Jaipur National University

Seedling School of Law and Governance!s

Subject: FORENSIC SCIENCE AND LAW

Project title - IT Laws
Submitted to Submitted by
Miss .Swati Duggal Aanya Meena, Ayush
Narang
(Assistant Professor) BA.LLB-6Sem
SSLG

Jaipur National University

jagatpura ,Jaipur

———————————————————————————————————————————

 TABLE OF CONTENTS

• CERTIFICATE

• DECLARATION

• ACKNOWLEDGEMENT

• CHAPTER 1 - Introduction

• CHAPTER 2

• CHAPTER 3

• CHAPTER 4

• CHAPTER 5- Conclusion

------------------------------------------------------------------------------------------------------------------------

 GUIDE CERTIFICATE

This is to certify that the project report entitled"!#$IT Laws “ submitted in the partial fulfilment of the
requirement for Bachelor of Arts and Law and computer application to JAIPUR NATIONAL UNI-
VERSITY. Has work under my supervision and guidance and that no part of this report has been
submitted for the reward of any other Degree, Diploma, Fellowship or any other similar titles or
prizes and that the work has not been published in any journal or magazine.

Place : Jaipur

————————————————————————————————————————

 ACKNOWLEDGEMENT

I express my sincere gratitude to Miss. Swati duggal ma’am for giving me support and opportunity
to carry out the project work. My regard goes to (H.O.D) for giving me the permission for doing my
project in her esteem organisation. I would like to thanks to all my classmates and my seniors who
were kind enough to provide me the valuable information and spending their precious time and
helping me on completion of my project work. It is my great pleasure to express my sincere thanks
to my entire friends who help me in concluding this project.

Place: Jaipur

--------------------------------------------------------------------------------------------------------------------

Introduction:

FORENSIC SCIENCE AND LAW

Introduction to Cyber Forensics

The process of gathering and documenting proof from a computer or a computing device in a form
presentable to the court by applying the techniques of investigation and analysis is called Cyber
Forensics. Cyber Forensics is also called Computer Forensics. The aim of cyber forensics is to de-
termine who is responsible for what exactly happened on the computer while documenting the evi-
dence and performing a proper investigation. The storage media of the device under investigation is
made into a digital copy by the investigators and the investigation is performed on the digital copy
while making sure the device under investigation is not contaminated accidentally.
Need for Cyber Forensics
Cyber Forensics is needed for the investigation of crime and law enforcement. There are cases like
hacking and denial of service (DOS) attacks where the computer system is the crime scene. The
proof of the crime will be present in the computer system. The proofs can be browsing history,
emails, documents, etc. These proofs on the computer system alone can be used as evidence in the
court of law to sort out allegations or to protect the innocent people from charges

Advantages
Below are some of the advantages given.
• Similar types of data and relevant data can be compared from different source systems to get
a complete understanding of the scenario.
• Those data over a period that is relevant can be made trending using cyber forensics.
• The entire data can be scanned to identify and extract specific risks for future analysis.
• The efficiency of the control environment and policies can be tested by determining the at-
tributes that violate the rules.
• It is used to set the trends of identification which the company people, consultants and
forensic analysts are not aware of.

Cyber Law (IT Law) in India

Cyber Law also called IT Law is the law regarding Information-technology including computers
and internet. It is related to legal informatics and supervises the digital circulation of information,
software, information security and e-commerce.
IT law does not consist a separate area of law rather it encloses aspects of contract, intellectual
property, privacy and data protection laws. Intellectual property is a key element of IT law. The area
of software licence is controversial and still evolving in Europe and elsewhere.

According to Ministry of Electronic and Information Technology, Government of India :

Cyber Laws yields legal recognition to electronic documents and a structure to support e-filing and
e-commerce transactions and also provides a legal structure to reduce, check cyber crimes.
5

 Importance of Cyber Law:

Area of Cyber Law:

Cyber laws contain different types of purposes. Some laws create rules for how individuals and
companies may use computers and the internet while some laws protect people from becoming the
victims of crime through unscrupulous activities on the internet. The major areas of cyber law in-
clude:
1. Fraud:
2. Consumers depend on cyber laws to protect them from online fraud. Laws are made to pre-
vent identity theft, credit card theft and other financial crimes that happen online. A person
who commits identity theft may face confederate or state criminal charges. They might also
encounter a civil action brought by a victim. Cyber lawyers work to both defend and prose-
cute against allegations of fraud using the internet.
3. Copyright:
4. The internet has made copyright violations easier. In early days of online communication,
copyright violations was too easy. Both companies and individuals need lawyers to bring
actions to impose copyright protections. Copyright violation is an area of cyber law that pro-
tects the rights of individuals and companies to profit from their own creative works.
5. Defamation:
6. Several personnel use the internet to speak their mind. When people use the internet to say
things that are not true, it can cross the line into defamation. Defamation laws are civil laws
that save individuals from fake public statements that can harm a business or someone!s per-
sonal reputation. When people use the internet to make statements that violate civil laws,
that is called Defamation law.
7. Harassment and Stalking:
8. Sometimes online statements can violate criminal laws that forbid harassment and stalking.
When a person makes threatening statements again and again about someone else online,
there is violation of both civil and criminal laws. Cyber lawyers both prosecute and defend
people when stalking occurs using the internet and other forms of electronic communication.

