhance the democratic process.
It can be used as a medium where information and communication technologies
can be used to support governance. For example, online discussions on various
issues can take place, internet voting to elect people representative of a nation can
also be held.
• However this cyber democracy at the same time can also lead to various types of
violations of the laws of the nation.
• Every human being has certain fundamental and inherent rights which are inalienable
and is the basis of democracy. This democracy presupposes that every citizen has
freedom of speech, thought and expression.
• In the real world the freedom of speech and expression though is fundamental and
is provided in every constitution of the world to its citizens but it is not absolute
and certain restrictions can be imposed on it for maintaining public good, morality,
law and order, decency etc.
• Internet provides more freedom of speech and expression to its users and there is
a need to impose certain restrictions on it as freedom given by it is more open to
abuse as it is difficult to pre-censor communication that takes place on internet.
• So far as internet is concerned, the legal policies and initiatives taken in various
countries lay more emphasis on self regulation but the government’s role as
protector cannot be ignored totally, certain scholars are also demanding
separate electronic rights and responsibilities to govern cyberspace.

1) Discuss the threats posed by cyberspace to the concepts of law and sovereignty
of a nation.
2) Discuss the role of Cyber Democracy in a nation.
3) Explain the concepts of freedom of speech and expression vis-à-vis Cyberspace.

1) Cyber democracy means the use of information and communication technologies
to support governance: it describes the democratic activities which are enhanced
by Internet and other information and communication technologies (ICTs). 47
Social Issues in the However cyber democracy can be a two edged sword; the information technology
can either spark a renewal of democracy and civil society leading to popular
sovereignty or it can lead to populist manipulation. As the connectivity increases,
more privacy violations can be committed by governments, corporations or
terrorists. There can be increase in employment discrimination, loss of civic rituals
and communities, causing isolation into one’s own potential community.
2) a) True
b) True
c) False
3) Cyber ethics is a code for ensuring safe and responsible behaviour of the internet
community.
Terminal questions
12.10 REFERENCES AND SUGGESTED

READINGS
1. Alternative Futures Associate. ‘‘Cyber democracy 2001: A Global Scan, August.
2001 for Vivendi Universal Prospective’’. Virginia: Institute for Alternative
Futures. 25 Dec. 2006 <http://www.altfutures.com> .
2. Lawrence Liang. “Regulation of Cyberspace or a medium”. Alternative Law

Forum. 21 Nov.2005 <http://www.altlawforum. org / PUBLICATIONS/
Regulation%20of %20 Cyber>.
3. Perry Barlow. “Thinking Globally, Acting globally”. Cyber-Rights Electronic List.

15 Jan. 1996.
4. Richard K. Moore. “Democracy and Cyberspace”. presented at International

Conference on discourse and decision making in the Information Age. 1997. 24
Dec. 2006 <http://cyberjournal. org /cj/rkm/TS/sep97cyberspace.shtml>.
5. Roger Clarke. “Information Technology and Cyberspace: their impact on Rights

and Liberties”. addressed to New Right’s seminar series of the Victorian council
for civil liberties. 13th Sept. 1995, Miettas Melbourne. 26 Dec. 2005 <http://
www.anu.edu.au/people/Roger.Clarke/II/VicCCL.html>.
6. UNDP. ‘‘The Virtual Freedom of Expression Handbook on broadcast and

print regulation. Article 19”. Human Development Report. Human Development
Report Office, 1999.
48
Digital Divide
UNIT 13 DIGITAL DIVIDE
Structure
13.1 Introduction
13.2 Objectives
13.3 Concept of Digital Divide
13.3.1 Knowledge Gap Hypothesis
13.4 Reasons for the Existence of the Divide

13.5 Dimensions of the Divide
13.5.1 Global Dimensions of Digital Divide
13.5.2 National Dimensions of Digital Divide
13.5.3 Connectivity Based Divide
13.6 Impact of Digital Divide

13.6.1 On Employment
13.6.2 On Development
13.6.3 On National & Social Interest
13.7 Measures to Bridge the Divide

13.8 Digital Divide & Indian Scenario
13.9 Summary
13.1 INTRODUCTION
Information and communication technologies (ICT) can offer vast advantages to the
whole mankind. ICT could bring information and many services to those who have
been hitherto denied of them .The opportunities for social and economic development
which can not be availed by the people because of inaccessibility and lack of information
will now be available to all. This information could be used for trade, online education,
telemedicine, e-government and many other applications that solve vital problems in
the developing countries. It could open up new possibilities for more transparent and
efficient public administration/governance everywhere. It could distribute knowledge
and expertise in the areas of education and public health from the centers of expertise
to the remote corners of our country. But the advantages of ICT are not reaching to the
people who need it most. Its benefit is going mostly to those who are already well
placed. It has given birth to a new kind of division not only at international even at
national level. This division is between those who have access to ICT and those who
don’t have. This division is popularly referred as ‘Digital Divide’.
5
Emerging Social Issues
from Cyberspace 13.2 OBJECTIVES
• explain what is Digital Divide;
• state the reasons for the existence of digital divide;
• describe the different dimensions of the digital divide;
• list the problems created by the divide;
• explain the possible measures to bridge the divide; and
• describe the challenges posed by the digital divide and the responses of the
government of India.
13.3 CONCEPT OF DIGITAL DIVIDE

As evident, the term ‘Digital Divide’ combines two words in itself: ‘Digital’ & ‘Divide’.
The term ‘Digital’ here refers to Information & Communication Technology (ICT) while
‘Divide’ means differences, disparity or gap. In general, the digital divide is a phenomenon
wherein those who have access to ICT are benefited by the use of it. Their economic
well being is ensured in the form of highly paid jobs and more business opportunities,
while those who do not have the access to ICT remain aloof of these benefits and
hence comparatively they are in a disadvantageous position. The divide does not affect
only economically but socially as well. Hence the digital divide is the socio-economic
difference between peoples in their access to ICT. The term also refers to gaps between
groups in their ability to use ICTs due to varying literacy and technical skills, and the
gap in availability of quality, useful digital content. The divide is seen as a socio-
economic problem.
The term was used for the first time in the mid-1990s in reference to the disparity in
Internet access between rural and urban United States of America. The idea of the
digital divide , as put by some scholars, echoes of reservations against claims of the
revolutionary power of the ICT. It is commonly suggested that the ICT is transforming
society by bridging the distance or gap. Against this the skeptics have pointed out that
ICT is forming a new kind of gap and this gap is known as digital divide. Their argument
is based on a hypothesis found in Communications Studies i.e. ‘the knowledge gap
hypothesis’.
13.3.1 Knowledge Gap Hypothesis
The knowledge-gap hypothesis suggests that each new medium of information increases
the gap between the informed class and the uninformed class in the society. Those who
have access to the new medium will get more information than their counterparts. It
was first proposed by Phillip J. Tichenor and his colleagues. However this hypothesis is
applicable more in case of print medium than in non-print medium because in case of
print medium illiteracy also plays a role to widen the gap. The gap was thought to
decrease as television replaces newspaper as a source of knowledge. Because as
compared to newspapers, television requires less literacy. But with the advent of the
ICT, in particular the internet, it is feared that the gap may widen, since it is predominantly
a text medium.
6
Digital Divide
13.4 REASONS FOR EXISTENCE OF DIGITAL
DIVIDE
There are many reasons which are responsible for the existence of the divide:
First is the non availability of a reliable ICT infrastructure to access the internet. The
ICT infrastructure of a country is determined through a number of measures like number
of PCs, tele-density etc. ICT is highly advanced technology and it is available with
select countries. Hence other countries have to import the necessary structure. There is
lack of resources to invest in information infrastructure, and research and development
in most of the developing countries.
Secondly there are problems in accessing the internet regularly. There is the problem of
connectivity i.e. availability of a fast, reliable and cost effective internet connection.
Then there is the cost of accessing the internet which includes telephone tariff and line
rental and cost of Internet Service Provider (ISP). To this may be added the replacement
cost of computer. Cost of Internet access may be prohibitive for many low-income
households. The quality of service provided by ISP is also important. Because of poor
quality of services available due to backward technology it becomes difficult to exploit
benefits of ICT.
Thirdly education is one of the major factors hampering diffusion of ICT amongst
masses. Only those who are not only literates but computer literates can really benefit
from ICT. In developing countries where Governments are still trying to universalize
elementary education computer literacy is a far cry. Hence the divide is bound to exist.
Fourth reason is the availability of relevant material in one’s own language. The most
important benefit of the internet is that it is the vast reservoir of knowledge & information.
However this knowledge should be comprehensible to those who actually require it i.e.
there must be availability of web content in the language of the user. Another challenge
for the user is to find the information. The absence of relevant content may act as a
barrier to Internet access.
Fifth is the digital capacity of the society i.e., e-readiness. E-readiness is the capacity of
the society to incorporate ICT in all its pursuits. The e-readiness of the society primarily
depends upon availability of skilled human resource that is capable of using, improving,
innovating and adapting the new technologies. The different segments of the society viz
the households, business, the government etc. should be willing to accept and absorb
ICT. The government must provide a regulatory framework by making necessary laws
& rules to govern the use of ICT in different sectors of the society. Lesser the readiness,
wider the divide and vice-versa.
13.5 DIMENSIONS OF THE DIVIDE

