An operating system is complex and the security is essential but could be one of the most difficult things to do because many operating systems are the target for a lot of hackers. The security in the OS could start in create a strong authentication for example with simple passwords, cards or biometric filters. But not all systems have this type of security, like user of operating systems I know that systems like Windows or Ubuntu have good security, but many factors are necessary to be secure, the systems have their own security like firewalls, anti-malware, authentications, filters, protocols, keys, etcetera, but the users are play an important role in the security because many time the phishing, social engineer are methods where the user install o put in risk the system.
In the technology exist many types of security for hardware or software, in this time I going to talk about web security that means keep a web server and its application protected. Web applications are used day by day for millions of people and if we want to build a web service we need to know the basic of its security because many times in this service we put our personal data, credit card information, etcetera. We need to be a good actor in internet and we need to protect our web service from hackers because when a service was hacked means that could be a brief to do spam, share malicious code, steal information or just do a bad reputation about the web service.
Some recommendation to has a good web security could be check and do a good configuration of the server, communication like telnet, ports, DNS, put authentication in the service and filters. But even if you follow all recommendations and have a lot of certificates, any system is not totally secure for this reason we need to be update every day about new technologies or security fails in technology and check every day our systems.
Security has a lot of ways and one important is the cryptography, these concepts are hand to hand because the encryption is used in the basics concepts of security for example in confidentiality is used the encryption, in authentication is used the message authentication code, etcetera. Across the years protect the data is more difficult because in the firsts computers like ENIAC protect the data was easy because only specific personal has access but since the personal computers arrive to home share and storage data is a big problem. We need to protect data from attacks that could be passive (Noninvasive, just capturing authentication information) or active (Break secure systems to steal or modify information, or introduce malicious code). To understand the cryptography, we need to know some concepts:
Trusted third party.
That’s a service where clients trust it, for example if two clients that want to share information trust in a TTP mean that they trust one each other
Encryption
Symmetric. Use single key or secret key
Asymmetric. Use public and private key, public is shared to everyone to see and we need to be sure that this key is from the correct entity
For every system is important has a good security, one of the most important phases is the creation of a good security architecture. This concept includes some specifications that are used for many companies or systems, the first step is knew what are the risk for the information and what we could do in this case.
In a system the information could be the most important, with this premise the access, modification and confidentiality are essential to have a basic control over the data, the politics of the security architecture need to be focused in these options.
ISO 27001 is a certification of security where is described how to manage data security in a company and the purpose is protect the confidentiality, integrity and availability. This certification is the correct way to have a good security but is hard to complete all the documentation to be certificate but if a company follow the way to have it going to be a good start to have an excellent security.
Talk about ethics or moral in technology is a big challenge because we have a lot of ways to analyze, for example in our country Mexico, who is a crime? in base of Federal Penal Code article 7, crime is the act or omission that sanction criminal laws (Jimenez, ND). But in the technology area Mexico is growing because until 2013 the government of Peña Nieto modified some articles in the constitution to include topics about telecommunications like the access to internet, publications or opinions (Cuervo, 2014).
With this information, we find a topic that is controversial in the technologies, the information that we could share, copy, get or use because all new technologies give us access to lot of information like audios, movies, videos, articles, books, publications, etc. All information has an author or owner in consequence this information is not available to get free and we need to pay but people find methods to share information and break the law. One of the most recent and important examples is the history of Aaron Swartz where he downloaded illegally the JSTOR data base and was incriminate for several crimes like computer fraud, wire fraud, criminal forfeiture, etc and the interesting is that most of the charges were based on a law from 1986 and we don’t know is was justice or not.
We share information in many places and is our right but we need to know where is our limit and here is where the ethics are important because in our country is easy download or share file and could be in an illegally way is our decision if we do these actions or not.
Recommendation:
Documental: La historia de Aaron Swartz, El hijo de Internet
The security is the way to get safe something by strategies and methods, in this case we going to analyze the security in the information. The data is growing by the years in consequence a lot of information is arriving in the companies and the secure of this information is very important. The information need to be safe and the systems have changed to do this requirement they use protocols, firewalls, tools and other technologies.
Other aspect to have a good security is the access to the information is essential build a good system where we try to don’t have any filtration ones of the bases are the availability, confidentiality, and integrity.
The availability means that information need to be available to the authorized users that can access it (Bruna, 2004) that’s mean that the information need to be able 24 hours implying have security to protect the access like DDoS attacks, electric interruptions, updates or hardware fails.
Confidentiality
The confidentiality has the work to try to prevent that the information could be divulged to people o systems not authorized (Pgm,2015) in this case we need to prevent the information divulgation. This way is not only focused in external people that try to steal information because we need to be careful in what information is show to the actual user many times exist confidential information that not all users should read.
Integrity
The integrity is warranty of the Accuracy and completeness of the information and the correct information processing (Bruna, 2004). With this we can be secure that the information is the correct and all process and modifications are correcting, other important aspect is that only the authorized users can do specific modifications and register all changes (Pgm, 2015).
Image from: 