9. Freedom of Speech:
10. Freedom of speech is an important area of cyber law. Even though cyber laws forbid certain
behaviors online, freedom of speech laws also allow people to speak their minds. Cyber
lawyers must advise their clients on the limits of free speech including laws that prohibit
obscenity. Cyber lawyers may also defend their clients when there is a debate about whether
their actions consist of permissible free speech.
11. Trade Secrets:
12. Companies doing businesses online often depend on cyber laws to protect their trade secrets.
For example, Google and other online search engines spend lots of time developing the al-
gorithms that produce search results. They also spend a great deal of time developing other
features like maps, intelligent assistance and flight search services to name a few. Cyber
laws help these companies to take legal action as necessary in order to protect their trade
secrets.
13. Contracts and Employment Law:
14. Every time you click a button that says you agree to the terms and conditions of using a
website, you have used cyber law. There are terms and conditions for every website that are
somehow related to privacy concerns.
6

 Advantages of Cyber Law:

• Organizations are now able to carry out e-commerce using the legal infrastructure provided
by the Act.
• Digital signatures have been given legal validity and sanction in the Act.
• It has opened the doors for the entry of corporate companies for issuing Digital Signatures
Certificates in the business of being Certifying Authorities.
• It allows Government to issue notification on the web thus heralding e-governance.
• It gives authority to the companies or organizations to file any form, application or any other
document with any office, authority, body or agency owned or controlled by the suitable
Government in e-form by means of such e-form as may be prescribed by the suitable Gov-
ernment.
• The IT Act also addresses the important issues of security, which are so critical to the suc-
cess of electronic transactions.

Internet Basics: What is the Internet?

Introduction
The Internet is an increasingly important part of everyday life for people around the world. But if
you've never used the Internet before, all of this new information might feel a bit confusing at first.
Throughout this tutorial, we'll try to answer some basic questions you may have about the Internet
and how it's used. When you're done, you'll have a good understanding of how the Internet works,
how to connect to the Internet, and how to browse the Web.
What is the Internet?
The Internet is a global network of billions of computers and other electronic devices. With the In-
ternet, it's possible to access almost any information, communicate with anyone else in the world,
and do much more.
You can do all of this by connecting a computer to the Internet, which is also called going online.
When someone says a computer is online, it's just another way of saying it's connected to the Inter-
net.

Definition of 'Hacking'
Definition: Hacking is an attempt to exploit a computer system or a private network inside a com-
puter. Simply put, it is the unauthorised access to or control over computer network security sys-
tems for some illicit purpose.

Description: To better describe hacking, one needs to first understand hackers. One can easily as-
sume them to be intelligent and highly skilled in computers. In fact, breaking a security system re-
quires more intelligence and expertise than actually creating one. There are no hard and fast rules
whereby we can categorize hackers into neat compartments. However, in general computer par-
lance, we call them white hats, black hats and grey hats. White hat professionals hack to check their
own security systems to make it more hack-proof. In most cases, they are part of the same organisa-
tion. Black hat hackers hack to take control over the system for personal gains. They can destroy,
steal or even prevent authorized users from accessing the system. They do this by finding loopholes
and weaknesses in the system. Some computer experts call them crackers instead of hackers. Grey
hat hackers comprise curious people who have just about enough computer language skills to en-
able them to hack a system to locate potential loopholes in the network security system. Grey hats
differ from black hats in the sense that the former notify the admin of the network system about the
weaknesses discovered in the system, whereas the latter is only looking for personal gains. All kinds
of hacking are considered illegal barring the work done by white hat hackers.

Chapter 2:Virus

Virus/Worm Attacks

Viruses are computer programs which attach themselves to other programs of the computer, thereby
causing the system to crash or corrupt data that is stored in the system. They spread in numbers and
infect more files in the system upon entering. Worms are also malwares but they do not need other
computer programs to attach themselves. They work by their own to modify the operating system of
a computer. When somebody is responsible for introducing viruses or worms to a computer, these
cases can be easily dealt with Sec. 43 and 66 of The Information Technology Act, 2000.