The concept of digital divide as presented above may give an impression that it is a
clear single gap which divides a society into two groups: information haves & information
havenots, but the gap is much complex than this simple formulation. In the initial stage
the debate on digital divide was focussed on the issue of availability of ICT to all at an
affordable cost. But now many new dimensions have been added to this debate. An
overview of the dimensions of the divide can be presented in following manner : 7
Emerging Social Issues 13.5.1 Global Dimensions of Digital Divide
from Cyberspace
The global digital divide, refers to differences in availability of the ICT between countries
which is reflective of existing economic realities in the world. The developed nations
with the resources to invest in and develop ICT Infrastructure are reaping enormous
benefits from the information age, while developing nations are trailing along at a much
slower pace. This difference in rates of technological progress is widening the economic
disparity between the most developed nations of the world (primarily Canada, the
United States, Japan, and Western Europe) and the underdeveloped and developing
ones (primarily Latin America, Africa, and Southeast Asia), thus creating digital divide.
Between countries, the divide’s features have common characteristics. The level of
national income is strongly related to ICT diffusion and is clearly the distinguishing
feature of the divide between industrialized and developing countries. The cost and
availability of telecommunications determines the extent to which the Internet is used,
and per capita access costs are most often higher in poorer countries. According to the
latest UN Human Development Report, industrialized countries, with only 15% of the
world’s population, are home to 88% of all Internet users. Barely 6 per cent of the
world’s people have ever logged onto the Internet and 85 to 90 per cent of them are in
the industrialized countries. Less than 1% of people in South Asia are online even
though one-fifth of the world’s population lives here. The situation is even worse in
Africa. There are only 1 million Internet users on the entire continent of billion plus
people. In the early 21st century; residents of developed countries enjoy many Internet
services which are not available in developing & under-developed countries, including
widespread internet access, e-commerce, online education etc.
13.5.2 National Dimensions of Digital Divide

Within countries, the digital divide often has common characteristics. Use of the internet
is more common among young generation than older one, men than women, the well
educated than the lesser ones, urban rather than rural population, and those with higher
incomes. In our country some states are ahead of others so far as availability of ICT is
concerned. The states like Maharashtra, Karnataka, Andhra Pradesh etc. are more
advanced in ICT as compared to states like Uttar Pradesh, Bihar, Orrisa etc. Further
ICT is seldom available in villages where it is needed most. Income level is an important
factor since like every other technology ICT has also got a cost and its benefits can be
reaped by those who can pay for it. A study has concluded that the penetration rate of
ICT for the highest income groups is approximately 7 times larger than that for the
lowest income groups. Hence the poor are largely left out of the ICT. Another significant
factor is the level of education, as ICT is basically a print medium. The impact of
education will be discussed below while discussing the reasons for the existence of the
divide. The gender disparity is also visible in case of use of ICT and in most of the
countries the per centage of females is less than one-third of the population on-line.
According to the Human Development Report 1999, the average age of the internet
user is in between 30-40 years. However there is a clear increase in all age groups in
the world as for as use of ICT is concerned.
13.5.3 Connectivity Based Divide

This is an emerging dimension of the divide which has come up due to technological
innovations in the field of ICT. A new kind of digital divide based on the usage of more
8 sophisticated, advanced telecommunication technologies — that include broadband,
WLANs, PDAs and other new information and telecommunication technologies are Digital Divide
emerging. So while developing countries are still in the process of implementing basic
telephony services, advanced countries are focused on rolling out wire line and wireless
broadband services.
Whether digital divide is a simple divide between the haves & havenots ?
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
13.6 IMPACT OF DIGITAL DIVIDE

In this section we are going to discuss the effect of digital divide. There should not be
any kind of divide in the society, all should be equal & every benefit should go to all. But
it’s a distant dream. In fact there are various kinds of divide in the society & digital
divide is one of them. Greater the divide, greater is bound to be the tension between
people and in the society. Due to the impact of the ICT the world is becoming a global
village. The marketing strategies is adopted by the producers with the help of improved
communications technology opposed both rich and poor, equally to the better quality
of life, better consumer goods and so on and thus, they aspire for the same. If those
aspirations are not fulfilled it may lead to frustration and possibly anti social behaviour.
The divide’s impact can be explained as follows:
13.6.1 On Employment
In order to understand the impact of the divide on employment we have to see how
ICT has changed the work scenario in the economy. By removing the obstacles to
communication ICT has made work independent of location. ICT has created a new
class of skilled workers who are highly paid. There is huge demand of software
professionals. The creation of jobs, the nature, content and quality of work, the location
of work, the education & skills required etc. is to be determined by ICT. But the
question is: Will the information economy be a jobs economy? The World Employment
Report 2001 examines this question and is optimistic. There is evidence that employment
ratios are highest in those countries where the use of ICT is most widespread. Use of
the technologies is nevertheless associated with new patterns of job creation and job
loss. And despite the hopeful signs of employment creation, it is clear that jobs will also
be lost through three main channels: obsolescence, automation, and disintermediation.
Certain kind of works, for example, manual record keepers will become obsolete. The
producers & consumers can directly interact on-line so that there is no longer requirement
of channels of distribution. ICT replaces old tasks and occupations through automation, 9
Emerging Social Issues such as the telephone switchboard operator. But the ICT has also created new jobs
from Cyberspace
such as webpage designers or call-centre workers and a variety of new intermediaries.
Hence those who are skilled in ICT are benefited. In such a scenario if there is digital
divide, then those who are at the disadvantaged side have lower job prospects.
13.6.2 On Development
ICT is associated with productivity improvements. The exploitation of the ICT gives
industries of a country a competitive advantage. ICT opens up a whole new avenue of
economic activities including development of hardware and software, online services,
and many others. ICT offers tools that accelerate development and may become shortcut
to economic growth. The countries with the right mix of skills, infrastructure, and policies
could become important locations in global markets for ICT products generally.
Countries as diverse as Brazil, China, Costa Rica, Israel, Malaysia and Romania have
all been able to gain niches in such markets. This benefit of ICT is denied to those
countries that stand at the other side of the digital divide. Thus the existing gap between
the developing & developed countries keeps on widening. ICT has spread at an
astonishing rate. This has created disruptions and divisions in the world. Disruption
occurs because of the inadequacies of existing institutions to cope with the rapid change
and new demands. Institutions and organizations that do not cope up would, risk loss,
irrelevance and closure. Technological changes are favourable to those who are prepared
in advance. The world’s different speeds of change and different stages of preparedness
mean that the existing “digital divides” are certain to widen.
13.6.3 On National and Social Interest

Access to the ICT is an important component of civil life. Telephone (including mobile
services) is often considered important for of security, and in emrgencies. Internet is an
important source of many vital information regarding career, civic life, safety, etc. In the
unit on e-governance we have seen the use of ICT in governmental functions. In that
unit we have seen how the use of the ICT would lead to a healthier democracy by
increased public participation in election and decision making processes. Many social
welfare services are delivered through ICT. ICT improves social mobility by enabling
people to remain in touch with others. ICT plays important role in the learning and
career. The existing digital divide works unfairly to all those in the lower socio-economic
status and all the above mentioned benefits do not accrue. In the ultimate analysis it is
national and social interest which suffers.
What are the harmful effects of the digital divide?

.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
10 .......................................................................................................................
Digital Divide
13.7 MEASURES TO BRIDGE THE DIVIDE
Those who are on the less favourable side of the divide have less opportunity to take
part in new ICT based economy, in which more and more jobs are related to computers.
They have fewer opportunities to take part in the education, training, shopping,
entertainment and communications as compared to those who have access to ICT.
Since now more people are regularly making use of ICT, people who lack accesses to
it are at an increasing disadvantage. Therefore increasing the number of people who
have access to ICT is of vital importance. So now it is imperative to bridge the divide.
The solution lies in the problem itself and ICT is the very tool that can be used to bridge
this divide. There are certain steps which can narrow down the divide if not completely
close it. These have been mentioned below:
1) Providing internet access at public places
The first step to be taken in this direction is to solve the problem of non availability of
infrastructure. Since it is impossible to give everyone the required infrastructure there
can be community approach i.e. all have access to common facilities which are available
at public places like schools and libraries. The lack of infrastructure & financial resources
in many countries suggests that access at public locations will be a relatively cheaper
means for increasing internet access and use. These could either be publicly owned
libraries, community centres, etc. or private cyber cafes, internet cabins. Increasing
Internet connectivity in public places would effectively improve the internet access and
use by those who cannot afford computers.
2) Education matters most of all
Education is vital for reaping the advantages from the emerging ICT era. The promotion
of education and literacy generally, and digital literacy in particular, is a basic step to
bridge the divide. Educational differences underlie the different rates of penetration of
ICT and Internet usage. Efforts have to be made to provide computer education along
with schooling. Providing computer only is insufficient, teachers need to be trained in
ICT. Besides the school goers, large part of the existing workforce also needs to be
trained in ICT. Training them taking into account their needs is the key to narrow the
digital divide.
3) Exploring the various forms of ICT
Besides the Internet, there are other information and communications technologies which
can be helpful. International Telecommunication Union has reported that mobile phones
diffuse faster than the Internet. Thus mobile phones can become alternative routes of
getting information because they are not as demanding as computers and the PC-based
Internet in terms of cost and skills. Even illiterates can use them.
4) Government policies and support
Enhanced governmental support in the form of budgetary allocations, lower taxes and
a regulatory framework are essential for the transition to the ICT society. Besides
economic support the presence of an appropriate telecommunication policy is also
necessary. The deregulated telecommunications market in the European Union has led
to a substantial decline in access cost and a sharp rise in Internet users. Clearly-defined
11
Emerging Social Issues national strategies promoting the development of the Internet and other ICTs – as in the
from Cyberspace
U.K., Japan, or Korea – accelerate the diffusion of Internet use through government
sponsored projects.
5) Uneven distribution of ICT
Last but not the least understanding the causes of the uneven distribution of ICT across
countries is the most important step in bridging the digital divide. As we have seen that
digital divide has got many dimensions. Further there are various factors responsible for
the existence of the digital divide, bridging the digital divide is more complicated than
merely providing computers and internet connections. Bridging the divide has to promote
both broader access to and effective use of, the Internet. It requires cooperation between
governments, the private sectors, and non-governmental organizations.
In what way access to ICT can be provided to those who can not afford it?
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
13.8 DIGITAL DIVIDE & INDIAN SCENARIO