• Common Types Of Computer Viruses- Cybercriminals are getting better and better at stealing
our confidential data and viruses that are being created are evolving rapidly. There are millions of
viruses around the world, but here are some common types you should be aware of:

• 1. File-infecting Virus -A virus that attached itself to an executable program. It is also called a
parasitic virus which typically infects files with .exe or .com extensions. Some file infectors can
overwrite host files and others can damage your hard drive!s formatting.
8

 • 2. Macro Virus-This type of virus is commonly found in programs such as Microsoft Word or
Excel. These viruses are usually stored as part of a document and can spread when the files are
transmitted to other computers, often through email attachments.

• 3. Browser Hijacker-This virus targets and alters your browser setting. It is often called a brows-
er redirect virus because it redirects your browser to other malicious websites that you don!t have
any intention of visiting. This virus can pose other threats such as changing the default home page
of your browser.

• 4. Web Scripting Virus -A very sneaky virus that targets popular websites. What this virus does
is overwrite code on a website and insert links that can install malicious software on your device.
Web scripting viruses can steal your cookies and use the information to post on your behalf on the
infected website.

• 5. Boot Sector Virus- These viruses are once common back when computers are booted from
floppy disks. Today, these viruses are found distributed in forms of physical media such as exter-
nal hard drives or USB. If the computer is infected with a boot sector virus, it automatically loads
into the memory enabling control of your computer.

• 6. Polymorphic Virus-This virus has the capability to evade anti-virus programs since it can
change codes every time an infected file is performed.

• 7. Resident Virus-A resident virus stores itself on your computer!s memory which allows it to
infect files on your computer. This virus can interfere with your operating system leading to file
and program corruption.

• 8. Multipartite Virus-A type of virus that is very infectious and can easily spread on your com-
puter system. It can infect multiple parts of a system including memory, files, and boot sector
which makes it difficult to contain.

*Computer Process Manipulation by Programs

System software tools are programs which manipulate processes, software resources, hardware re-
sources, and events. Processes are abstractions that represent computations performed by hardware.
Software resources are programs written in various PL-s, data, and documents. Hardware resources
are processors, memories, devices. Events, are interrupts, exceptions, and messages that occur dur-
ing program execution. We dedicate this chapter to the software tools used to manipulate processes.
Software piracy

*Software piracy is a term used to describe the act of illegally using, copying or distributing soft-
ware without ownership or legal rights. The majority of software today is purchased as a single-user
license, meaning that only one computer may have that software installed on it at one time. Copying
that software to multiple computers or sharing it with your friend without multiple licenses is con-
sidered software piracy, which is illegal. Additionally, downloading pirated software from the Inter-
net could be a security risk to your computer; it can be difficult to know what else may be getting
installed.

 *Intellectual property (IP) is defined by the World Intellectual Property Organization (WIPO) as:

Intellectual property is defined as any work that is creative and includes inventions, literary works,
images, and symbols. With the introduction of the Internet, laws surrounding intellectual properties
have changed significantly. The three types of laws that protect intellectual property are copyrights,
trademarks, and patents.
Unlike conventional property, like physical objects or land, intellectual property is often intangible
because it concerns creations of the mind. But the arguments for the validity of intellectual property
rights are the similar to those for private property. There are three main arguments in favor of the
right to own property. In the natural rights argument, John Locke argues that a person owns the
rights to the fruits of his/her labor, specifically because he/she worked for it. The utilitarian argu-
ment proposes that society as a whole is better off when we have rights and institutions governing
property. Hegel!s personality argument says that property laws frees people to express their unique
personalities. Most laws concerning intellectual property exist to promote %progress”.The right to
intellectual property motivates innovation and creativity. Intellectual property assets can sometimes
be worth more money than physical assets, which means they are worth protecting just like physical
assets. Creation of economic growth and wealth is also a reason for the benefit of intellectual prop-
erty

Chapter 3:computer security

What is computer security?

Computer security basically is the protection of computer systems and information from harm,
theft, and unauthorized use. It is the process of preventing and detecting unauthorized use of your
computer system.
There are various types of computer security which is widely used to protect the valuable informa-
tion of an organization.

What is Computer Security and its types?

One way to ascertain the similarities and differences among Computer Security is by asking what is
being secured. For example,
10

 • Information security is securing information from unauthorized access, modification & dele-
tion
• Application Security is securing an application by building security features to prevent from
Cyber Threats such as SQL injection, DoS attacks, data breaches and etc.
• Computer Security means securing a standalone machine by keeping it updated and patched
• Network Security is by securing both the software and hardware technologies
• Cybersecurity is defined as protecting computer systems, which communicate over the
computer networks

It!s important to understand the distinction between these words, though there isn!t necessarily a
clear consensus on the meanings and the degree to which they overlap or are interchangeable.

So, Computer security can be defined as controls that are put in place to provide confidentiality,
integrity, and availability for all components of computer systems. Let!s elaborate the definition.