The Scenario
According to an Azim Premji Foundation study, the number of personal computers,

installed in the country is 7.5 million of which the four metros viz. Delhi, Mumbai,
Chennai, and Kolkata accounted for 53 per cent. India has a relatively low tele-
density of 3 per cent for landlines and the target for 2008 is to get the number 20 per
thousand. However there has been substantial increase in cellular subscribers. After
the introduction of the economic reforms in 1991, there has been substantial
improvement in connectivity. Landline infrastructure witnessed a growth rate of 33
per cent while 60.3 per cent growth rate has been registered in case of mobile
telephony. But still position is not satisfactory and much of the provisions are confined
to urban areas while the 70 per cent rural population is gaining access at much slower
rate. The Global Information Technology Report 2001-2002 ranks India 54th out of
a list of 75 countries on a Network Readiness Index.
In order to have the complete picture this data has to be combined with poverty &
education data. In India 30 per cent of the population lives below the poverty line and
12 40 per cent of the population is illiterate. Now the magnitude of the problem can be
visualized. All those reasons which we have discussed as responsible for the divide are Digital Divide
multiplied here. For example, in India we have so many languages and to provide the
relevant information in everyone’s mother tongue becomes a difficult task. Most of our
villages are not connected even with roads.
Governmental Response
The Government of India has taken a number of steps to provide access to ICT. On the
one hand it has relaxed import restrictions and lowered taxes on the import of hardware
so that more people can now afford personal computers. Policies for Electronics and
Information Technology Industry which can be accessed at the Department of
Information Technology website list a number of measures in this regard. To provide
maximum benefit of ICT to masses the Government has embarked on an ambitious
plan for E- Governance. It has been discussed in detail in the unit on E-governance.
Here those measures which directly aim at solving the problem of digital divide are
being mentioned. A number of measures have been taken by the central & state
governments to diffuse ICT and its benefits. Computer systems are being provided in
aided schools, colleges, universities, libraries and internet kiosks have been set up in
villages also. The Akshaya project of Kerala is notable in this regard which aims at
providing e-literacy to one member of every household and also to act as ICT
dissemination points in each village. The Headstart project in Madhya Pradesh aims at
equipping every Middle School with computer. Community Information Centres have
been established in North-Eastern states to provide internet access and e-mail, printing
and computer training to the public. One of the main objectives of governmental effort
is to make the government citizen interface easier and for this purpose efforts have been
made to computerise the functions of the government. In Kerala the citizen’s interface
with the public organizations has been made easier by the project of Fast Reliable
Instantaneous Delivery of Services (FRIENDS). Seven departments and organizations
were identified and the public who had to pay dues like electricity or water bill, property
tax, road tax etc. could, instead of going to the various offices, go to the FRIENDS
centre, which was located in the heart of the city and complete their transaction within
a very short time. In Andhra Pradesh in the Twins project 34 types of certificates and
services which are given by different departments are centralized under the 18 centres
of Twins. The E-Praman software developed by NIC Himachal Pradesh is a system,
wherein the applicant visiting the Sub-Divisional Magistrate can obtain the desired
certificate in a neat, structured and standardised form on the submission of the
application along with relevant papers, within minutes. However despite all these efforts
the situation is far from satisfactory. Most of the ICT facilities are clustered in few
states. As compared to other countries India is lagging behind in terms of technology,
infrastructure and investments. In the Broadband Policy 2004 it has been accepted by
the government that the current level of Internet and Broadband access in the country is
low as compared to many Asian countries. Penetration of Broadband, Internet and
Personal Computer (PC) in the country was 0.02%, 0.4% and 0.8% respectively at
the end of December, 2003. According to news appeared in The Hindu India stands
virtually at the bottom of the world table when it comes to high-speed networking and
digital connectivity. India lags at least ten years behind the world leaders, the United
States and Western Europe. It is at least three to four years behind countries such as
Brazil and China, and only two to three years ahead of the Central Asian Republics and
Africa. Therefore we have to go a long way before there is an appreciable decline in the
divide.
13
Emerging Social Issues Please answer the following Self Assessment Question.
from Cyberspace
What is the current status of network & connectivity in India?

.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
13.9 SUMMARY
• Digital Divide refers to the gap between those who have access to ICT and those
who have not.
• The divide is not a unitary concept but a multi-dimensional problem. Some of its
dimensions are
– Global digital divide i.e. the divide between the countries in their capacity to
adopt and use ICT.
– National dimension of digital divide; in a country ICT is not evenly spread in
all regions, over all societies. There is also a gender and generation based
digital divide.
– Due to technological innovations like broadband, witi etc there is an
emerging connectivity based digital divide.
• The divide exists because of:
– Non availability of ICT infrastructure;
– High installation and access cost;
– Low level of education and e-literacy;
– Lack of relevant content in mother tongue.
• The divide has adverse impact on
– Employment
– Development
– National and social interest
• Certain measures can be taken to bridge the divide. These are:
14 – Making ICT accessible to all
– Universalizing education including computer education Digital Divide
– Through governmental support
– Understanding the causes of the divide and remedying them
• In India the position of digital divide is serious both in terms of global and national
dimensions of digital divide.
• Governments have taken certain steps in this direction. Major steps are:
– Promotion of e-literacy
– E-governance

1) Explain the concept of digital divide. Whether it is a singular concept?
2) What are the reasons responsible for the existence of the digital divide?
3) Do you think that the divide can be closed? If yes, how it can be done?
4) Do you think that with the present state of infrastructure can India become global
software giant?

1) Digital divide is primarily the divide between those who have access to ICT and
those who have not. But this simple statement does not cover the whole concept
of digital divide. The divide has got many dimensions. There is (i) a divide at
global level, (ii) a divide at national level, and (iii) connecting bored divide.
2) Digital divide harms in many ways. It affects people by restricting employment
opportunities and through denial of benefits of ICT. If affects countries by slowing
down their economic growth and development.
3) Access to ICT can be provided by installing computer systems at public places
like Schools, libraries community centre etc. By encouraging private persons to
establish internet kiosks will also help in diffusion of ICT.
4) According to the latest reports the penetration of broadband, internet and personal
computer in the country is 0.02%, 0.04% and 0.08% respectively. India has a tele
density of 3 per cent for landlines. The Global Information Technology Report
2001-2002 ranks India 54th out of a list of 75 countries on a Network Readiness
Index.
Terminal Questions
1) Refer to section 13.3 & 13.5 of the unit.
15
from Cyberspace 13.12 REFERENCES AND SUGGESTED READINGS
1. Arunabha Ghosh and Nandan Kamath. “Is the Internet really the leveller?”. India
Together. 7th Mar. 2006.
2. ‘‘Digitaldivide’’. Wikipledia:The free dictionary.com.mirror. 26 Dec.2006

<http://encyclopedia.thefreedictionary.com/>.
3. ‘‘ Employment strategy (EMP/TRENDS)-World Employment Report 2001’’.

International Labour Organisation. Sept. 2004.10Jan.2006<http://www.ilo.org/
public/english/employment/strat/wer2001.html>.
4. N. Vittal. ‘‘Emerging Trends in Business: Role of Government & Industry’’.

Paper presented in the IPM Seminar. Meerut.28 Jan. 2002. 4 Jan.2007
<http://cvc.nic.in/>.
5. Sandeep Ajgaonkar. “ITU Telecom Asia 2002: Spotting trends in

communications”. Network Magazine. Jan. 2003. 10 Jan. 2006. <http://
www.networkmagazineindia.com>.
6. Subhash Bhatnagar. “Digital Divide: Where Does India Stand? And the Way
Forward”. Workshop on Scaling up ICT for Poverty Alleviation in India. Indian
Institute of Management. Ahmedabad. 26-27 Feb. 2004.
7. The Four Digital Divides. Ed. Kenneth Keniston and Deepak Kumar. New Delhi:
Sage Publishers, 2003.
8. Wenhong Chen and Barry Wellman Net Lab. “Charting and Bridging Digital
Divides: Comparing Socio-economic, Gender. Life Stage, and Rural-Urban
Internet Access and Use in Eight Countries’’. NetLab Centre for Urban and
Community Studies, University of Toronto, For the AMD Global Consumer
Advisory Board (GCAB). 27 Oct. 2003. Digital divide : A-T-Archive
(E-government Resource Centre). 2Dec.2005. 11 Jan. 2006. <http://
www.egov.vic.gov.au/>.
9. ‘‘World Summit on the Information Society Outcome Documents Geneva 2003,

Tunis 2005’’. WSIS 2007. 16. Nov. 2006.12 Jan.2007 <http://www.itu.int/wsis/
basic/index.html>.
16
Digital Divide
17
Expert Committee
Prof. N.R. Madhava Menon Dr. B.K. Keayla Dr. Anirban Mazumdar
Chairman Secretary General and West Bengal National
Former Director, National Judicial Managing Trustee Centre for University of Juridical
Academy, Bhopal Sciences, Kolkata
Study of Global Trade
Member, Commission on Centre System and Development Mr. Sanjay Parikh
States Relations, New Delhi New Delhi Advocate, Supreme Court
New Delhi
Prof. D.N. Jauhar Mr. Zakir Thomas Prof. Biswajit Dhar
Department of Law Former Registrar International Institute of
Punjab University, Chandigarh Copyrights, Govt. of India Foreign Trade, New Delhi
Prof. Dinesh Kumar Abrol Addl. Director Income Tax Prof. Pandav Nayak
Senior Scientist, National New Delhi SOSS, IGNOU
Institute of Science, Technology Ms. Kiron Prabhakar Prof. Srikrishna Deva Rao
and Development Studies Advocate Director, SOL, IGNOU
New Delhi J. Sagar Associates Ms. Gurmeet Kaur
New Delhi SOL, IGNOU
Dr. Raman Mital
Reader, Faculty of Law Ms. Suneet Kashyap
Dr. G.. C. Bharuka SOL, IGNOU
University of Delhi Judge High Court (Retd.)
Delhi Mr. Anand Gupta
New Delhi
SOL, IGNOU
Programme Coordinator: Ms. Gurmeet Kaur, SOL, IGNOU
We acknowledge our thanks to Prof. S.C. Garg, Former PVC and Director (I/c) SOL and Prof. B.S.
Saraswat, former Director (I/c), SOLfor facilitating the development of the programme.
Block Preparation Team

Unit Writer Language Editor
Mr. Pawan Kumar Srivastava Ms. Malathy A
Former Lecturer Lecturer in English
SOL, IGNOU (Unit 13) SOH, IGNOU
Ms. Harleen Kaur
Advocate (Unit 14) Format Editors
Ms. Gurmeet Kaur
Ms. Suneet Kashyap
Lecturer
SOL, IGNOU (Unit 15)
SOL, IGNOU
Content Editor Prof. Madhu Prahar
Mr. P. Puneeth STRIDE, IGNOU
Assistant Research Professor
Indian Law Institute
New Delhi
Course Coordinator: Ms. Gurmeet Kaur, SOL, IGNOU
Print Production
Sh. Yashpal Word Processing
Section Officer (Pub.) Shri Mahesh Kumar
School of Law Shri Rishi Raj
IGNOU Ms. Manisha Saini
March, 2008
© Indira Gandhi Naitonal Open University, 2008
ISBN: 978-81-266-3323-4
All rights reserved. No part of this work may be reproduced in any form, by mimeograph or any other means,
without permission in writing from the copyright holder.
Further information on the Indira Gandhi National Open University courses may be obtained from the
University’s office at Maidan Garhi, New Delhi-110 068 or the official website of IGNOU at www.ignou.ac.in
Printed and published on behalf of Indira Gandhi National Open University, New Delhi by Director, SOL,
IGNOU.
Cover Design: ADA Graphics, G-15, Naraina Vihar, New Delhi
Laser Typeset : Rajshree Computers, V-166A, Bhagwati Vihar, Uttam Ngr. (Near Sec.-2, Dwarka), N.D.-59
Printed at :
Promotions of Global
UNIT 14 PROMOTIONS OF GLOBAL Commons
COMMONS
Structure
14.1 Introduction
14.2 Objectives
14.3 The Idea of the Commons
14.4 Intellectual Property Rights and Global Commons
14.5 Promotion of Global Commons in India
14.6 Global Publics in India
14.7 Global and Local Tensions
14.7.1 Impact of the Globalisation of Intellectual Property on the Practices
of the Marginal Electronic Culture
14.7.2 Recent Claim Made by Rajnikant for Protecting the Sign that he Uses in his
Blockbuster Baba (2002)
14.8 Possibility of Expanding the Commons through Reciprocity

14.9 Creative Commons Movement
14.9.1 iCommons
14.10 Digital Commons

14.11 Summary
14.1 INTRODUCTION
Internet is a non-monetized domain of communications, it is global in nature, an open
global commons, and is made up of a host of other publicly accessible networks for the
common benefit. It has drastically reduced the cost of long distance communication as
it connects a hundred- thousand networks of the entire world, which may be hosted, by
Government agencies, private companies, universities etc. Similarly the content of
Internet is a voluntary common, anyone can be publishers, and every type of subject
matter of all levels of quality is available. As the Internet is the most suitable medium for
global trade and exchange of services, it becomes necessary to understand the idea of
global commons being articulated in the context of politics of protection of legal rights in
artistic and literary works, inventions, trademarks and other original creations. Such
rights are collectively known as Intellectual Property Rights (IPR) in this era of
globalisation. 17
from Cyberspace 14.2 OBJECTIVES
• explain the concept of global commons as identified with the realms of high
technology (cyberspace);
• identify the idea of commons as articulated in the context of protection of intellectual

property rights;
• describe the usage of the term ‘public’ in India within the realm of cyberspace and
new media;
• illustrate the global publics in India used as symbolic fiction to critically evaluate
the intellectual property rights;
• determine the impact that globalisation has on intellectual property rights; and
• know about the creative commons movement, icommons and digital commons.
14.3 THE IDEA OF THE COMMONS

The idea of the commons is not new and goes back to hundreds of years, it originated
in Roman times, when three types of property were recognised first was res private
(things capable of being possessed by individual or family), second was res publicae
(things built by state for use of public in general); such property could not either be sold
or purchased for e.g. roads. The third was res communes (natural things common to all
mankind) for e.g. water and air. In the United Kingdom during the Middle Ages, land
was not owned by any person or institution and it was shared and used by all villagers
for planting crops and harvesting wood; other natural resources such as forests, fisheries,
and minerals were treated as res communes belonging to the public. However in the
17th century, the doctrine of terra nullius (land is not the property of the state and
anybody who first occupies it can keep it) emerged. In the 18th century there was
emergence of privatisation of property by elite group (land owners). Today it means
privatisation by corporation, any way what we notice is the fact that property which
earlier belonged to all, now belongs to a few, declining the idea of commons. In the era
of globalisation various business transactions take place through Internet. Commerce
on Internet involves the sale and licensing of intellectual property. For the promotion of
any business it is necessary that the intellectual property will not be pirated and the
buyer must know that they are obtaining authentic and not pirated products. This can
be done through copyright by which the creativity and knowledge of the creator/author/
artist has become his private intellectual property right. However in recent times, a new
task of rebuilding the idea of commons recognising the common heritage principle has
emerged where free availability or free access to content is the key characteristic. In the
world of technology, the use of internet and thereby creation of cyberspace has broken
the notion of boundaries. Now we are concerned with the concept of global commons,
and the open source software movements also generate the idea that there should be
open publication and open access to content.
18
14.4 INTELLECTUAL PROPERTY RIGHTS AND Commons
GLOBAL COMMONS
The basic concept of intellectual property law arose in the 18th century out of the
technological and social individualism of cultural production. According to Lawrence
Liang, IPR has come to dominate almost every aspect of life, what we call the public
domain is now dominated by images, signs, inventions and products which are protected
by one form of intellectual property or another and those who oppose current practices
of Intellectual Property Law, often argued that:
1) Expansion of IPR into public life has resulted in a privatisation of the public domain
itself, where increasingly almost every cultural resource is the subject of protection
and therefore has caused shrinkage of the public domain.
2) Scholars like Rosemary Coombe have consistently argued that the very practice
of a political public domain has relied on the ability of various people (consumers)
to engage in critical dialogic practices and these practices do not merely take
existing signs for what they are but through processes of appropriation, re-
codification and transformation determine what meaning itself has.
3) If all signs are the subject of IPR and entitled to protection, there is a danger that
dialogic practices themselves are under threat as the owner of the sign will have
the ability to determine the scope of the use of such signs, and that the owners of
these signs will have the ability to freeze the meanings of these signs and hence
curtail the very possibility of critical dialogue.
However at a wider level it raises the larger issue of the relationship between information
and property and the forms and the implications that the internet and cyberspace have
for the classical understanding of information and property.
No doubt the commerce on Internet has paved the way for a global trade: Some of the
potential IPR issues that arose with regard to electronic copyrights are:–
1) The liability of on-line service providers.
2) Fair use of copyrighted material, effective management of copyright information.
3) An effective patent system.
4) International standards for determining the validity of patent claims.
5) Litigation that may arise due to trademarks.
6) Similarity of Internet domain names and registered trademarks.
14.5 PROMOTION OF GLOBAL COMMONS