Components of computer system

The components of a computer system that needs to be protected are:
• Hardware, the physical part of the computer, like the system memory and disk drive
• Firmware, permanent software that is etched into a hardware device!s nonvolatile memory
and is mostly invisible to the user
• Software, the programming that offers services, like operating system, word processor, in-
ternet browser to the user .

Chapter 4:Encryption vs Decryption

Encryption vs Decryption: What's the Difference?

11

Before, we understand Encryption vs. Decryption let's first understand-

What is Cryptography?
Cryptography is used to secure and protect data during communication. It is helpful to prevent
unauthorized person or group of users from accessing any confidential data. Encryption and decryp-
tion are the two essential functionalities of cryptography.
A message sent over the network is transformed into an unrecognizable encrypted message known
as data encryption. At the receiving end, the received message is converted to its original form
known as decryption.
In this tutorial, you will learn
• What is Cryptography?
• What is meant By Encryption?
• What is meant by Decryption?
• Why use Encryption and Decryption?
• Types of Keys
• Difference between Encryption and Decryption
What is meant By Encryption?
Encryption is a process which transforms the original information into an unrecognizable form.
This new form of the message is entirely different from the original message. That's why a hacker is
not able to read the data as senders use an encryption algorithm. Encryption is usually done using
key algorithms.

What is meant by Decryption?

Decryption is a process of converting encoded/encrypted data in a form that is readable and under-
stood by a human or a computer. This method is performed by un-encrypting the text manually or
by using keys used to encrypt the original data.

KEY DIFFERENCE
• Encryption is a process of converting normal data into an unreadable form whereas Decryp-
tion is a method of converting the unreadable/coded data into its original form.
• Encryption is done by the person who is sending the data to the destination, but the decryp-
tion is done at the person who is receiving the data.
• The same algorithm with the same key is used for both the encryption-decryption processes.

Why use Encryption and Decryption?

Here, are important reasons for using encryption:
• Helps you to protect your confidential data such as passwords and login id
• Provides confidentiality of private information
• Helps you to ensure that that the document or file has not been altered
• Encryption process also prevents plagiarism and protects IP
• Helpful for network communication (like the internet) and where a hacker can easily access
unencrypted data.
• It is an essential method as it helps you to securely protect data that you don't want anyone
else to have access.
Types of Keys

Symmetric Key:

12

Symmetric-key encryption are algorithms which use the same cryptographic keys for both encryp-
tion of plaintext and decryption of ciphertext.

Asymmetric Key:
Asymmetric encryption uses 2 pairs of key for encryption. Public key is available to anyone while
the secret key is only made available to the receiver of the message. This boots security.

Public Key:
Public key cryptography is an encryption system which is based on two pairs of keys. Public keys
are used to encrypt messages for a receiver.

Private Key:
Private key may be part of a public/ private asymmetric key pair. It can be used in asymmetric en-
cryption as you can use the same key to encrypt and decrypt data.

Pre-Shared Key:
In cryptography, a pre-shared key (PSK) is a shared secret which was earlier shared between the
two parties using a secure channel before it is used.

Difference between Encryption and Decryption

Parame-
Encryption Decryption
ter

It is a process of convert-
ing normal data into an It is a method of converting
What is unreadable form. It helps the unreadable/coded data
you to avoid any unautho- into its original form.
rized access to data

Whenever the data is sent

The receiver of the data au-
between two separate
tomatically allows you to
Process machines, it is encrypted
convert the data from the
automatically using a se-
codes into its original form.
cret key.

Location The person who is send-

The receiver receives the
of Con- ing the data to the desti-
data and converts it.
version nation.

13

 An employee is sending The manager is receiving

Example essential documents to the essential documents
his/her manager. from his/her employee.
The only single algorithm is
The same algorithm with
Use of used for encryption and de-
the same key is used for
Algo- cryption with a pair of keys
the encryption-decryption
rithm where each use for encryp-
process.
tion and decryption.

Transforming humanly It is a conversion of an ob-

understandable messages scure message into an un-
Major
into an incomprehensible derstandable form which is
function
and obscure form that can easy to understand by a
not be interpreted. human.

Summary
• Cryptography is used to secure and protect data during communication.
• Encryption is a process which transforms the original information into an unrecognizable
form.
• Decryption is a process of converting encoded/encrypted data in a form that is readable and
understood by a human or a computer.
• Encryption method helps you to protect your confidential data such as passwords and login
id.
• Public, Private, Pre-Shared and Symmetric are important keys used in cryptography.
• An employee is sending essential documents to his/her manager is an example of an encryp-
tion method.
• The manager is receiving the essential encrypted documents from his/her employee and de-
crypting it is an example of a decryption method.

CONCLUSION

14