IN INDIA
During the past several years, India has not taken any major initiatives in the direction
of protection of Intellectual Property Rights, in tune with global developments.
Now attempts have been made to analyse the tenability of the copyright system to
decide whether it is just or unjust. What can be done to protect the author’s right and
what alternative can be offered to prevent privatisation of creativity?
19
Emerging Social Issues Ravi Sundaram in his article “Beyond the Nationalist Panopticon: the Experience of
from Cyberspace
Cyberpublics in India”, has analysed the usage of the term public in India in the context
of cyberspace. He has tried to map the “user” into three, overlapping cyberpublics.
The term “public” is used very loosely, indicating a cyber community in the making,
where mutual rituals of initiation and excursion are only now being invented. The three
cyber publics identified are: the national state, the trans-national elite, and the space
between the market and the state. He says that if one were to adopt a certain diffusionary
model of the spread of cyber practices in India, we would have to consider the following:
a) The simple fact of India being a peripheral society in the capitalist world-economy,
with one of the lowest saturation rate of telephones in the world and only a small
minority of the population having electricity.
b) India has no tradition of cyberpunk; in fact there is no indigenous science fiction
tradition. Most existing cultural communities have remained ambivalent about
technology. Historically, representations of science and technology have been state-
sponsored and social-realist in form. Despite this, a significant number of people
are linked to electronic networks in India and the number is fast growing. For a
Third World country with inequalities like India this is quite remarkable. What is
significant is that ‘cyberspace’ has emerged as a significant term in public discourse
in India, becoming the focal point of much coverage and speculation in the media.
Behind all of this is the growing community of users. There are various publics at
play in the use of the idea of the public.
Let us now discuss the cyber publics in India. The first is the nation state, Ravi Sundaram
has identified three movements in the formation of the public in India, the first is nation
building which can be categorised as ‘national public’. This public was formed through
various discursive practices of the state from the 50s to the 60s and by the 80s, through
the first media revolution initiated by the establishment of the National Informatics
Centre (NIC). National Informatics Centre set up in the mid 1970s to promote
computerisation in administration, is a premier Service and Technology (S&T)
organization of the Government of India in the field of Informatics Services and
Information Technology (IT) applications. It has been instrumental in steering
Information and Communication Technology (ICT) applications in Government
Departments at Centre, State and District level, facilitating improvement in govern-
ment services, wider transparency in government functions, and improvement in
decentralized planning and management. To facilitate this, NIC has established a
nationwide ICT Network, NICNET – with gateway nodes in about 53 Central
Government Departments, 35 State/UT Secretariats and 603 District Collectorate, for
IT services. This nationwide Computer-Communication Network, NICNET has
been designated as the Government Network. NICNET has been offering network
services over KU-band VSATs (SCPC DAMA & FTDMA Satellite broadband
DVB), Wireless Metropolitan Area Networks (MANs) and Local Area Networks
(LANs) with NICNET gateway for Internet resources. According to Sundaram
the significance of NICNET was not only that it brought more computers in to
administration and education and that it intended to change the very deployment of
power. It also had an aggressive ‘public’ profile and sought to mould a new state
cyber public from the late 1980s onwards, through regular, well-publicised
demonstrations on networking, e-mail and international connectivity. It was unusual
for a state organization in India to adopt such an aggressive public profile and this
brought NICNET into conflict with other institutions of the state which argued for the
20 older, more centralized bureaucratic forms of control.
The second cyber public are the translational elite, i.e. cyber elites developing the web Promotions of Global
Commons
sites. The elite cyber public occupies a hybrid space in the cross border practices,
attempting to emancipate itself from the nation, its border and its political public. Today
in the 1990s, both state and private networks had spread to connect around 120,000
users in India. The third cyber public as identified by Sunderam is that of space between
market and the state. However there are a number of cyber publics in India unconstrained
by either the state or the trans-national market and similarly there are also a number of
global publics in India. The developments in the entertainment and film industry with the
developments in the open source movements (open source is the means by which the
development of non proprietary software is ensured, facilitating innovation and
creativity) etc can be taken to illustrate various global publics in India.

What does the term ‘public’ used by Ravi Sundaram include?
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
14.6 GLOBAL PUBLICS IN INDIA

If one has to define the term global commons, the task is not easy. What comprises the
global common is a matter on which there is no clear agreement; basically the term
conveys that what crosses the national boundaries becomes part of the global common.
In the realm of cyberspace the idea of global commons can be used to support the
open source movement and to reappraise the development of the public domain of
creativity and knowledge. The privatisation of our past and present cultural heritage is
devastating for the further development of our cultural life (Locke in Boyle 1966:9).
Lawrence has taken the idea of global public to criticize the politics of Intellectual
property, the example of the filmstar Rajnikant is taken, who decided to protect a
particular sign that he used in a particular film. In the past few years the importance of
the ‘overseas’ market has resulted in a few changes in the very structure of the film
industry in India which has found a new audience in the US and the UK. There is a shift
in the value of the star as a national or local commodity to being a global commodity;
this is the entry point of the star into the global entertainment industry. This uses the
dialect of intellectual property, i.e. the star is a valuable commodity which has been
create through various procedures of investment, and these investments need to be
protected from unauthorized appropriations. This shows that there is conversion from a
popular and informal use of the language of intellectual property. ‘Rajnikant’s trademark
style’ is concerned into a formalised language with no other option, i.e. Rajnikant actually
trade marking his style. An Indian techno artist has become a global common, dealing
on equal terms with global contemporaries. Lawrence says the star value cannot be
framed and crafted in a manner which is independent of the investment made by his/her 21
Emerging Social Issues fans and the mimic artists. And that the Rajnikant persona is itself a result of various acts
from Cyberspace
of appropriation and transformation. Thus when he seeks to protect his image from
these fans and the mimic artists, it sounds deceptively like the story of the emergence of
intellectual property enforcement in India with the state being asked by its new found
global alliance to crack down on infringement. The story of India’s emergence as an IT
superpower cannot be a story told only within nationalist framework of software
engineers from the various IITs but also about the countless vendors of software and
hardware who have provided the infrastructure backbone of the IT industry, a backbone
used by both the cyber elite and the many experimental users living on the marginality of
the electronic industry experiencing their version of ‘new media’ to transform their
contemporary realities. Therefore, if Rajnikant did not previously have a problem with
the mimic artists, the state did not either understand nor could it control the ‘grey
economy’ and in that version of the story, this economy existed in the marginal spaces
of legality and illegality. With the mapping of the global upon the local, various domains
of relationships and transactions gain a visibility which they previously did not have,
transforming them into acts clearly illegal and volatile of the very structures that would
make their entry point into the global possible.
Within this large complex scenario, there are also many cyber elites who do not watch
films or rather do not have the need to. These users could be metaphorically equated to
the various users in India having great access to the global debate on intellectual property
and contributing and shaping the new reality of software ownership and production.
They have the greatest access to the terms of the debate on the global commons in
cyberspace and in code, but because of the time that they have spent in cyberspace
have had little time to see the changes that have taken place in the landscape outside
their doors. And yet their practices (free operating systems for instance) could also
facilitate the conditions of the mimic artists’ re entry into electronic culture after their
existing market places have been shut by the global offices of Microsoft and at all.
14.7 GLOBAL AND LOCAL TENSIONS

In an attempt to map out the space of the global within that of national or local, some of
the tensions that arise while making such an attempt as examined by Lawrence are as
follows:
14.7.1 Impact of the Globalisation of Intellectual Property on

the Practices of the Marginal Electronic Culture
Today the information and communication technology, especially the internet, plays a
great role in constituting the very process that we now understand as globalisation.
There have been various levels of descriptive frameworks used to understand the ongoing
process. The trans-national organizations such as the World Bank and the World Trade
Organization have played a great role in the process of globalisation. The chief aim of
the WTO is the establishment of standard rules and regulations for trade, and ensuring
that legal systems across the world comply with the established global standard for the
protection of intellectual property rights. WIPO (World Intellectual Property
Organization) is also an International agency that works for promotion of international
agreements on copyright, patents, trademarks and other original creations. It is playing
a great role in educating intellectual property officials worldwide about the importance
of establishing and implementing strong intellectual property laws. In India, there has
22 been a copyright law in place from 1957 and it has only in the years 1992 that there has
been an active demand to enforce IPR more stringently. The need for enforcement has Promotions of Global
Commons
translated into a public-private partnership between the info entertainment industry and
the state. It is therefore acceptable to say that all the debates that take place in the
world currently on intellectual property are preceded by the socio economic forces of
globalisation, and that these forces are have even makes the debate possible.
14.7.2 Recent Claim Made by Rajnikant to Protect the Sign that he
Uses in his Latest Blockbuster Baba (2002)
In 2002, the biggest star of the South Indian film industry Rajnikant launched his
megasection film Baba amid much fanfare which included an announcement that
Rajnikant had decided to protect a particular sign that he uses in the film. It was unclear
as to how he could protect this sign and under what law but from our point of view what
was interesting was the fact that he had decided that it was important for him to have
this sign protected. For many years Rajnikant has been cultivating a certain image which
has included a number of antics like the way he lights his cigarettes or the manner in
which he wears his sun glasses etc to the extent that one would always in popular usage
refer to them as Rajnikant’s trademark style. So what then was the motivation in 2002
for him to want official protection for these signs? There are a number of attributed
reasons, one of them being the fact that given his popularity, within days or weeks of the
release of his film, elements of the film are incorporated into other films or his actions
are emulated by other artists across Tamil Nadu. Rajnikant felt that he needed to protect
himself against such appropriation and the best way for him to do this would be through
claiming intellectual property rights over his image.

What is the chief aim of WTO?
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
14.8 POSSIBILITY OF EXPANDING THE

COMMONS THROUGH RECIPROCITY
The world has previously faced analogous barriers, in the form of protectionist
restrictions to free trade, restrictions that appeared to serve national self interest and
in fact deprived all the benefits of free trade. Through the GATT (the General
Agreement on Tariffs and Trade), which was negotiated in 1947, and converted into
the WTO (the World Trade Organization) in 1995, diplomats found a way to lower
protectionist restrictions by negotiating on the basis of reciprocity: “I’ll lower my tariffs
and help your exports if you’ll lower yours and help my exports.” The resulting GATT/
23
Emerging Social Issues WTO system has a variety of codes and rules requiring the dismantling of particular
from Cyberspace
trade barriers. These are regularly revised and improved in negotiating rounds such as
current Doha Round or the Uruguay Round that led to the 1995 creation of the WTO.
The process has been so successful that the last half of the 20th century has seen an
unprecedented growth in International Trade.
14.9 CREATIVE COMMONS MOVEMENT

Creative Commons is an American charity founded by the radical libertarian legal
scholar, Lawrence Lessig. Its aim is to help cultural creators to give up some of their
copyrights by creating the required legal framework of licences. David M Berry says
Creative commons laudably wishes to encourage the sharing and openness in wider
culture that have typified movements like the Free/Libre and Open Source movement,
who freely share computer codes, expertise and knowledge across the internet.
According to Becky Hogge, Creative Commons licences allow authors to release their
works “some rights reserved” selectively asserting the different rights that are
established by copyright law, such as distribution, attribution and releasing the right to
provide derivative works, and releasing the rest to the “network of ends”. Their
inspiration is the Free Software or “copy left” licence, the GNU General Public, which
is used in free and open source software and allows programmers to read, adapt and
release new version of a computer program’s source code. But creative commons
could not pick and choose who uses its licences since they are tools made available to
all. As the popularity of the licences grows, they are sure to be embraced by organizations
that are less than attractive to the early adopters. To counter negative effects on the
free culture, enthusiasts who form the core of the movement have established a new
arm, the iCommons.
14.9.1 iCOMMONS
The iCommons is an international organization that has grown out of the creative
commons movement. In the words of Becky Hogg, the iCommons aims to incubate
and connect projects that are working towards a global digital commons. As it is less
concerned with the legal code that is available to all and more connected with common
practice, the iCommons is the perfect altar at which free software and free culture
pioneers may lay their aspirations for the movement. But will they? For many, the
message behind iCommons isn’t clear. According to Lawrence Lessig, creative Commons
does not tell you how you should be free, it provides you with tools, real things, which
let you achieve the freedoms you believe in, and commons will be the same. But no
matter what the Creative Commons Board believes. Their self-appointed advocates
around the world were drawn to Creative Commons in part because of a perceived
shared ideology. “We need trust and faith in each other”, counters Lessig, “We need a
recognition that we have a common purpose. Don’t tell me that I need to tell you what
that is, because we’ll never agree, but we do have a common purpose.”
14.10 DIGITAL COMMONS

An enriching form of individual creativity and technology is inventing a new global space,
the digital commons, that recognises that creation is not produced out of a vacuum; we
inevitably build upon the works of others, be it consciously or subconsciously and this
is because of advances in digital technology and communications networks that we are
24 entering a new era of creative production.
In Digital commons, users are creating culture and knowledge, be it by blogging, making Promotions of Global
Commons
videos, remixing songs, or writing software. While it may manifest itself in different
ways in different places, this movement, much like the nature of the internet itself, has
become a truly global one, and has served to transcend barriers across cultures. Elizabeth
Stark explains by giving an example of her posting a mix of Brazilian Baile funk music
on her blog online and allowing others free access to it, that she had entered the
“cultural commons”, or a common space of cultural information that is available for the
public at large to share, rework, and remix. Another example, she quotes is of old
books or films (before 1923 in the US) where the copyright has expired and is now in
the public domain as well as the massive amount of knowledge contained in
‘Wikipedia’, the world’s largest user-created encyclopaedia, would be a part of this
growing pool of global information. As opposed to opting for traditional copyright,
which would lock down a work and prevent such access or reworking, creators may
opt for various licences, including those of Creative Commons, to add to this knowledge
space. But there are certain threats to the progress as be enter the era of democratic
cultural production, the law is increasingly out of touch with reality. There’s a complete
lack of congruence between what is on the books and what is actually happening in the
real (or digital) world. The vast majority of the remixes out there, believe it or not, are
illegal. Ranging from video lip synching to recreating film trailers, they infringe on the
copyright law that has been harmonised throughout most of the modern world. Digital
rights management (DRM), or technologies that restrict access to a particular digital
work, such as not allowing users to print pages of e-Books or make a copy of a digital
music file, poses a serious threat to the development of the digital commons. In spite of
this, David M Berry argues, the project of free culture deserves support — it has a
commitment to open knowledge, the transferability of information goods between rich
and poor countries and offers an alternative way of producing and organizing culture. It
also raises important questions about the wider co modification of our cultural sphere.
14.11 SUMMARY
• Internet is an open global common connecting a number of networks of the entire
world thereby reducing the cost of long distance communication.
• In the era of globalisation, the idea of the common got articulated in the context of
protection of intellectual property rights.
• To understand the spread of cyber practice in India, the concept of ‘public’ in
relation to India has to be understood.
• The term ‘public’ as identified in the Indian context can be categorised as national
public, cyber elites and global public.
• The idea of global common can be used as symbolic fiction in determining the
policies framed for protection of intellectual property rights and this can be done
by identifying global publics in India, pointing the global economy through the
instance of entertainment and film industry.
• In mapping out the space of global common within that of nation or local, the issue
of the impact of globalisation on practices of electronic culture often arises.
25
Emerging Social Issues • For the growth of international trade, the need is to promote global commons
from Cyberspace
through the principle of reciprocity.
• Creative commons movement was founded by Lawrence Lessig with the aim to
help creators to give up some of their copyrights to encourage sharing and openness.
• icommon is an international organization and has grown out of the creative
commons movement.
• Now there is a move towards formation of new global space of digital commons
where users are creating culture and knowledge for e.g. by making videos, remixing
songs etc.

1) What was the concept of Global commons in Roman times and in England?
2) What is the new concept of Global Common and with which technology is it
identified?

1) The term ‘public’ used by Sundram includes national public, trans-national elites
and the space between market and the state.
2) The chief aim of WTO is the establishment of standard rules and regulations for
trade, and ensuring that legal systems across the world comply with the established
global standard for the protection of intellectual property rights.
Terminal Questions
2) In the era of globalisation, the commons has emerged as the new global marketplace
for products and services i.e., the market whose rules of engagement and terms of
operation have been substantially altered by the prominence that it gives to
intellectual property and is particularly identified with the realms of high
technology in the form of cyberspace and the various open source movements in
software itself. Refer to sections 14.5,14.6, 14.9, and 14.10.

1. ‘‘History of the commons’’. friendsofthecommons.org. 14 Sept. 2006. 20 Dec.
2006 <http://friendso fthecommons.org/understanding/history/html>.
2. BeckyHogge. “what moves a movement?” open democracy.net. 27 June.2006.

21 Dec.2006 <http://www.opendemocracy.net>.
3. David M Berry. “The Global Digital Commons and other unlikely tales’’. open
democracy.net. 26 June.2006. 21 Dec. 2006<http://www.opendemocracy.net>.
26
4. Elizabeth. “free culture and the internet a new semiotic democracy’’. open Commons
democracy.net. 20 June.2006. 21 Dec. 2006<http://www.opendemocracy.net>.
5. Lawrence Liang. “Global Commons, Public Space and Contemporary IPR”. Media
Development 18 Dec. 2004. 19 Oct. 2006<http://www.altlawforum.org/
PUBLICATIONS/document.>.
6. Ravi Sundaram. “Beyond the Nationalist panopticon: the experience of cyberpublic

in India’’. 18 Dec.2005. 19 Oct. 2006 <http://amsterdam.nettime.org/lists-archuis/
nettime-1 - 9611/mss00018.html.>.
7. Ravi Sundaram. “Recycling modernity; pirate electronic cultures in India”. Sarai

Reader 01. The Public Domain. pp.93-99.
8. Richard K. More. “Democracy and Cyberspace”. presented at “International

Conference on Discourse and Decision Making in the Information Age.
1997. 23 Aug. 2006. 20 Dec.2006 <http://cyberjournal. org/cj/rkm/TS/
sep97cyberspace.html>.
9. Satellite Communication Group. NIC, DIT, MoCIT, Govt of India. 2 Jan. 2007
<http://satcom.nic.in/about.html.>.
10. Suresh t. Vishvanathan. The Indian Cyber Laws. 2nd ed. New Delhi: Bharat Law
House, 2001.
27
from Cyberspace UNIT 15 OPEN SOURCE MOVEMENT
Structure
15.1 Introduction
15.2 Objectives
15.3 History of Open Source
15.4 Types of Software
15.5 Desirable Software Attributes
15.6 Advantages of Open Source Software
15.7 Legal Issues

15.7.1 Copyright
15.7.2 Software Patents
15.8 Other Successful Open Source Software
15.9 Applications of Open Source in Other Fields
15.10 Summary
15.1 INTRODUCTION
Open source is a set of principles and practices that promote access to the design and
productions of goods and knowledge. The term is commonly applied to the source
code knowledge. The term is commonly applied to the source code of software that is
available to the general public with relaxed or non-existent intellectual property rights.
This allows users to create software content through incremental individual effort or
through collaboration. Open source denotes that the origins of a product are publicly
accessible in part or in whole. The term open source refers to software in which the
source code is freely available for others to view, amend and adapt. Typically it is
created and maintained by a team of developers that crosses international and national
boundaries.
Technically speaking, software is made of lines of instructions to computers called

‘code’. Depending on the complexity of the software, its code can be a few dozen
lines or several million lines. This code is written following the rules of a certain
grammar, called a language like C++ or Java. Changing or modifying the code can
extend or modify the features of the software. Commercial companies like Microsoft
28 and Oracle view the code as their intellectual property and protect it to the extent of
not allowing modification even by their customers who have paid to buy and use it. Open Source Movement
Open source groups, like those behind Linux Operating System considers software
as a ‘building block’ which can and should be modified by its users to customize it
for their particular use.
15.2 OBJECTIVES
• explain the term open source;
• describe the difference between open source software and proprietary software;
• list the advantages of open source software;
• describe legal issues which pertain to such software; and
• know application of open source in other fields.
15.3 HISTORY OF OPEN SOURCE

The history of open source is actually a very interesting one. To start with, in the
beginning there was only one free (Libre) software. Later on proprietary software
was born and it quickly dominated the software landscape to the extent that now it is
usually considered as the only possible model by many people. However, in recent
times the free software has again gained popularity.
During the 1960’s when IBM and other companies were selling large scale commercial
computers, they came with some software which was free (Libre), free in the sense that
it could be freely shared among users. This came with a source code, and hence could
be improved and modified. However in the late 1960’s and mid 70’s the proprietary
software started making their place in the market.
In the late 70’s and early 80’s Richard Stallman, an American software developer who
had an idea that sharing source-code and ideas is fundamental to freedom of speech
developed a ‘free’ version of the widely used ‘UNIX’ operating system. This resulted
in a ‘GNU’ program which got released under a specially created General Public Licence
(‘GNU.GPL’). The GPL is the license under which much Open Source code is
distributed. It enshrines the idea that computer code, like speech, should be free to be
copied, interpreted, modified and generally mashed-up. This was designed in such a
way that source-code could remain openly available to all. This software was basically
designed for commercial usage or distribution. Such an approach was called ‘free
software’. Thus the term “free” denotes that anyone could modify the software as per
his/her needs.
During the 80’s and the early 90’s open source software continued its development.
USENET and Internet actually helped out to co-ordinate transnational efforts, and to
build up strong user communities.

29
from Cyberspace Self Assessment Question 1 Spend 2 Min.
What was the first open source software available in the beginning?
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
15.4 TYPES OF SOFTWARE

Computer software can be broadly split into two development models.
1) Proprietary software, and
2) Open source software (OSS)
Proprietary software or ‘closed software’, as the name suggests are software which
restrict access to and use of the source code. As per the “Wikipedia”, proprietary
software is software that has restrictions on using and copying it, usually enforced by a
proprietor. The prevention of use, copying, or modification can be achieved by legal or
technical means. Technical means include releasing machine – readable binaries only
and withholding the human readable source code. Legal means can involve software
licensing, copyright and patent law.
The term is used by the Free Software Foundation to describe software that is not free
software or semi-free software. Technically, the term means software that has an owner
who exercises control over the software. Thus, it can be used for all software that is not
in the public domain. However the FSF uses the term to highlight that the owner is of
prime importance, in contrast to “free software”, where the freedom of computer users
is of prime importance.
Proprietary software thus in other words means that which is owned by an individual or
a company (the one that developed it) and thus there are major restrictions on its use,
and its source code is therefore kept secret.
Open Source Software (OSS)
Open source software on the other hand is one where there is an underlying ‘source
code’ which is made available under a licence. The developers and users have to adapt
and modify it as per their need.
However the distribution terms of open source software must comply with the following
criteria:
i) Free Redistribution: The licence which is given shall not disallow the other party
from selling the software as a component of an aggregate software distribution
containing programs from different sources. Furthermore, the licence will not be
given for any kind of fee or royalty for such sale.
ii) Source Code: The program must have a source code, and there should be a
30 distribution in that source code.
iii) Derived Works: The licence must allow changes and derived works, and must Open Source Movement
permit them to be distributed under the same terms as the licence of the original
software.
iv) Integrity of the Author’s Source Code: The license may restrict source code
from being distributed in modified form only if the licence allows the distribution of
‘patch files’ with the source code for the purpose of modifying the program at
build time.
v) No Discrimination Against Persons or Groups: The licence must not
discriminate against any person or group of persons.
vi) No Discrimination Against Fields of Endeavour. The Licence must not restrict
anyone from making use of the program in a specified field.
vii) Distribution of Licence: The right attached to the program must apply to all to
whom the program is redistributed without the need for execution of an additional
licence by those parties.
viii) Licence must not be Specific to a Product: The rights which are attached to a
program must not depend on the program’s being part of a particular software
distribution.
ix) Licence must not Restrict Other Software: The licence must not place
restrictions on other software that is distributed along with the licensed software.
Licence must be technology neutral
No promotion of the licence may be predicated on any individual technology or style of

interface.
How does open source software differ from proprietary software?

.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
15.5 DESIRABLE SOFTWARE ATTRIBUTES

The debate over the merits of proprietary software and OSS has gained a great
momentum in recent years. However the following attributes are desirable both in open
source as well as proprietary software.
Reliability – how far a system is reliable without any disturbance 31
Emerging Social Issues Quality – number of euros in a fixed number of lines of code
from Cyberspace
Security – how flexible the software is to unauthorized actions, e.g. (virus)
Flexibility – how easily the software can meet the needs on different devices
Project Management – how organized it is
Open Standards – if a document is created in one type of software can it be readable

in another
Switching Costs – the expense for moving from one system to another
Total Cost of Ownership (TCO) – the total cost expense over the lifetime of the software.
User Friendliness – how easily is it adopted by people
15.6 ADVANTAGES OF OPEN SOURCE SOFTWARE

The usual notion is that open source softwares are made available at a low cost, but this
can be true in the case of proprietary software too. Therefore following are some of the
advantages of open source software.
Since the source code is available and one can modify it, it is an important characteristic.
This enables the unlimited timing and improvement of a software product. This also
makes it possible to port the code to new hardware, to adapt it to the changing
conditions, and to reach a detailed understanding of how the system works. Now
experts understand that to increase the lifetime of an application, it must be available in
a source form. It has been seen that binary only application does not survive for more
than ten years in an unmodified form. However open source software systems have
survived for more than twenty years and are still in widespread use. Because of the
availability of source code, one can also isolate bugs and fix them.
Technical motivations are common because there are at times different ways to perform
a work and one may not decide which one is better. So if the two parties do not reach
a consensus and the user base is quite large, the code then splits into two, but both
continues development. If the reasons for the split comes to an end, and both the
parties agree then there may be a reunification. In other cases a ‘fork’ is used to co-
ordinate work.
E.g. the Linux kernel has two distinct code bases, one stable and one experimental.
This way one can introduce new and potentially dangerous technologies without
disrupting the stable ones.
Another advantage of open source software is that no per copy fee can be asked for
modified versions and thus anyone can use the current code base to start whatever new
projects. One can gather knowledge at a very low cost. This is the reason why the
internet software systems have become an important factor in the new economy. All
new aspirants who are trying new technologies are now able to integrate and adopt
them immediately without any licence agreements. The right to freely modify them is a
bonus which has led to innumerable expansions in the number of communication
protocols and systems, each based on the needs of one and all. This is one of the
reasons for the success of the Linux Kernel, which is widely used by the students during
32 the start up phase till they turn into entrepreneurs.
Another advantage of OSS is that there are minimal conflicting priorities due to marketing Open Source Movement
pressures. This is due to the fact that there is no single commercial entity pushing for
precise delivery dates or features that must be supported. Usually OSS is made available
to people only when it is ready and when the development team believes that it is good
enough in its quality for use.
Finally, OSS gives a new platform for democratic action. One can say that it provides
a platform for democratic action in the sense that it is designed the way people need
it, improvements are made as per their needs, thus the collective desire of the
community determines the overall direction of development, and modification and
without compelling anyone to do that. Thus the public opinion is the backing force
which leads to the progress of such a software.

Fill in the blanks:
1) With open source software there is always the possibility of creating an
................ base, if the recent one is perceived as wrongly managed.
2) The ...................... is the backing force which leads to the progress of such
Open Source Software.
15.7 LEGAL ISSUES

15.7.1 Copyright
Software is protected using the copyright system. Same protection is given as on books,
music or film, and the buyer of software is licenced the use of a copy of the product.
Software is usually not purchased but a licence is given to use it. Copyrights are used to
protect computer software but all do not use copyrights to have rights in software.
Some use copyrights so that no one may have any rights in software; there is a new
word for it ‘copyleft’.
Now, as we know, software where source code and object code both are freely available
is called ‘open source software’. In copyleft open source software, source code and
object code are freely available to be used, modified and improved without any changes.
The term open source software is often used in the sense of open source software that
is copy left.
15.7.2 Software Patents

Whereas copyright protects the software code from being copied, patents can be used
to prevent the innovative solution or effects of software from being copied. Now, usually
the government grants the patent holder rights, in return for sharing the information on
how the technical result was achieved. The extent to which the software should be
patentable is controversial. A key issue is whether the software has a ‘technical effect’
or is used for a business process.
The scenario in US is that for business processes the software can be patented. In EU
currently ‘business processes’ are not patentable.
33
from Cyberspace 15.8 OTHER SUCCESSFUL OPEN SOURCE
SOFTWARE
1) Open office.orgsuite
2) Mozilla
3) Ximian
Office suite provides bundle of softwares that are used in an office. The most popular
office suite is Microsoft Office Suite. Open Office.Org suite is similar to it.
Software which permits one to access internet is called Web Browser. There are many
such softwares. Opera, Internet Explorer etc. Mozilla is a web browser open office.
Org suite and Mozilla both can be operated in Linux as well as Windows.
Microsoft outlook is an electronic personal information manager. It manages one’s

e-mail, calendar, appointments etc. Ximian is also an electronic personal information
manager. It is similar to Microsoft Outlook; however, it works on Linux only. (Open
source software and Intellectual Property Rights by Judice Yatindra Singh).
Name a few open source software.

.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
.......................................................................................................................
15.9 APPLICATIONS OF OPEN SOURCE IN

OTHER FIELDS
The principle of open source can be applied to a variety of other applications as well as
software development. They are:
Markets: Software is not the only field affected by open source; many fields of study
and social and political views have been affected by the growth of the concept of open
source. Advocates of one field will often support the expansion of open source in an
other field, including Linus Torvald who is quoted as saying, “the future is open source
everything”.
The open source movement has been the inspiration for increased transparency and
liberty in other fields, including the release of biotechnology research by CAMBIA and
the encyclopaedia named ‘wikipedia’.
Cola Drinks: Open cola is another idea inspired by the open source movement. Soft
34 drink giants like Coke and Pepsi hold their formulas closely guarded secrets. Now
volunteers have ported the recipe for a similar soda drink on the internet. The taste is Open Source Movement
said to be comparable to that of the standard beverages.
Beer: There is also an open source beer called VoresφI.
Pharmaceuticals: There have been several proposals for open source pharma-
ceutical development, like the one which led to the establishment of the tropical
disease initiative. There are also a number of not for profit “virtual pharmas” such as
the Institute for one World Health and the Drugs for Neglected Diseases Initiatives.
15.10 SUMMARY
● Open source software in other words means software where the source code is
made available to all, and a licence is given for the modification and development
of the software as per the need of the user.
● The availability of the source code makes it simpler to use by the user.
● However, there are legal issues related to such software which are copyright and
patent issues.
● The open source movement is gaining momentum in other fields other than the
software i.e. we now have open colas, open source in software, hardware,
pharmaceutical industries etc.

1) Discuss the history of open source software right from the beginning till date.
2) Discuss the advantage of open source software over the proprietary software.
3) What are the distribution terms of open source software?

1) Libre was the first open source software used in the beginning.
2) Licence is given to modify and develop the software as per ones need.
3) (1) Alternative code, (2) Public opinion.
4) Mozilla, Linux.
Terminal Questions
3) Refer tosection 15.6 of the unit.

35
from Cyberspace 15.13 REFERENCES AND SUGGESTED
READINGS
1. ‘‘A brief history of open source software’’. eu.conecta.it/paper. 24 Feb. 2006
<http://eu.conecta.it/paper/brife/history uopen_source.html >.
2. ‘‘A little history the first virtual community’’. open3.org. 24 Mar. 2006
<http://<www.open3.org>.
3. ‘‘Advantage of open sources software’’. eu.conecta.it/paper. 24 Feb. 2006

<http://eu.conecta.it/paper/Advantages open-source_soft.html>.
4. ‘‘Brief history of Open Source’’. net.org. 24 Mar.2006 < http://www.net.org>.
5. “Brief history of free/open source movement”. opensource.org. 22 Jan. 2006

<http://www.open knowledge. org/ writing/open source>.
6. Jim Watch. “Open sources is good for democracy”. open democracy.net. 24 Mar.
2006 <www.open democracy.net>.
7. “Open source movement”. Thewikipedia:ThefreeEncyclopedia. 2 Jan.2006

< http://<www://en.wikipedia.org>.
8. “Open source open learning”. creativecommons.org. 26 Mar. 2006

<http://creativecommons.org/licences/by-sa/2.0/>.
9. “Overview of open source movement”. School of Information-University of Texas.

22 Feb. 2006 <http://www.gslis.utexaf.edu>.
10. Richard Paynder. “the open source movement”. Infotoday. 20 Jan. 2006.
<http:// www. Infotoday.com.>.
11. “The open source definition”. opensource.org. 22 Jan.2006. <http://www.

opensource.org/docs/defn-php>.
36

MIR-011 Cyberspace Technology and Social Issues

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

MIR-011 Cyberspace Technology and Social Issues

Uploaded by

Copyright:

Available Formats

Evolution and

UNIT 1 EVOLUTION AND GROWTH Growth of ICT

Please answer the following Self Assessment Question.

Self Assessment Question 1 Spend 2 Min.

i) ICT has become the backbone of __________.

1.4 MEANING OF ICT

Self Assessment Question 2 Spend 3 Min.

Obviously, there are significant tangible and intangible benefits of ICT:

1.6 E-READINESS ASSESSMENT OF STATES/UTs

E-readiness Framework 2005

• Environment for ICT offered by agent country or community:

Market; Political/regulating; and Infrastructure;

• Readiness of the community’s key stakeholder to use ICT:

Individual readiness; Business readiness; and Government readiness;

• Usage of ICT among the stakeholders:

Individual usage; Business usage; and Government usage. The chosen

There are 3 stakeholders to consider in the development and use of ICT:

There is a general macro economic and regulatory environment for ICT in

E-readiness Index 2005

• Below Average Achievers

Self Assessment Question 3 Spend 3 Min.

1.7 THE GLOBAL SCENARIO

1.8 ICT AND ECONOMIC GROWTH

Self Assessment Question 4 Spend 3 Min.

Let us now summarize the points covered in this unit.

1) What are the advantages of ICT? Explain.

1.11 ANSWERS AND HINTS

1.12 REFERENCES AND SUGGESTED READINGS

2. Government of India. Ministry of Statistics & Program Implementation.

3. NASSCOM Mckinsey Report. NASSCOM.2005.30 Dec.2006

2.6 System Software: Functional Categories

2.7 Software Crisis

The Second Generation: In this era of computers, index registers, floating-point

The Fourth Generation: Parallel computers in various architectures were started

2.4 HARDWARE COMPONENTS OF COMPUTERS

20 Please answer the following Self Assessment Question.

Fill in the blanks:

2.5 WHAT IS SOFTWARE?

The relationship between Hardware, System Software and Application Software.

2.5.1 Difference between System Software and Application

Please answer the following Self Assessment Question.

Self Assessment Question 2 Spend 3 Min.

2.6 SYSTEM SOFTWARE: FUNCTIONAL

Desktop and notebook computer operating system: The Windows family is

Subsequent products in the Microsoft Windows Operating System are:

Windows 98,Wndows Millennium Edition, Windows NT, Windows 2000, Windows

UNIX provides many desktop features including multiprocessing and multitasking.

2.6.2 System Support Programs

Please answer the following Self Assessment Question.

2.7 SOFTWARE CRISIS

2.8 APPLICATION SOFTWARE OR PACKAGES

Personal applications software is designed to help the individual users to increase

Spreadsheet: This software transforms a computer screen into a ledger sheet, or

Data Management: It supports the storage, retrieval and manipulation of related

Desktop Publishing: It allows microcomputers to perform photographs, pictures

Communications: To exchange information between networked computers,

Speech-Recognition Software: Two categories of this are available today: discrete

GroupWare: It is a class of software that facilities communication coordination and

Please answer the following Self Assessment Question.

Let us now summarize the points covered in this unit.

2.10 TERMINAL QUESTIONS

2.11 ANSWERS AND HINTS

2.12 REFERENCES AND SUGGESTED READINGS

2. Turban, Rainer and Potter. Introduction to Information Technology. 2nd ed.